diff --git a/src/dda/backup/cred_rot/domain.clj b/src/dda/backup/cred_rot/domain.clj index b8e846e..631d176 100644 --- a/src/dda/backup/cred_rot/domain.clj +++ b/src/dda/backup/cred_rot/domain.clj @@ -38,27 +38,34 @@ ; Refer to "docs/CredentialRotation.md" for specifics -(defn-spec list-passwords-command ::cd/command - [config ::config] +(defn-spec base-command ::cd/command + [config ::config + command ::cd/command] (let [{:keys [restic-repository password-file certificate-file new-password-file]} config] - (into + (into [] - (concat ["restic" "-r" restic-repository "key" "list" "--json"] + (concat ["restic" "-r" restic-repository] (cond (some? certificate-file) ["--cacert" certificate-file] (some? password-file) ["--password-file" password-file] :else - []))))) + []) + command)))) -(defn-spec add-new-password! nil? - [new-password-file ::new-password-file] - ; TODO -) +(defn-spec list-passwords-command ::cd/command + [config ::config] + (base-command config ["key" "list" "--json"])) -(defn-spec replace-old-password! nil? - [] - ; TODO -) \ No newline at end of file +(defn-spec add-password-command ::cd/command + [config ::config] + (let [{:keys [new-password-file]} config] + (base-command config ["key" "add" "--new-password-file" new-password-file]))) + +(defn-spec remove-password-command ::cd/command + [config ::config + new-id ::id + old-id ::id] + (base-command config ["key" "remove" "--key-hint" new-id old-id]))