Encryption
chezmoi supports encrypting whole files with age
and gpg. Encrypted files are stored in ASCII-armored
format in the source directory with the encrypted_
attribute and are
automatically decrypted when needed.
Add files to be encrypted with the --encrypt
flag, for example:
$ chezmoi add --encrypt ~/.ssh/id_rsa
chezmoi edit
will transparently decrypt the file before editing and
re-encrypt it afterwards.