I do not reveal my emacs init file publicly because it has secrets in it. For passwords (particularly for various APIs), and decryption keys in it.
But, the other day I discovered auth-source. I used in this example to launch my IRC setup:
(defun start-erc () "Wrapper for ERC that get's password via auth-source." (interactive) (let* ((server (erc-compute-server)) (port (erc-compute-port)) (credentials (auth-source-search :host server :port (format "%s" port) :max-tokens 1))) (cond (credentials (erc :password (funcall (plist-get (car credentials) :secret)))) (t (message "auth-source-search failed to find necessary credentials for irc server")))))
Auth-source-search will find my credentials in ~/.authinfo.gpg. A line there like that looks like this: “
machine irc.example.org port 12345 login luser password aPasWurd“.
Curious about hard it would be to fold that directly into the
M-x erc</code> I read enough code to discover it calls thru to a function which does in fact call auth-source-search; so you can revise my function like so:
(defun start-erc () "Start erc computing all the default connection details, which might get the password via auth-source." (interactive) (let ((password? nil)) (erc-open (erc-compute-server) (erc-compute-port) (erc-compute-nick) (erc-compute-full-name) t ;; connect password?))
I'm delighted. But it, looks like this facility isn't used as much as I'd expect.
I found it because the helm-delicious package advised using it for my delicious password.
I was making good progress getting all my secrets out of the init file by have a function that would load all the secrets on demand loading an encrypted elisp file
(load "secrets.el.gpg"). That works nicely too.
Maybe I should go read up on the secret storage scheme of vree desktop.