feat: OneClick Keychain 免密 + sync-version 补 guide.html
- Bookworm-OneClick-Mac.sh: 回退路径加 Keychain 缓存(对标 Setup.sh) - sync-version.js: 补 guide.html 到文件列表 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
bookworm
parent
23b369f99b
commit
d07316f0f9
@ -208,9 +208,42 @@ else
|
||||
# 回退: 手动执行核心配置步骤
|
||||
info "未找到安装脚本, 执行基础配置..."
|
||||
|
||||
# 解密凭证
|
||||
# Keychain 缓存
|
||||
KC_SVC="bookworm-secrets"
|
||||
KC_ACCT="$(whoami)"
|
||||
|
||||
_kc_load() {
|
||||
local cached
|
||||
cached=$(security find-generic-password -s "$KC_SVC" -a "$KC_ACCT" -w 2>/dev/null) || return 1
|
||||
local expiry_date
|
||||
expiry_date=$(echo "$cached" | head -1 | sed 's/EXPIRY=//')
|
||||
[ "$expiry_date" != "$(date +%Y-%m-%d)" ] && { security delete-generic-password -s "$KC_SVC" -a "$KC_ACCT" 2>/dev/null; return 1; }
|
||||
local count=0
|
||||
while IFS= read -r line; do
|
||||
[ -z "$line" ] && continue; [[ "$line" == EXPIRY=* ]] && continue
|
||||
local key="${line%%=*}" value="${line#*=}"
|
||||
key=$(echo "$key" | tr -d ' ')
|
||||
[ -n "$key" ] && [ -n "$value" ] && export "$key=$value" && count=$((count + 1))
|
||||
done <<< "$cached"
|
||||
[ $count -gt 0 ] && [ -n "$ANTHROPIC_API_KEY" ] && { success "从 Keychain 缓存加载 $count 个凭证 (免密)"; return 0; }
|
||||
return 1
|
||||
}
|
||||
|
||||
_kc_save() {
|
||||
local data="EXPIRY=$(date +%Y-%m-%d)"
|
||||
for k in ANTHROPIC_API_KEY ANTHROPIC_BASE_URL GITHUB_PERSONAL_ACCESS_TOKEN SLACK_BOT_TOKEN ATLASSIAN_API_TOKEN BROWSERBASE_API_KEY FIRECRAWL_API_KEY; do
|
||||
local v="${!k}"; [ -n "$v" ] && data="$data
|
||||
$k=$v"
|
||||
done
|
||||
security add-generic-password -s "$KC_SVC" -a "$KC_ACCT" -w "$data" -U 2>/dev/null && \
|
||||
success "凭证已缓存至今日 23:59 (下次免密)" || true
|
||||
}
|
||||
|
||||
# 解密凭证 (先查缓存)
|
||||
SECRETS_ENC="$BOOT_DIR/secrets.enc"
|
||||
if [ -f "$SECRETS_ENC" ] && [ -n "$OPENSSL_CMD" ]; then
|
||||
if _kc_load 2>/dev/null; then
|
||||
: # 缓存命中
|
||||
elif [ -f "$SECRETS_ENC" ] && [ -n "$OPENSSL_CMD" ]; then
|
||||
echo ""
|
||||
for attempt in 1 2 3; do
|
||||
read -rs -p " 输入主密码解密凭证 (第 $attempt/3 次): " PASSWORD
|
||||
@ -228,6 +261,10 @@ else
|
||||
success "已注入: $key"
|
||||
fi
|
||||
done <<< "$DECRYPTED"
|
||||
DECRYPTED=""
|
||||
echo ""
|
||||
read -p " 今日内免密启动? (y/n): " _cache_yn
|
||||
[ "$_cache_yn" = "y" ] || [ "$_cache_yn" = "Y" ] && _kc_save
|
||||
break
|
||||
else
|
||||
if [ $attempt -lt 3 ]; then
|
||||
|
||||
@ -42,6 +42,7 @@ const FILES = [
|
||||
'Bookworm-OneClick-Win10.bat',
|
||||
'Bookworm-OneClick-Mac.sh',
|
||||
'install.ps1',
|
||||
'guide.html',
|
||||
'guide-mac.html',
|
||||
'quick-start.html',
|
||||
'quick-reference.txt',
|
||||
|
||||
Loading…
Reference in New Issue
Block a user