Make exporting easier with docker-compose

.env

@@ -0,0 +1,4 @@
+DATABASE_PASSWORD=CHANGE_ME
+#DATABASE_KEYFILE=
+BW_PATH=/usr/local/bin/bw
+DATABASE_PATH=/exports/bitwarden-export.kdbx

Dockerfile

@@ -0,0 +1,9 @@
+FROM python:3.9-slim-buster
+
+WORKDIR /bitwarden-to-keepass
+COPY . .
+
+RUN apt update && apt install -y npm && \
+    pip install -r requirements.txt && \
+    npm i -g @bitwarden/cli && \
+    apt purge -y npm

README.md

@@ -2,23 +2,32 @@
 Export (most of) your Bitwarden items into KeePass database.
 
 ## How it works?
-It uses official [bitwarden-cli](https://help.bitwarden.com/article/cli/) client to export your items from Bitwarden vault and move them into your KeePass database - that includes logins (with TOTP seeds, URIs, custom fields, attachments, notes) and secure notes.
+It uses official [bitwarden-cli](https://bitwarden.com/help/article/cli/) client to export your items from Bitwarden vault and move them into your KeePass database - that includes logins (with TOTP seeds, URIs, custom fields, attachments, notes) and secure notes.
 
-## Install
+# Usage with docker (docker-compose) - recommended
+- Clone this repository
+- Edit `.env` file
+  - ⚠️ make sure to set your own `DATABASE_PASSWORD` - used as password for KeePass database
+- Run
+```
+docker-compose run bitwarden-to-keepass
+```
+- You will be interactively asked to login with [bitwarden-cli](https://bitwarden.com/help/article/cli/)
+- After the process is finished your database export is in `exports` directory
+
+## Usage without docker (venv)
 - Clone this repository
 - Run
 ```
 make build
 ```
-
-## Run/usage
 - You can either **create new (empty) KeePass database** (tested with [KeePassXC](https://github.com/keepassxreboot/keepassxc) but it will probably work with others) right now, otherwise one will be created when the script is executed
 - Go into the virtual environment
 ```
 source .venv/bin/activate
 ```
-- [Download](https://help.bitwarden.com/article/cli/#download--install) official bitwarden-cli and do `bw login` (you need `BW_SESSION` for export to work).
+- [Download](https://bitwarden.com/help/article/cli/#download-and-install) official bitwarden-cli and do `bw login` (you need `BW_SESSION` for export to work).
 - Run
 ```
 python3 bitwarden-to-keepass.py --bw-session BW_SESSION --database-path DATABASE_PATH --database-password DATABASE_PASSWORD [--database-keyfile DATABASE_KEYFILE] [--bw-path BW_PATH]
-```
+```

bitwarden-to-keepass.py

@@ -72,7 +72,7 @@ def bitwarden_to_keepass(args):
             entry.set_custom_property(str(field['name']), field['value'])
 
         for attachment in bw_item.get_attachments():
-            attachment_tmp_path = f'./attachment_tmp/{attachment["fileName"]}'
+            attachment_tmp_path = f'/tmp/attachment/{attachment["fileName"]}'
             attachment_path = subprocess.check_output(f'{quote(args.bw_path)} get attachment'
                                                       f' --raw {quote(attachment["id"])} '
                                                       f'--itemid {quote(bw_item.get_id())} '
@@ -99,12 +99,39 @@ def check_args(args):
     return True
 
 
+def environ_or_required(key):
+    return (
+        {'default': os.environ.get(key)} if os.environ.get(key)
+        else {'required': True}
+    )
+
+
 parser = ArgumentParser()
-parser.add_argument('--bw-session', help='Session generated from bitwarden-cli (bw login)', required=True)
-parser.add_argument('--database-path', help='Path to KeePass database. If database does not exists it will be created.', required=True)
-parser.add_argument('--database-password', help='Password for KeePass database', required=True)
-parser.add_argument('--database-keyfile', help='Path to Key File for KeePass database', default=None)
-parser.add_argument('--bw-path', help='Path for bw binary', default='bw')
+parser.add_argument(
+    '--bw-session',
+    help='Session generated from bitwarden-cli (bw login)',
+    **environ_or_required('BW_SESSION'),
+)
+parser.add_argument(
+    '--database-path',
+    help='Path to KeePass database. If database does not exists it will be created.',
+    **environ_or_required('DATABASE_PATH'),
+)
+parser.add_argument(
+    '--database-password',
+    help='Password for KeePass database',
+    **environ_or_required('DATABASE_PASSWORD'),
+)
+parser.add_argument(
+    '--database-keyfile',
+    help='Path to Key File for KeePass database',
+    default=os.environ.get('DATABASE_KEYFILE', None),
+)
+parser.add_argument(
+    '--bw-path',
+    help='Path for bw binary',
+    default=os.environ.get('BW_PATH', 'bw'),
+)
 args = parser.parse_args()
 
 check_args(args) and bitwarden_to_keepass(args)

docker-compose.yaml

@@ -0,0 +1,12 @@
+version: '3.8'
+services:
+  bitwarden-to-keepass:
+    build: .
+    command: bash -c 'export BW_SESSION=`$BW_PATH login --raw` && python3 bitwarden-to-keepass.py && $BW_PATH lock'
+    volumes:
+      - ./exports:/exports
+    tmpfs:
+      - /tmp
+      - '/root/.config/Bitwarden CLI'
+    env_file:
+      - .env