rogs/bitwarden-to-keepass
rogs/bitwarden-to-keepass
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Asking for the keepass DB password interactively if not set

Browse Source
This commit is contained in:
Roger Gonzalez 2024-02-24 09:18:20 -03:00
parent 4d26be944e
commit beb8115acb
Signed by: rogs
GPG Key ID: C7ECE9C6C36EC2E6
2 changed files with 19 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
README.md
View File

@ -14,7 +14,7 @@ It uses the official [bitwarden-cli](https://bitwarden.com/help/article/cli/) cl
### Environment variables available ### Environment variables available
- `DATABASE_PASSWORD` (required): The password you want your KeePass file to have. - `DATABASE_PASSWORD` (optional): The password you want your KeePass file to have. If not set, the script will ask for a password interactively.
- `DATABASE_NAME` (optional): The name you want your KeePass file to have. If not set, it will default to `bitwarden.kdbx`. - `DATABASE_NAME` (optional): The name you want your KeePass file to have. If not set, it will default to `bitwarden.kdbx`.
- `BITWARDEN_URL` (optional): A custom Bitwarden/Vaultwarden instance. If you are using the official https://bitwarden.com, you can leave this blank. - `BITWARDEN_URL` (optional): A custom Bitwarden/Vaultwarden instance. If you are using the official https://bitwarden.com, you can leave this blank.
@ -22,24 +22,26 @@ It uses the official [bitwarden-cli](https://bitwarden.com/help/article/cli/) cl
All backups will be written to `/exports`. You need to mount that volume locally in order to retrieve the backup file. All backups will be written to `/exports`. You need to mount that volume locally in order to retrieve the backup file.
### Docker command ### Minimal Docker command
In your terminal, run: In your terminal, run:
```sh ```sh
$ docker run --rm -it \ $ docker run --rm -it -v ./exports:/exports rogsme/bitwarden-to-keepass
-e DATABASE_PASSWORD=123 \
-e DATABASE_NAME="my-cool-bitwarden-backup.kdbx" \
-e BITWARDEN_URL=http://your.bitwarden.instance.com \
-v ./exports:/exports \
rogsme/bitwarden-to-keepass
``` ```
**The `--rm --it` is important!** Why? **The `--rm --it` is important!** Why?
- `--rm`: The Docker container will delete itself after it runs. This ensures no config leaking. - `--rm`: The Docker container will delete itself after it runs. This ensures no config leaking.
- `-it`: The script will ask for your credentials, so Docker has to run interactively. - `-it`: The script will ask for your credentials, so Docker has to run interactively.
First, the script will ask for your username: First, the script will ask for your Keepass DB password. The input is hidden, so it won't be visible on your terminal:
``` sh
$ DATABASE_PASSWORD is not set
$ Keepass DB password [input is hidden]
```
Then, your Bitwarden username:
``` sh ``` sh
$ Email address: your@email.com $ Email address: your@email.com
@ -60,7 +62,7 @@ $ Two-step login code: 123456
And it'll start converting your passwords into KeePass! You'll see something similar to this: And it'll start converting your passwords into KeePass! You'll see something similar to this:
``` sh ``` sh
Generating KeePass file /exports/my-cool-bitwarden-backup.kdbx Generating KeePass file /exports/bitwarden.kdbx
2024-02-20 15:12:54 :: INFO :: KeePass database does not exist, creating a new one. 2024-02-20 15:12:54 :: INFO :: KeePass database does not exist, creating a new one.
2024-02-20 15:13:20 :: INFO :: Folders done (1). 2024-02-20 15:13:20 :: INFO :: Folders done (1).
2024-02-20 15:13:36 :: INFO :: Starting to process 999 items. 2024-02-20 15:13:36 :: INFO :: Starting to process 999 items.
@ -73,14 +75,14 @@ In the end, the script will lock your vault and log out of your account:
``` sh ``` sh
Your vault is locked. Your vault is locked.
You have logged out. You have logged out.
KeePass file /exports/my-cool-bitwarden-backup.kdbx generated successfully KeePass file /exports/bitwarden.kdbx generated successfully
``` ```
And you can find your file in your mounted directory! And you can find your file in your mounted directory!
``` sh ``` sh
$ ls exports $ ls exports
my-cool-bitwarden-backup.kdbx bitwarden.kdbx
``` ```
## FAQ ## FAQ

7
entrypoint.sh
View File

@ -1,9 +1,11 @@
#!/bin/sh #!/bin/bash
# Check that the database password is set # Check that the database password is set
if [ -z "$DATABASE_PASSWORD" ]; then if [ -z "$DATABASE_PASSWORD" ]; then
echo "DATABASE_PASSWORD is not set" echo "DATABASE_PASSWORD is not set"
exit 1 echo -n "Keepass DB password [input is hidden] "
read -r -s DATABASE_PASSWORD
echo
fi fi
# If BITWARDEN_URL is not empty, set a custom Bitwarden instance # If BITWARDEN_URL is not empty, set a custom Bitwarden instance
@ -31,6 +33,7 @@ fi
DATABASE_PATH="/exports/$DATABASE_NAME" DATABASE_PATH="/exports/$DATABASE_NAME"
export DATABASE_PATH export DATABASE_PATH
export DATABASE_PASSWORD
# Convert the Bitwarden data to a KeePass file # Convert the Bitwarden data to a KeePass file
bw sync || { echo "Failed to sync Bitwarden data"; exit 1; } bw sync || { echo "Failed to sync Bitwarden data"; exit 1; }