meysam81 · May 7, 2025 04:21
diff --git a/backup-gpg-private-keys-to-bitwarden.sh b/backup-gpg-private-keys-to-bitwarden.sh
 #!/bin/bash

 set -eou pipefail

 if [[ "${DEBUG:-0}" -eq 1 ]]; then
  set -x
 fi

 # Check if Bitwarden CLI is installed
 if ! command -v bw &>/dev/null; then
  echo "Bitwarden CLI not installed. Please install it first."
  exit 1
 fi

 # Check if logged in and vault is unlocked
 if ! bw status | grep -q '"status":"unlocked"'; then
  echo "Bitwarden vault is locked or not logged in. Please run 'bw login' or 'bw unlock'."
  exit 1
 fi

 # Check if jq is installed
 if ! command -v jq &>/dev/null; then
  echo "jq is not installed. Please install it first."
  exit 1
 fi

 # Get or create Personal folder ID
 folder_name="personal"
 folder_id=$(bw list folders | jq -r --arg name "$folder_name" '.[] | select(.name==$name) | .id')

 if [ -z "$folder_id" ]; then
  folder_id=$(bw create folder "$(echo -n "{\"name\":\"$folder_name\"}" | base64)" | jq -r '.id')
  echo "Created folder: $folder_name with ID: $folder_id"
 fi

 # Iterate through GPG keys
 gpg --list-secret-keys --keyid-format LONG | grep '^sec' | while read -r line; do
  key_id=$(echo "$line" | awk '{print $2}' | cut -d'/' -f2)

  email=$(gpg --list-keys --keyid-format LONG "$key_id" | grep -oP '<\K[^>]+' | head -n 1)
  if [ -z "$email" ]; then
    email="no-email"
  fi

  note_title="GPG Private Key $email-$key_id"
  existing_note=$(bw list items --folderid "$folder_id" | jq -r --arg title "$note_title" '.[] | select(.name==$title) | .id')

  if [ -n "$existing_note" ]; then
    echo "Skipping GPG key for $email: already exists in Bitwarden folder 'personal' (Item ID: $existing_note)"
    continue
  fi

  # Export private key
  private_key=$(gpg --armor --export-secret-keys "$key_id")

  # Create JSON for Bitwarden secure note
  note_json=$(jq -n \
    --arg note_title "$note_title" \
    --arg key "$private_key" \
    --arg folder "$folder_id" \
    '{organizationId:null, folderId:$folder, type:2, name:$note_title, notes:$key, favorite:false, fields:[], secureNote:{type:0}}')

  # Encode and store in Bitwarden
  encoded_note=$(echo "$note_json" | base64)
  bw create item "$encoded_note" > /dev/null

  echo "Stored ($note_title) in Bitwarden folder 'personal'"
 done
diff --git a/backup-ssh-private-keys-to-bitwarden.sh b/backup-ssh-private-keys-to-bitwarden.sh
 #!/bin/bash

 set -eou pipefail

 if [[ "${DEBUG:-0}" -eq 1 ]]; then
  set -x
 fi

 # Check if Bitwarden CLI is installed
 if ! command -v bw &>/dev/null; then
  echo "Bitwarden CLI not installed. Please install it first."
  exit 1
 fi

 # Check if logged in and vault is unlocked
 if ! bw status | grep -q '"status":"unlocked"'; then
  echo "Bitwarden vault is locked or not logged in. Please run 'bw login' or 'bw unlock'."
  exit 1
 fi

 # Get or create Personal folder ID
 folder_name="personal"
 folder_id=$(bw list folders | jq -r --arg name "$folder_name" '.[] | select(.name==$name) | .id')

 if [ -z "$folder_id" ]; then
  folder_id=$(bw create folder "$(echo -n "{\"name\":\"$folder_name\"}" | base64)" | jq -r '.id')
  echo "Created folder: $folder_name with ID: $folder_id"
 fi

 # Default SSH directory
 ssh_dir="$HOME/.ssh"

 # Check if SSH directory exists
 if [ ! -d "$ssh_dir" ]; then
  echo "SSH directory $ssh_dir not found."
  exit 1
 fi

 # Iterate through private SSH keys (assuming common extensions and no .pub)
 for key_file in "$ssh_dir"/*; do
  # Skip public keys, directories, and non-key files
  if [[ "$key_file" == *.pub || -d "$key_file" || "$(basename "$key_file")" == "known_hosts" || "$(basename "$key_file")" == "config" || "$(basename "$key_file")" == "authorized_keys" ]]; then
    continue
  fi

  # Skip specific key patterns
  if [[ "$(basename "$key_file")" == *vagrant-local* || "$(basename "$key_file")" == *virtualbox-ubuntu* ]]; then
    continue
  fi

  if [[ "$(basename "$key_file")" == *config~* ]]; then
    continue
  fi

  if [[ "$(basename "$key_file")" == *google_compute* ]]; then
    continue
  fi

  # Check if file is readable
  if [ ! -r "$key_file" ]; then
    echo "Cannot read $key_file. Skipping."
    continue
  fi

  # Read private key content
  private_key=$(cat "$key_file")
  key_name=$(basename "$key_file")

  # Check if an item for this key already exists in Bitwarden
  existing_item=$(bw list items --folderid "$folder_id" | jq -r --arg name "SSH Private Key $key_name" '.[] | select(.name==$name) | .id')

  if [ -n "$existing_item" ]; then
    echo "SSH key $key_name already exists in Bitwarden folder 'personal'. Skipping."
    continue
  fi

  # Create JSON for Bitwarden secure note
  note_json=$(jq -n \
    --arg keyname "$key_name" \
    --arg key "$private_key" \
    --arg folder "$folder_id" \
    '{organizationId:null, folderId:$folder, type:2, name:"SSH Private Key \($keyname)", notes:$key, favorite:false, fields:[], secureNote:{type:0}}')

  # Encode and store in Bitwarden
  encoded_note=$(echo "$note_json" | base64)
  bw create item "$encoded_note" >/dev/null

  echo "Stored SSH key $key_name in Bitwarden folder 'personal'"
 done
	#!/bin/bash

	set -eou pipefail

	if [[ "${DEBUG:-0}" -eq 1 ]]; then
	set -x
	fi

	# Check if Bitwarden CLI is installed
	if ! command -v bw &>/dev/null; then
	echo "Bitwarden CLI not installed. Please install it first."
	exit 1
	fi

	# Check if logged in and vault is unlocked
	if ! bw status \| grep -q '"status":"unlocked"'; then
	echo "Bitwarden vault is locked or not logged in. Please run 'bw login' or 'bw unlock'."
	exit 1
	fi

	# Check if jq is installed
	if ! command -v jq &>/dev/null; then
	echo "jq is not installed. Please install it first."
	exit 1
	fi

	# Get or create Personal folder ID
	folder_name="personal"
	folder_id=$(bw list folders \| jq -r --arg name "$folder_name" '.[] \| select(.name==$name) \| .id')

	if [ -z "$folder_id" ]; then
	folder_id=$(bw create folder "$(echo -n "{\"name\":\"$folder_name\"}" \| base64)" \| jq -r '.id')
	echo "Created folder: $folder_name with ID: $folder_id"
	fi

	# Iterate through GPG keys
	gpg --list-secret-keys --keyid-format LONG \| grep '^sec' \| while read -r line; do
	key_id=$(echo "$line" \| awk '{print $2}' \| cut -d'/' -f2)

	email=$(gpg --list-keys --keyid-format LONG "$key_id" \| grep -oP '<\K[^>]+' \| head -n 1)
	if [ -z "$email" ]; then
	email="no-email"
	fi

	note_title="GPG Private Key $email-$key_id"
	existing_note=$(bw list items --folderid "$folder_id" \| jq -r --arg title "$note_title" '.[] \| select(.name==$title) \| .id')

	if [ -n "$existing_note" ]; then
	echo "Skipping GPG key for $email: already exists in Bitwarden folder 'personal' (Item ID: $existing_note)"
	continue
	fi

	# Export private key
	private_key=$(gpg --armor --export-secret-keys "$key_id")

	# Create JSON for Bitwarden secure note
	note_json=$(jq -n \
	--arg note_title "$note_title" \
	--arg key "$private_key" \
	--arg folder "$folder_id" \
	'{organizationId:null, folderId:$folder, type:2, name:$note_title, notes:$key, favorite:false, fields:[], secureNote:{type:0}}')

	# Encode and store in Bitwarden
	encoded_note=$(echo "$note_json" \| base64)
	bw create item "$encoded_note" > /dev/null

	echo "Stored ($note_title) in Bitwarden folder 'personal'"
	done