122 lines
3.2 KiB
Bash
Executable File
122 lines
3.2 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
# Convert .env to Bitwarden JSON import format (secure note with custom fields).
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
|
|
source "$PROJECT_ROOT/lib/common.sh"
|
|
|
|
ITEM_NAME="gitea-migration-env"
|
|
ENV_FILE="$PROJECT_ROOT/.env"
|
|
OUTPUT_FILE=""
|
|
|
|
usage() {
|
|
cat >&2 <<EOF
|
|
Usage: $(basename "$0") [-o FILE] [-n NAME]
|
|
|
|
Convert .env to Bitwarden-importable JSON (secure note with custom fields).
|
|
|
|
Options:
|
|
-o FILE Write to file instead of stdout
|
|
-n NAME Bitwarden item name (default: $ITEM_NAME)
|
|
-h Show this help
|
|
|
|
Import the output via:
|
|
Bitwarden Web Vault → Tools → Import Data → Format: Bitwarden (json) → Upload
|
|
EOF
|
|
exit 1
|
|
}
|
|
|
|
while getopts "o:n:h" opt; do
|
|
case $opt in
|
|
o) OUTPUT_FILE="$OPTARG" ;;
|
|
n) ITEM_NAME="$OPTARG" ;;
|
|
h) usage ;;
|
|
*) usage ;;
|
|
esac
|
|
done
|
|
|
|
if [[ ! -f "$ENV_FILE" ]]; then
|
|
log_error ".env not found at $ENV_FILE"
|
|
exit 1
|
|
fi
|
|
|
|
if ! command -v jq &>/dev/null; then
|
|
log_error "jq is required but not installed"
|
|
exit 1
|
|
fi
|
|
|
|
# Patterns for fields that should be hidden (type=1) in Bitwarden
|
|
sensitive_re="PASSWORD|TOKEN|SECRET|_KEY"
|
|
|
|
# Build a TSV of key\tvalue\ttype lines, then convert to JSON in one jq call.
|
|
# This avoids calling jq in a loop.
|
|
tsv=""
|
|
while IFS= read -r line || [[ -n "$line" ]]; do
|
|
# Skip comments and blank lines
|
|
[[ -z "$line" || "$line" =~ ^[[:space:]]*# ]] && continue
|
|
|
|
key="${line%%=*}"
|
|
value="${line#*=}"
|
|
|
|
# Strip surrounding quotes
|
|
if [[ "$value" =~ ^\"(.*)\"$ ]]; then
|
|
value="${BASH_REMATCH[1]}"
|
|
elif [[ "$value" =~ ^\'(.*)\'$ ]]; then
|
|
value="${BASH_REMATCH[1]}"
|
|
fi
|
|
|
|
# Strip inline comments (space + #)
|
|
value="${value%%[[:space:]]#*}"
|
|
# Trim trailing whitespace
|
|
value="${value%"${value##*[![:space:]]}"}"
|
|
|
|
field_type=0
|
|
if [[ "$key" =~ $sensitive_re ]]; then
|
|
field_type=1
|
|
fi
|
|
|
|
# Append as null-delimited triple (safe for any value content)
|
|
tsv+="${key}"$'\x00'"${value}"$'\x00'"${field_type}"$'\x00'
|
|
done < "$ENV_FILE"
|
|
|
|
# Convert null-delimited triples into JSON fields array
|
|
fields_json=$(printf '%s' "$tsv" | \
|
|
jq -Rs '
|
|
split("\u0000") |
|
|
# drop trailing empty element from final delimiter
|
|
if .[-1] == "" then .[:-1] else . end |
|
|
[ range(0; length; 3) as $i |
|
|
{ name: .[$i], value: .[$i+1], type: (.[$i+2] | tonumber) }
|
|
]
|
|
')
|
|
|
|
field_count=$(printf '%s' "$fields_json" | jq 'length')
|
|
|
|
# Build the complete Bitwarden import envelope
|
|
import_json=$(jq -n \
|
|
--arg name "$ITEM_NAME" \
|
|
--argjson fields "$fields_json" \
|
|
'{
|
|
encrypted: false,
|
|
folders: [],
|
|
items: [
|
|
{
|
|
type: 2,
|
|
name: $name,
|
|
notes: "Gitea migration .env — exported by env_to_bitwarden.sh",
|
|
favorite: false,
|
|
secureNote: { type: 0 },
|
|
fields: $fields
|
|
}
|
|
]
|
|
}')
|
|
|
|
if [[ -n "$OUTPUT_FILE" ]]; then
|
|
printf '%s\n' "$import_json" > "$OUTPUT_FILE"
|
|
log_success "Wrote $field_count fields to $OUTPUT_FILE"
|
|
log_info "Import via: Bitwarden → Tools → Import Data → Bitwarden (json)"
|
|
else
|
|
printf '%s\n' "$import_json"
|
|
fi
|