scripts/setup-keeper-secrets.sh at main · vitorpy.com/dotfiles

vitorpy.com / dotfiles
vitorpy's Dotfiles
dotfiles / scripts / setup-keeper-secrets.sh
at main 6.3 kB view raw
  1#!/bin/bash
  2
  3# Keeper Commander + Chezmoi Integration Setup Script
  4# This script sets up Keeper Commander CLI for secret management in dotfiles
  5
  6set -e
  7
  8GREEN='\033[0;32m'
  9YELLOW='\033[1;33m'
 10RED='\033[0;31m'
 11NC='\033[0m' # No Color
 12
 13echo -e "${GREEN}Keeper Commander + Chezmoi Secret Management Setup${NC}"
 14echo "=================================================="
 15echo ""
 16
 17# Check Python availability
 18if ! command -v python3 &> /dev/null; then
 19    echo -e "${RED}Python 3 is required but not installed.${NC}"
 20    exit 1
 21fi
 22
 23# Function to install Keeper Commander
 24install_keeper() {
 25    echo -e "${YELLOW}Installing Keeper Commander...${NC}"
 26
 27    # Install in user space to avoid system conflicts
 28    pip3 install --user keepercommander
 29
 30    if [ $? -eq 0 ]; then
 31        echo -e "${GREEN}✓ Keeper Commander installed successfully${NC}"
 32
 33        # Add pip user bin to PATH if not already there
 34        if [[ ":$PATH:" != *":$HOME/.local/bin:"* ]]; then
 35            echo -e "${YELLOW}Adding ~/.local/bin to PATH...${NC}"
 36            echo 'export PATH="$HOME/.local/bin:$PATH"' >> ~/.bashrc
 37            echo 'set -x PATH $HOME/.local/bin $PATH' >> ~/.config/fish/config.fish 2>/dev/null || true
 38            export PATH="$HOME/.local/bin:$PATH"
 39        fi
 40    else
 41        echo -e "${RED}Failed to install Keeper Commander${NC}"
 42        exit 1
 43    fi
 44}
 45
 46# Function to configure Keeper
 47configure_keeper() {
 48    echo ""
 49    echo -e "${YELLOW}Configuring Keeper Commander...${NC}"
 50    echo "You'll need your Keeper credentials to continue."
 51    echo ""
 52
 53    # Initialize Keeper configuration
 54    keeper login
 55
 56    if [ $? -eq 0 ]; then
 57        echo -e "${GREEN}✓ Keeper configured successfully${NC}"
 58    else
 59        echo -e "${RED}Keeper configuration failed${NC}"
 60        exit 1
 61    fi
 62}
 63
 64# Function to create chezmoi integration scripts
 65create_chezmoi_integration() {
 66    echo ""
 67    echo -e "${YELLOW}Creating Chezmoi integration...${NC}"
 68
 69    # Create keeper helper script for chezmoi
 70    cat > ~/.local/bin/chezmoi-keeper-get << 'EOF'
 71#!/bin/bash
 72# Helper script to get secrets from Keeper for chezmoi templates
 73# Usage: chezmoi-keeper-get <record_uid> <field>
 74
 75RECORD_UID="$1"
 76FIELD="$2"
 77
 78if [ -z "$RECORD_UID" ] || [ -z "$FIELD" ]; then
 79    echo "Usage: chezmoi-keeper-get <record_uid> <field>"
 80    exit 1
 81fi
 82
 83# Get the secret from Keeper
 84keeper get "$RECORD_UID" --format=json 2>/dev/null | python3 -c "
 85import sys, json
 86try:
 87    data = json.load(sys.stdin)
 88    if '$FIELD' == 'password':
 89        print(data.get('password', ''), end='')
 90    elif '$FIELD' == 'login':
 91        print(data.get('login', ''), end='')
 92    else:
 93        # Look in custom fields
 94        for field in data.get('custom', []):
 95            if field.get('name') == '$FIELD':
 96                print(field.get('value', ''), end='')
 97                break
 98except:
 99    sys.exit(1)
100"
101EOF
102
103    chmod +x ~/.local/bin/chezmoi-keeper-get
104
105    echo -e "${GREEN}✓ Chezmoi-Keeper helper script created${NC}"
106}
107
108# Function to create example template
109create_example_template() {
110    echo ""
111    echo -e "${YELLOW}Creating example template...${NC}"
112
113    # Create example directory if it doesn't exist
114    mkdir -p ~/.local/share/chezmoi/.examples
115
116    # Create example template for SSH config
117    cat > ~/.local/share/chezmoi/.examples/ssh_config.tmpl << 'EOF'
118# Example SSH Config Template with Keeper Secrets
119# To use this, copy to private_dot_ssh/config.tmpl
120
121Host myserver
122    HostName server.example.com
123    User myuser
124    # Get password from Keeper (replace RECORD_UID with actual UID)
125    # You can find the UID by running: keeper list --format=json
126    # Password: {{ output "chezmoi-keeper-get" "RECORD_UID" "password" | trim }}
127
128Host github.com
129    User git
130    # Example of getting SSH key passphrase from Keeper
131    # IdentityFile ~/.ssh/id_ed25519
132    # {{ $passphrase := output "chezmoi-keeper-get" "GITHUB_KEY_UID" "passphrase" | trim }}
133EOF
134
135    # Create example for environment variables
136    cat > ~/.local/share/chezmoi/.examples/env_secrets.tmpl << 'EOF'
137# Example Environment Variables Template with Keeper Secrets
138# To use this, copy to desired location with .tmpl extension
139
140# API Keys from Keeper
141export ANTHROPIC_API_KEY="{{ output "chezmoi-keeper-get" "ANTHROPIC_RECORD_UID" "password" | trim }}"
142export OPENAI_API_KEY="{{ output "chezmoi-keeper-get" "OPENAI_RECORD_UID" "password" | trim }}"
143export NPM_TOKEN="{{ output "chezmoi-keeper-get" "NPM_RECORD_UID" "password" | trim }}"
144
145# Database credentials
146export DB_USER="{{ output "chezmoi-keeper-get" "DB_RECORD_UID" "login" | trim }}"
147export DB_PASS="{{ output "chezmoi-keeper-get" "DB_RECORD_UID" "password" | trim }}"
148EOF
149
150    echo -e "${GREEN}✓ Example templates created in ~/.local/share/chezmoi/.examples/${NC}"
151}
152
153# Function to show how to use
154show_usage() {
155    echo ""
156    echo -e "${GREEN}Setup Complete!${NC}"
157    echo ""
158    echo "How to use Keeper with Chezmoi:"
159    echo "================================"
160    echo ""
161    echo "1. Find a record's UID in Keeper:"
162    echo "   ${YELLOW}keeper list --format=json | jq -r '.[] | select(.title==\"My Record\") | .record_uid'${NC}"
163    echo ""
164    echo "2. Create a template file (add .tmpl extension):"
165    echo "   ${YELLOW}chezmoi add --template ~/.config/myapp/config${NC}"
166    echo ""
167    echo "3. In the template, use Keeper to get secrets:"
168    echo '   ${YELLOW}password = "{{ output "chezmoi-keeper-get" "RECORD_UID" "password" | trim }}"${NC}'
169    echo ""
170    echo "4. Apply templates:"
171    echo "   ${YELLOW}chezmoi apply${NC}"
172    echo ""
173    echo "Example templates have been created in:"
174    echo "  ${YELLOW}~/.local/share/chezmoi/.examples/${NC}"
175}
176
177# Main execution
178main() {
179    # Check if Keeper Commander is already installed
180    if command -v keeper &> /dev/null; then
181        echo -e "${GREEN}✓ Keeper Commander is already installed${NC}"
182    else
183        install_keeper
184    fi
185
186    # Check if Keeper is configured
187    if keeper whoami &> /dev/null 2>&1; then
188        echo -e "${GREEN}✓ Keeper is already configured${NC}"
189    else
190        configure_keeper
191    fi
192
193    # Create chezmoi integration
194    create_chezmoi_integration
195
196    # Create examples
197    create_example_template
198
199    # Show usage
200    show_usage
201}
202
203# Run main function
204main