Team
f20bc770f5
- skills/gitea-deploy/: new skill for Gitea deployment automation - tools/: shared utility scripts - skills/sdlc/SKILL.md: add Foreground Service Rule for long-running processes (background start + readiness polling pattern)
39 lines
1.2 KiB
Bash
Executable File
39 lines
1.2 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# kp-get.sh — 安全从 KeePassXC 数据库获取条目属性
|
|
# 用法: ./kp-get.sh "Entry Title" [Password|UserName|URL]
|
|
#
|
|
# 主密码优先级:
|
|
# 1. KEEPASS_MASTER 环境变量
|
|
# 2. 系统密钥环 (secret-tool, Linux desktop)
|
|
# 3. GPG 加密文件 (~/.keepass/.master.gpg)
|
|
# 4. 交互输入
|
|
|
|
set -euo pipefail
|
|
|
|
DB="${KEEPASS_DB:-$HOME/.keepass/passwords.kdbx}"
|
|
ENTRY="${1:?用法: $0 \"Entry Title\" [Password|UserName|URL]}"
|
|
ATTR="${2:-Password}"
|
|
|
|
if [[ -z "${KEEPASS_MASTER:-}" ]]; then
|
|
KEEPASS_MASTER="$(secret-tool lookup service keepassxc account default 2>/dev/null || true)"
|
|
fi
|
|
|
|
if [[ -z "${KEEPASS_MASTER:-}" && -f "$HOME/.keepass/.master.gpg" ]]; then
|
|
KEEPASS_MASTER="$(gpg -q -d "$HOME/.keepass/.master.gpg" 2>/dev/null || true)"
|
|
fi
|
|
|
|
if [[ -z "${KEEPASS_MASTER:-}" && -f "$HOME/.keepass/.master.enc" ]]; then
|
|
KEEPASS_MASTER="$(openssl enc -d -aes-256-cbc -pbkdf2 -in "$HOME/.keepass/.master.enc" 2>/dev/null || true)"
|
|
fi
|
|
|
|
if [[ -z "${KEEPASS_MASTER:-}" && -f "$HOME/.keepass/.master" ]]; then
|
|
KEEPASS_MASTER="$(cat "$HOME/.keepass/.master")"
|
|
fi
|
|
|
|
if [[ -z "${KEEPASS_MASTER:-}" ]]; then
|
|
read -rsp "Master password: " KEEPASS_MASTER
|
|
echo
|
|
fi
|
|
|
|
echo "$KEEPASS_MASTER" | keepassxc-cli show -q "$DB" "$ENTRY" -a "$ATTR"
|