Last active
January 27, 2024 19:44
-
-
Save dwallraff/41cb39fda2d3d00b3924003a5fadbd7b to your computer and use it in GitHub Desktop.
Backup 1Password (item metadata and docs)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/env bash | |
| #-- Dave Wallraff | |
| # First things first, I'm the realest... | |
| ### backup everything in 1password | |
| # curl -sL dwallraff.com/1password | bash | |
| # wrap in a function for curl|bash | |
| do_stuff() { | |
| # Check if op is installed | |
| if [ ! "$(command -v op)" ]; then | |
| echo "The op cli is not installed. Aborting..." | |
| exit 1 | |
| fi | |
| # Check if we can copy to googledrive | |
| COPY_TO_HOME=false | |
| if [ ! -d "$HOME"/GoogleDrive/archive/encrypted\ backups/1password ]; then | |
| echo "Not able to copy to Google Drive. Encrypted tarball will be saved to HOME." | |
| COPY_TO_HOME=true | |
| fi | |
| # Check if op is logged in | |
| if ! op whoami > /dev/null 2>&1; then | |
| echo "Not logged into 1password" | |
| echo "Please run:" | |
| echo "eval \"\$(op account add --account my.1password.comn --email [email protected] --address my.1password.com --signin)\"" | |
| exit 1 | |
| fi | |
| # set some vars | |
| TODAY=$(date "+%Y%m%d") | |
| TEMPDIR=$(mktemp -d) | |
| mkdir -p "$TEMPDIR"/"$TODAY"_1password_backup/files || exit 1 | |
| BACKUPDIR="$TEMPDIR"/"$TODAY"_1password_backup | |
| echo "Backing up 1password..." | |
| echo | |
| # Get all items | |
| for id in $(op item list --include-archive --format json | jq -r '.[] | .id'); do | |
| name="$(op item get "$id" --format json | jq -r '.title' | iconv -t ascii//TRANSLIT | sed -E s/[^a-zA-Z0-9]+/-/g | sed -E s/^-+\|-+$//g | tr '[:upper:]' '[:lower:]')" | |
| echo "Grabbing $name..." | |
| op item get "$id" --format json > "$BACKUPDIR"/"$name-$id".json | |
| done | |
| # Download all docs | |
| for id in $(op item list --include-archive --categories DOCUMENT --format json | jq -r '.[] | .id'); do | |
| name="$(op item get "$id" --format json | jq -r '.title' | iconv -t ascii//TRANSLIT | sed -E s/[^a-zA-Z0-9]+/-/g | sed -E s/^-+\|-+$//g | tr '[:upper:]' '[:lower:]')" | |
| FILENAME="$(op item get "$id" --format json | jq -r '.files[].name')" | |
| FILEEXTENSION="${FILENAME##*.}" | |
| echo "Downloading $name.$FILEEXTENSION..." | |
| op document get "$id" --output "$BACKUPDIR/files/$name-$id.$FILEEXTENSION" | |
| done | |
| # Encrypt the folder | |
| echo "Encrypting and tar'ing" | |
| if ! exec 3<<<"$(op item get encrypted_tar_password --format json | jq -r '.fields[] | select(.id=="password") | .value')"; then | |
| echo "Couldn't get tarball password. Aborting..." | |
| exit 1 | |
| fi | |
| tar hczC "$TEMPDIR" "$TODAY"_1password_backup | gpg --batch --cipher-algo AES256 --passphrase-fd 3 --symmetric --output "$BACKUPDIR".tar.gz.enc | |
| if $COPY_TO_HOME; then | |
| cp "$BACKUPDIR".tar.gz.enc "$HOME"/. || exit 1 | |
| else | |
| cp "$BACKUPDIR".tar.gz.enc ~/GoogleDrive/archive/encrypted\ backups/1password/. || exit 1 | |
| fi | |
| # Cleanup | |
| if ! rm -r "$TEMPDIR"; then | |
| echo "FAILED TO CLEANUP" | |
| exit 1 | |
| fi | |
| } | |
| do_stuff |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment