Last active
October 2, 2023 10:45
-
-
Save piratecarrot/0532f77e34c06358920806e5b9281322 to your computer and use it in GitHub Desktop.
Setting up KeePassXC with Google Drive synchronisation and SSH Agent
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is intended to be copied and pasted to a console, not executed as a script... for now. | |
| # Install some stuff, I use yay, you may use something else | |
| sudo pacman -S keepassxc rclone curl | |
| mkdir -p ~/.local/bin | |
| mkdir -p ~/.local/lib/private | |
| chmod 0700 ~/.local/lib/private | |
| # CREATE YOUR KEEPASSXC BASE IN ~/.local/lib/private/ | |
| # Put the filename in the relevant line of ~/.local/bin/sync-password.sh | |
| # which is downloaded later | |
| rclone config | |
| # See https://medium.com/@z.baratz/setting-up-keepassxc-on-linux-with-cloud-synchronization-85ccce837365 on how to config | |
| # client_id, client_secret, root_folder | |
| # Use name "google-drive" if you don't want to modify anythign else | |
| # Drive type is 15 for Google Drive | |
| # Recommended to use scope "drive.file" | |
| # I have my root folder as a folder in Google Drive called "Private" | |
| chmod 0700 ~/.config/rclone | |
| chmod 0600 ~/.config/rclone/rclone.conf | |
| (cd ~/.local/bin && curl -O https://gist.githubusercontent.com/ZviBaratz/a4a51544c3d876543d37abfd0c6ee2a3/raw/1b739673cfe168a7c0797bc04e1ab90269c82281/sync-passwords.sh) | |
| chmod 0700 ~/.local/bin/sync-passwords.sh | |
| mkdir -p ~/.config/systemd/user/ | |
| cat <<EOF | tee ~/.config/systemd/user/sync-passwords.service | |
| [Unit] | |
| Description=Synchronise KeePassXC passwords | |
| [Service] | |
| Type=oneshot | |
| ExecStart=/home/$USER/.local/bin/sync-passwords.sh | |
| StandardOutput=journal | |
| EOF | |
| cat <<EOF | tee ~/.config/systemd/user/sync-passwords.timer | |
| [Unit] | |
| Description=Sync passwords every 5 minutes | |
| [Timer] | |
| OnBootSec=0min | |
| OnCalendar=*:0/5 | |
| Unit=sync-passwords.service | |
| [Install] | |
| WantedBy=basic.target | |
| EOF | |
| cat <<'EOF' | tee ~/.config/systemd/user/ssh-agent.service | |
| [Unit] | |
| Description=SSH key agent | |
| [Service] | |
| Type=simple | |
| Environment=SSH_AUTH_SOCK=%t/ssh-agent.socket | |
| # DISPLAY required for ssh-askpass to work | |
| Environment=DISPLAY=:0 | |
| ExecStart=/usr/bin/ssh-agent -D -a $SSH_AUTH_SOCK | |
| [Install] | |
| WantedBy=default.target | |
| EOF | |
| systemctl --user daemon-reload | |
| systemctl --user enable sync-passwords.timer | |
| systemctl --user start sync-passwords.timer | |
| systemctl --user enable ssh-agent.service | |
| systemctl --user start ssh-agent.service | |
| mkdir -p ~/.config/environment.d | |
| echo SSH_AUTH_SOCK=/run/user/$UID/ssh-agent.socket | tee ~/.config/environment.d/10-ssh-auth-sock.conf | |
| # we use environment.d for environment files because it should be present everywhere, including GUI applications |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment