tool to dump SOPS account info (including totp)

modules/universal/home-manager.nix

@@ -231,6 +231,7 @@ in
         # nixos-generators
         # nettools
         nmap
+        oathToolkit  # for oathtool
         obsidian
         openssl
         parted

pkgs/sane-scripts/src/bin/sane-dump-secret

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+# use: `sane-dump-secret /path/to/accounts/website.yaml`
+# dumps relevant information about the account, include a OTP code if present
+secrets=$(sops -d --output-type dotenv $1)
+function get_value() {
+	echo "$secrets" | grep "^$1=" | cut -d '=' -f 2-
+}
+echo username: $(get_value username)
+echo password: $(get_value password)
+totp=$(get_value totp-b32)
+[[ -z "$totp" ]] || echo totp: $(oathtool -b --totp $totp)
+