From 68f066229bceb4a5bb5eb75f2bc03361fc56e16c Mon Sep 17 00:00:00 2001
From: colin <colin@uninsane.org>
Date: Sun, 19 Jun 2022 23:54:36 -0700
Subject: [PATCH] tool to dump SOPS account info (including totp)

---
 modules/universal/home-manager.nix         |  1 +
 pkgs/sane-scripts/src/bin/sane-dump-secret | 12 ++++++++++++
 2 files changed, 13 insertions(+)
 create mode 100755 pkgs/sane-scripts/src/bin/sane-dump-secret

diff --git a/modules/universal/home-manager.nix b/modules/universal/home-manager.nix
index 07185081..7661599c 100644
--- a/modules/universal/home-manager.nix
+++ b/modules/universal/home-manager.nix
@@ -231,6 +231,7 @@ in
         # nixos-generators
         # nettools
         nmap
+        oathToolkit  # for oathtool
         obsidian
         openssl
         parted
diff --git a/pkgs/sane-scripts/src/bin/sane-dump-secret b/pkgs/sane-scripts/src/bin/sane-dump-secret
new file mode 100755
index 00000000..cb696e7b
--- /dev/null
+++ b/pkgs/sane-scripts/src/bin/sane-dump-secret
@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+# use: `sane-dump-secret /path/to/accounts/website.yaml`
+# dumps relevant information about the account, include a OTP code if present
+secrets=$(sops -d --output-type dotenv $1)
+function get_value() {
+	echo "$secrets" | grep "^$1=" | cut -d '=' -f 2-
+}
+echo username: $(get_value username)
+echo password: $(get_value password)
+totp=$(get_value totp-b32)
+[[ -z "$totp" ]] || echo totp: $(oathtool -b --totp $totp)
+