v2: Vault via host-side sync + disk cache, no bw CLI in container

2026-04-18 10:30:31 +02:00 · 2026-04-18 10:30:31 +02:00 · 8b97dea0e7
commit 8b97dea0e7
parent 3b9d54231b
5 changed files with 74 additions and 152 deletions
--- a/vault-sync.sh
+++ b/vault-sync.sh
@ -0,0 +1,31 @@
+#!/bin/bash
+# vault-sync.sh - Sync Vaultwarden items to Butler cache volume
+# Run via cron: */30 * * * * /app-config/homelab-butler/vault-sync.sh
+set -euo pipefail
+
+export BW_PASSWORD="8yRG5LADfoTLHdC1Oj"
+CACHE_DIR=$(sudo docker inspect homelab-butler --format '{{range .Mounts}}{{if eq .Destination "/data/vault-cache"}}{{.Source}}{{end}}{{end}}' 2>/dev/null)
+
+[ -z "$CACHE_DIR" ] && echo "Butler container not found" && exit 1
+
+SESSION=$(bw unlock --passwordenv BW_PASSWORD --raw 2>/dev/null)
+[ -z "$SESSION" ] && echo "Vault unlock failed" && exit 1
+
+bw sync --session "$SESSION" >/dev/null 2>&1
+
+bw list items --session "$SESSION" 2>/dev/null | sudo python3 -c "
+import sys, json, os
+items = json.load(sys.stdin)
+cache_dir = '$CACHE_DIR'
+os.makedirs(cache_dir, exist_ok=True)
+count = 0
+for item in items:
+    name = item.get('name', '')
+    notes = item.get('notes') or ''
+    if name and notes:
+        safe = name.lower().replace(' ', '-')
+        with open(f'{cache_dir}/{safe}', 'w') as f:
+            f.write(notes.strip())
+        count += 1
+print(f'vault-sync: {count} items written')
+"