1Password: Difference between revisions
imported>Pluiedev m not required |
m Category:Applications (not Software) |
||
| (11 intermediate revisions by 7 users not shown) | |||
| Line 1: | Line 1: | ||
= | [https://1password.com/ 1Password] is a password manager. | ||
If you're using NixOS, you can enable 1Password and its GUI | |||
== NixOS == | |||
=== Installation === | |||
If you're using [[NixOS]], you can enable 1Password and its GUI with: | |||
{{file|/etc/nixos/configuration.nix|nix|<nowiki> | {{file|/etc/nixos/configuration.nix|nix|<nowiki> | ||
{ config, lib, pkgs, ... }: | { config, lib, pkgs, ... }: | ||
| Line 23: | Line 28: | ||
</nowiki>}} | </nowiki>}} | ||
= | |||
=== Unlocking browser extensions === | |||
{{warning|1=This only works for browsers that are installed via [[NixOS]]. Browsers installed via [[Flatpak]] are not supported.}} | |||
The 1Password app can unlock your browser extension using a special [https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Native_messaging native messaging] process. This streamlines your 1Password experience: Once you unlock 1Password from your tray icon, your browser extensions will be unlocked as well. | |||
This is automatically configured for [[Firefox]], [[Chrome]], and [[Brave]] browsers. However, [[Vivaldi]] and other custom Chrome-based browsers may not unlock when you unlock 1Password. If you find this to be the case, the solution is to set the <code>/etc/1password/custom_allowed_browsers</code> file as follows: | |||
* First, use <code>ps aux</code> to find the application name for the browser. For Vivaldi, this is <code>vivaldi-bin</code> | |||
* Add that binary name to <code>/etc/1password/custom_allowed_browsers</code>: | |||
<syntaxhighlight lang="nix"> | |||
environment.etc = { | |||
"1password/custom_allowed_browsers" = { | |||
text = '' | |||
vivaldi-bin | |||
wavebox | |||
''; | |||
mode = "0755"; | |||
}; | |||
}; | |||
</syntaxhighlight> | |||
== Home Manager == | |||
{{warning|1=Non-[[NixOS]] installs [https://1password.community/discussion/comment/655813/#Comment_655813 will not link with browser extensions or system authentication] }} | |||
=== Installation === | |||
Add the following to your [[Home Manager]] configuration: | |||
<syntaxhighlight lang="nix"> | |||
home.packages = [ | |||
pkgs._1password | |||
pkgs._1password-gui | |||
]; | |||
</syntaxhighlight> | |||
=== SSH key management === | |||
1Password [https://developer.1password.com/docs/ssh/ can manage SSH keys]. | |||
==== Configuring SSH ==== | |||
If 1Password manages your [[SSH]] keys and you use [[Home Manager]], you may also configure your <code>~/.ssh/config</code> file using Nix: | |||
<syntaxhighlight lang="nix"> | |||
_: let | |||
# onePassPath = "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"; | |||
onePassPath = "~/.1password/agent.sock"; | |||
in { | |||
programs.ssh = { | |||
enable = true; | |||
extraConfig = '' | |||
Host * | |||
IdentityAgent ${onePassPath} | |||
''; | |||
}; | |||
} | |||
</syntaxhighlight> | |||
==== Configuring Git ==== | |||
You can enable [[Git]]'s [[SSH]] singing with [[Home Manager]]: | |||
<syntaxhighlight lang="nix"> | |||
{ | |||
programs.git = { | |||
enable = true; | |||
extraConfig = { | |||
gpg = { | |||
format = "ssh"; | |||
}; | |||
"gpg \"ssh\"" = { | |||
program = "${lib.getExe' pkgs._1password-gui "op-ssh-sign"}"; | |||
}; | |||
commit = { | |||
gpgsign = true; | |||
}; | |||
user = { | |||
signingKey = "..."; | |||
}; | |||
}; | |||
}; | |||
} | |||
</syntaxhighlight> | |||
[[Category:Applications]] | |||