1Password: Difference between revisions

(5 intermediate revisions by 5 users not shown)

Line 11:

# Enable the unfree 1Password packages

nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [

"1password-cli"

"1password-gui"

"1password"

Line 52:

Line 53:

};

</syntaxhighlight>

=== Unlocking with System Authentication ===

1Password allows [https://support.1password.com/system-authentication-linux/ unlocking with system authentication]. This means fingerprints or login passwords may be used in addition to the master password. This must be enabled under the Security preferences tab of 1Password as outlined in the 1Password documentation, but also requires a few other system tools to work.

For the graphical authentication prompt to work, a user [[Polkit#Authentication_agents|Polkit authentication agent]] must be started. The authentication agent may automatically be started under Gnome, KDE, or other DE at login, but may need to be explicitly enabled for other window managers.

For fingerprint unlocking to work, [[Fingerprint scanner|fingerprint scanning]] to be enabled and allowed for typical system authentication.

== Home Manager ==

{{warning|1=Non-[[NixOS]] installs [https://1password.community/~~discussion~~/~~comment~~/~~655813~~/~~#Comment_655813~~ will not link with browser extensions or system authentication] }}

{{warning|1=Non-[[NixOS]] installs [https://www.1password.community/discussions/1password/sandboxed-application-cant-communicate-with-browser-extension/91984/replies/92015 will not link with browser extensions or system authentication] }}

=== Installation ===

Line 79:

Line 88:

_: let

let

# onePassPath = "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock";

onePassPath = if pkgs.stdenv.isDarwin

~~onePassPath =~~ "~/.1password/agent.sock";

then "${config.home.homeDirectory}/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"

else "${config.home.homeDirectory}/.1password/agent.sock";

in {

home.sessionVariables.SSH_AUTH_SOCK = onePassPath;

# or, alternatively, set it in `.ssh/config` which has higher precedence:

programs.ssh = {

enable = true;

Line 95:

Line 108:

==== Configuring Git ====

You can enable [[Git]]'s [[SSH]] ~~singing~~ with [[Home Manager]]:

You can enable [[Git]]'s [[SSH]] signing with [[Home Manager]]:

@@ Line 11: / Line 11: @@
    # Enable the unfree 1Password packages
    nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+    "1password-cli"
      "1password-gui"
      "1password"
@@ Line 52: / Line 53: @@
      };
 </syntaxhighlight>
+=== Unlocking with System Authentication ===
+Password allows [https://support.1password.com/system-authentication-linux/ unlocking with system authentication]. This means fingerprints or login passwords may be used in addition to the master password. This must be enabled under the Security preferences tab of 1Password as outlined in the 1Password documentation, but also requires a few other system tools to work.
+For the graphical authentication prompt to work, a user [[Polkit#Authentication_agents|Polkit authentication agent]] must be started. The authentication agent may automatically be started under Gnome, KDE, or other DE at login, but may need to be explicitly enabled for other window managers.
+For fingerprint unlocking to work, [[Fingerprint scanner|fingerprint scanning]] to be enabled and allowed for typical system authentication.
 == Home Manager ==
-{{warning|1=Non-[[NixOS]] installs [https://1password.community/discussion/comment/655813/#Comment_655813 will not link with browser extensions or system authentication] }}
+{{warning|1=Non-[[NixOS]] installs [https://www.1password.community/discussions/1password/sandboxed-application-cant-communicate-with-browser-extension/91984/replies/92015 will not link with browser extensions or system authentication] }}
 === Installation ===
@@ Line 79: / Line 88: @@
 <syntaxhighlight lang="nix">
-_: let
+let
-   # onePassPath = "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock";
+   onePassPath = if pkgs.stdenv.isDarwin
-  onePassPath = "~/.1password/agent.sock";
+    then "${config.home.homeDirectory}/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"
+    else "${config.home.homeDirectory}/.1password/agent.sock";
 in {
+  home.sessionVariables.SSH_AUTH_SOCK = onePassPath;
+  # or, alternatively, set it in `.ssh/config` which has higher precedence:
    programs.ssh = {
      enable = true;
@@ Line 95: / Line 108: @@
 ==== Configuring Git ====
-You can enable [[Git]]'s [[SSH]] singing with [[Home Manager]]:
+You can enable [[Git]]'s [[SSH]] signing with [[Home Manager]]:
 <syntaxhighlight lang="nix">