1Password
From NixOS Wiki
Using 1Password on NixOS
If you're using NixOS, you can enable 1Password and its GUI by:
/etc/nixos/configuration.nix
{ config, lib, pkgs, ... }:
{
# Enable the unfree 1Password packages
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"1password-gui"
"1password"
];
# Alternatively, you could also just allow all unfree packages
# nixpkgs.config.allowUnfree = true;
programs._1password.enable = true;
programs._1password-gui = {
enable = true;
# Certain features, including CLI integration and system authentication support,
# require enabling PolKit integration on some desktop environments (e.g. Plasma).
polkitPolicyOwners = [ "yourUsernameHere" ];
};
...
}
Unlocking Browser Extensions
The 1Password app can unlock your browser extension using a special NativeMessaging process. This streamlines your 1Password experience: Once you unlock 1Password from your tray icon, your browser extensions will be unlocked as well.
This is automatically configured for Firefox, Chrome, and Brave browsers. However, Vivaldi and other custom Chrome-based browsers may not unlock when you unlock 1Password. If you find this to be the case, the solution is to set the /etc/1password/custom_allowed_browsers file as follows:
- First, use
ps auxto find the application name for the browser. For Vivaldi, this isvivaldi-bin - Add that binary name to
/etc/1password/custom_allowed_browsers
environment.etc = {
"1password/custom_allowed_browsers" = {
text = ''
vivaldi-bin
wavebox
'';
mode = "0755";
};
};
1Password, SSH keys and Home Manager
If 1Password manages your SSH keys and you use Home Manager, you may also configure your ~/.ssh/config file using Nix:
_: let
# onePassPath = "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock";
onePassPath = "~/.1password/agent.sock";
in {
programs.ssh = {
enable = true;
extraConfig = ''
Host *
IdentityAgent ${onePassPath}
'';
};
}
On non-NixOS installs
Home Manager
home.packages = [
pkgs._1password
pkgs._1password-gui
];