By Will Stewart
Published 2nd June 2022
1Password is a password manager, digital vault, form filler and secure digital wallet. In this guide, we will show you how to deploy a 1Password Connect server on Northflank.
1Password provides two images to make the Connect server function. However, they both need to share a common volume and have several issues with file permissions so we're going to make our own image combining both of the images.
To do so, we will first have to create a repository on GitHub with the necessary files, and then create a service on Northflank. Let’s get started!
In your Github account, create a new repository and include the following two files:
RUN apt-get update && apt-get install ca-certificates -y && update-ca-certificates
COPY entrypoint.sh entrypoint.sh
COPY --from=1password/connect-api:latest /bin/connect-api /bin/connect-api
COPY --from=1password/connect-sync:latest /bin/connect-sync /bin/connect-sync
RUN chmod +x entrypoint.sh
RUN chmod +x /bin/connect-api
RUN chmod +x /bin/connect-sync
mkdir -p /home/opuser/.op/data
chown -R 999 /home/opuser
chmod -R 700 /home/opuser
chmod -f -R 600 /home/opuser/.op/config || :
OP_HTTP_PORT=8080 /bin/connect-api &
OP_HTTP_PORT=9090 /bin/connect-sync &
# Exit with status of process that exited first
Once your repository is created, we will move to Northflank to deploy your instance of 1Password.
Create a new combined service and choose your name.
Under repository, select the repository we have just created for 1password.
If your Northflank account is still not connected to your GitHub account, you can do so now. This page will show you the detailed steps to do so.
Under build options, select Dockerfile and it will automatically find the Dockerfile in your repository.
Under environment variables, add the following runtime variables:
To find your credentials, you will have to set up a secret automation workflow following this link. Once you have set it up, download the Credentials File. Your credentials are the contents of this file. Save the Access Token so you can make requests to the Connect API later. There is more information on setting up a secret automation workflow in this 1Password page.
Under advanced, add a secret file with the mount path set to
/home/opuser/.op/1password-credentials.jsonand the content to
Under networking, port
8080with HTTP protocol will automatically be detected and publicly exposed.
Under advanced, add a persistent volume with the name
dataand container mount path
Once we have our 1Password Connect server set up, we can test it with the following API call which will list the vaults. The Connect API reference will provide all the API request details.
OP_ACCESS_TOKEN that you saved earlier alongside the Credentials File. Otherwise, if the token has expired, you can create a new one via the Secret Automation page.
-H "Accept: application/json" \
-H "Authorization: Bearer $OP_ACCESS_TOKEN" \
If you encounter any issues while following this guide we're happy to assist you with your Wiki.js deployment at email@example.com. At Northflank we also have dedicated support plans for business customers.
Northflank allows you to deploy your code and databases within minutes. Sign up for a Northflank account and create a free project to get started.
- Connect with your preferred VCS: GitHub, GitLab or Bitbucket
- Deployment of Docker containers
- Scale vertically and horizontally with multiple replicas per service
- Observe & monitor with real-time metrics & logs
- Low latency and high performance
- Multiple read and write replicas
Use a GitHub Action to deploy to Northflank
GitHub Actions makes it easy to automate all your build, test, and deployment workflows. In this guide, we will show you how to deploy an image to Northflank with Github Actions using the Deploy to Northflank action.
21st September 2022 • Thomas Smyth