Is there a better way to install 1Password other than via rpm-ostree? Of course there is a Flatpak version but I need system integration to unlock it using my fingerprint reader (as far as I’m aware and have tried).
However, we have to modify the sysupdate file to point to the correct variant. In my case, I had to update it to Kinoite because I’m using Aurora (%o-%W-%w was expanding to aurora-aurora-dx-41 which is totally wrong), but the process should be similar for Bluefin:
Do these work when layered? I have 1Password layered but only the SSH agent works. Unlocking 1Password with system auth partially works. I have to unlock 1Password seperately when my desktop session starts but after that it works with system auth, I guess. But I was never able to make browser integration work.
I’m on Aurora/Framework 13 (12th gen Intel) and I used the instructions here and I find that system authentication and SSH agent work great with the desktop app. I do have to separately log in to the browser extensions, though. I assumed it was because the browsers are installed via flatpak.
I have followed your instructions to install 1Password GUI, thank you very much for this! Does this approach hinder OS updates happening in the background? I just started with Aurora-dx today, so I’m still unsure about how this behaves.
I wonder now though, what is the recommended approach to install 1Password CLI? Would it be then simply with homebrew? Because somehow the CLI installed from sysext cannot connect to the GUI.
I’ve realized that I can run 1Password inside a Fedora 41 container via distrobox. With this approach, I followed the official instructions from 1Password for Fedora. Once installed, the 1Password GUI and CLI can both be exported with distrobox-export --app 1password and distrobox-export --bin $(which op). Sadly, the 1Password browser extension installed in Firefox doesn’t connect to the 1Password GUI, but it does for Chromium, which I also installed in and exported from the same distrobox container as the 1Password GUI/CLI.
This approach seems to be quite robust, since it doesn’t involve any layering.
Is there any specific reason this does not work for Firefox? E.g. installing Firefox in the same distrobox container as the 1Password GUI / CLI (i currently use it Layered as Bryanweber recommended, however) having no layering involved sounds quite appealing to me.
I tried setting it up the distrobox way, using a Fedora 41 container, with no luck.
1Password installed successfully, and so did Chromium.
I was able to export everything successfully.
But…
1Password and Chromium crash as they are launching.
The exported 1password CLI also fails, though I can see why in that case:
➜ 1password
ERROR 2025-04-24T14:32:16.436+00:00 ThreadId(24) [1P:op-settings/src/store/json_store.rs:80] Os { code: 2, kind: NotFound, message: "No such file or directory" }
INFO 2025-04-24T14:32:16.436+00:00 ThreadId(24) [1P:op-settings/src/store/json_store.rs:104] Settings file "/home/<redacted-username>/.config/1Password/settings/settings.json" missing, using defaults.
WARN 2025-04-24T14:32:16.437+00:00 ThreadId(24) [1P:foundation/op-startup/src/linux.rs:20] Yama is absent or ptrace_scope is set to 0.
INFO 2025-04-24T14:32:16.437+00:00 ThreadId(24) [client:typescript] Client starting.
Authorization required, but no authorization protocol specified
[1788:0424/143216.438543:ERROR:ozone_platform_x11.cc(246)] Missing X server or $DISPLAY
[1788:0424/143216.438572:ERROR:env.cc(257)] The platform failed to initialize. Exiting.
Segmentation fault
Of note: the /home/<redacted-username> bit wasn’t me trying to protect my username’s real username… it actually said that in the output.
I recently setup my own custom version of Aurora using Blue Build partly because I wanted Bitwarden installed at the OS-level rather than through Flatpak, Distrobox, or layering. It was pretty easy, and should be similar for 1Password.
Side note: Bitwarden ships RPMs through GitHub rather than a repository, which is annoying, but was fairly easy to manage by querying GitHub for the latest releases to find the most recent RPM. Here’s how I did that: download-bitwarden.sh. I’m planning to package this and the other pieces as a Blue Build module for other people to use.
It looks like 1Password provides a proper RPM repository, so that’s easy to add via Blue Build’s rpm-ostree module.
I’d be happy to write more about the process if you might be interested in going down that route. Blue Build is really nice, as their template even sets up GitHub actions to rebuild your distro daily to ensure it’s always up to date from upstream (which can be Bluefin, Aurora, Bazzite, etc.).
Please do write up more. I am currently on aurora-dx-hwe:latest, and this is the first time I’ve heard of Blue Build. Having my own custom distro sounds sort of nice, though if someone else has a Blue Build with 1Password, I might be happy to use theirs…
I took inspiration from you @jpl and created my own spin. I copied your NordVPN stuff, and tried to add 1Password. The image builds, and I am now running it, but I get an error when I try to launch 1Password:
Could not find the program '/opt/1Password/1password'
As @Holistic_Iguana mentioned, you probably need the optfix option. It might be as simple as what I did for Bitwarden, which you can see here. I think under the hood it just moves something from /opt to /var/opt, or something similar.