This will be done with done with he Linux variety and requires shell access, the requirement here to create some vaults and groups in preparation for a migration from the USA to the EU.
Get the 1Password CLI
First we need to get the 1password CLI which can be done with this command, if you get an error about permission then you can use the "su -" to get root access if you know that password.
sudo -s \
curl -sS https://downloads.1password.com/linux/keys/1password.asc | \
gpg --dearmor --output /usr/share/keyrings/1password-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/1password-archive-keyring.gpg] https://downloads.1password.com/linux/debian/$(dpkg --print-architecture) stable main" |
tee /etc/apt/sources.list.d/1password.list
mkdir -p /etc/debsig/policies/AC2D62742012EA22/
curl -sS https://downloads.1password.com/linux/debian/debsig/1password.pol | \
tee /etc/debsig/policies/AC2D62742012EA22/1password.pol
mkdir -p /usr/share/debsig/keyrings/AC2D62742012EA22
curl -sS https://downloads.1password.com/linux/keys/1password.asc | \
gpg --dearmor --output /usr/share/debsig/keyrings/AC2D62742012EA22/debsig.gpg
apt update && apt install 1password-cli
Check the install
Run this command to check the install:
op --version
That should return the current version like this:
Connect to Vault ServiceRun this command to attempt to get the vaults in your subscription:
op vault list
This will then tell you about the prerequisites and then ask if you would like to connect like this:
When you enter "y" to this option you then need to sign in as you normally would, which will require your website, e-mail, secret, key, password and MFA code as you can see below:
If this is entered correctly you should then find the process will complete without errors, excellent let move on.
Login to 1Password CLI
Now you have connected you now need to sign in with those details for that use this command:
eval $(op signin)
You should now be logged into the vault if you then run this command:
op vault list
You should see your vaults just like this:
Scripting the creation of Vaults
Now we need to script the creation the vaults we require for the move, so now we are connected we need a text file with a list of names of the vaults call that vaults.txt (this needs to contain the name of the vaults one per line)
Once you have vaults.txt then you need save that on the Linux server, then you need the script to import the Vaults from this file, where the script will read the file and then create the vaults as per the script.
I have called the script Vaults.sh and this is the script below:
#!/bin/bash
# Check if the vaults.txt file exists
if [[ ! -f vaults.txt ]]; then
echo "vaults.txt file not found!"
exit 1
fi
# Loop through each line in the vaults.txt file
while IFS= read -r vault_name; do
# Check if the vault name is not empty
if [[ -n "$vault_name" ]]; then
echo "Creating vault: $vault_name"
creation_output=$(op vault create "$vault_name" 2>&1)
creation_status=$?
# Output the command's result for debugging
echo "$creation_output"
# Check if the vault creation was successful
if [[ $creation_status -ne 0 ]]; then
echo "Failed to create vault: $vault_name"
else
echo "Successfully created vault: $vault_name"
fi
else
echo "Empty vault name encountered, skipping..."
fi
done < vaults.txt
You will need to make the script executable and readable so for that you will need to run this command:
chmod u+r+x Vaults.sh
Then from the shell you can run:
./Vaults.sh
That should then create your vaults as per the vaults.txt file.
You have now created all your vaults, lets move on to the groups.
Scripting the creation of Groups
Now we need to script the creation the groups we require for the move, so now we are connected we need a text file with a list of names of the groups call that groups.txt (this needs to contain the name of the vaults one per line)
Once you have vaults.txt then you need save that on the Linux server, then you need the script to import the groups from this file, where the script will read the file and then create the groups as per the script.
I have called the script Groups.sh and this is the script below:
#!/bin/bash
# Check if the groups.txt file exists
if [[ ! -f groups.txt ]]; then
echo "groups.txt file not found!"
exit 1
fi
# Loop through each line in the groups.txt file
while IFS= read -r group_name; do
# Check if the group name is not empty
if [[ -n "$group_name" ]]; then
echo "Creating group: $group_name"
creation_output=$(op group create "$group_name" 2>&1)
creation_status=$?
# Output the command's result for debugging
echo "$creation_output"
# Check if the group creation was successful
if [[ $creation_status -ne 0 ]]; then
echo "Failed to create group: $group_name"
else
echo "Successfully created group: $group_name"
fi
else
echo "Empty group name encountered, skipping..."
fi
done < groups.txt
You will need to make the script executable and readable so for that you will need to run this command:
chmod u+r+x Groups.sh
Then from the shell you can run:
./Groups.sh
That should then create your vaults as per the vaults.txt file.
You have now created all the groups as well.
