/rofi-op

1Password `op` with rofi. Alternative of `rofi-1password`

Primary LanguageShellMIT LicenseMIT

rofi 1password

Attempt of re-implementing an older version of rofi-1password with more recent op features.

Note: I think you probably just want to use 1password --quick-access instead, op even with socket integration will only work with internet connection present. 1Password GUI + 1password --quick-access also works offline.

Features

  • Storing 1Password session encrypted
  • Login/Relogin to session via GUI only / pinentry-rofi
  • List of all vaults with Name/<Field> syntax - which makes it feel more like password-store
  • Sourcing of the script, to allow op authentication sharing session used by rofi
  • Clearing and restoring clipboard (bug if you copy/paste too many instances at once it will ultimately restore from another secret)

Requirements

  • wl-{copy,paste} only (so swaywm)
  • libsecret's secret-tool for storing the 1Password session securely
  • pinentry-rofi
  • libnotify's notify-send
  • jq
  • sed
  • rofi
  • Bash
  • 1Password for notify-send 1Password Icon.

Assumptions

  • You can't get 1Password socket with PAM to work
  • You don't want 1Password daemon to run or depend on 1Password desktop alltogether

zshrc example

You can use this script in your .zshrc to call op without having to store/login session key in your shell.

# () instead of {} in order to avoid leaking global variables within the function
op() (
    # avoid/override op itself
    unset -f op
    # Make sure `rofi-op` is accessible in your path
    source "$(which rofi-op)"
    export_secrets
    op "${@}"
)