gitwarden-agent is a Linux user management daemon, used for communicating with the GitWarden registry and syncing Github team changes to the local system.
You can find more information regarding the GitWarden service here.
The easiest method for installing the agent is to run the following command from any instance that you need bootstrapped:
curl -sL https://archives.gitwarden.com/install.sh | \ KEY=MYAPIKEYID \ SECRET=MYAPISECRET \ TEAMS="Employees,Contractors" \ ADMIN_TEAMS="System Admins,Support" \ sudo -E bash -
Be sure to either include the necessary environment variables as referenced in the command above, or expose them via the environment to ensure the agent is properly configured. The required variables are:
KEYis the API key for your Github organization. This can be obtained through the GitWarden dashboard once your organization is added.
SECRETis the API secret for the corresponding API key above. This is also obtainable through the GitWarden dashboard.
TEAMSis a comma-delimited string of Github team names, where the members of each team should have accounts created for them on the local system.
An optional variable is:
ADMIN_TEAMSis a comma-delimited string of Github team names that should have administrative (
sudo) access on the local system. Similar to
TEAMSabove, members of the
ADMIN_TEAMSteams will have user accounts created for them on the local system with
install.sh script is the same script located under the
scripts/ directory, and is synced on a nightly basis. We recommend reviewing the script prior to running it.
The following Linux distributions are supported (with more on the way):
- Ubuntu - precise, trusty, wheezy, xenial, yakkety, zesty
- Debian - squeeze, jessie
- CentOS - 6, 7
- RedHat EL - 6, 7
- Amazon Linux - 2017.03, 2016.09, 2016.03, 2015.09, 2015.03
As an alternative to the scripted installation above, you can also configure your package manager to use the GitWarden package repository using the examples below.
Write the contents below to the file
[gitwarden] name=GitWarden Package Repository baseurl=https://archives.gitwarden.com/rpm enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://archives.gitwarden.com/gitwarden.key
Or copy and paste the command:
cat <<EOF | sudo tee /etc/yum.repos.d/gitwarden.repo [gitwarden] name=GitWarden Package Repository baseurl=https://archives.gitwarden.com/rpm enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://archives.gitwarden.com/gitwarden.key EOF
Once the repository is configured, install the agent with the command:
sudo yum install gitwarden-agent -y
Run the commands below:
curl -sL https://archives.gitwarden.com/gitwarden.key | sudo apt-key add - echo "deb https://archives.gitwarden.com/deb squeeze main" | sudo tee /etc/apt/sources.list.d/gitwarden.list
squeeze in the second command above can be replaced with your current distribution codename (precise, jessie, etc), however they are interchangeable. Once the commands above have been run successfully, you can install the agent with the command:
sudo apt-get update && sudo apt-get install gitwarden-agent -y
If you used the script installation referenced above, then you do not need to perform any further configuration changes. If you installed the agent manually using the package repository, you will need to provide you API key and secret to the agent so that it can register properly the first time.
To set your API key, add the following entry to the configuration located at
In addition to the
api_key setting, you will also want to set which teams should have access to the instance. This makes the final configuration look something like:
api_key: YOURAPIKEYHERE teams: - People admin_teams: - Admin People
And then register the agent with the command:
GITWARDEN_SECRET="YOURSECRETHERE" sudo gitwarden-agent register
Once registered, you will want to make sure the service is running:
# sysv systems (and some systemd systems) sudo service gitwarden-agent restart # systemd systems sudo systemctl restart gitwarden-agent
If any issues are encountered with the agent, it would be great if you could provide us with any logs or messages. On non-systemd systems, logs are located at
/var/log/gitwarden-agent.log. On systemd systems, logs can be located with the command
sudo journalctl -u gitwarden-agent.
If the error continues to occur but the logs aren't useful, you may need to enable debug logging. This can be done by setting the
log_level configuration option to
DEBUG. For example, adding this to your configuration:
For questions or problems, please either open a Github issue against this repository or send an email to firstname.lastname@example.org.