Skip to content
/ gitwarden-agent Public

[DEPRECATED] Linux user management agent, used for communicating with the GitWarden registry (https://gitwarden.com)

License

Apache-2.0 license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rossmcdonald/gitwarden-agent

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
cmd/gitwarden-agent
cmd/gitwarden-agent
 
 
etc
etc
 
 
scripts
scripts
 
 
vendor
vendor
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
Dockerfile.build
Dockerfile.build
 
 
Gopkg.lock
Gopkg.lock
 
 
Gopkg.toml
Gopkg.toml
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
Vagrantfile
Vagrantfile
 
 
install.sh
install.sh
 
 

Repository files navigation

gitwarden-agent

The gitwarden-agent is a Linux user management daemon, used for communicating with the GitWarden registry and syncing Github team changes to the local system.

You can find more information regarding the GitWarden service here.

Installation

The easiest method for installing the agent is to run the following command from any instance that you need bootstrapped:

curl -sL https://archives.gitwarden.com/install.sh | \
  KEY=MYAPIKEYID \
  SECRET=MYAPISECRET \
  TEAMS="Employees,Contractors" \
  ADMIN_TEAMS="System Admins,Support" \
  sudo -E bash -

Be sure to either include the necessary environment variables as referenced in the command above, or expose them via the environment to ensure the agent is properly configured. The required variables are:

  • KEY is the API key for your Github organization. This can be obtained through the GitWarden dashboard once your organization is added.

  • SECRET is the API secret for the corresponding API key above. This is also obtainable through the GitWarden dashboard.

  • TEAMS is a comma-delimited string of Github team names, where the members of each team should have accounts created for them on the local system.

An optional variable is:

  • ADMIN_TEAMS is a comma-delimited string of Github team names that should have administrative (sudo) access on the local system. Similar to TEAMS above, members of the ADMIN_TEAMS teams will have user accounts created for them on the local system with sudo access.

The install.sh script is the same script located under the scripts/ directory, and is synced on a nightly basis. We recommend reviewing the script prior to running it.

Supported Distributions

The following Linux distributions are supported (with more on the way):

  • Ubuntu - precise, trusty, wheezy, xenial, yakkety, zesty
  • Debian - squeeze, jessie
  • CentOS - 6, 7
  • RedHat EL - 6, 7
  • Amazon Linux - 2017.03, 2016.09, 2016.03, 2015.09, 2015.03

Package Repository

As an alternative to the scripted installation above, you can also configure your package manager to use the GitWarden package repository using the examples below.

yum/dnf

Write the contents below to the file /etc/yum.repos.d/gitwarden.repo:

[gitwarden]
name=GitWarden Package Repository
baseurl=https://archives.gitwarden.com/rpm
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://archives.gitwarden.com/gitwarden.key

Or copy and paste the command:

cat <<EOF | sudo tee /etc/yum.repos.d/gitwarden.repo
[gitwarden]
name=GitWarden Package Repository
baseurl=https://archives.gitwarden.com/rpm
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://archives.gitwarden.com/gitwarden.key
EOF

Once the repository is configured, install the agent with the command:

sudo yum install gitwarden-agent -y
apt

Run the commands below:

curl -sL https://archives.gitwarden.com/gitwarden.key | sudo apt-key add -
echo "deb https://archives.gitwarden.com/deb squeeze main" | sudo tee /etc/apt/sources.list.d/gitwarden.list

The squeeze in the second command above can be replaced with your current distribution codename (precise, jessie, etc), however they are interchangeable. Once the commands above have been run successfully, you can install the agent with the command:

sudo apt-get update && sudo apt-get install gitwarden-agent -y

Configuring

If you used the script installation referenced above, then you do not need to perform any further configuration changes. If you installed the agent manually using the package repository, you will need to provide you API key and secret to the agent so that it can register properly the first time.

To set your API key, add the following entry to the configuration located at /etc/gitwarden/gitwarden.yml:

api_key: YOURAPIKEYHERE

In addition to the api_key setting, you will also want to set which teams should have access to the instance. This makes the final configuration look something like:

api_key: YOURAPIKEYHERE
teams:
  - People
admin_teams:
  - Admin People

And then register the agent with the command:

GITWARDEN_SECRET="YOURSECRETHERE" sudo gitwarden-agent register

Once registered, you will want to make sure the service is running:

# sysv systems (and some systemd systems)
sudo service gitwarden-agent restart

# systemd systems
sudo systemctl restart gitwarden-agent

Troubleshooting

If any issues are encountered with the agent, it would be great if you could provide us with any logs or messages. On non-systemd systems, logs are located at /var/log/gitwarden-agent.log. On systemd systems, logs can be located with the command sudo journalctl -u gitwarden-agent.

Debug Logging

If the error continues to occur but the logs aren't useful, you may need to enable debug logging. This can be done by setting the log_level configuration option to DEBUG. For example, adding this to your configuration:

log_level: DEBUG

Issues?

For questions or problems, please either open a Github issue against this repository or send an email to support@gitwarden.com.

About

[DEPRECATED] Linux user management agent, used for communicating with the GitWarden registry (https://gitwarden.com)

Topics

linux golang security user-management

Resources

Readme

License

Apache-2.0 license
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

7 tags

Packages

No packages published

Languages