Need details about syncing, can't find any docs on this

I have been a happy user of 1p4-6 for many years, and got many friends and family on it. I am now trying to move my family into 1p7 for families, and I have problems and questions. A lot of this is because some syncing is with people who are on 1p6 and can't/won't yet upgrade.

In 1p6, I had a local vault that was set up to sync via dropbox, via the sync preferences. The dropbox path was (for example) ~/Dropbox/1p/1Password.opvault. This configuration survived the upgrade to 1p7. (Yes, I understand that you want my stuff in your cloud, and that will happen, but I also need to continue to have local and synced vaults.)

Questions, part 1: Is the true local source of data for that vault somewhere in /Users/alexis/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library? (Looks like it's a SQLite file, assuming I'm looking at the right thing.) When I add or change an item, does that happen in that {...}/Library subtree first, then get synced into the .opvault file on Dropbox? Or, conversely, is the .opvault on dropbox the source of truth? If the .opvault on dropbox were deleted, would 1p7 still see all my items because they exist in {...}/Library? Would such a local copy be deleted as soon as the dropbox .opvault deletion was noticed?

I ask all this because I'm trying to understand where my data really lives when syncing is happening.

Moving on... I also had another vault, called "4as". Just like the vault I mentioned above, it was synced over dropbox with other Macs. Unlike my other vault, this one was originally created on another device, and then I added it to 1p6.

Questions, part 2: It was never entirely clear to me how 1p6 was handling this - was the file ~/Dropbox/4as/1p/4as.opvault the only source of truth for the items in that file? Or did 1p6 make a local copy somewhere in {...}/Library (maybe in that SQLite file), write to that, and then sync back to ~/Dropbox/4as/1p/4as.opvault?

After upgrading to 1p7, this 4as vault is no longer configured to sync in sync prefs. That is, in the sync prefs, it's listed as syncing with nothing. By checking file mod times after adding a test item, it looks like items in this vault are in fact saved in {...}/Library, not anywhere in dropbox. So, I should be able to simply use the sync prefs panel to tell 1p7 to sync that vault with ~/Dropbox/4as/1p/4as.opvault, and everything will be good. Except... when I do that, it asks me to choose the right dropbox folder, and when I do that... it says:
1Password will create a copy of your information on Dropbox. It should become available on other devices in a few minutes.
Followed by two buttons, "Cancel" and "Create new".
Of course, I cancelled, as "Create new" suggests it will overwrite everything there.

Questions, part 3: Is it safe to "Create new"? Will doing so overwrite the .opvault that's already there? Or will it discover the .opvault and sync with it?

Thanks for answering this complicated multi-question. (You can assume I have pretty comprehensive knowledge of Unix, MacOS, and security, if it will help you write a shorter reply.)


1Password Version: 7.8.1 and 6.x
Extension Version: Not Provided
OS Version: 10.13.6
Sync Type: multiple

Comments

  • ag_anaag_ana

    Team Member

    Hi @alexisrosen!

    Questions, part 1: Is the true local source of data for that vault somewhere in /Users/alexis/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library? (Looks like it's a SQLite file, assuming I'm looking at the right thing.) When I add or change an item, does that happen in that {...}/Library subtree first, then get synced into the .opvault file on Dropbox? Or, conversely, is the .opvault on dropbox the source of truth? If the .opvault on dropbox were deleted, would 1p7 still see all my items because they exist in {...}/Library? Would such a local copy be deleted as soon as the dropbox .opvault deletion was noticed?

    Items are stored locally first (so you can use 1Password when you are offline too), so if you delete your .opvault file, it just removes it from Dropbox, but your data will remain available in your local vault in the 1Password app.

    Questions, part 2: It was never entirely clear to me how 1p6 was handling this - was the file ~/Dropbox/4as/1p/4as.opvault the only source of truth for the items in that file? Or did 1p6 make a local copy somewhere in {...}/Library (maybe in that SQLite file), write to that, and then sync back to ~/Dropbox/4as/1p/4as.opvault?

    Similar to the previous question. I don't think the original is the .opvault file in Dropbox, because otherwise you would not be able to use 1Password at all if Dropbox wasn't available.

    Questions, part 3: Is it safe to "Create new"? Will doing so overwrite the .opvault that's already there? Or will it discover the .opvault and sync with it?

    Does your "4as" vault locally already include items that are also in your Dropbox vault already? I wonder if what you are seeing is really because 1Password is realizing that you don't just have to sync this vault from scratch, but you would need to merge information too.

    "Create New" also suggests to me that 1Password will create a new vault. I would personally make a backup of your vault in Dropbox, so you can restore it quickly if required.

  • @ag_ana , thanks for the reply.

    Similar to the previous question. I don't think the original is the .opvault file in Dropbox, because otherwise you would not be able to use 1Password at all if Dropbox wasn't available.

    You don't think, or you know it's not? I don't think reasoning about this is sufficient. I need to know.

    In any case, if Dropbox is unavailable, the local cache of Dropbox files will still exist, so it's not true you wouldn't be able to use 1p.

    Questions, part 3: Is it safe to "Create new"? Will doing so overwrite the .opvault that's already there? Or will it discover the .opvault and sync with it?

    Does your "4as" vault locally already include items that are also in your Dropbox vault already? I wonder if what you are seeing is really because 1Password is realizing that you don't just have to sync this vault from scratch, but you would need to merge information too.

    Your question assumes I already know the answer. You say "your '4as' vault locally". But what is that? Is it the .opvault in Dropbox? Is it inside the SQLite file in the Library?

    Put another way, I still need to know this: Does 1p ever present me with items that are in a .opvault file only, or is everything copied into the SQLite file (or some other place) for local access?

    "Create New" also suggests to me that 1Password will create a new vault. I would personally make a backup of your vault in Dropbox, so you can restore it quickly if required.

    Yeah that much is clear. But I think it's a real problem that this isn't documented. I can, just barely, get away with annoying my family if I screw this up and have to recover things. I would hate to be the guy using Teams who has to figure this out and fix it if it breaks.

    Also, it's not clear to me what "restoring" looks like. Does it consist of simply moving a .opvault back into place? Will 1password always notice this and do the right thing?

  • ag_anaag_ana

    Team Member

    No worries @alexisrosen, I have sent all your question to the developers so they can get all the technical details that you need. They will reply to you as soon as they can :+1:

  • ag_kevinag_kevin Junior Member

    Team Member

    Hi @alexisrosen ,

    I believe I can answer your questions.

    1. The source of truth is your local sqlite database that you mentioned. Your data is read from there, any changes are written there. A sync process within 1Password watches for changes to that database an writes them to the opvault file afterwards. And yes, if you removed the opvault file, 1Password could still read and write your data.

    2. Your sqlite database can store many vaults, but for syncing, it writes to a separate opvault file for each vault. When you were syncing multiple vaults (e.g. your 4as vault), it did add the data to your sqlite database.

    3. So, you mentioned it's not syncing again. To do this, you can go to the Sync preferences and configure it to sync, and point it to that opvault file. If you select the opvault file, your options should be "Cancel" and "Merge with Existing". Note that if you select the containing folder and not the file itself, it might say "Create New". I suggest trying that again and make sure to select the opvault file itself. Note that you can always make a copy of that opvault file if you are concerned about overwriting changes.

    I hope that helps.

    Cheers,
    Kevin

  • @ag_kevin Thanks very much, that was extremely useful. #1 and #2 answered many questions between them.

    For #3, again thanks, I was indeed picking the enclosing folder, not the opvault itself. But why did I make that mistake? Please take this as a bug report: When you go to the sync panel, select a vault, and choose dropbox from the menu of sync options, it drops down a windowpane that has a "choose..." button to let you pick what to sync with. But to the left of that button, there is guidance that reads "Click here to find the dropbox folder...". That is clearly wrong, in the case where you are syncing with an existing file, but it explains my confusion about choosing the enclosing folder rather than the file itself. I think you need to distinguish between the case where a user is creating a new sync opvault, versus the cases where they are using an existing opvault, at least in the explanatory text.

  • ag_kevinag_kevin Junior Member

    Team Member

    Thanks for letting us know! I'll pass your note about distinguishing between create, re-setup along.

    Cheers,
    Kevin

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file