I am trying to deploy a connect server on Azure and keep getting the log message {"log_message":"(E) Server: (unable to get credentials and initialize API, retrying in 30s), Wrapped: (failed to FindCredentialsUniqueKey), Wrapped: (failed to loadCredentialsFile), Wrapped: (LoadLocalAuthV2 failed to credentialsDataFromDisk), open /home/opuser/.op/1password-credentials.json: no such file or directory","timestamp":"2021-12-03T16:43:37.100099966Z","level":1} I have tried using file storage (blob and file) which only works at a directory level and then I get a "this is a directory not a file " error. I have tried various full paths on the server and nothing seems to work. The error seems to being able to correctly point to the credentials file in the docker-compose.yaml please help 1Password Version: Not Provided Extension Version: Not Provided OS Version: Not Provided Referrer: forum-search:azure

Hey @bretthenning - Sorry to hear this is causing trouble for you. Could you elaborate on what you're using for the file storage? Are you talking about mounting Azure Storage as the volume that contains your 1Password-credentials.json file? If you don't feel comfortable disclosing this in the forum, you can also reach out to our support team (support@1password.com) and we'll discuss it there

Hi @David_ag , Here is my docker compose: version: "3.4" services: op-connect-api: image: 1password/connect-api:latest ports: - "8080:8080" volumes: - "D:/home/site/wwwroot/1password-credentials.json:/home/opuser/.op/1password-credentials.json" - "data:/home/opuser/.op/data" op-connect-sync: image: 1password/connect-sync:latest ports: - "8081:8080" volumes: - "D:/home/site/wwwroot/1password-credentials.json:/home/opuser/.op/1password-credentials.json" - "data:/home/opuser/.op/data" volumes: data: I can get a heartbeat but when I try running anything with the bearer token I get the following message: { "status": 500, "message": "failed to initiate, review service logs for details" } The log states: {"log_message":"(E) Server: (unable to get credentials and initialize API, retrying in 30s), Wrapped: (failed to FindCredentialsUniqueKey), Wrapped: (failed to loadCredentialsFile), Wrapped: (LoadLocalAuthV2 failed to credentialsDataFromDisk), open /home/opuser/.op/1password-credentials.json: no such file or directory","timestamp":"2021-12-04T22:08:26.983980954Z","level":1} I see that the file is not being found. I have tried several variations but, as of yet, have had no successful. I have also tried using a storage mount on Azure but this is at a directory level and the returned error state: found directory not file. Any advice would be most appreciated.

Hi @bretthenning, Thank you for the extra info. The docker-compose.yml looks good at first glance. Maybe some extra info could help find out what the issue is. Running this can tell us whether the file is correctly mounted: docker run -v "D:/home/site/wwwroot/1password-credentials.json:/home/opuser/.op/1password-credentials.json" --entrypoint "" 1password/connect-api ls -al /home/opuser/.op/ Could you share the output of that command? Also, could you tell me which Azure service you are using to run this on? If it's Azure VM: which OS are you using? This could help me trying to reproduce this issue locally.

I am running a Web App for Containers. System info System up time: 2.19:44:13.6900000 OS version: Unix 5.4.0.1056 64 bit system: True 64 bit process: True Processor count: 1 CLR version: 3.1.20 Unfortunately, I am not sure where to run the command. SSH will not work for me. If you have any insights I would be grateful. Much access is denied behind the Azure services. The documentation states that you can use storage containers as a way to mount persistent data into docker instances but this is only allowed at a directory level. I don't seem to be able to make it work.

Hi, I wasn't able to get this working on Azure Web App for Containers and instead use a Linux VM. If this is useful to anyone else. I used the docker compose and then created a php api that sends curl requests to the localhost:8080 and returns the required data that way.

Deploy a 1Password Connect server on Azure

Former Member
3 years ago
We are working on improving the possibilities of using the 1Password CLI in these kinds of environments. As part of this, we are currently testing out a new service accounts feature in a small-scale private beta. If this is something you are interested in testing, you can sign up here.
Former Member
3 years ago
So, fun times discovering that using the Connect Server approach is quite manual in terms of giving access to vaults, creating a new access token each time, etc.
Any chance you've tried putting the CLI into an Azure Web App? :-)
Former Member
3 years ago
You are welcome! Good to hear it's working now. Let me know if you run into anything else.

Joris
Former Member
3 years ago
My own stuff-up with the access token there. Got it working, thank you!!!
Former Member
3 years ago
Correct - that was my custom domain in the URL. And thank you for doing a better job of obfuscating my screenshot. :-)

I removed the 8080, and at least this time got an invalid bearer token error - so that means I was at least able to speak to the web app, so that's progress!
Former Member
3 years ago

The command I'm issuing is: https://.azurewebsites.net:8080/v1/vaults

Looking at the screenshot, I am assuming that has your custom domain after https:// and before .azurewbesites?

Does Power Automate return any error? If so, what does it return?

Could you try the URL without :8080?

What happens if you visit the /health route in your web browser? E.g. https://my-connect.azurewebsites.net/health

PS. I've edited your screenshot to mask it a bit better. Because Connect tokens are JSON, even sharing them partially could be problematic. I recommend revoking the current token.
Former Member
3 years ago
Thanks @Joris_1P! The command I'm issuing is: https://.azurewebsites.net:8080/v1/vaults
I'm calling it from Power Automate, this is what the flow looks like (apologies for the lame obfuscation attempt, using the tools I had in the moment)
Former Member
3 years ago
Hey @loryans! I have to be honest that I do not specifically remember what steps I followed back then. However, since you're saying that the logs say that Connect is ready, I think you followed the steps just right steps, but it might be that some steps were missing at the end (the original question asker already had some things set up, so I skipped those steps).

Could you let me know what command you are running to connect to it and what the error is that you're getting? That might point us in the direction of what is going wrong.
Former Member
3 years ago
I've just come across this thread, and I'm unfortunately not a dev but I do have a decent head screwed on. :-)
@Joris_1P - can you please clarify, did you deploy a "Web App", or "Web App for Containers"? I couldn't tell from your post if your experimenting resulted in you using one or the other.
Also, the "op" folder - did you create that in the root of the storage of the app?
I deployed using just the "Web App", and according to the logs its ready to serve, but I can't seem to connect to it.
I used the docker compose from your example above.

Thanks
Former Member
4 years ago
On behalf of Joris, you are welcome @bretthenning! If you have any other questions, please feel free to reach out anytime.

Have a wonderful day :)

Forum Discussion

Deploy a 1Password Connect server on Azure

Recent Discussions

Revoked service accounts

my 1password cli can't connect the app

IP list for SCIM bridge?

Give preference to 1p ssh key defined in git config

1Password SSH Agent how to set specific ssh key