Skip to main content
npm install -g @c6o/cordon
This installs the cordon binary globally. Platform-specific binaries are bundled for:
  • macOS ARM64 (Apple Silicon)
  • macOS x64 (Intel)
  • Linux x64
  • Linux ARM64
Requires Node.js 18 or later.

Verify installation

cordon --version

Prerequisites

Cordon needs a secret source to fetch credentials from. You’ll need at least one of:
Install the 1Password CLI (op) and sign in:
# Install (macOS)
brew install --cask 1password-cli

# Sign in
op signin
The op CLI must be authenticated before starting cordon.
Cordon uses the operating system’s built-in credential store:
  • macOS: Keychain Access — no additional setup needed.
  • Linux: Secret Service API (via D-Bus), typically provided by GNOME Keyring or KDE Wallet. Requires a desktop session.
On Linux, ensure a Secret Service provider is installed:
sudo apt install gnome-keyring   # Debian/Ubuntu
After installing, log out and log back in so the keyring daemon starts and creates a default “login” collection.
The OS keyring requires a desktop session with D-Bus. It does not work in containers, CI, or headless servers — use 1Password in those environments.
Store credentials with the cordon secret set command (see Secret Sources).