diff options
| author | Franck Cuny <franck@fcuny.net> | 2025-12-31 09:07:55 -0800 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2025-12-31 09:07:55 -0800 |
| commit | bfe5d131ad504bff8af2f4ca972a80cf725b71f8 (patch) | |
| tree | 053b9033f36e523af44d8f8888334710eccecb4b /home/profiles/work.nix | |
| parent | there's no need to have this in a separate file (diff) | |
| download | infra-bfe5d131ad504bff8af2f4ca972a80cf725b71f8.tar.gz | |
remove unnecessary profiles
Diffstat (limited to '')
| -rw-r--r-- | home/profiles/work.nix | 95 |
1 files changed, 0 insertions, 95 deletions
diff --git a/home/profiles/work.nix b/home/profiles/work.nix deleted file mode 100644 index 7b9e138..0000000 --- a/home/profiles/work.nix +++ /dev/null @@ -1,95 +0,0 @@ -{ lib, pkgs, ... }: -{ - imports = [ - ../programs/dev/k8s.nix - ../programs/dev/k9s.nix - ../programs/dev/kubie.nix - ../programs/security/hashi.nix - ../programs/security/sapi.nix - ]; - - home.packages = with pkgs; [ - awscli2 - boundary # for secure remote access - grpcurl - tfswitch - vault - ]; - - programs.onepassword.sshKeys = lib.mkAfter [ - { - account = "roblox.1password.com"; - vault = "Private"; - } - ]; - - programs.fish = { - shellAbbrs = - let - environments = [ - { - name = "chi1"; - alias = "chi1"; - jumpHost = "chi1-jumpcontainer-es"; - } - { - name = "ash1"; - alias = "ash1"; - jumpHost = "chi1-jumpcontainer-es"; - } - { - name = "sitetest3"; - alias = "st3"; - jumpHost = "st3-jumpcontainer-es"; - } - { - name = "sitetest2-snc2"; - alias = "st2-snc2"; - jumpHost = "st2-snc2-jumpcontainer-es"; - } - ]; - - # Generate all environment-specific aliases - envAliases = builtins.listToAttrs ( - builtins.concatMap (env: [ - { - name = "ssh-sign-${env.alias}"; - value = "${pkgs.hashi}/bin/hashi -e ${env.name} sign --output-path=${config.home.homeDirectory}/.ssh/${env.alias}-cert.pub --key=(${pkgs._1password-cli}/bin/op read 'op://employee/default rbx ssh key/public key'|psub) key"; - } - { - name = "hashi-${env.alias}"; - value = "${pkgs.hashi}/bin/hashi -e ${env.name} show v"; - } - { - name = "ssh-${env.alias}"; - value = "${pkgs.kitty}/bin/kitten ssh -o StrictHostKeyChecking=no -J ${env.jumpHost} -o 'CertificateFile=~/.ssh/${env.alias}-cert.pub'"; - } - ]) environments - ); - in - envAliases; - }; - - programs.ssh.matchBlocks = { - "github.rbx.com" = { - hostname = "github.rbx.com"; - user = "git"; - forwardAgent = false; - extraOptions = { - preferredAuthentications = "publickey"; - controlMaster = "no"; - controlPath = "none"; - }; - }; - }; - - programs.git = { - extraConfig = { - url = { - "ssh://git@github.rbx.com/" = { - insteadOf = "https://github.rbx.com/"; - }; - }; - }; - }; -} |