diff options
Diffstat (limited to 'home/programs')
| -rw-r--r-- | home/programs/security/hashi.nix | 49 |
1 files changed, 48 insertions, 1 deletions
diff --git a/home/programs/security/hashi.nix b/home/programs/security/hashi.nix index c24845e..424c7b3 100644 --- a/home/programs/security/hashi.nix +++ b/home/programs/security/hashi.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ config, pkgs, ... }: let nomad-prod = pkgs.writeShellScriptBin "nomad-prod" '' set -e @@ -51,4 +51,51 @@ in nomad-prod hashi ]; + + programs.fish = { + shellAbbrs = + let + environments = [ + { + name = "chi1"; + alias = "chi1"; + jumpHost = "chi1-jumpcontainer-es"; + } + { + name = "ash1"; + alias = "ash1"; + jumpHost = "chi1-jumpcontainer-es"; + } + { + name = "sitetest3"; + alias = "st3"; + jumpHost = "st3-jumpcontainer-es"; + } + { + name = "sitetest2-snc2"; + alias = "st2-snc2"; + jumpHost = "st2-snc2-jumpcontainer-es"; + } + ]; + + # Generate all environment-specific aliases + envAliases = builtins.listToAttrs ( + builtins.concatMap (env: [ + { + name = "ssh-sign-${env.alias}"; + value = "${pkgs.hashi}/bin/hashi -e ${env.name} sign --output-path=${config.home.homeDirectory}/.ssh/${env.alias}-cert.pub --key=(${pkgs._1password-cli}/bin/op read 'op://employee/default rbx ssh key/public key'|psub) key"; + } + { + name = "hashi-${env.alias}"; + value = "${pkgs.hashi}/bin/hashi -e ${env.name} show v"; + } + { + name = "ssh-${env.alias}"; + value = "${pkgs.kitty}/bin/kitten ssh -o StrictHostKeyChecking=no -J ${env.jumpHost} -o 'CertificateFile=~/.ssh/${env.alias}-cert.pub'"; + } + ]) environments + ); + in + envAliases; + }; } |