3 files changed, 48 insertions, 108 deletions

diff --git a/home/profiles/personal.nix b/home/profiles/personal.nix
deleted file mode 100644
index 1ac8613..0000000
--- a/home/profiles/personal.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ ... }:
-{
-  imports = [
-    ../programs/backups/restic.nix
-    ../programs/media/mpv.nix
-    ../programs/media/videos.nix
-    ../programs/media/yt-dlp.nix
-    ../programs/messengers/matrix.nix
-    ../programs/security/age.nix
-    ../programs/security/yubikey.nix
-  ];
-}
diff --git a/home/profiles/work.nix b/home/profiles/work.nix
deleted file mode 100644
index 7b9e138..0000000
--- a/home/profiles/work.nix
+++ /dev/null
@@ -1,95 +0,0 @@
-{ lib, pkgs, ... }:
-{
-  imports = [
-    ../programs/dev/k8s.nix
-    ../programs/dev/k9s.nix
-    ../programs/dev/kubie.nix
-    ../programs/security/hashi.nix
-    ../programs/security/sapi.nix
-  ];
-
-  home.packages = with pkgs; [
-    awscli2
-    boundary # for secure remote access
-    grpcurl
-    tfswitch
-    vault
-  ];
-
-  programs.onepassword.sshKeys = lib.mkAfter [
-    {
-      account = "roblox.1password.com";
-      vault = "Private";
-    }
-  ];
-
-  programs.fish = {
-    shellAbbrs =
-      let
-        environments = [
-          {
-            name = "chi1";
-            alias = "chi1";
-            jumpHost = "chi1-jumpcontainer-es";
-          }
-          {
-            name = "ash1";
-            alias = "ash1";
-            jumpHost = "chi1-jumpcontainer-es";
-          }
-          {
-            name = "sitetest3";
-            alias = "st3";
-            jumpHost = "st3-jumpcontainer-es";
-          }
-          {
-            name = "sitetest2-snc2";
-            alias = "st2-snc2";
-            jumpHost = "st2-snc2-jumpcontainer-es";
-          }
-        ];
-
-        # Generate all environment-specific aliases
-        envAliases = builtins.listToAttrs (
-          builtins.concatMap (env: [
-            {
-              name = "ssh-sign-${env.alias}";
-              value = "${pkgs.hashi}/bin/hashi -e ${env.name} sign --output-path=${config.home.homeDirectory}/.ssh/${env.alias}-cert.pub --key=(${pkgs._1password-cli}/bin/op read 'op://employee/default rbx ssh key/public key'|psub) key";
-            }
-            {
-              name = "hashi-${env.alias}";
-              value = "${pkgs.hashi}/bin/hashi -e ${env.name} show v";
-            }
-            {
-              name = "ssh-${env.alias}";
-              value = "${pkgs.kitty}/bin/kitten ssh -o StrictHostKeyChecking=no -J ${env.jumpHost} -o 'CertificateFile=~/.ssh/${env.alias}-cert.pub'";
-            }
-          ]) environments
-        );
-      in
-      envAliases;
-  };
-
-  programs.ssh.matchBlocks = {
-    "github.rbx.com" = {
-      hostname = "github.rbx.com";
-      user = "git";
-      forwardAgent = false;
-      extraOptions = {
-        preferredAuthentications = "publickey";
-        controlMaster = "no";
-        controlPath = "none";
-      };
-    };
-  };
-
-  programs.git = {
-    extraConfig = {
-      url = {
-        "ssh://git@github.rbx.com/" = {
-          insteadOf = "https://github.rbx.com/";
-        };
-      };
-    };
-  };
-}
diff --git a/home/programs/security/hashi.nix b/home/programs/security/hashi.nix
index c24845e..424c7b3 100644
--- a/home/programs/security/hashi.nix
+++ b/home/programs/security/hashi.nix
@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
 let
   nomad-prod = pkgs.writeShellScriptBin "nomad-prod" ''
     set -e
@@ -51,4 +51,51 @@ in
     nomad-prod
     hashi
   ];
+
+  programs.fish = {
+    shellAbbrs =
+      let
+        environments = [
+          {
+            name = "chi1";
+            alias = "chi1";
+            jumpHost = "chi1-jumpcontainer-es";
+          }
+          {
+            name = "ash1";
+            alias = "ash1";
+            jumpHost = "chi1-jumpcontainer-es";
+          }
+          {
+            name = "sitetest3";
+            alias = "st3";
+            jumpHost = "st3-jumpcontainer-es";
+          }
+          {
+            name = "sitetest2-snc2";
+            alias = "st2-snc2";
+            jumpHost = "st2-snc2-jumpcontainer-es";
+          }
+        ];
+
+        # Generate all environment-specific aliases
+        envAliases = builtins.listToAttrs (
+          builtins.concatMap (env: [
+            {
+              name = "ssh-sign-${env.alias}";
+              value = "${pkgs.hashi}/bin/hashi -e ${env.name} sign --output-path=${config.home.homeDirectory}/.ssh/${env.alias}-cert.pub --key=(${pkgs._1password-cli}/bin/op read 'op://employee/default rbx ssh key/public key'|psub) key";
+            }
+            {
+              name = "hashi-${env.alias}";
+              value = "${pkgs.hashi}/bin/hashi -e ${env.name} show v";
+            }
+            {
+              name = "ssh-${env.alias}";
+              value = "${pkgs.kitty}/bin/kitten ssh -o StrictHostKeyChecking=no -J ${env.jumpHost} -o 'CertificateFile=~/.ssh/${env.alias}-cert.pub'";
+            }
+          ]) environments
+        );
+      in
+      envAliases;
+  };
 }