diff options
Diffstat (limited to 'nix')
| -rw-r--r-- | nix/profiles/home-manager.nix | 2 | ||||
| -rw-r--r-- | nix/users/modules/userinfo.nix | 15 | ||||
| -rw-r--r-- | nix/users/profiles/1password.nix | 41 | ||||
| -rw-r--r-- | nix/users/profiles/bat.nix | 10 | ||||
| -rw-r--r-- | nix/users/profiles/dev.nix | 52 | ||||
| -rw-r--r-- | nix/users/profiles/emacs.nix | 89 | ||||
| -rw-r--r-- | nix/users/profiles/fish.nix | 31 | ||||
| -rw-r--r-- | nix/users/profiles/git.nix | 134 | ||||
| -rw-r--r-- | nix/users/profiles/k8s.nix | 91 | ||||
| -rw-r--r-- | nix/users/profiles/llm.nix | 33 | ||||
| -rw-r--r-- | nix/users/profiles/mac.nix | 73 | ||||
| -rw-r--r-- | nix/users/profiles/media.nix | 8 | ||||
| -rw-r--r-- | nix/users/profiles/minimal.nix | 6 | ||||
| -rw-r--r-- | nix/users/profiles/nixos.nix | 24 | ||||
| -rw-r--r-- | nix/users/profiles/secrets.nix | 17 | ||||
| -rw-r--r-- | nix/users/profiles/ssh.nix | 43 | ||||
| -rw-r--r-- | nix/users/profiles/starship.nix | 40 | ||||
| -rw-r--r-- | nix/users/profiles/work.nix | 97 |
18 files changed, 1 insertions, 805 deletions
diff --git a/nix/profiles/home-manager.nix b/nix/profiles/home-manager.nix index 3939a69..3a81cce 100644 --- a/nix/profiles/home-manager.nix +++ b/nix/profiles/home-manager.nix @@ -23,7 +23,7 @@ home-manager.sharedModules = [ inputs.agenix.homeManagerModules.default - "${self}/nix/users/modules/userinfo.nix" + "${self}/users/modules/userinfo.nix" { nixpkgs.overlays = [ inputs.agenix.overlays.default diff --git a/nix/users/modules/userinfo.nix b/nix/users/modules/userinfo.nix deleted file mode 100644 index 46afc73..0000000 --- a/nix/users/modules/userinfo.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ lib, ... }: -{ - options = with lib; { - userinfo = { - fullName = mkOption { - type = types.str; - example = "Someone Someonesson"; - }; - email = mkOption { - type = types.str; - example = "some@email.com"; - }; - }; - }; -} diff --git a/nix/users/profiles/1password.nix b/nix/users/profiles/1password.nix deleted file mode 100644 index 63892c7..0000000 --- a/nix/users/profiles/1password.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ pkgs, config, ... }: -let - home = config.home.homeDirectory; - darwinSockPath = "${home}/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"; - sockPath = ".1password/agent.sock"; -in -{ - home.packages = with pkgs; [ - _1password-cli - ]; - - home.sessionVariables = { - SSH_AUTH_SOCK = "${home}/${sockPath}"; - }; - - home.file.sock = { - source = config.lib.file.mkOutOfStoreSymlink darwinSockPath; - target = sockPath; - }; - - programs.fish = { - interactiveShellInit = '' - op completion fish | source - ''; - }; - - programs.ssh = { - extraConfig = "IdentityAgent ~/${sockPath}"; - }; - - # Generate ssh agent config for 1Password - # I want both my personal and work keys - home.file.".config/1Password/ssh/agent.toml".text = '' - [[ssh-keys]] - account = "my.1password.com" - - [[ssh-keys]] - account = "roblox.1password.com" - vault = "Private" - ''; -} diff --git a/nix/users/profiles/bat.nix b/nix/users/profiles/bat.nix deleted file mode 100644 index fb27397..0000000 --- a/nix/users/profiles/bat.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ ... }: -{ - programs.bat = { - enable = true; - config = { - theme = "ansi"; - pager = "less -FR"; - }; - }; -} diff --git a/nix/users/profiles/dev.nix b/nix/users/profiles/dev.nix deleted file mode 100644 index 0c9a07c..0000000 --- a/nix/users/profiles/dev.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ - config, - pkgs, - ... -}: -{ - home.packages = - with pkgs; - [ - docker - docker-credential-helpers - dive # explore layers in docker images - wireshark - ] - ++ [ - llmPython.llm # llm and claude support - aider-chat - ] - ++ [ - delve - go-tools # collection of tools, https://github.com/dominikh/go-tools - golangci-lint - gopls - ] - ++ [ - nil # nix lsp - nix-direnv # integration with direnv - nixfmt-rfc-style # new formatter - ] - ++ [ - python3 - basedpyright - ruff - # ruff-lsp - uv - ]; - - programs.go = { - enable = true; - goPath = ".local/share/pkg.go"; - goBin = ".local/bin.go"; - goPrivate = [ - "github.rbx.com/*" - "github.com/fcuny/*" - ]; - }; - - home.sessionPath = [ - config.home.sessionVariables.GOBIN - "${config.home.homeDirectory}/.local/bin" - ]; -} diff --git a/nix/users/profiles/emacs.nix b/nix/users/profiles/emacs.nix deleted file mode 100644 index fcf1b8f..0000000 --- a/nix/users/profiles/emacs.nix +++ /dev/null @@ -1,89 +0,0 @@ -{ - configPath, - pkgs, - lib, - ... -}: -let - packages = - epkgs: with epkgs; [ - aidermacs # pair programming in Emacs with Aider - cape - consult - consult-denote - corfu - denote - denote-journal - denote-markdown - denote-org - denote-silo - denote-sequence - diminish - direnv - docker - docker-compose-mode - dockerfile-mode - exec-path-from-shell - git-link - go-mode - gotest - gptel # LLM client for Emacs - hcl-mode - jq-mode - json-mode - json-reformat - magit - marginalia - markdown-mode - nix-mode - orderless - protobuf-mode - rg - terraform-mode - toml-mode - tree-sitter - tree-sitter-langs - treesit-grammars.with-all-grammars - vertico - yaml-mode - yasnippet - yasnippet-capf - ]; - emacsFiles = [ - "early-init.el" - "init.el" - "site-lisp/init-base.el" - "site-lisp/init-completion.el" - "site-lisp/init-llm.el" - "site-lisp/init-programming.el" - "site-lisp/init-text.el" - "site-lisp/init-ui.el" - ]; - mkEmacsFile = file: { - ".config/emacs/${file}" = { - source = "${configPath}/emacs/${file}"; - }; - }; -in -{ - home.file = lib.mkMerge (map mkEmacsFile emacsFiles); - - programs.emacs = { - enable = true; - extraPackages = packages; - # FIXME: https://github.com/NixOS/nixpkgs/issues/395169 - package = pkgs.emacs.override { withNativeCompilation = false; }; - }; - - home.packages = with pkgs; [ - aspell - aspellDicts.en - aspellDicts.en-science - aspellDicts.en-computers - ]; - - home.sessionVariables = { - EDITOR = "${pkgs.emacs}/bin/emacsclient -a="; - ASPELL_CONF = "dict-dir ${pkgs.aspellDicts.en}/lib/aspell"; - }; -} diff --git a/nix/users/profiles/fish.nix b/nix/users/profiles/fish.nix deleted file mode 100644 index 314e9f6..0000000 --- a/nix/users/profiles/fish.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ ... }: -{ - programs.fish = { - enable = true; - interactiveShellInit = '' - set fish_greeting "" - - fish_add_path -p ~/.cargo/bin/ - - # Add utmctl to PATH - fish_add_path /Applications/UTM.app/Contents/MacOS/ - ''; - shellAbbrs = { - ncg = "nix-collect-garbage --delete-older-than 7d"; - ndc = "nix develop --command"; - nfc = "nix flake check"; - ngcroot = "ls -al /nix/var/nix/gcroots/auto/"; - nph = "nix profile history --profile /nix/var/nix/profiles/system"; - nsn = "nix search nixpkgs"; - nsv = "nix store verify --all"; - - g = "git"; - gap = "git add --patch"; - }; - shellAliases = { - la = "eza -la --git --color=always --group-directories-first"; - ll = "eza -la -L=1 --git --color=always --group-directories-first"; - lt = "eza -aT -L=2 --git --color=always --group-directories-first"; - }; - }; -} diff --git a/nix/users/profiles/git.nix b/nix/users/profiles/git.nix deleted file mode 100644 index de066e2..0000000 --- a/nix/users/profiles/git.nix +++ /dev/null @@ -1,134 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (config) userinfo; -in -{ - home.packages = with pkgs; [ - gitAndTools.pre-commit - git-credential-manager - ]; - - programs.gh = { - enable = true; - - settings = { - version = 1; - git_protocol = "ssh"; - prompt = "enabled"; - aliases = { - co = "pr checkout"; - vw = "pr view --web"; - }; - }; - }; - - programs.git = { - enable = true; - - delta = { - enable = true; - options.features = "decorations side-by-side line-numbers"; - }; - - userName = lib.mkDefault userinfo.fullName; - userEmail = lib.mkDefault userinfo.email; - - aliases = { - amend = "commit --amend"; - a = "commit --amend --no-edit"; - st = "status"; - co = "checkout"; - br = "branch"; - rb = "pull --rebase"; - hist = "log --pretty=format:\"%Cgreen%h %Creset%cd %Cblue[%cn] %Creset%s%C(yellow)%d%C(reset)\" --graph --date=relative --decorate --all"; - llog = "log --graph --name-status --pretty=format:\"%C(red)%h %C(reset)(%cd) %C(green)%an %Creset%s %C(yellow)%d%Creset\" --date=relative"; - logo = "log --pretty=format:\"%C(yellow)%h%Cred%d %Creset%s%Cblue (%cn)\" --decorate"; - logf = "log --pretty=format:\"%C(yellow)%h%Cred%d %Creset%s%Cblue (%cn)\" --decorate --numstat"; - }; - - # https://stackoverflow.com/questions/74012449/git-includeif-hasconfigremote-url-not-working - # to test it's working as expected: - # run `git config --get-all user.email' in a repository to check that we get all the possible emails - # run `git config --get user.email' in a repository to check which email is selected - includes = [ - { - condition = "hasconfig:remote.*.url:git@github.rbx.com:*/**"; - path = pkgs.writeText "username.cfg" (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); - } - { - condition = "hasconfig:remote.*.url:git@github.com:Roblox/**"; - path = pkgs.writeText "username.cfg" (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); - } - { - condition = "hasconfig:remote.*.url:https://github.com/Roblox/**"; - path = pkgs.writeText "username.cfg" (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); - } - { - condition = "hasconfig:remote.*.url:https://github.rbx.com/*/**"; - path = pkgs.writeText "username.cfg" (lib.generators.toGitINI { user.email = "fcuny@roblox.com"; }); - } - ]; - - ignores = [ - ".DS_Store" - ".aider.*" - ".direnv" - ".envrc" - ]; - - extraConfig = { - core.whitespace = "trailing-space,space-before-tab"; - color.ui = true; - - # nicer output - column.ui = "auto"; - - # https://adamj.eu/tech/2024/01/18/git-improve-diff-histogram/ - diff.algorithm = "histogram"; - - init.defaultBranch = "main"; - - # https://blog.gitbutler.com/how-git-core-devs-configure-git/ - push = { - # abort if the remote branch does not match the local one - default = "simple"; - autoSetupRemote = true; - followTags = true; - }; - - fetch = { - prune = true; - pruneTags = true; - all = true; - }; - - pull.rebase = true; - - rebase = { - autosquash = true; - updateRefs = true; - # Automatically create a temporary stash entry before the - # operation begins, and apply it after the operation ends. - autoStash = true; - # Print a warning if some commits are removed - missingCommitsCheck = "warn"; - }; - - branch = { - autosetuprebase = "remote"; - sort = "authordate"; - }; - - url = { - "ssh://git@github.rbx.com/" = { - insteadOf = "https://github.rbx.com/"; - }; - }; - }; - }; -} diff --git a/nix/users/profiles/k8s.nix b/nix/users/profiles/k8s.nix deleted file mode 100644 index ec59228..0000000 --- a/nix/users/profiles/k8s.nix +++ /dev/null @@ -1,91 +0,0 @@ -{ pkgs, ... }: -{ - home.packages = with pkgs; [ - kind # k8s in docker - kubebuilder # generate controller - kubectl - kubernetes-helm # deploy applications - kubie # kubeconfig browser https://github.com/sbstp/kubie - kubelogin-oidc # OIDC plugin - ]; - - programs.k9s = { - enable = true; - settings = { - k9s = { - refreshRate = 1; - }; - }; - plugin = { - plugins = { - log-bat = { - shortCut = "Shift-L"; - description = "Logs (bat)"; - scopes = [ "po" ]; - command = "bash"; - background = false; - args = [ - "-c" - "\"$@\" | bat" - "dummy-arg" - "kubectl" - "logs" - "$NAME" - "-n" - "$NAMESPACE" - "--context" - "$CONTEXT" - "--kubeconfig" - "$KUBECONFIG" - ]; - }; - log-bat-container = { - shortCut = "Shift-L"; - description = "Logs (bat)"; - scopes = [ "containers" ]; - command = "bash"; - background = false; - args = [ - "-c" - "\"$@\" | bat" - "dummy-arg" - "kubectl" - "logs" - "-c" - "$NAME" - "$POD" - "-n" - "$NAMESPACE" - "--context" - "$CONTEXT" - "--kubeconfig" - "$KUBECONFIG" - ]; - }; - }; - }; - }; - - home.file.kubie = { - target = ".kube/kubie.yaml"; - text = '' - shell: fish - configs: - include: - - ~/.kube/rksconfig - prompt: - fish_use_rprompt: false - ''; - }; - - programs.fish = { - shellAbbrs = { - k = "kubectl"; - kctx = "kubie ctx"; - klogs = "kubectl logs"; - }; - shellAliases = { - ukctx = "${pkgs.gh}/bin/gh api --hostname github.rbx.com repos/Roblox/cell-lifecycle/contents/rks/kubeconfig --jq '.content' | base64 -d > ~/.kube/rksconfig"; - }; - }; -} diff --git a/nix/users/profiles/llm.nix b/nix/users/profiles/llm.nix deleted file mode 100644 index 2793373..0000000 --- a/nix/users/profiles/llm.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ - configPath, - lib, - ... -}: -let - basePath = "llm/templates"; - llmTemplates = [ - "pr-prompt.yaml" - "commit-prompt.yaml" - "readme-gen.yaml" - ]; - mkLlmTemplate = file: { - ".config/${basePath}/${file}" = { - source = "${configPath}/${basePath}/${file}"; - }; - }; -in -{ - home.file = lib.mkMerge (map mkLlmTemplate llmTemplates); - - programs.fish = { - shellAliases = { - commit-msg = "git diff --cached | llm -t commit-prompt"; - pr-msg = "git diff HEAD | llm -t pr-prompt"; - readme-gen = "llm -t readme-gen"; - }; - }; - - home.sessionVariables = { - LLM_USER_PATH = "$HOME/.config/llm"; - }; -} diff --git a/nix/users/profiles/mac.nix b/nix/users/profiles/mac.nix deleted file mode 100644 index d889d21..0000000 --- a/nix/users/profiles/mac.nix +++ /dev/null @@ -1,73 +0,0 @@ -{ pkgs, ... }: -{ - imports = [ - ./1password.nix - ./bat.nix - ./dev.nix - ./emacs.nix - ./fish.nix - ./git.nix - ./llm.nix - ./secrets.nix - ./ssh.nix - ./starship.nix - ]; - - home.packages = with pkgs; [ - age - bandwhich - bottom - coreutils - dust - jless - jq - procs - restic - ripgrep - shellcheck - tree - wget - yq - ]; - - programs.direnv = { - enable = true; - nix-direnv.enable = true; - config = { - global.disable_stdin = true; - global.strict_env = true; - }; - }; - - # an alternative to ls - programs.eza = { - enable = true; - icons = "never"; - enableFishIntegration = false; - extraOptions = [ - "--group-directories-first" - "--no-quotes" - "--git-ignore" - "--icons=never" - ]; - }; - - # an alternative to find - programs.fd = { - enable = true; - hidden = true; - ignores = [ - ".git/" - ".direnv/" - ]; - }; - - home.sessionVariables = { - LESS = "-FRSXM"; - LESSCHARSET = "utf-8"; - PAGER = "less"; - SHELL = "${pkgs.fish}/bin/fish"; - }; - - xdg.enable = true; -} diff --git a/nix/users/profiles/media.nix b/nix/users/profiles/media.nix deleted file mode 100644 index f0919a3..0000000 --- a/nix/users/profiles/media.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ pkgs, ... }: -{ - home.packages = with pkgs; [ - mpv - ffmpeg - transmission_4 - ]; -} diff --git a/nix/users/profiles/minimal.nix b/nix/users/profiles/minimal.nix deleted file mode 100644 index aaffdbd..0000000 --- a/nix/users/profiles/minimal.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ pkgs, ... }: -{ - home.packages = with pkgs; [ - htop - ]; -} diff --git a/nix/users/profiles/nixos.nix b/nix/users/profiles/nixos.nix deleted file mode 100644 index a6c302f..0000000 --- a/nix/users/profiles/nixos.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ pkgs, ... }: -{ - # add ~/.local/bin to PATH - environment.localBinInPath = true; - - # we're using fish as our shell - programs.fish.enable = true; - - users.users.fcuny = { - isNormalUser = true; - home = "/home/fcuny"; - extraGroups = [ - "docker" - "wheel" - "podman" - ]; - shell = pkgs.fish; - hashedPassword = "$6$U4GoqhuHgdr.h0JP$C/BKslQfOpPJ5lUzrTeQh6i859R/jEKYSF9MaRhWYo5VG6aCDKsvb5xKSifH4nQt6okJixG9ceFh..Mnt93Jt/"; - openssh.authorizedKeys.keys = [ - # key `nixos` in 1password - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi" - ]; - }; -} diff --git a/nix/users/profiles/secrets.nix b/nix/users/profiles/secrets.nix deleted file mode 100644 index 65131df..0000000 --- a/nix/users/profiles/secrets.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ self, config, ... }: -{ - age = { - identityPaths = [ "${config.home.homeDirectory}/.ssh/agenix" ]; - secretsDir = "${config.home.homeDirectory}/.local/share/agenix"; - - secrets = { - llm = { - file = "${self}/secrets/users/fcuny/llm.age"; - path = "${config.home.homeDirectory}/.config/llm/keys.json"; - }; - anthropic-api-key = { - file = "${self}/secrets/users/fcuny/anthropic-api-key.age"; - }; - }; - }; -} diff --git a/nix/users/profiles/ssh.nix b/nix/users/profiles/ssh.nix deleted file mode 100644 index 322a8bc..0000000 --- a/nix/users/profiles/ssh.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ pkgs, config, ... }: -{ - # https://github.com/nix-community/home-manager/blob/master/modules/programs/ssh.nix - programs.ssh = { - enable = true; - forwardAgent = true; - serverAliveInterval = 60; - controlMaster = "auto"; - controlPersist = "30m"; - controlPath = "${config.home.homeDirectory}/.ssh/sockets/S.%r@%h:%p"; - - matchBlocks = { - "git.fcuny.net" = { - proxyCommand = "${pkgs.cloudflared}/bin/cloudflared access ssh --hostname %h"; - }; - "github.com" = { - hostname = "github.com"; - user = "git"; - forwardAgent = false; - extraOptions = { - preferredAuthentications = "publickey"; - controlMaster = "no"; - controlPath = "none"; - }; - }; - "github.rbx.com" = { - hostname = "github.rbx.com"; - user = "git"; - forwardAgent = false; - extraOptions = { - preferredAuthentications = "publickey"; - controlMaster = "no"; - controlPath = "none"; - }; - }; - }; - }; - - home.file = { - # we need this path to be created so that the control path can be used. - ".ssh/sockets/.keep".text = "# Managed by Home Manager"; - }; -} diff --git a/nix/users/profiles/starship.nix b/nix/users/profiles/starship.nix deleted file mode 100644 index 8a541ce..0000000 --- a/nix/users/profiles/starship.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ ... }: -{ - programs.starship = { - enable = true; - settings = { - add_newline = false; - character = { - success_symbol = "[›](bold green)"; - error_symbol = "[›](bold red)"; - }; - directory = { - fish_style_pwd_dir_length = 3; - }; - git_branch = { - symbol = "🌱 "; - }; - git_commit = { - commit_hash_length = 4; - }; - git_status = { - deleted = "✗"; - modified = "✶"; - staged = "✓"; - stashed = "≡"; - }; - "$schema" = "https://starship.rs/config-schema.json"; - hostname = { - ssh_only = true; - }; - username = { - disabled = true; - }; - kubernetes = { - disabled = false; - style = "bold blue"; - }; - nix_shell.disabled = false; - }; - }; -} diff --git a/nix/users/profiles/work.nix b/nix/users/profiles/work.nix deleted file mode 100644 index f502b6a..0000000 --- a/nix/users/profiles/work.nix +++ /dev/null @@ -1,97 +0,0 @@ -{ pkgs, ... }: -let - nomad-prod = pkgs.writeShellScriptBin "nomad-prod" '' - set -e - - if [ $# -ne 1 ]; then - echo "Usage: nomad-ui CELL_ID" - exit 1 - fi - - CELL_ID=$1 - - echo ">> Login to chi1 vault using Okta" - export VAULT_ADDR="https://chi1-vault.simulprod.com:8200" - export VAULT_TOKEN=$(${pkgs.vault}/bin/vault login -field=token -method=oidc username=$USER) - - echo ">> Accessing cell $CELL_ID" - export NOMAD_ADDR="https://$CELL_ID-nomad.simulprod.com" - export NOMAD_TOKEN=$(${pkgs.vault}/bin/vault read -field secret_id ''${CELL_ID}_nomad/creds/management) - - ${pkgs.nomad}/bin/nomad ui --authenticate - ''; -in -{ - imports = [ ./k8s.nix ]; - - home.packages = with pkgs; [ - awscli2 - boundary # for secure remote access - customPackages.hashi - customPackages.sapi - nomad-prod - tfswitch - vault - ]; - - programs.fish = { - shellAbbrs = - let - environments = [ - { - name = "chi1"; - alias = "chi1"; - jumpHost = "chi1-jumpcontainer-es"; - } - { - name = "ash1"; - alias = "ash1"; - jumpHost = "chi1-jumpcontainer-es"; - } - { - name = "sitetest3"; - alias = "st3"; - jumpHost = "st3-jumpcontainer-es"; - } - { - name = "sitetest2-snc2"; - alias = "st2-snc2"; - jumpHost = "st2-snc2-jumpcontainer-es"; - } - ]; - - # Generate all environment-specific aliases - envAliases = builtins.listToAttrs ( - builtins.concatMap (env: [ - { - name = "ssh-sign-${env.alias}"; - value = "${pkgs.customPackages.hashi}/bin/hashi -e ${env.name} sign --output-path=/Users/fcuny/.ssh/cert-${env.alias} --key=(${pkgs._1password-cli}/bin/op read 'op://employee/default rbx ssh key/public key'|psub) key"; - } - { - name = "hashi-${env.alias}"; - value = "${pkgs.customPackages.hashi}/bin/hashi -e ${env.name} show v"; - } - { - name = "ssh-${env.alias}"; - value = "ssh -o StrictHostKeyChecking=no -J ${env.jumpHost} -o 'CertificateFile=~/.ssh/cert-${env.alias}'"; - } - ]) environments - ); - - # Add any additional non-environment specific aliases - additionalAliases = { - "sjump-st1-snc2" = "${pkgs.customPackages.sapi}/bin/sapi jump sitetest1-snc2"; - "sjump-st1-snc3" = "${pkgs.customPackages.sapi}/bin/sapi jump sitetest3-snc2"; - "sjump-st2-snc2" = "${pkgs.customPackages.sapi}/bin/sapi jump sitetest2-snc2"; - "sjump-st3" = "${pkgs.customPackages.sapi}/bin/sapi jump sitetest3"; - "sjump" = "${pkgs.customPackages.sapi}/bin/sapi jump"; - "ssh-edge" = - "ssh -o StrictHostKeyChecking=no -o IdentitiesOnly=yes -J chi1-jumpcontainer-es -i (${pkgs._1password-cli}/bin/op read 'op://Infra-Compute-Edge-rks/ice_ssh-private-key/ice_rsa'|psub)"; - }; - in - envAliases // additionalAliases; - }; - - # the configuration for sapi is generated when we run `sapi jump`, there's no need to manage it with nix. - programs.ssh.includes = [ "config_sapi" ]; -} |