From bfe5d131ad504bff8af2f4ca972a80cf725b71f8 Mon Sep 17 00:00:00 2001
From: Franck Cuny <franck@fcuny.net>
Date: Wed, 31 Dec 2025 09:07:55 -0800
Subject: remove unnecessary profiles

---
 home/programs/security/hashi.nix | 49 +++++++++++++++++++++++++++++++++++++++-
 1 file changed, 48 insertions(+), 1 deletion(-)

(limited to 'home/programs/security/hashi.nix')

diff --git a/home/programs/security/hashi.nix b/home/programs/security/hashi.nix
index c24845e..424c7b3 100644
--- a/home/programs/security/hashi.nix
+++ b/home/programs/security/hashi.nix
@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
 let
   nomad-prod = pkgs.writeShellScriptBin "nomad-prod" ''
     set -e
@@ -51,4 +51,51 @@ in
     nomad-prod
     hashi
   ];
+
+  programs.fish = {
+    shellAbbrs =
+      let
+        environments = [
+          {
+            name = "chi1";
+            alias = "chi1";
+            jumpHost = "chi1-jumpcontainer-es";
+          }
+          {
+            name = "ash1";
+            alias = "ash1";
+            jumpHost = "chi1-jumpcontainer-es";
+          }
+          {
+            name = "sitetest3";
+            alias = "st3";
+            jumpHost = "st3-jumpcontainer-es";
+          }
+          {
+            name = "sitetest2-snc2";
+            alias = "st2-snc2";
+            jumpHost = "st2-snc2-jumpcontainer-es";
+          }
+        ];
+
+        # Generate all environment-specific aliases
+        envAliases = builtins.listToAttrs (
+          builtins.concatMap (env: [
+            {
+              name = "ssh-sign-${env.alias}";
+              value = "${pkgs.hashi}/bin/hashi -e ${env.name} sign --output-path=${config.home.homeDirectory}/.ssh/${env.alias}-cert.pub --key=(${pkgs._1password-cli}/bin/op read 'op://employee/default rbx ssh key/public key'|psub) key";
+            }
+            {
+              name = "hashi-${env.alias}";
+              value = "${pkgs.hashi}/bin/hashi -e ${env.name} show v";
+            }
+            {
+              name = "ssh-${env.alias}";
+              value = "${pkgs.kitty}/bin/kitten ssh -o StrictHostKeyChecking=no -J ${env.jumpHost} -o 'CertificateFile=~/.ssh/${env.alias}-cert.pub'";
+            }
+          ]) environments
+        );
+      in
+      envAliases;
+  };
 }
-- 
cgit v1.2.3