From 36ade9a42d5d69cad9db1b9d13896d25444a98bd Mon Sep 17 00:00:00 2001 From: fwastring Date: Mon, 30 Mar 2026 09:33:05 +0200 Subject: [PATCH] updates --- maskiner/core/configuration.nix | 10 ++++ moduler/fish.nix | 66 ++++++++------------ moduler/home.nix | 93 +++++++++++++++++++++++++---- moduler/programs.nix | 19 +++--- moduler/programs/nixvim/default.nix | 16 +++++ secrets/sops.yaml | 8 ++- 6 files changed, 147 insertions(+), 65 deletions(-) diff --git a/maskiner/core/configuration.nix b/maskiner/core/configuration.nix index 62ae60d..579c701 100644 --- a/maskiner/core/configuration.nix +++ b/maskiner/core/configuration.nix @@ -71,6 +71,16 @@ in group = "users"; mode = "0400"; }; + sops.secrets.jira_token = { + owner = "fw"; + group = "users"; + mode = "0400"; + }; + sops.secrets.opencode_atlassian_env = { + owner = "fw"; + group = "users"; + mode = "0400"; + }; environment.systemPackages = [ pkgs.cifs-utils ]; diff --git a/moduler/fish.nix b/moduler/fish.nix index 286e943..e41662b 100644 --- a/moduler/fish.nix +++ b/moduler/fish.nix @@ -75,57 +75,39 @@ in ls = "eza -l"; lg = "lazygit"; ka = "kubectl apply -f"; - t = "timew"; - a = "nix develop; opencode"; - todo = "jira issue list -a 'Fredrik Wastring' -s ~Done -s ~Closed -s ~Released --plain"; - cam = "jira issue create && jira issue assign && jira issue move"; - e = "kubectx"; - s = { - setCursor = "%"; - expansion = "cha https://search.wastring.com/search?q=%"; - }; - tw = { - setCursor = "%"; - expansion = "typst watch % --open zathura /tmp/zathura.pdf"; - }; - c = { - setCursor = "%"; - expansion = "ssh 'fw:%@gateway.internalifacts.se' -p 2222"; - }; - dl = { - setCursor = "&"; - expansion = "yt-dlp -o \"~/videor/%(title)s - %(uploader)s\" \"&\""; - }; + e = "nvim"; }; interactiveShellInit = let fzfOpts = catppuccinFzfOptions.${config.fish.theme}; in '' - fish_vi_key_bindings - set fish_greeting - set FLAKE_DIR "/home/fw/nix" - set JIRA_API_TOKEN ATATT3xFfGF0_fkpGB1ne-QOSJzFVG0yH31j2CRtdNqbePCyEm9enpnA2uA3go75_GQwZPFX_IO9tf10ALJWvDLjsuHl8MSOUkNd703Vqr4uuGLAbHY73Z_b9fDJVrfodTrGAN9sZ5Sp75opCVkXB7MVXSAIvlWimRdwe-tqDPH4vhwY9Hqcs6M=0510D6CD - set -gx GITHUB_PERSONAL_ACCESS_TOKEN (cat /run/secrets/github_token) - set -gx GITHUB_HOST "https://github.com" - set -gx GRAFANA_SERVICE_ACCOUNT_TOKEN (cat /run/secrets/grafana_token) - set -gx GRAFANA_URL "https://monitoring.internalifacts.se" - set -Ux FZF_CTRL_R_OPTS "--reverse" - set -Ux FZF_TMUX_OPTS "-p" - set -e GOROOT - set -x -U GOPATH $HOME/.go - gh completion -s fish > ~/.config/fish/completions/gh.fish - set -gx PATH $PATH $HOME/scripts - set -gx PATH $PATH $HOME/.krew/bin + fish_vi_key_bindings + set fish_greeting + set FLAKE_DIR "/home/fw/nix" + if test -r /run/secrets/jira_token + set -gx JIRA_API_TOKEN (string trim (cat /run/secrets/jira_token)) + end + set -gx GITHUB_PERSONAL_ACCESS_TOKEN (cat /run/secrets/github_token) + set -gx GITHUB_HOST "https://github.com" + set -gx GRAFANA_SERVICE_ACCOUNT_TOKEN (cat /run/secrets/grafana_token) + set -gx GRAFANA_URL "https://monitoring.internalifacts.se" + set -Ux FZF_CTRL_R_OPTS "--reverse" + set -Ux FZF_TMUX_OPTS "-p" + set -e GOROOT + set -x -U GOPATH $HOME/.go + gh completion -s fish > ~/.config/fish/completions/gh.fish + set -gx PATH $PATH $HOME/scripts + set -gx PATH $PATH $HOME/.krew/bin - if not set -q SSH_AUTH_SOCK - eval (ssh-agent -c) - ssh-add ~/.ssh/id_ed25519 >/dev/null 2>&1 - set SSH_AUTH_SOCK /home/fw/.bitwarden-ssh-agent.sock - end + if not set -q SSH_AUTH_SOCK + eval (ssh-agent -c) + ssh-add ~/.ssh/id_ed25519 >/dev/null 2>&1 + set SSH_AUTH_SOCK /home/fw/.bitwarden-ssh-agent.sock + end - set -Ux FZF_DEFAULT_OPTS "${fzfOpts}" + set -Ux FZF_DEFAULT_OPTS "${fzfOpts}" ''; }; }; diff --git a/moduler/home.nix b/moduler/home.nix index a61dc9b..44b7467 100644 --- a/moduler/home.nix +++ b/moduler/home.nix @@ -25,18 +25,89 @@ programs.home-manager.enable = true; programs.fish.enable = true; + programs.opencode = { + enable = true; + enableMcpIntegration = false; + settings = { + "$schema" = "https://opencode.ai/config.json"; + theme = lib.mkForce "catppuccin"; + plugin = [ "@ex-machina/opencode-anthropic-auth" ]; + mcp = { + az = { + type = "local"; + command = [ + "docker" + "run" + "-i" + "--rm" + "--env-file" + "/home/fw/.azure/credentials" + "mcr.microsoft.com/azure-sdk/azure-mcp:latest" + ]; + }; + k8s = { + type = "local"; + command = [ + "docker" + "run" + "--rm" + "-i" + "--user" + "1000:100" + "-v" + "/home/fw/.kube:/kube:ro" + "ghcr.io/containers/kubernetes-mcp-server:latest" + "--kubeconfig" + "/kube/config" + ]; + }; + github = { + type = "local"; + command = [ + "docker" + "run" + "-i" + "--rm" + "-e" + "GITHUB_PERSONAL_ACCESS_TOKEN" + "ghcr.io/github/github-mcp-server" + ]; + }; + jira = { + type = "local"; + command = [ + "docker" + "run" + "-i" + "--rm" + "--env-file" + "/home/fw/.config/opencode/.env.local" + "ghcr.io/sooperset/mcp-atlassian:latest" + ]; + }; + }; + }; + }; + + home.activation.opencodeAtlassianEnv = lib.hm.dag.entryAfter [ "writeBoundary" ] '' + mkdir -p "$HOME/.config/opencode" + if [ -r /run/secrets/opencode_atlassian_env ]; then + ln -sf /run/secrets/opencode_atlassian_env "$HOME/.config/opencode/.env.local" + fi + ''; + programs.alacritty = { - enable = true; - # theme = "catppuccin_${theme}"; - theme = "catppuccin_mocha"; - settings = { - font = { - normal = { - family = lib.mkForce "FiraCode Nerd Font Mono"; - }; - size = lib.mkForce 16; - }; - }; + enable = true; + # theme = "catppuccin_${theme}"; + theme = "catppuccin_mocha"; + settings = { + font = { + normal = { + family = lib.mkForce "FiraCode Nerd Font Mono"; + }; + size = lib.mkForce 16; + }; + }; }; home.username = "fw"; diff --git a/moduler/programs.nix b/moduler/programs.nix index 0cc8b58..0cc22f9 100644 --- a/moduler/programs.nix +++ b/moduler/programs.nix @@ -57,7 +57,7 @@ environment.systemPackages = with pkgs; [ # GUI feishin - vscode + vscode signal-desktop thunderbird discord @@ -71,18 +71,18 @@ remmina brightnessctl speedcrunch - opencode - quickemu - virt-viewer - go-passbolt-cli wf-recorder slurp - bitwarden-desktop - bitwarden-cli lagrange jujutsu rclone - + quickemu + virt-viewer + go-passbolt-cli + wf-recorder + slurp + bitwarden-desktop + jira-cli-go dbeaver-bin ( @@ -115,7 +115,8 @@ ) # TUI - codex + # nodejs + claude-code # Browsers librewolf diff --git a/moduler/programs/nixvim/default.nix b/moduler/programs/nixvim/default.nix index 389280d..6718819 100644 --- a/moduler/programs/nixvim/default.nix +++ b/moduler/programs/nixvim/default.nix @@ -37,6 +37,7 @@ with lib; telescope = true; treesitter = true; cmp = true; + lualine = true; }; }; }; @@ -251,6 +252,18 @@ with lib; }; }; }; + # avante = { + # enable = true; + # settings = { + # provider = "claude-code"; + # acp_providers = { + # claude-code = { + # command = "npx"; + # args = [ "@zed-industries/claude-code-acp" ]; + # }; + # }; + # }; + # }; treesitter = { enable = true; @@ -363,6 +376,9 @@ with lib; }; }; }; + extraPlugins = with pkgs.vimPlugins; [ + plenary-nvim + ]; enableMan = false; autoCmd = [ { diff --git a/secrets/sops.yaml b/secrets/sops.yaml index dca72c9..20b9762 100644 --- a/secrets/sops.yaml +++ b/secrets/sops.yaml @@ -15,6 +15,8 @@ fw-qemu: ENC[AES256_GCM,data:TxbilLf79+gieY3WbAGl175aTUVjIc6rlKfYTy8Usmw=,iv:WCv github_token: ENC[AES256_GCM,data:E8j5K2U8UvTpZtsWIm55dvvSxmZjDY15lYeXGuKnPuq1fRyb5HolEQ==,iv:tqODZ4Y247D4DhmC3z7XEq/2K2JsU76p1hxYkYiql9E=,tag:iYithxJyO/GKvKwwh4BDlA==,type:str] grafana_token: ENC[AES256_GCM,data:yAUqBV2/IF/wkyutHhf1Ui/xxRIt+SgsUk7QmdcnYa+x5KC8G1ifdcxJjPJvyQ==,iv:dGk6AfadwajDbFzTteCeyNIpwWRwdJbNwjGSlrmhaBU=,tag:svCcQo96PGFXu+MVsmn1HQ==,type:str] fleet-enroll-secret: ENC[AES256_GCM,data:2DEmgzsYvWZas65HLE4PaxZ3h7L4Gw8esVirZYrzCik=,iv:9t6ET8QnPLIl0Pnn9r24btF7VUQnRr3ukRH0oVsgIrg=,tag:mQ0yxEhx72L71DB36cfMew==,type:str] +jira_token: ENC[AES256_GCM,data:gPSgsNp4XlM6cTzLCpsJpdByTOHQ9vWfosurrd+yzo9MAkTcm5BDXwRWl1aNN2OFZu4+GXNqOho1gegDCQhZQnFRYNACASqmhGk6/GCpSNUlVAExOhvSs8tUu+YZoBUVufWHn5sIsxNHGgiJnX5ZtX7sVhUOo5u+qbb49iHsSZ6WBwP9SDMpfqXkhgZAURTk7iu7VgbHt6D1BxQH2yDCXR7OuICC5D6lSjdKo4Vbdudmz07vM1b4DHfvtP15SJfl,iv:oV3ACNPpz4Zb3bt0oWlx9On71LoXt3ZO5QosSr5XB2k=,tag:Xr0Y/ugZbQ2BaQtUJOwIng==,type:str] +opencode_atlassian_env: ENC[AES256_GCM,data:v7uz9p4/H2WNzZA+I5+qnBRw4cyB4DNt/adBn0TS1bm9Gqk+UhnpjlXuP3mpxElXrAPmqT/rIvRGZp/YGiDWODH+B/WjtAaA/R+hFfOoP+m2unx2UM/a+UwC2EO+6ci+lKtNpT8FfobQxjuCdKWCmz0U54ijtfmyh73+lIzZoffs35fvxHwvchzM3zfCy/EHkR1jDUiKykX2VR1JiBZNa6PFp+SXZGvBlcjf8WjaryEpzIGv1plFftTQSo74OHPuUAC4kXrV9eCH4OJQ6JLyfOH+8tGstyyVWO9BtG7/fO5j830bBgvbqTsjZX+NvmTiaP4caC/sy7vseKkbgRzdUuAASLM3Pbqs9QnP6lFzye/QNdnlcwOOoNniXMbwynmSwtrz6w==,iv:DrArPdRddjxqMqU+38jvc1zCy2xVRmXOD7D9UQHQfgs=,tag:ZGCBxg28k1FMKwvu2r2Aqg==,type:str] sops: age: - recipient: age1jeyw96795qu52swmtkjqgr2w3g4vxc43ckc5r4hlwpje23ptnfwsheah0s @@ -62,7 +64,7 @@ sops: dFZ3T3VUeHVnVThadHVQaVJCNkdZeDQK99L7CbBbklUUtanyFIOiCzO3hZP1mh3z ZZhhr6BCcHBbqzLaRLbT27BTCoNuGsXxyzW6tpXYacYuITkcFq9bOQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-03-17T09:44:56Z" - mac: ENC[AES256_GCM,data:MX3xARncq/j17K5gtmGRi9E4LEOFDeoinahJ0o0AxECjdQYUndtlIMe+0/BfL2GIemhNaiHsQydjE4TrORgl/RGMcHj/gYy9EvY/m0E7gtSoWpxN5FOdavCQ4jcgRRxYj1mDdTuaS7VksWd+9XZMJh7ScmHlMI8PWdnTessd6Mk=,iv:GxuMN1Vt2fEBs/WrD4BvJlUIiGiHppZfzHU8NRB/4DA=,tag:OnHU8MnyLtclBCWKwribAQ==,type:str] + lastmodified: "2026-03-26T15:52:43Z" + mac: ENC[AES256_GCM,data:s0Oc18zrDOQkyZHre1NbwMOKxS/4KGq7WGifmAi4xJsN2oeQXXAOXE5baMRBiC4q6ak7UvowSXWeuTx7+8P37ycVL2I9SpnIamkxGbzTLCNeqa+3ipcRRWMSYWrit+KwJXYS0F+hUv0/QgFssl8W7bKquwkkQy6Aqz8sGmx/WqU=,iv:JfUR8L/6arJenH21061U8T6ld3wU0BksWKkjiK+fLHc=,tag:iABB6x6zrFIVBSV6cHKMDA==,type:str] unencrypted_suffix: _unencrypted - version: 3.12.0 + version: 3.12.2