Use secret to fetch username email by default, fallback to prompt

home/.chezmoi.toml.tmpl

@@ -10,12 +10,36 @@ vim:ft=gotmpl
 {{- $nix := false -}}
 {{- $work := false -}}
 {{- $wheel := false -}}
-{{- $username := promptStringOnce . "username" "What is your username" -}}
-{{- $email := promptStringOnce . "email" "What is your email address" -}}
+{{- $username := "" -}}
+{{- $email := "" -}}
 {{- $hostname := .chezmoi.hostname -}}
 {{- $wheel := false -}}
 {{- $diffCmd := "diff" -}}
-{{- $encryptionProvider := "gpg" -}}
+{{- $encryptionProvider := "age" -}}
+{{- $defaultIdentityPath := joinPath .chezmoi.homeDir ".ssh" "agekey.txt" -}}
+{{- $manageSecret := false -}}
+{{- if stat $defaultIdentityPath -}}
+{{-     $manageSecret = true -}}
+{{ else -}}
+{{-     $manageSecret = promptBoolOnce . "manageSecret" "Do you want to manage secrets" -}}
+{{-     if $manageSecret -}}
+{{-         $defaultIdentityPath = promptStringOnce . "defaultIdentityPath" "What is your default identity path, relative to your home directory" -}}
+{{-         $defaultIdentityPath = joinPath .chezmoi.homeDir $defaultIdentityPath -}}
+{{-     end -}}
+{{- end -}}
+{{- if stat $defaultIdentityPath -}}
+{{- $dataDir := joinPath .chezmoi.homeDir ".dotfiles" "home" -}}
+{{- $dataPath := joinPath $dataDir "secrets" "data.json.age" -}}
+{{- $data := output "age" "--decrypt" "--identity" $defaultIdentityPath $dataPath | fromJson -}}
+{{- $username = $data.username -}}
+{{- $email = $data.email -}}
+{{- end -}}
+{{ if eq $username "" -}}
+{{-     $username = promptStringOnce . "username" "What is your username" -}}
+{{ end -}}
+{{ if eq $email "" -}}
+{{-     $email = promptStringOnce . "email" "What is your email address" -}}
+{{ end -}}
 
 {{/* darwin hostname hack */}}
 {{- if eq .chezmoi.os "darwin" -}}
@@ -44,21 +68,21 @@ If under nix, some dotfiles should be managed via home-manager
 If under nixOS, most scripts that require root access should not be run, as they are managed by nixOS
 */}}
 {{/* nixOS */}}
-{{ if eq .chezmoi.os "linux" }}
-{{ if eq .chezmoi.osRelease.id "nixos"}}
-{{ $nix = true }}
-{{ end }}
+{{- if eq .chezmoi.os "linux" -}}
+{{- if eq .chezmoi.osRelease.id "nixos" }}
+{{- $nix = true -}}
+{{- end -}}
 {{/* nix on other linux distros */}}
-{{ if isExecutable "/nix/var/nix/profiles/default/bin/nix-env" }}
-{{ $nix = true }}
-{{ end }}
-{{ end }}
-{{ if eq .chezmoi.os "darwin" }}
+{{- if isExecutable "/nix/var/nix/profiles/default/bin/nix-env" -}}
+{{- $nix = true -}}
+{{- end -}}
+{{- end -}}
+{{- if eq .chezmoi.os "darwin" -}}
 {{/* nix-darwin */}}
-{{ if isExecutable "/run/current-system/sw/bin/darwin-rebuild" }}
-{{ $nix = true }}
-{{ end }}
-{{ end }}
+{{ if isExecutable "/run/current-system/sw/bin/darwin-rebuild" -}}
+{{ $nix = true -}}
+{{ end -}}
+{{ end -}}
 
 {{/*
 Determining headless
@@ -68,18 +92,18 @@ Determining headless
 {{-   $ephemeral = true -}}
 {{-   $headless = true -}}
 {{- end -}}
-{{ if not $headless }}
-{{ if eq .chezmoi.os  "linux" }}
+{{- if not $headless -}}
+{{- if eq .chezmoi.os  "linux" -}}
 {{/* Fedora Server */}}
-{{ if eq .chezmoi.osRelease.variantID "server" }}
-{{ $headless = true }}
-{{ end }}
+{{- if eq .chezmoi.osRelease.variantID "server" -}}
+{{- $headless = true -}}
+{{- end -}}
 {{/* Treat all Debian hosts as headless */}}
-{{ if eq .chezmoi.osRelease.id "debian" }}
-{{ $headless = true }}
-{{ end }}
-{{ end }}
-{{ end }}
+{{- if eq .chezmoi.osRelease.id "debian" -}}
+{{- $headless = true -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
 
 {{/*
 Determining diff command, fallback to diff
@@ -97,6 +121,8 @@ Determining encryption provider, fallback to gpg
 {{-   $encryptionProvider = "age" -}}
 {{- else if lookPath "rage" -}}
 {{-   $encryptionProvider = "rage" -}}
+{{- else -}}
+{{-   $encryptionProvider = "gpg" -}}
 {{- end -}}
 
 sourceDir = "~/.dotfiles"
@@ -108,10 +134,13 @@ encryption = {{ $encryptionProvider | quote }}
     headless = {{ $headless }}
     nix = {{ $nix }}
     wheel = {{ $wheel }}
+    manageSecret = {{ $manageSecret }}
 
 [diff]
     command = {{ $diffCmd | quote }}
 
 [age]
-    identities = ["~/.ssh/agekey.txt"]
+    identities = [
+        {{ $defaultIdentityPath | quote }}
+        ]
     recipients = ["age1mcvqpg39t32ll684r4m2l8j0l9zag6endg0h6zjw8svkgdwc4pjqkk5fvj"]

home/.chezmoiignore.tmpl

@@ -132,3 +132,9 @@ vim:ft=gotmpl
     .chezmoiscripts/unixlike/**
     .chezmoiscripts/+nixos/**
     {{ end}}
+
+{{/* Secret Management */}}
+    {{ if not $manageSecret }}
+    .config/aichat
+    .config/zsh/mod/env.zsh
+    {{ end }}

home/.chezmoiscripts/unixlike/run_once_zsh-set-env.sh.tmpl

@@ -6,7 +6,8 @@ XDG_STATE_HOME="${XDG_STATE_HOME:-$HOME/.local/state}"
 
 {{ if .wheel }}
 
-echo "[INFO] "
+echo "[INFO] Setting global zshenv that sets ZDOTDIR if available"
+echo "[ACTION] Elevation required. "
 
 if [ -f /etc/zshenv ]; then
     sudo cp "$CHEZMOI_SOURCE_DIR/dot_config/zsh/global.zshenv" /etc/zshenv

home/dot_config/zsh/mod/alias.zsh

@@ -113,3 +113,25 @@ elif [ "$TERM_PROGRAM" = "WezTerm" ]; then
     alias icat="wezterm imgcat"
   fi
 fi
+
+edit-fzf() {
+    # 1. Declare a variable that is local to the function.
+    local _file
+
+    if command -v fd >/dev/null 2>&1; then
+        _file=$(fd --type f | fzf --height 40% --reverse -1 -q "$1")
+    else
+        # Fallback to 'find'
+        _file=$(find . -type f | fzf --height 40% --reverse -1 -q "$1")
+    fi
+
+    # In POSIX shell, if fzf is cancelled (Esc/Ctrl-C),
+    # the command substitution simply returns an empty string.
+    # So, we check if the variable '_file' is non-empty ('-n').
+    if [ -n "$_file" ]; then
+        "$EDITOR" "$_file"
+    else
+        echo "No file selected."
+    fi
+}
+alias ef="edit-fzf"

home/dot_config/zsh/mod/completion.zsh

@@ -1,3 +1,4 @@
+autoload -U compinit && compinit
 
 ### completion
 ### =================
@@ -17,4 +18,3 @@ zstyle ':completion:*' list-colors ''${(s.:.)LS_COLORS}
 
 # Complete . and .. special directories
 zstyle ':completion:*' special-dirs true
-

home/dot_config/zsh/mod/config.zsh

@@ -43,6 +43,12 @@ for plugin in "${plugins[@]}"; do
   fi
 done
 
+ZSH_HIGHLIGHT_HIGHLIGHTERS+=(main pattern brackets root)
+ZSH_HIGHLIGHT_STYLES[path]='fg=cyan,underline'
+ZSH_HIGHLIGHT_PATTERNS+=('rm -rf *' 'fg=blue,bold,bg=red')
+
+export IPYTHONDIR="$XDG_CONFIG_HOME"/ipython
+
 # https://unix.stackexchange.com/questions/33994/
 # Use `set -k` to mark leading `#` as a comment character
 set -k

home/dot_config/zsh/mod/keymap.zsh

@@ -6,7 +6,7 @@
 # read key: `read`
 # get current bindings: `bindkey`
 
-# bindkey -v # Vi Keybindings
+bindkey -e # Emacs Keybindings
 
 bindkey '^H' backward-kill-word   # Ctrl-Backspace
 bindkey '^[^?' backward-kill-line # Alt-Backspace
@@ -25,3 +25,10 @@ bindkey '^[[F' end-of-line       # End
 bindkey '^[[3~' delete-char # Delete
 bindkey '^[[3;5~' kill-word # Ctrl-Delete
 bindkey '^[[3;3~' kill-line # Alt-Delete
+
+autoload -Uz edit-command-line
+zle -N edit-command-line
+
+bindkey '^X^E' edit-command-line
+bindkey '^[e' edit-command-line
+bindkey '^[v' edit-command-line

home/secrets/data.json.age

@@ -0,0 +1,5 @@
+age-encryption.org/v1
+-> X25519 dnXeI9TPOYwYcRJha0QuGMhBaYqUlgtipsfn1C9XA20
+M+RCsfb1i2xO3lDNPGnDEtisgCC3+VhZByQ4NZjOzE0
+--- +xPO9h8TJ5ZTZFwntfcFG6+O1Unk8PjX0hB0bFYNBGw
+]£œ*²(–=Tr8‹{å²A™s¹‘0&	x—¤MÀž¨óþ
Ih;o‡O¡`rªÛlF~•í¨Ác­3ýÈ_wŽ,[g^’Ç9›^Kþí0u–èò ¹<ƒŸ

nixcfgs/users/js0ny/programs/shell/zsh.nix

@@ -96,6 +96,10 @@ in {
       bindkey '^[[3;5~' kill-word # Ctrl-Delete
       bindkey '^[[3;3~' kill-line # Alt-Delete
 
+      bindkey '^X^E' edit-command-line
+      bindkey '^[e' edit-command-line
+      bindkey '^[v' edit-command-line
+
       # Misc
       # ========
       # source ${pkgs.zsh-fzf-tab}/share/fzf-tab/fzf-tab.plugin.zsh