diff --git a/home-manager/becky-dingleberry.nix b/home-manager/becky-dingleberry.nix index f99b13e..c359c6b 100644 --- a/home-manager/becky-dingleberry.nix +++ b/home-manager/becky-dingleberry.nix @@ -227,6 +227,12 @@ in shellAliases = { hm-switch = "home-manager switch --impure --flake ~/.config/nix"; configure-ssh-terminfo = "f(){ infocmp -x | ssh \"$@\" -- tic -x -; unset -f f; }; f"; + + aws-ecr-login-skoda="aws --profile skoda-prod --region eu-central-1 ecr get-login-password | sudo docker login 943160431142.dkr.ecr.eu-central-1.amazonaws.com -u AWS --password-stdin"; + aws-ecr-login-scholaris = "aws --profile skoda-sch-dev --region eu-central-1 ecr get-login-password | sudo docker login 442913623981.dkr.ecr.eu-central-1.amazonaws.com -u AWS --password-stdin"; + aws-ecr-login-yp="aws-vault exec yp aws --region eu-central-1 ecr get-login-password | sudo docker login 060714730522.dkr.ecr.eu-central-1.amazonaws.com -u AWS --password-stdin"; + aws-ecr-login-investbay="aws-vault exec InvestBay-AccountManagement aws --region eu-central-1 ecr get-login-password | sudo docker login 297503416491.dkr.ecr.eu-central-1.amazonaws.com -u AWS --password-stdin"; + }; dirHashes = { mac = "${homedir}/storage/.macshare"; @@ -393,5 +399,7 @@ in EDITOR = "vim"; GO111MODULE = "on"; TERMINAL = "ghostty"; + AWS_VAULT_BACKEND = "secret-service"; + AWS_VAULT_SECRET_SERVICE_COLLECTION_NAME = "default"; }; } diff --git a/home-manager/common.nix b/home-manager/common.nix index 25144e8..17cea61 100644 --- a/home-manager/common.nix +++ b/home-manager/common.nix @@ -110,12 +110,20 @@ in shellAliases = { - cat = lib.mkDefault "bat --paging=never"; - nixfix = lib.mkDefault "nix fmt ./**/*.nix"; # use eval $(aws-export-credentials) to expose them to environment - aws-export-credentials = lib.mkDefault "aws configure export-credentials --format env --profile"; + aws-export-credentials = lib.mkDefault "${pkgs.awscli2}/bin/aws configure export-credentials --format env --profile"; + + aws-s3-cp-public = '' + ${pkgs.awscli2}/bin/aws s3 cp --acl "public-read" --expires "$(${pkgs.coreutils}/bin/date '+%a, %d %b %Y 00:00:00 GMT' -d "$(${pkgs.coreutils}/bin/date +%Y-%m-%d) + 365 day")" --cache-control "max-age=31536000" --metadata-directive REPLACE + ''; + + cat = lib.mkDefault "${pkgs.bat}/bin/bat --paging=never"; + + nixfix = lib.mkDefault "nix fmt ./**/*.nix"; + # use curl-aws --aws-sigv4 "aws:amz:region:service" - curl-aws = lib.mkDefault "curl -H \"X-Amz-Security-Token: $AWS_SESSION_TOKEN\" --user \"$AWS_ACCESS_KEY_ID:$AWS_SECRET_ACCESS_KEY\""; + curl-aws = lib.mkDefault "${pkgs.curl}/bin/curl -H \"X-Amz-Security-Token: $AWS_SESSION_TOKEN\" --user \"$AWS_ACCESS_KEY_ID:$AWS_SECRET_ACCESS_KEY\""; + git-sync-remote = lib.mkDefault "git remote update origin --prune"; } // ( diff --git a/home-manager/zsh/common/10-templates.zsh b/home-manager/zsh/common/10-templates.zsh deleted file mode 100644 index 583a3f3..0000000 --- a/home-manager/zsh/common/10-templates.zsh +++ /dev/null @@ -1,124 +0,0 @@ - -init-nix-flake() { - local tpl=$1 - local name=$2 - - local flakePath="$(pwd)/flake.nix" - local envrcPath="$(pwd)/.envrc" - - [[ -f "${flakePath}" ]] && echo "${flakePath} already present" && return 1 - [[ -f "${envrcPath}" ]] && echo "${envrcPath} already present" && return 1 - - if [[ "$tpl" == "yp" ]]; then - cat < "${flakePath}" -{ - inputs = { - nix.url = "git+ssh://git@bitbucket.org/yourpass/nix"; - }; - - outputs = { self, nix }: { - formatter = nix.formatter; - - devShells = nix.lib.forAllSystems (pkgs: { - default = pkgs.devshell.mkShell { - name = "yp-${name}"; - - packages = with pkgs; [ - - ]; - - commands = []; - }; - }); - }; -} -EOF - echo "use flake" > "${envrcPath}" - direnv allow - elif [[ "$tpl" == "investbay" ]]; then - cat < "${flakePath}" -{ - inputs = { - nix.url = "git+ssh://git@git.investbay.dev/morosystems/investbay/devops/nix?branch=main"; - }; - - outputs = { self, nix }: { - formatter = nix.formatter; - - devShells = nix.lib.forAllSystems (pkgs: { - default = pkgs.devshell.mkShell { - name = "investbay-${name}"; - - packages = with pkgs; [ - - ]; - - commands = []; - }; - }); - }; -} -EOF - echo "use flake" > "${envrcPath}" - direnv allow - elif [[ "$tpl" == "c3c" ]]; then - cat < "${flakePath}" -{ - inputs = { - nix.url = "git+ssh://git@git.c3c.cz/C3C/nix"; - }; - - outputs = { self, nix }: { - formatter = nix.formatter; - - devShells = nix.lib.forAllSystems (pkgs: { - default = nix.lib.mkDevenvShell { - inherit pkgs; - inputs = { - self = self; - nixpkgs = pkgs; - }; - - modules = [ - { - packages = with pkgs; [ - - ]; - - scripts = { - menu = { - description = "Print this menu"; - exec = '' - echo "Commands:" - echo -n '\${ - builtins.toJSON ( - builtins.mapAttrs (s: value: value.description) self.devShells.\${pkgs.system}.default.config.scripts - ) - }' | \ - \${pkgs.jq}/bin/jq -r 'to_entries | map(" \(.key)\n" + " - \(if .value == "" then "no description provided" else .value end)") | "" + .[]' - ''; - }; - - fix = { - exec = '' - \${nix.lib.cd_root} - nix fmt ./*.nix - \${pkgs.golangci-lint}/bin/golangci-lint run --sort-results --out-format tab --config \${nix.lib.golangci-config-file} --fix --issues-exit-code 0 ./... - stylua ./src - ''; - }; - }; - } - ]; - }; - }); - }; -} -EOF - echo "use flake . --impure" > "${envrcPath}" - direnv allow - else - echo "Wrong template as first arg: [yp/investbay/c3c]" - return 1 - fi -} diff --git a/home-manager/zsh/common/10-zsh_aliases_connections.zsh b/home-manager/zsh/common/10-zsh_aliases_connections.zsh deleted file mode 100755 index 9ef9255..0000000 --- a/home-manager/zsh/common/10-zsh_aliases_connections.zsh +++ /dev/null @@ -1,5 +0,0 @@ -alias awsKubeconfig="aws eks --region eu-central-1 update-kubeconfig --name " -alias loginToSkodaECR="aws --profile skoda-prod --region eu-central-1 ecr get-login-password | sudo docker login 943160431142.dkr.ecr.eu-central-1.amazonaws.com -u AWS --password-stdin" -alias loginToSkodaScholarisECR="aws --profile skoda-sch-dev --region eu-central-1 ecr get-login-password | sudo docker login 442913623981.dkr.ecr.eu-central-1.amazonaws.com -u AWS --password-stdin" -alias loginToYpECR="aws-vault exec yp aws --region eu-central-1 ecr get-login-password | sudo docker login 060714730522.dkr.ecr.eu-central-1.amazonaws.com -u AWS --password-stdin" -alias loginToInvestBayECR="aws-vault exec InvestBay-AccountManagement aws --region eu-central-1 ecr get-login-password | sudo docker login 297503416491.dkr.ecr.eu-central-1.amazonaws.com -u AWS --password-stdin" diff --git a/home-manager/zsh/common/11-aws.zsh b/home-manager/zsh/common/11-aws.zsh deleted file mode 100644 index 4aa769f..0000000 --- a/home-manager/zsh/common/11-aws.zsh +++ /dev/null @@ -1,9 +0,0 @@ -export AWS_VAULT_BACKEND=secret-service -export AWS_VAULT_SECRET_SERVICE_COLLECTION_NAME=default - -alias argoyp='argo --context yp:060714730522:eu-west-1/yp-dev -n argo' - -function awsS3cpWithPublic { - local expires=$(date '+%a, %d %b %Y 00:00:00 GMT' -d "$(date +%Y-%m-%d) + 365 day") - aws s3 cp --acl "public-read" --expires "${expires}" --cache-control "max-age=31536000" --metadata-directive REPLACE $@ -}