update configs and docs

also setup 1password ssh agent config btw

.config/1Password/ssh/agent.toml

@@ -0,0 +1,53 @@
+# SPDX-License-Identifier: MPL-2.0
+# This is the 1Password SSH agent config file, which allows you to customize the
+# behavior of the SSH agent running on this machine.
+#
+# You can use it to:
+# * Enable keys from other vaults than the Private vault
+# * Control the order in which keys are offered to SSH servers
+#
+# EXAMPLE
+#
+# By default, all keys in your Private vault(s) are enabled:
+#
+#  [[ssh-keys]]
+#  vault = "Private"
+#
+# You can enable more keys by adding more `[[ssh-keys]]` entries.
+# For example, to first enable item "My SSH Key" from "My Custom Vault":
+#
+#  [[ssh-keys]]
+#  item = "My SSH Key"
+#  vault = "My Custom Vault"
+#
+#  [[ssh-keys]]
+#  vault = "Private"
+#
+# You can test the result by running:
+#
+#  SSH_AUTH_SOCK=~/.1password/agent.sock ssh-add -l
+#
+# More examples can be found here:
+#  https://developer.1password.com/docs/ssh/agent/config
+
+# main key since 2022
+[[ssh-keys]]
+vault = "Personal"
+item = "ztyawq2e2iajh2h76ls2rls7aq"
+account = "Andrei Jiroh Halili"
+# launchpad.net and others that don't support Ed25519 yet
+[[ssh-keys]]
+vault = "Personal"
+item = "juivb4nx4uuftbhopukninhni4"
+account = "Andrei Jiroh Halili"
+# releases
+[[ssh-keys]]
+vault = "CI/CD Automation Toolkit"
+item = "hfkcoqzbpa3gjb2utvi5rpvc5y"
+account = "Andrei Jiroh Halili"
+
+# RecapTime.dev
+[[ssh-keys]]
+vault = "Employee"
+item = "wklfmur3fegpajjhrx4acwcscm"
+account = "https://recaptime-dev.1password.com"

.ssh/config

@@ -0,0 +1,33 @@
+# This is my SSH client configuration I use for both Nix-based and non-Nix
+# systems, mainly because I am not yet ready to codify them into home-manager
+# at the moment. Note that we might need to hack around the 1Password CLI
+# for headless setups like tildes and agent forwards.
+
+# load 1Password-specifics here
+Include ~/.ssh/1Password/config
+
+# tildeverse
+Host nest
+    Hostname hackclub.app
+    User ajhalili2006
+	IdentityAgent ~/.1password/agent.sock
+Host psf
+    Hostname p.psf.lt
+    User ajhalili2006
+    IdentityAgent ~/.1password/agent.sock
+Host ctrl-c
+    Hostname ctrl-c.clib
+    User ajhalili2006
+    IdentityAgent ~/.1password/agent.sock
+Host hashbang
+    Hostname de1.hashbang.sh
+    User ajhalili2006
+
+# TODO: Add machines on the tailnet later
+# Recap Time Squad specifics
+Host stellapent
+    Hostname stellapent-cier.fawn-cod.ts.net
+# Our own proxyparty instance on virtnet.bond :)
+Host proxyparty
+    # Will set this up later
+    Hostname proxypartylab.tuna-skate.ts.net

README.md

@@ -7,11 +7,9 @@ as seperate branches for prosperity.)
 
 ## Usage
 
-### Using my Nixpkgs config
+### Plain dotfiles
 
-Make sure Git is installed in your NixOS/nixpkgs setup (via `/etc/nixos/configuration.nix` or
-the usual `nix-env -iA nixpkgs.gitFull` or `nix profile install nixpkgs#gitFull` if using
-Flakes) for the setup to work.
+Make sure Git is installed in your non NixOS/nixpkgs setup for the setup to work.
 
 ```bash
 cd ~
@@ -20,12 +18,46 @@ git remote add origin https://mau.dev/andreijiroh-dev/dotfiles
 git checkout -f main
 ```
 
+If you prefer to cook up with yadm:
+
+```bash
+yadm clone https://github.com/andreijiroh-dev/dotfiles
+ln -s ./.local/share/yadm/TBD ./.git # so that we can normally use git here
+```
+
+### Using nix flakes + home-manager
+
+```bash
+# A quick home-manager switch should do the trick
+nix run home-manager/master -- switch --flake github:andreijiroh-dev/nixops-config
+
+# otherwise a quick copy paste configs should fix 'em if you use a different username
+# (not different home directory yet!)
+```
+
+#### Updating `authorized_keys` with Nix
+
+1. Update [`shared/ssh-keys.nix`][ssh-keys] and `users.users.<gildedguy|ajhalili2006>.openssh.authorizedKeys.keys`
+2. Run `nixos-rebuild switch` to regenerate `/etc/ssh/authorized_keys.d/<gildedguy|ajhalili2006>`.
+3. Copy that file back to `.ssh/authorized_keys`. Commit changes and push.
+4. On the affected machines, just `git pull` away.
+
+### Using 1Password SSH Agent integration
+
+> [!WARNING]
+> 1Password Desktop app must be installed and enabled `Use SSH Agent` in
+> **Settings** -> **Developer** -> **SSH Agent** after signing in.
+
+Note that this should work on most desktop apps, although if you're in Nest (and friends
+with RDP access), connect to there first and authenicate. You may need to adjust security
+settings in the desktop app to ensure nothing go wrong.
+
 ## Directory + File Map
 
 ### Essientials
 
 * [`.config/nixos`](./.config/nixos/) - my NixOS configuration as a flake, including system tools,
-usually in sync
+usually in sync (TODO: Swap into Git module of <https://github.com/andreijiroh-dev/nixops-config> soon)
 * [`.config/home-manager`](./.config/home-manager/) - Home-manager configs, mostly CLI and desktop apps go here
 * [`bin`](./bin) - Shell scripts! (because Nix looks like Haskell to me)
 
@@ -36,6 +68,10 @@ usually in sync
 * [`@recaptime-dev/infra`][rtdev-infra] - @recaptime-dev's infra configurations and home for our Infra Issue Tracker
 * [`@recaptime-dev/infra-internals`][rtdev-infra-internals] - @recaptime-dev's infra configs for Portainer (the public repo version only have `stack.env` files removed via `git-filter-repo`)
 
+## License
+
+MPL-2.0
+
 [nixops-config]: https://github.com/andreijiroh-dev/nixops-config
 [infraops]: https://github.com/andreijiroh-dev/infraops
 [rtdev-infra]: https://github.com/recaptime-dev/infra

meta-info.toml

@@ -0,0 +1,9 @@
+# Mainly used by p.psf.lt for profile metadata.
+fullname = "Andrei Jiroh Halili"
+#gemini = "gemini.andreijiroh.xyz"
+website = "https://andreijiroh.dev"
+description = "Building OSS at RecapTime.dev, also Autistic Filipino and Hack Clubber"
+email = "ajhalili2006@andreijiroh.dev"
+matrix = "@ajhalili2006:andreijiroh.dev"
+fediverse = "tilde.zone/@ajhalili2006"
+location = "Marilao, Bulacan, Philippines"