Fixed age secrets
This commit is contained in:
		| @@ -43,14 +43,6 @@ they are implemented. | ||||
| ;;; $DOOMDIR/config.el -*- lexical-binding: t; -*- | ||||
| #+end_src | ||||
|  | ||||
| ** Secrets | ||||
|  | ||||
| #+begin_src emacs-lisp | ||||
| (after! auth-source | ||||
|   (add-to-list 'auth-sources | ||||
|                `(:source ,(concat doom-private-dir "secrets.el.age") :type age))) | ||||
| #+end_src | ||||
|  | ||||
| ** User Info | ||||
|  | ||||
| Place your private configurations. It is optional. | ||||
| @@ -709,7 +701,7 @@ Handles org-clock and context link capture for tasks." | ||||
| ;; Connecteam org-roam-dailies integration | ||||
| (require 'request) | ||||
|  | ||||
| (defvar gortium/connecteam-api-key (auth-source-pick-first-password :host "connecteam") "Your Connecteam API Key") | ||||
| (defvar gortium/connecteam-api-key (auth-source-passage-get 'secret "connecteam") "Your Connecteam API Key") | ||||
| (defvar gortium/connecteam-user-id "9885891" "Your Connecteam User ID") | ||||
| (defvar gortium/connecteam-clock-id "9335145" "Your Connecteam time clock ID used in API calls.") | ||||
|  | ||||
| @@ -1108,17 +1100,86 @@ numbers are disabled. For relative line numbers, set this to ~relative~. | ||||
| #+end_src | ||||
|  | ||||
| ** Age | ||||
| Allow me to edit age file directly in emacs buffer. | ||||
|  | ||||
| #+begin_src emacs-lisp | ||||
| (use-package! age | ||||
|   :demand t | ||||
|   :custom | ||||
|   (age-program "rage") | ||||
|   (age-default-identity "~/.ssh/gortium_ssh_key") | ||||
|   (age-default-recipient "~/.ssh/gortium_ssh_key.pub") | ||||
|   :config | ||||
|   (setq age-program "rage") | ||||
|   (setq age-default-identity "~/.ssh/gortium_ssh_key") | ||||
|   (setq age-default-recipient "~/.ssh/gortium_ssh_key.pub") | ||||
|   (age-file-enable)) | ||||
| #+end_src | ||||
|  | ||||
| #+begin_src emacs-lisp | ||||
| (require 'notifications) | ||||
| (require 'cl-lib) | ||||
|  | ||||
| (defun gortium/age-notify (msg &optional simple) | ||||
|   "Notify about AGE operations. SIMPLE uses `message` instead of desktop notification." | ||||
|   (if simple | ||||
|       (message "%s" msg) | ||||
|     (if (eq system-type 'gnu/linux) | ||||
|         (notifications-notify | ||||
|          :title "age.el" | ||||
|          :body msg | ||||
|          :urgency 'low | ||||
|          :timeout 800) | ||||
|       (message "%s" msg)))) | ||||
|  | ||||
| (defun gortium/age-notify-decrypt (&rest args) | ||||
|   "Notification hook for age decryption." | ||||
|   (cl-destructuring-bind (context cipher) args | ||||
|     (gortium/age-notify (format "Decrypting %s" (age-data-file cipher)) t))) | ||||
|  | ||||
| (defun gortium/age-notify-encrypt (&rest args) | ||||
|   "Notification hook for age encryption." | ||||
|   (cl-destructuring-bind (context plain recipients) args | ||||
|     (gortium/age-notify (format "Encrypting %s" (age-data-file plain)) t))) | ||||
|  | ||||
| (defun gortium/age-toggle-decrypt-notifications () | ||||
|   "Toggle notifications for age decryption." | ||||
|   (interactive) | ||||
|   (if (advice-member-p #'gortium/age-notify-decrypt #'age-start-decrypt) | ||||
|       (progn | ||||
|         (advice-remove #'age-start-decrypt #'gortium/age-notify-decrypt) | ||||
|         (message "Disabled age decrypt notifications.")) | ||||
|     (advice-add #'age-start-decrypt :before #'gortium/age-notify-decrypt) | ||||
|     (message "Enabled age decrypt notifications."))) | ||||
|  | ||||
| (defun gortium/age-toggle-encrypt-notifications () | ||||
|   "Toggle notifications for age encryption." | ||||
|   (interactive) | ||||
|   (if (advice-member-p #'gortium/age-notify-encrypt #'age-start-encrypt) | ||||
|       (progn | ||||
|         (advice-remove #'age-start-encrypt #'gortium/age-notify-encrypt) | ||||
|         (message "Disabled age encrypt notifications.")) | ||||
|     (advice-add #'age-start-encrypt :before #'gortium/age-notify-encrypt) | ||||
|     (message "Enabled age encrypt notifications."))) | ||||
|  | ||||
| ;; enable notifications by default | ||||
| (gortium/age-toggle-decrypt-notifications) | ||||
| (gortium/age-toggle-encrypt-notifications) | ||||
| #+end_src | ||||
|  | ||||
| ** Passage | ||||
| Allow retrieval of password from age file formatted like passwordstore | ||||
|  | ||||
| #+begin_src emacs-lisp | ||||
| (use-package! passage | ||||
|   :demand t | ||||
|   :config | ||||
|   ;; rebind function value for pass to passage | ||||
|   (fset #'pass (lambda () (interactive) (passage))) | ||||
|   (setq age-program "rage") | ||||
|   (setq auth-source-passage-filename (expand-file-name "~/ExoKortex/2-Areas/IT/dotfiles/secrets")) | ||||
|   (setenv "PASSAGE_IDENTITIES_FILE" (expand-file-name age-default-identity)) | ||||
|   (setenv "PASSAGE_RECIPIENTS_FILE" (expand-file-name age-default-recipient)) | ||||
|   (setenv "PASSAGE_AGE" "rage") | ||||
|   (setenv "PASSAGE_DIR" (expand-file-name "~/ExoKortex/2-Areas/IT/dotfiles/secrets")) | ||||
|   ) | ||||
| #+end_src | ||||
| * Terminal | ||||
|  | ||||
| ** EEE | ||||
| @@ -1160,21 +1221,21 @@ numbers are disabled. For relative line numbers, set this to ~relative~. | ||||
|   (setq gptel-expert-commands t | ||||
|         gptel-default-mode 'org-mode | ||||
|         ;; gptel-model 'OpenRouter:deepseek/deepseek-chat-v3-0324:free | ||||
|         gptel-api-key (auth-source-pick-first-password :host "openrouter")) | ||||
|         gptel-api-key (auth-source-passage-get 'secret "openrouter")) | ||||
|  | ||||
|   (require 'gptel-integrations) | ||||
|   (gptel-make-openai "OpenRouter" | ||||
|     :host "openrouter.ai" | ||||
|     :endpoint "/api/v1/chat/completions" | ||||
|     :stream t | ||||
|     :key (auth-source-pick-first-password :host "openrouter") | ||||
|     :key (auth-source-passage-get 'secret "openrouter") | ||||
|     :models '(deepseek/deepseek-r1-0528-qwen3-8b:free | ||||
|               google/gemini-2.0-flash-exp:free | ||||
|               deepseek/deepseek-chat-v3-0324:free | ||||
|               meta-llama/llama-4-maverick:free | ||||
|               qwen/qwen3-coder:free)) | ||||
|   (gptel-make-gemini "Gemini" | ||||
|     :key (auth-source-pick-first-password :host "gemini") | ||||
|     :key (auth-source-passage-get 'secret "gemini") | ||||
|     :stream t | ||||
|     :models '(gemini-2.5-pro | ||||
|               gemini-2.5-flash)) | ||||
| @@ -1186,7 +1247,7 @@ numbers are disabled. For relative line numbers, set this to ~relative~. | ||||
|   (gptel-make-openai "OpenWebUI" | ||||
|     :host "ai.aziworkhorse.duckdns.org" | ||||
|     :curl-args '("--insecure") ; needed for self-signed certs | ||||
|     :key (auth-source-pick-first-password :host "openwebui") | ||||
|     :key (auth-source-passage-get 'secret "openwebui") | ||||
|     :endpoint "/api/chat/completions" | ||||
|     :stream t | ||||
|     :models '("orieg/gemma3-tools:1b")) | ||||
| @@ -1231,7 +1292,7 @@ Emigo - Aidermacs 2.0 | ||||
|   ;; Encourage using OpenRouter with Deepseek | ||||
|   (emigo-model "openrouter/deepseek/deepseek-chat-v3-0324:free") | ||||
|   (emigo-base-url "https://openrouter.ai/api/v1") | ||||
|   (emigo-api-key (auth-source-pick-first-password :host "openrouter"))) | ||||
|   (emigo-api-key (auth-source-passage-get 'secret "openrouter"))) | ||||
|  | ||||
| ;; Enable line wrapping in Emigo chat buffers | ||||
| (add-hook 'emigo-mode-hook | ||||
| @@ -1256,7 +1317,7 @@ Emigo - Aidermacs 2.0 | ||||
|   ;; Set API_KEY in .bashrc, that will automatically picked up by aider or in elisp | ||||
|   ;; (setenv "ANTHROPIC_API_KEY" "sk-...") | ||||
|   ;; defun my-get-openrouter-api-key yourself elsewhere for security reasons | ||||
|   (setenv "OPENROUTER_API_KEY" (auth-source-pick-first-password :host "openrouter")) | ||||
|   (setenv "OPENROUTER_API_KEY" (auth-source-passage-get 'secret "openrouter")) | ||||
|   :custom | ||||
|   ;; See the Configuration section below | ||||
|   (aidermacs-use-architect-mode t) | ||||
| @@ -1296,11 +1357,11 @@ Emigo - Aidermacs 2.0 | ||||
|   (setopt ellama-providers | ||||
|           '( | ||||
|             ("deepseek-r1" . (make-llm-openai-compatible | ||||
|                               :key (auth-source-pick-first-password :host "openrouter") | ||||
|                               :key (auth-source-passage-get 'secret "openrouter") | ||||
|                               :url "https://openrouter.ai/api/v1" | ||||
|                               :chat-model "deepseek/deepseek-chat-v3-0324:free")) | ||||
|             ("gemini-2.0-flash" . (make-llm-openai-compatible | ||||
|                                    :key (auth-source-pick-first-password :host "openrouter") | ||||
|                                    :key (auth-source-passage-get 'secret "openrouter") | ||||
|                                    :url "https://openrouter.ai/api/v1" | ||||
|                                    :chat-model "google/gemini-2.0-flash-exp:free")) | ||||
|             ) | ||||
| @@ -1350,7 +1411,7 @@ Emigo - Aidermacs 2.0 | ||||
|   (require 'llm-openai) | ||||
|   (setopt elisa-chat-provider | ||||
|           (make-llm-openai-compatible | ||||
|            :key (auth-source-pick-first-password :host "openrouter") | ||||
|            :key (auth-source-passage-get 'secret "openrouter") | ||||
|            :url "https://openrouter.ai/api/v1" | ||||
|            :chat-model "deepseek/deepseek-chat-v3-0324:free") | ||||
|           llm-warn-on-nonfree nil) | ||||
| @@ -1607,7 +1668,7 @@ www.tdnde.com \\\\ | ||||
|            :tls t | ||||
|            :nick "gortium" | ||||
|            :sasl-username "gortium" | ||||
|            :sasl-password (auth-source-pick-first-password :host "irc") | ||||
|            :sasl-password (auth-source-passage-get 'secret "irc") | ||||
|            :channels ("#emacs-circe") | ||||
|            ))) | ||||
|   ) | ||||
|   | ||||
| @@ -1,9 +1,5 @@ | ||||
| ;;; $DOOMDIR/config.el -*- lexical-binding: t; -*- | ||||
|  | ||||
| (after! auth-source | ||||
|   (add-to-list 'auth-sources | ||||
|                `(:source ,(concat doom-private-dir "secrets.el.age") :type age))) | ||||
|  | ||||
| (setq user-full-name "Thierry Pouplier" | ||||
|       user-mail-address "tpouplier@tdnde.com") | ||||
|  | ||||
| @@ -527,7 +523,7 @@ Handles org-clock and context link capture for tasks." | ||||
| ;; Connecteam org-roam-dailies integration | ||||
| (require 'request) | ||||
|  | ||||
| (defvar gortium/connecteam-api-key (auth-source-pick-first-password :host "connecteam") "Your Connecteam API Key") | ||||
| (defvar gortium/connecteam-api-key (auth-source-passage-get 'secret "connecteam") "Your Connecteam API Key") | ||||
| (defvar gortium/connecteam-user-id "9885891" "Your Connecteam User ID") | ||||
| (defvar gortium/connecteam-clock-id "9335145" "Your Connecteam time clock ID used in API calls.") | ||||
|  | ||||
| @@ -765,7 +761,7 @@ Handles org-clock and context link capture for tasks." | ||||
|     (krl-format-buffer))) | ||||
|  | ||||
| ;; Uncomment the next line to enable auto-formatting on save | ||||
| ;; (add-hook 'before-save-hook 'krl-format-before-save) | ||||
| (add-hook 'before-save-hook 'krl-format-before-save) | ||||
|  | ||||
| (use-package! hledger-mode | ||||
|   :config | ||||
| @@ -807,13 +803,74 @@ Handles org-clock and context link capture for tasks." | ||||
|  | ||||
| (use-package! age | ||||
|   :demand t | ||||
|   :custom | ||||
|   (age-program "rage") | ||||
|   (age-default-identity "~/.ssh/gortium_ssh_key") | ||||
|   (age-default-recipient "~/.ssh/gortium_ssh_key.pub") | ||||
|   :config | ||||
|   (setq age-program "rage") | ||||
|   (setq age-default-identity "~/.ssh/gortium_ssh_key") | ||||
|   (setq age-default-recipient "~/.ssh/gortium_ssh_key.pub") | ||||
|   (age-file-enable)) | ||||
|  | ||||
| (require 'notifications) | ||||
| (require 'cl-lib) | ||||
|  | ||||
| (defun gortium/age-notify (msg &optional simple) | ||||
|   "Notify about AGE operations. SIMPLE uses `message` instead of desktop notification." | ||||
|   (if simple | ||||
|       (message "%s" msg) | ||||
|     (if (eq system-type 'gnu/linux) | ||||
|         (notifications-notify | ||||
|          :title "age.el" | ||||
|          :body msg | ||||
|          :urgency 'low | ||||
|          :timeout 800) | ||||
|       (message "%s" msg)))) | ||||
|  | ||||
| (defun gortium/age-notify-decrypt (&rest args) | ||||
|   "Notification hook for age decryption." | ||||
|   (cl-destructuring-bind (context cipher) args | ||||
|     (gortium/age-notify (format "Decrypting %s" (age-data-file cipher)) t))) | ||||
|  | ||||
| (defun gortium/age-notify-encrypt (&rest args) | ||||
|   "Notification hook for age encryption." | ||||
|   (cl-destructuring-bind (context plain recipients) args | ||||
|     (gortium/age-notify (format "Encrypting %s" (age-data-file plain)) t))) | ||||
|  | ||||
| (defun gortium/age-toggle-decrypt-notifications () | ||||
|   "Toggle notifications for age decryption." | ||||
|   (interactive) | ||||
|   (if (advice-member-p #'gortium/age-notify-decrypt #'age-start-decrypt) | ||||
|       (progn | ||||
|         (advice-remove #'age-start-decrypt #'gortium/age-notify-decrypt) | ||||
|         (message "Disabled age decrypt notifications.")) | ||||
|     (advice-add #'age-start-decrypt :before #'gortium/age-notify-decrypt) | ||||
|     (message "Enabled age decrypt notifications."))) | ||||
|  | ||||
| (defun gortium/age-toggle-encrypt-notifications () | ||||
|   "Toggle notifications for age encryption." | ||||
|   (interactive) | ||||
|   (if (advice-member-p #'gortium/age-notify-encrypt #'age-start-encrypt) | ||||
|       (progn | ||||
|         (advice-remove #'age-start-encrypt #'gortium/age-notify-encrypt) | ||||
|         (message "Disabled age encrypt notifications.")) | ||||
|     (advice-add #'age-start-encrypt :before #'gortium/age-notify-encrypt) | ||||
|     (message "Enabled age encrypt notifications."))) | ||||
|  | ||||
| ;; enable notifications by default | ||||
| (gortium/age-toggle-decrypt-notifications) | ||||
| (gortium/age-toggle-encrypt-notifications) | ||||
|  | ||||
| (use-package! passage | ||||
|   :demand t | ||||
|   :config | ||||
|   ;; rebind function value for pass to passage | ||||
|   (fset #'pass (lambda () (interactive) (passage))) | ||||
|   (setq age-program "rage") | ||||
|   (setq auth-source-passage-filename (expand-file-name "~/ExoKortex/2-Areas/IT/dotfiles/secrets")) | ||||
|   (setenv "PASSAGE_IDENTITIES_FILE" (expand-file-name age-default-identity)) | ||||
|   (setenv "PASSAGE_RECIPIENTS_FILE" (expand-file-name age-default-recipient)) | ||||
|   (setenv "PASSAGE_AGE" "rage") | ||||
|   (setenv "PASSAGE_DIR" (expand-file-name "~/ExoKortex/2-Areas/IT/dotfiles/secrets")) | ||||
|   ) | ||||
|  | ||||
| ;; TUI tools in emacs | ||||
| (after! eee | ||||
|   (setq ee-terminal-command "kitty") | ||||
| @@ -840,21 +897,21 @@ Handles org-clock and context link capture for tasks." | ||||
|   (setq gptel-expert-commands t | ||||
|         gptel-default-mode 'org-mode | ||||
|         ;; gptel-model 'OpenRouter:deepseek/deepseek-chat-v3-0324:free | ||||
|         gptel-api-key (auth-source-pick-first-password :host "openrouter")) | ||||
|         gptel-api-key (auth-source-passage-get 'secret "openrouter")) | ||||
|  | ||||
|   (require 'gptel-integrations) | ||||
|   (gptel-make-openai "OpenRouter" | ||||
|     :host "openrouter.ai" | ||||
|     :endpoint "/api/v1/chat/completions" | ||||
|     :stream t | ||||
|     :key (auth-source-pick-first-password :host "openrouter") | ||||
|     :key (auth-source-passage-get 'secret "openrouter") | ||||
|     :models '(deepseek/deepseek-r1-0528-qwen3-8b:free | ||||
|               google/gemini-2.0-flash-exp:free | ||||
|               deepseek/deepseek-chat-v3-0324:free | ||||
|               meta-llama/llama-4-maverick:free | ||||
|               qwen/qwen3-coder:free)) | ||||
|   (gptel-make-gemini "Gemini" | ||||
|     :key (auth-source-pick-first-password :host "gemini") | ||||
|     :key (auth-source-passage-get 'secret "gemini") | ||||
|     :stream t | ||||
|     :models '(gemini-2.5-pro | ||||
|               gemini-2.5-flash)) | ||||
| @@ -866,7 +923,7 @@ Handles org-clock and context link capture for tasks." | ||||
|   (gptel-make-openai "OpenWebUI" | ||||
|     :host "ai.aziworkhorse.duckdns.org" | ||||
|     :curl-args '("--insecure") ; needed for self-signed certs | ||||
|     :key (auth-source-pick-first-password :host "openwebui") | ||||
|     :key (auth-source-passage-get 'secret "openwebui") | ||||
|     :endpoint "/api/chat/completions" | ||||
|     :stream t | ||||
|     :models '("orieg/gemma3-tools:1b")) | ||||
| @@ -1055,7 +1112,7 @@ www.tdnde.com \\\\ | ||||
|            :tls t | ||||
|            :nick "gortium" | ||||
|            :sasl-username "gortium" | ||||
|            :sasl-password (auth-source-pick-first-password :host "irc") | ||||
|            :sasl-password (auth-source-passage-get 'secret "irc") | ||||
|            :channels ("#emacs-circe") | ||||
|            ))) | ||||
|   ) | ||||
|   | ||||
| @@ -114,6 +114,9 @@ | ||||
|  | ||||
| (package! age) | ||||
|  | ||||
| (package! passage | ||||
|   :recipe (:host github :repo "anticomputer/passage.el" :protocol ssh)) | ||||
|  | ||||
| (package! krl-mode | ||||
|   :recipe (:host nil | ||||
|            :repo "ssh://code.lazyworkhorse.net:2222/gortium/krl-mode.git" | ||||
|   | ||||
| @@ -1,19 +0,0 @@ | ||||
| -----BEGIN AGE ENCRYPTED FILE----- | ||||
| YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEdoTUQ4QSBwbkNa | ||||
| QmJFdVpLV1BOTXJXVmhTY3NZZmZsZ2wraWE3TEZ4d01zOVdoaERzClJCVG03YVIz | ||||
| Q2pMK1ZHekViTzYzUjJ1cm52UnNRMDQvSE9yTnIva3E5aDAKLT4gcyxfLnw6Qy1n | ||||
| cmVhc2UgUFogNUVoID5SCkpRVy9sU2hQYnl0MmlDdWdaamx0bEVrQ2Z2U0V3eUp2 | ||||
| dTU1ZFppL1pZWmNpRzMwZ0lkckl4ZFBTVkdmVlAyRzAKdWEzTC83RnVHZ1h4aXVV | ||||
| aUE0azBzU3lEM25vZEh5awotLS0gN3p6Q1BpU0dQUEkza2h1cGVaTDc3NVNaQm1T | ||||
| RGUxNExMcHBYNllyRFdNcwoxkC/nFDh5dBrdnmzhcqyNJA9ABDon4SgHIr7p+qZx | ||||
| SG1vKOT2wlUdofhmlDNMTVD170gpiyyHX8WvWDvcgkabi8AJrfdpMNIYFWKLkmih | ||||
| jTtvTp+h9dYy/Vb2Lt3wAR+4MNMUR0G7QGIoQat9EnbY10Lk0UTqgAvUshKNixgZ | ||||
| Ld1ZCQhe3Gu49e7LR/f2St4pyao92DuHTPuROcaiPmB6wSReXjKkh0XQNbDnOd6a | ||||
| rQDIqwewJ4iwv5qknyh6O3AMvun2c6+zl4XzZ8UySgArRACBVoyW2w4wWvyx7KFE | ||||
| kUqWQ31HghleX4w+tX9/CRvdQMS1IzUC5bfhxxK53AolPfJmtwNu9wvuAQvvU4GF | ||||
| 7Ue9YAH7yxz/Q2zf3w67gpkZBNDu5ua/D2Dw4WUUYePG+Dt0BvqRiZKOAAIdgxX5 | ||||
| p1FBAHgAg971WUa9+zK489+rSl7ryKVpW0UjxBNa0YtdfBabj21sXMG+O8lU9d5P | ||||
| HfVe/NWergbRBdW4LtdKiLWY5VS7uLGiBqpCSCjfkx9BDE1BzcC6TyWZ1HaLSISm | ||||
| 9d3KgQyK36Df5O9eAzpecPumUQCRniHLJ7dENJcIBprnQDXLGq0oyt8wOz0LCYtZ | ||||
| 0980yCVoNzODIpvdJ5fQ | ||||
| -----END AGE ENCRYPTED FILE----- | ||||
		Reference in New Issue
	
	Block a user