From 9ee5317e6a00adaa28498faa82fc8d70fc503655 Mon Sep 17 00:00:00 2001
From: Mohammad Rafiq <mohammadrafiq567@gmail.com>
Date: Sun, 30 Mar 2025 05:05:22 +0800
Subject: [PATCH] refactor: move gemini api key to secret

---
 configs/secrets/secrets.yaml |  5 +++--
 configs/security.nix         |  1 +
 configs/shell/aichat.nix     | 21 +++++++++++++++++++++
 configs/shell/default.nix    | 12 +++++++++---
 configs/shell/zsh.nix        |  3 ---
 5 files changed, 34 insertions(+), 8 deletions(-)
 create mode 100644 configs/shell/aichat.nix

diff --git a/configs/secrets/secrets.yaml b/configs/secrets/secrets.yaml
index 3cfec75..e11b378 100644
--- a/configs/secrets/secrets.yaml
+++ b/configs/secrets/secrets.yaml
@@ -2,6 +2,7 @@ password: ENC[AES256_GCM,data:pbNp9qB92UiLv8S18L1Wr+wbiGahxyNbAsvhrJtZTJfQ9H2yyT
 ts_auth_key: ENC[AES256_GCM,data:2/pabfBT8KAGLKDytTMrhSBX8xr/TyJbX0mAsMlzmniyK9GT0xTAq3LsRfNLyCitSVauWIXwPYFia78NCw==,iv:PBDp4+SP9yVRJtmMmvJxUQju6qTOB7cJGSQZIbRSLm8=,tag:ZYDRlMrmmwwvxs71IV3dmQ==,type:str]
 cwp_jira_link: ENC[AES256_GCM,data:7YwR5ajQDcyZgUGgMonajBV7DG/wlxsbxpiagMaPCBk=,iv:loFSGCV4no/azjIRYxjZHDkrrJmH0nzGlF8t0o0yfo4=,tag:pQYLLq4fu7T8Z03GvrJ+3A==,type:str]
 cwp_jira_pat: ENC[AES256_GCM,data:+4VnPikwuSPHdPj9xihuFeht1FPYdZHcHxYNjKMwU2MU7VC4cOUA9vpcEgk=,iv:8f8Z/V9LnuTFdCsqJhaa55BL0ibgSW8PUQoW7FxAOZE=,tag:XL/Xf1QaNLiLT2m/dWcrKw==,type:str]
+gemini_api_key: ENC[AES256_GCM,data:Kh1Kya8O6lqN0MMK1OMn/BHw51XDOAroSrOL3h4K8r6VorAwHTZw,iv:Gxg13mHBID7Gv4du+484IF1q7LFOCvtyzWMHG+IBUVM=,tag:jcjmKveybkET4RFOV4F8PQ==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -35,8 +36,8 @@ sops:
             cTFJZ3ZBTG12enVWbmQrc3JNTjY3akEKSzjApYoZ0i70DBc7/IHo1giziDgVcRNi
             E6roLPPJjM+n7ZhEielnc+PjsQZ74ZX6z2D4UY5AGOYY3BOmmTF51g==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-03-27T13:04:25Z"
-    mac: ENC[AES256_GCM,data:6eINPO68OJGMhWhORC4MfBiA4Qax30UYzZBGdeqsDsRfjFZ7TCCiLrdHOdGWOr0S9nCelXm9VnTjIjFGudpZ2k3vQ5lM9bt1DZ19Y2XbeHhC7jZJP51ql9NexNMlT10zLdWWUWhxoow8avAszAguUc0nmWgi+R9N+ctrtwAWpmw=,iv:OYBn6dYDZJrJJ6xXUXoK5Ml3fHBULMYnQXAfqM+1rUU=,tag:ScVH3GRaMAKNnLQNNNDgtw==,type:str]
+    lastmodified: "2025-03-29T20:50:17Z"
+    mac: ENC[AES256_GCM,data:fJ0UbSeQQzDAScXAOpYDD5aiOLNVLBhuAmJE3gwmT1Lm48UbncWfBKcvBfWElH3CTFaeuXshH7sRnUkKig5PKU0EVrpvWFic5TIjwk2G+fqLvzamuhk5y+4/VjUHA6Y3vXHRBV7XClblXqHa3LWk/l5eCtbiWEF1uNlz9h9JRbU=,iv:CCJMj5eYaTl2u8oq+s6yr9Xd83vIjBMMOfCVD5O54eQ=,tag:NzMDZTi9kVuWLsVSPaedBQ==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.9.4
diff --git a/configs/security.nix b/configs/security.nix
index 0156337..2e557f9 100644
--- a/configs/security.nix
+++ b/configs/security.nix
@@ -12,6 +12,7 @@
       ts_auth_key = { };
       cwp_jira_link = { };
       cwp_jira_pat = { };
+      gemini_api_key = { };
     };
   };
 
diff --git a/configs/shell/aichat.nix b/configs/shell/aichat.nix
new file mode 100644
index 0000000..b964882
--- /dev/null
+++ b/configs/shell/aichat.nix
@@ -0,0 +1,21 @@
+{ pkgs, ... }:
+{
+  home-manager.users.rafiq = {
+    home.shellAliases = {
+      ai = "aichat -r %shell% -e";
+    };
+
+    home.packages = with pkgs; [
+      aichat
+    ];
+
+    xdg.configFile."aichat/config.yaml" = {
+      text = ''
+        model: gemini:gemini-2.0-flash
+        clients:
+        - type: gemini
+      '';
+    };
+  };
+
+}
diff --git a/configs/shell/default.nix b/configs/shell/default.nix
index 32d4d7c..3462ffe 100644
--- a/configs/shell/default.nix
+++ b/configs/shell/default.nix
@@ -1,7 +1,8 @@
-{ pkgs, ... }:
+{ pkgs, config, ... }:
 {
   imports = [
     ./scripts
+    ./aichat.nix
     ./comma.nix
     ./direnv.nix
     ./editorconfig.nix
@@ -17,11 +18,17 @@
     ./zsh.nix
   ];
 
+  environment.shellInit = # sh
+    ''
+      export CWP_JIRA_LINK=$(sudo cat ${config.sops.secrets.cwp_jira_link.path})
+      export CWP_JIRA_PAT=$(sudo cat ${config.sops.secrets.cwp_jira_pat.path})
+      export GEMINI_API_KEY=$(sudo cat ${config.sops.secrets.gemini_api_key.path})
+    '';
+
   home-manager.users.rafiq.home = {
     shell.enableShellIntegration = true;
     shellAliases = {
       gs = "git status";
-      ai = "aichat -r %shell% -e";
       cd = "z";
       v = "$EDITOR";
       g = "git";
@@ -30,7 +37,6 @@
     };
 
     packages = with pkgs; [
-      aichat
       bat
       btop # add settings as home-manager module
       devenv
diff --git a/configs/shell/zsh.nix b/configs/shell/zsh.nix
index 6776ac7..a2d7996 100644
--- a/configs/shell/zsh.nix
+++ b/configs/shell/zsh.nix
@@ -22,9 +22,6 @@
         ''
           # Bind CTRL+Backspace to delete whole word
           bindkey '^H' backward-kill-word
-
-          export CWP_JIRA_LINK_FILE="${config.sops.secrets.cwp_jira_link.path}"
-          export CWP_JIRA_PAT_FILE="${config.sops.secrets.cwp_jira_pat.path}"
         '';
       # TODO: Look into whether we need to add the history attribute
       profileExtra = # bash