{ lib, pkgs, ... }: let isDarwin = pkgs.stdenv.hostPlatform.isDarwin; isLinux = pkgs.stdenv.hostPlatform.isLinux; in { programs.zsh = { enable = true; autocd = lib.mkDefault true; history = { expireDuplicatesFirst = true; ignoreDups = true; save = 10000; share = false; size = 10000; }; shellAliases = { # use eval $(aws-export-credentials) to expose them to environment aws-export-credentials = lib.mkDefault "${pkgs.awscli2}/bin/aws configure export-credentials --format env --profile"; aws-export-assume-role = lib.mkDefault "${pkgs.writeShellScript "aws-export-assume-role" '' [[ -z "$1" || -z "$2" ]] && echo "Usage: aws-export-assume-role " && exit 1 ${pkgs.coreutils}/bin/printf 'export AWS_ACCESS_KEY_ID=%s\nexport AWS_SECRET_ACCESS_KEY=%s\nexport AWS_SESSION_TOKEN=%s' $(${pkgs.awscli2}/bin/aws --profile "$1" sts assume-role --role-arn "$2" --role-session-name lcech --query "Credentials.[AccessKeyId,SecretAccessKey,SessionToken]" --output text) ''}"; # https://docs.aws.amazon.com/singlesignon/latest/userguide/createshortcutlink.html aws-sharable-url = lib.mkDefault "${pkgs.writeShellScript "aws-sharable-url" '' set -e URL=$1 [[ -z "$URL" ]] && read -p "Enter URL: " URL # Strip schema URL="''${URL#https://}" # Parse Account ID from multi-session URL ACCOUNT_ID="''${URL%%-*}" # Strip account ID and hash up to the region part URL="''${URL#*\.}" PROFILE=$(${pkgs.gnugrep}/bin/grep "sso_account_id = $ACCOUNT_ID" ~/.aws/config -B 5 | ${pkgs.gnugrep}/bin/grep "\[profile" | ${pkgs.coreutils}/bin/tail -n 1 | ${pkgs.coreutils}/bin/tr -d '[]') PROFILE="''${PROFILE#profile }" ROLE_NAME=$(${pkgs.awscli2}/bin/aws configure get profile.$PROFILE.sso_role_name) SSO_SESSION=$(${pkgs.awscli2}/bin/aws configure get profile.$PROFILE.sso_session) SSO_URL=$(${pkgs.gnugrep}/bin/grep "\[sso-session $SSO_SESSION" ~/.aws/config -A5 | ${pkgs.gnugrep}/bin/grep sso_start_url | ${pkgs.coreutils}/bin/head -n 1) SSO_URL="''${SSO_URL#sso_start_url = }" # Strip trailing slash from SSO_URL if present SSO_URL="''${SSO_URL%/}" SHARABLE_URL="$SSO_URL/#/console?account_id=$ACCOUNT_ID&role_name=$ROLE_NAME&destination=$(${pkgs.urlencode}/bin/urlencode "https://$URL")" ${if isDarwin then '' echo -n "$SHARABLE_URL" | pbcopy '' else '' echo -n "$SHARABLE_URL" | ${pkgs.xclip}/bin/xclip -selection clipboard ''} echo "URL copied to clipboard" ''}"; aws-s3-cp-public = lib.mkDefault '' ${pkgs.awscli2}/bin/aws s3 cp --acl "public-read" --expires "$(${pkgs.coreutils}/bin/date '+%a, %d %b %Y 00:00:00 GMT' -d "$(${pkgs.coreutils}/bin/date +%Y-%m-%d) + 365 day")" --cache-control "max-age=31536000" --metadata-directive REPLACE ''; bcrypt = lib.mkDefault "${pkgs.writeShellScript "bcrypt" '' if [[ -z "$1" ]]; then echo "Usage: bcrypt [cost]" exit 1 fi echo -n "$1" | ${pkgs.apacheHttpd}/bin/htpasswd -i -nB -C ''${2:-12} "" | tr -d ':' ''}"; cat = lib.mkDefault "${pkgs.bat}/bin/bat --paging=never"; # use curl-aws --aws-sigv4 "aws:amz:region:service" curl-aws = lib.mkDefault "${pkgs.curl}/bin/curl -H \"X-Amz-Security-Token: $AWS_SESSION_TOKEN\" --user \"$AWS_ACCESS_KEY_ID:$AWS_SECRET_ACCESS_KEY\""; curl-timing = lib.mkDefault "${pkgs.curl}/bin/curl -w \" time_namelookup: %{time_namelookup}s\n time_connect: %{time_connect}s\n time_appconnect: %{time_appconnect}s\n time_pretransfer: %{time_pretransfer}s\n time_redirect: %{time_redirect}s\n time_starttransfer: %{time_starttransfer}s\n ----------\n time_total: %{time_total}s\n\" -o /dev/null"; dbase64 = lib.mkDefault "${pkgs.writeShellScript "dbase64" "echo -n \"$1\" | base64 -d"}"; git-sync-remote = lib.mkDefault "git remote update origin --prune"; cleanup-kube-config = "${pkgs.writeShellApplication { name = "app"; text = ./zsh/aliases/cleanup-kube-config.sh; runtimeInputs = [ pkgs.gnugrep pkgs.coreutils ]; }/bin/app}"; klogs = lib.mkDefault "${pkgs.writeShellScript "klogs" '' ctx="$1" shift namespace="$1" shift label="$1" shift if [[ "$ctx" == "" || "$namespace" == "" || "$label" == "" ]]; then echo "Usage: klogs context namespace label" echo "${"\n"}Contexts:" kubectl config get-contexts -o name | sed 's/^/\t/g' echo "Label examples:" echo "${"\t"}app.kubernetes.io/name=..." echo "${"\t"}eks.amazonaws.com/component=..." exit 1 fi kubectl --context "$ctx" logs -f -n "$namespace" -l "$label" $@ ''}"; nixfix = lib.mkDefault "nix fmt ./**/*.nix"; # Git a = "git add"; c = "git commit -m"; d = "git diff"; d-s = "git diff --staged"; gtag = "${pkgs.writeShellScript "gtag" "git tag -a $1 -m '$2'"}"; gtag-replace = "${pkgs.writeShellScript "gtag" '' msg=$(git tag -l -n9 $1 | sed "s/$1\s\+//g") git tag -d $1 && \ git push origin :refs/tags/$1 && \ git tag -a $1 -m "$msg" && \ git push origin $1 ''}"; gtagl = "git fetch --tags && git tag -l -n9 --sort=-v:refname"; s = "git status"; } // ( if isDarwin then { hm-switch = lib.mkDefault "sudo darwin-rebuild switch --flake ~/.config/nix"; } else if isLinux then { hm-switch = lib.mkDefault "home-manager switch --impure --flake ~/.config/nix"; } else { } ); initContent = lib.mkBefore '' for file in ${./zsh}/*.zsh; do source "$file" done # [Ctrl-RightArrow] - move forward one word bindkey '^[[1;3C' forward-word # [Ctrl-LeftArrow] - move backward one word bindkey '^[[1;3D' backward-word ''; }; }