Add bun + pi-coding-agent + oh-my-pi to bootstrap; age encryption

Three parts: 1. .chezmoi.yaml.tmpl: reworked age config block - recipients moved under 'age:' key (correct structure per chezmoi docs) - identity: ~/.config/chezmoi/key.txt - recipients list with recovery key + miche per-machine key - recovery key pubkey: age1yyq42ctqwp5s5yd64week3aav9getk3p8aeyr5n5454d0v59a4dsjljsgs - miche pubkey: age1eja7trs8mmsgf0qga0h5fsdltaryxgk4ksumshar5xxtdx0exy3q0a5hc5 - placeholders for byte/kaiser/rye/crouton (TODO: generate per-box keys and add when bootstrapping those boxes) 2. private_dot_omp/agent/: omp/oh-my-pi config from byte - config.yml (1.7KB) — model roles, fallback chains, theme, tools - mcp.json (351B) — firecrawl MCP server config - zai.key.age (540B) — zai-coding provider API key, age-encrypted to recovery + miche recipients. Decrypts to live ~/.omp/agent/zai.key on apply. 3. run_once_20: install bun + pi-coding-agent on both OSes - arch: bun from pacman (now in [extra]) - debian: bun via curl-install to ~/.local (not in apt) - both: bun add -g @oh-my-pi/pi-coding-agent → omp binary in ~/.bun/bin - .zshrc.tmpl already adds ~/.bun/bin to PATH To onboard a new box: 1. ssh into the box 2. age-keygen -o ~/.config/chezmoi/key.txt 3. paste the public key into .chezmoi.yaml.tmpl recipients 4. chezmoi age rekey # rewrites *.age files to include new recipient 5. commit + push 6. chezmoi init --apply # decrypts and writes zai.key live
2026-06-22 00:10:34 -04:00 · 2026-06-22 00:10:34 -04:00 · dc72dc3a9a
commit dc72dc3a9a
parent 6160efeb23
5 changed files with 156 additions and 5 deletions
--- a/private_dot_omp/agent/config.yml
+++ b/private_dot_omp/agent/config.yml
@ -0,0 +1,65 @@
+providers: 
+  webSearch: searxng
+searxng: 
+  endpoint: http://kaiser.local:8800
+symbolPreset: nerd
+theme: 
+  dark: dark-gruvbox
+  light: light
+setupVersion: 1
+modelRoles: 
+  default: minimax-code/MiniMax-M3:high
+  task: llama-swap.miche/qwen3.6-27b-mtp-rocmfp4-turbo
+  smol: llama-swap.miche/qwen3.6-35b-a3b-mtp-rocmfp4
+  plan: zai-coding/glm-5.2:xhigh
+  slow: minimax-code/MiniMax-M3:high
+  vision: llama-swap.miche/gemma4-12b
+retry: 
+  fallbackChains: 
+    default: 
+      - zai-coding/glm-5.2
+      - minimax-code/MiniMax-M3
+      - deepseek/deepseek-v4-pro
+      - llama-swap.miche/qwen3.6-27b-mtp-rocmfp4-turbo
+      - llama-swap.byte/qwen3.6-27b-mtp
+    task: 
+      - llama-swap.miche/qwen3.6-27b-mtp-rocmfp4-turbo
+      - llama-swap.byte/qwen3.6-27b-mtp
+      - zai-coding/glm-5.2
+      - minimax-code/MiniMax-M3
+    smol: 
+      - llama-swap.miche/qwen3.6-35b-a3b-mtp-rocmfp4
+      - llama-swap.byte/qwen3.6-35b-a3b-mtp
+      - llama-swap.miche/qwen3.6-27b-mtp-rocmfp4-turbo
+      - zai-coding/glm-5.2
+      - minimax-code/MiniMax-M3
+    plan: 
+      - zai-coding/glm-5.2:xhigh
+      - minimax-code/minimax-code:xhigh
+      - deepseek/deepseek-v4-pro:xhigh
+      - llama-swap.miche/step-3.7-flash:high
+    slow: 
+      - zai-coding/glm-5.2
+      - minimax-code/minimax-code
+      - deepseek/deepseek-v4-pro
+      - llama-swap.miche/step-3.7-flash
+    vision: 
+      - llama-swap.miche/gemma4-12b
+      - llama-swap.byte/gemma-4-12b-heretic
+      - llama-swap.miche/qwen3.6-27b-mtp-rocmfp4-turbo
+tools: 
+  approvalMode: yolo
+memory: 
+  backend: "off"
+github: 
+  enabled: true
+statusLine: 
+  preset: default
+  separator: powerline
+  transparent: true
+tui: 
+  textSizing: false
+defaultThinkingLevel: high
+personality: pragmatic
+hideThinkingBlock: true
+readLineNumbers: true
--- a/private_dot_omp/agent/mcp.json
+++ b/private_dot_omp/agent/mcp.json
@ -0,0 +1,13 @@
+{
+  "$schema": "https://raw.githubusercontent.com/can1357/oh-my-pi/main/packages/coding-agent/src/config/mcp-schema.json",
+  "mcpServers": {
+    "firecrawl": {
+      "command": "npx",
+      "args": ["-y", "firecrawl-mcp"],
+      "env": {
+        "FIRECRAWL_API_KEY": "123",
+        "FIRECRAWL_API_URL": "http://bazzite.local:3002"
+      }
+    }
+  }
+}
--- a/private_dot_omp/agent/zai.key.age
+++ b/private_dot_omp/agent/zai.key.age
@ -0,0 +1,10 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlZWhIcnM5cDBjeXNsSFJD
+YmNrVXEyRitzcHpIUms0S281SElvNzBFMG40CkI0ck1MRlk1c0pxWnpwc3ZxTEFR
+UVJCbk5TWFluZXpzUGlNVEk4alNXWE0KLT4gWDI1NTE5IEVBV2tkS3pyS3lITWdV
+U0JuaTExTjFqbElUQ0FzTTlNUVEzZVVOdlFFRzQKc3c3WXBtQVR4NitoZXYveDZL
+aFNtWng2WFBSVE5QSTg4VngwVVFiVUxFOAotLS0gaHlYRTROc3BTWS9IYVVNZlhy
+aWZvbThPZm94MG41Nk9kZGNTKzlZM3FMRQo8aM6b1YkAxYJLXq+49I2LazKrOF6U
+vUpLSW9ArUFQZuCYjexGzGpJXEjWjpbjOv6nV7LZAIN+brCNYLV2SEHp2Gq+Uny8
+ljyD+SUwXgVerdzP
+-----END AGE ENCRYPTED FILE-----