From d61ffacc22f09370e7f5dbaf660d2e99553f0b91 Mon Sep 17 00:00:00 2001 From: rain Date: Thu, 25 Jun 2026 18:33:58 -0400 Subject: [PATCH 1/2] omp secrets: use encrypted_private_ prefix (decrypts + 0600) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit chezmoi parses attribute prefixes left-to-right and 'encrypted_' must precede 'private_'. The 'private_encrypted_' order silently breaks decryption: chezmoi consumes 'private_', then treats 'encrypted_foo.age' as a literal filename and copies the ciphertext verbatim instead of decrypting it. models.yml was named 'private_encrypted_models.yml.age' since commit 3c3fab7 and was never decrypting — a stale 'encrypted_models.yml.age' blob was sitting in ~/.omp/agent/ and the plaintext models.yml was an unmanaged leftover. .env and zai.key used the plain 'encrypted_' prefix and were decrypting at umask 0644 (world-readable in isolation; the 700 ~/.omp/agent/ dir was the only thing shielding them). This commit: * renames all three to encrypted_private_{zai.key,.env,models.yml}.age so chezmoi decrypts AND lands them at 0600 natively * rewrites run_onchange_35 as 'ensure-omp-secret-perms.sh' covering all three, as belt-and-suspenders for any box where a secret still sits at 0644 from a prior apply * removes the stale encrypted_models.yml.age verbatim blob and its orphan state entry * corrects the README perms section to document the prefix-order gotcha (was misleadingly claiming 'private_' alone gave 0600) Verified end-to-end on this box: chezmoi managed lists all three as decrypted targets, scoped apply writes them at 600, chmod script is idempotent. Other boxes need a 'chezmoi apply' to pick up the rename and the onchange chmod. --- README.md | 2 +- ...ed_.env.age => encrypted_private_.env.age} | Bin ...l.age => encrypted_private_models.yml.age} | 0 ....key.age => encrypted_private_zai.key.age} | 0 ...nchange_35-ensure-omp-models-perms.sh.tmpl | 33 ------------ ...nchange_35-ensure-omp-secret-perms.sh.tmpl | 50 ++++++++++++++++++ 6 files changed, 51 insertions(+), 34 deletions(-) rename dot_omp/agent/{encrypted_.env.age => encrypted_private_.env.age} (100%) rename dot_omp/agent/{private_encrypted_models.yml.age => encrypted_private_models.yml.age} (100%) rename dot_omp/agent/{encrypted_zai.key.age => encrypted_private_zai.key.age} (100%) delete mode 100644 run_onchange_35-ensure-omp-models-perms.sh.tmpl create mode 100755 run_onchange_35-ensure-omp-secret-perms.sh.tmpl diff --git a/README.md b/README.md index 8886ed6..9f94576 100644 --- a/README.md +++ b/README.md @@ -108,7 +108,7 @@ Workaround: define a custom `zai-coding` provider in `~/.omp/agent/models.yml` p Gotcha: omp's `apiKey:` field in custom providers expects a **literal key value** — NOT an env var name. `apiKey: ZAI_CODING_API_KEY` was being treated as the literal string `ZAI_CODING_API_KEY` and sent as `Authorization: Bearer ZAI_CO...KEY` → 401. The encrypted `models.yml` in this repo contains the literal Z.ai API key in `apiKey:` (same key that's in `zai.key`). -`run_onchange_35-ensure-omp-models-perms.sh` chmod 600s the decrypted file so the literal key isn't world-readable (matches `zai.key`'s tighter perms). +All three omp secrets (`zai.key`, `.env`, `models.yml`) are committed as `encrypted_private_*.age`. The prefix order matters: chezmoi parses attribute prefixes left-to-right, and `encrypted_` **must** precede `private_`. `encrypted_private_foo.age` decrypts *and* lands at `0600`; the reversed `private_encrypted_foo.age` makes chezmoi consume `private_` and then treat `encrypted_foo.age` as a literal filename (no decryption — the file is copied verbatim, which is how a stale `encrypted_models.yml.age` blob ended up in `~/.omp/agent/`). As belt-and-suspenders for boxes where a secret already sits at umask `0644` from a prior apply, `run_onchange_35-ensure-omp-secret-perms.sh` normalizes all three back to `600`. Never rely on the enclosing `~/.omp/agent/` directory being `700` to protect these; the files carry their own mode. ## Sway / Wayland desktop stack diff --git a/dot_omp/agent/encrypted_.env.age b/dot_omp/agent/encrypted_private_.env.age similarity index 100% rename from dot_omp/agent/encrypted_.env.age rename to dot_omp/agent/encrypted_private_.env.age diff --git a/dot_omp/agent/private_encrypted_models.yml.age b/dot_omp/agent/encrypted_private_models.yml.age similarity index 100% rename from dot_omp/agent/private_encrypted_models.yml.age rename to dot_omp/agent/encrypted_private_models.yml.age diff --git a/dot_omp/agent/encrypted_zai.key.age b/dot_omp/agent/encrypted_private_zai.key.age similarity index 100% rename from dot_omp/agent/encrypted_zai.key.age rename to dot_omp/agent/encrypted_private_zai.key.age diff --git a/run_onchange_35-ensure-omp-models-perms.sh.tmpl b/run_onchange_35-ensure-omp-models-perms.sh.tmpl deleted file mode 100644 index 7c1e19f..0000000 --- a/run_onchange_35-ensure-omp-models-perms.sh.tmpl +++ /dev/null @@ -1,33 +0,0 @@ -#!/usr/bin/env bash -# ============================================================================= -# run_onchange_35-ensure-omp-models-perms.sh.tmpl -# Force chmod 600 on ~/.omp/agent/models.yml. The encrypted file is named -# `private_encrypted_models.yml.age` so chezmoi SHOULD set 600 on first apply, -# but if the file already exists from a prior apply (when it was named -# `encrypted_models.yml.age` without the `private_` prefix), the perm stays -# at whatever umask gave it (typically 644). This script normalizes the perm -# to 600 so the literal zai API key in models.yml isn't world-readable. -# -# Triggered by the body hash changing; current hash = sha256 of body. -# Runs on all OSes (no os_family gate). -# ============================================================================= -set -euo pipefail - -MODELS_YML="${HOME}/.omp/agent/models.yml" - -log() { printf '\033[1;34m[omp-models-perms]\033[0m %s\n' "$*"; } - -if [[ ! -f "$MODELS_YML" ]]; then - log "models.yml not present on this box (omp not installed?) — skipping" - exit 0 -fi - -current_perm=$(stat -c '%a' "$MODELS_YML") -if [[ "$current_perm" == "600" ]]; then - log "models.yml already 600 — nothing to do" - exit 0 -fi - -log "models.yml perm is $current_perm, fixing to 600" -chmod 600 "$MODELS_YML" -log "models.yml perm now $(stat -c '%a' "$MODELS_YML")" diff --git a/run_onchange_35-ensure-omp-secret-perms.sh.tmpl b/run_onchange_35-ensure-omp-secret-perms.sh.tmpl new file mode 100755 index 0000000..fec325d --- /dev/null +++ b/run_onchange_35-ensure-omp-secret-perms.sh.tmpl @@ -0,0 +1,50 @@ +#!/usr/bin/env bash +# ============================================================================= +# run_onchange_35-ensure-omp-secret-perms.sh.tmpl +# Force chmod 600 on every omp secret under ~/.omp/agent/. The encrypted +# sources are all named with the `private_` prefix (private_encrypted_*.age) +# so chezmoi SHOULD set 600 on first apply, but if a file already exists +# from a prior apply (before it gained the `private_` prefix), its mode +# stays at whatever umask gave it (typically 644 — world-readable). +# This script normalizes the mode so live API keys are never world-readable, +# regardless of the enclosing directory's perms. +# +# Re-triggered automatically whenever this script body changes (chezmoi +# hashes the body). Runs on all OSes (no os_family gate). +# +# Covered files: +# zai.key — Z.ai API key (literal, 1 line) +# .env — provider API keys (ANTHROPIC/OPENAI/... when populated) +# models.yml — literal zai-coding provider key in apiKey: +# ============================================================================= +set -euo pipefail + +SECRETS_DIR="${HOME}/.omp/agent" +declare -a SECRET_FILES=("zai.key" ".env" "models.yml") + +log() { printf '\033[1;34m[omp-secret-perms]\033[0m %s\n' "$*"; } + +if [[ ! -d "$SECRETS_DIR" ]]; then + log "~/.omp/agent not present on this box (omp not installed?) — skipping" + exit 0 +fi + +fixed=0 +for f in "${SECRET_FILES[@]}"; do + path="${SECRETS_DIR}/${f}" + if [[ ! -f "$path" ]]; then + log "${f}: not present — skipping" + continue + fi + current_perm=$(stat -c '%a' "$path") + if [[ "$current_perm" == "600" ]]; then + log "${f}: already 600 — nothing to do" + continue + fi + log "${f}: perm is ${current_perm}, fixing to 600" + chmod 600 "$path" + log "${f}: perm now $(stat -c '%a' "$path")" + fixed=$((fixed + 1)) +done + +log "done (${fixed} file(s) changed)" From 6b64fe06252e1f0cc96dade887fcff17c3bb5897 Mon Sep 17 00:00:00 2001 From: rain Date: Thu, 25 Jun 2026 18:33:58 -0400 Subject: [PATCH 2/2] gentoo-overlays: guard with os_family so non-gentoo boxes skip it MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The script's body was never wrapped in an os_family template conditional despite the header claiming it was 'guarded by the chezmoi template engine'. So topgrade/chezmoi apply would run it on every box and die with '/var/db/repos/gentoo missing' on arch/debian. Wrap the body in '{{ if eq .os_family "gentoo" }}' / '{{ else }}' (same pattern the arch-only chaotic-aur script already uses). On non-gentoo boxes the rendered script reduces to a single 'skipping' log line. Also fix two stale comments in the header (filename was 05, not 10). Verified by rendering with --config override: arch → no-op log line, gentoo → full body intact, both pass bash -n. --- run_once_10-add-gentoo-overlays.sh.tmpl | 29 ++++++++++++++----------- 1 file changed, 16 insertions(+), 13 deletions(-) mode change 100644 => 100755 run_once_10-add-gentoo-overlays.sh.tmpl diff --git a/run_once_10-add-gentoo-overlays.sh.tmpl b/run_once_10-add-gentoo-overlays.sh.tmpl old mode 100644 new mode 100755 index b6a552f..205ee57 --- a/run_once_10-add-gentoo-overlays.sh.tmpl +++ b/run_once_10-add-gentoo-overlays.sh.tmpl @@ -1,31 +1,30 @@ #!/usr/bin/env bash # ============================================================================= -# run_once_05-add-gentoo-overlays.sh.tmpl (gentoo-only) +# run_once_10-add-gentoo-overlays.sh.tmpl (gentoo-only) # Add the GURU overlay to the portage repository list. GURU is the # community overlay (like AUR for arch) where packages like bun, eza, # sway, etc. live when they're not in the main tree. # # Idempotent: skips if GURU is already enabled. -# Run-order: 00 (bootstrap) → 05-overlays (here) → 10-add-{chaotic,debian} -# → 20-install-packages → 40-install-sway +# Guarded: this script is a no-op on non-gentoo boxes via the os_family +# template conditional below — so topgrade/chezmoi apply never errors +# on arch/debian where /var/db/repos/gentoo doesn't exist. +# +# Run-order: 00 (bootstrap) → 05 (hosts) → 10 (overlays, here) +# → 20 (packages) → 40 (sway) # ============================================================================= set -euo pipefail log() { printf '\033[1;34m[overlays]\033[0m %s\n' "$*"; } die() { printf '\033[1;31m[overlays ERROR]\033[0m %s\n' "$*" >&2; exit 1; } -# This script is gentoo-only. Guarded by the chezmoi template engine; -# on arch/debian it never renders (only this single file path). - +{{ if eq .os_family "gentoo" -}} +# --- gentoo: ensure GURU overlay is enabled --- if [[ ! -d /var/db/repos/gentoo ]]; then die "/var/db/repos/gentoo missing — this doesn't look like a gentoo system" fi -# --- 1. GURU overlay --- -# User explicitly requires GURU. Per the bootstrap-runbook skill: gentoo -# boxes without GURU can't install most of the user packages (eza, fzf, -# fd-find on stable, lazygit, topgrade, etc.) because they only ship in -# the main tree as ~amd64 or only live in GURU. +# GURU overlay — required for eza, lazygit, topgrade, etc. if [[ -d /var/db/repos/guru ]]; then log "GURU overlay already enabled at /var/db/repos/guru — skipping" else @@ -51,7 +50,7 @@ else log "GURU overlay enabled and synced" fi -# --- 2. Verify --- +# --- verify --- log "enabled overlays:" eselect repository list 2>&1 | sed 's/^/ /' @@ -62,4 +61,8 @@ fi GURU_NAME=$(cat /var/db/repos/guru/profiles/repo_name) log "GURU repo verified: $GURU_NAME" -log "overlays ready" \ No newline at end of file +log "overlays ready" +{{ else -}} +# Not a gentoo box — nothing to do (guarded by os_family above). +log "skipping gentoo overlays (os_family={{ .os_family }}, not gentoo)" +{{ end -}}