.chezmoi.toml.tmpl

{{- $snodots := ternary (get . "snodots") dict (hasKey . "snodots" ) -}}
{{- $isOkta := false -}}
{{- $opVault := "" -}}
{{- $edKey := "" -}}
{{- $workEdKeyId := "" -}}
{{- $rsaKey := "" -}}
{{- $githubId := "" -}}
{{- $awsIds := list -}}

{{- $isWorkstation := promptBoolOnce $snodots "isWorkstation" "Is this a workstation" true -}}
{{- $isMine := promptBoolOnce $snodots "isPersonal" "Is this a personal device" true -}}
{{- $isWsl := and (eq .chezmoi.os "linux") (contains "WSL" .chezmoi.kernel.osrelease) -}}
{{- if not $isMine -}}
  {{- $isOkta = promptBoolOnce $snodots "isOkta" "Is this an Okta device" false -}}
{{- end -}}

{{- if $isMine -}}
  {{- $opVault = "Personal" -}}
  {{- $githubId = "gvwbwyxftzqkvlwnvehf7jffvm" -}}
{{- else -}}
  {{- $opVault = "Okta" -}}
  {{- $workEdKeyId = "3hnydtulzfhednjgbqhfxcfnlm" -}}
  {{- $rsaKey = "phb2bs6xs5znqugxr75fjrvke4" -}}
  {{- $githubId = "w7r42b37tjderp76tvin5w2yoa" -}}
{{- end -}}

{{- $edKey = "al6g7er6txmaagdchdpcuuj3xa" -}}
[data]
  snodots.isPersonal = {{ $isMine }}
  snodots.isOkta = {{ $isOkta }}
  snodots.isWorkstation = {{ $isWorkstation }}
  snodots.isWsl = {{ $isWsl }}
  snodots.onepassVault = {{ $opVault | quote }}
  snodots.edKeyId = {{ $edKey | quote }}
  snodots.workEdKeyId = {{ $workEdKeyId | quote }}
  snodots.rsaKeyId = {{ $rsaKey | quote }}
  snodots.gitEmail = {{ onepasswordRead (printf "op://%s/%s/email" $opVault $githubId) | quote }}
  snodots.awsKeyIds = [{{ $awsIds | quoteList | join ", " }}]