From 5b5e54a814c7657f4b1078f5dee1d116913fc23d Mon Sep 17 00:00:00 2001
From: Amolith <amolith@secluded.site>
Date: Sat, 21 Jun 2025 08:55:42 -0600
Subject: [PATCH] refactor(fish): correct radicle auth, fix ssh-agent

Moves Radicle password retrieval to be host-specific, using
1Password to provide different credentials for 'angmar' and 'sidhe',
improving multi-host secret management.

Enhances SSH agent startup to be more robust and XDG-compliant.
The agent is now only spawned if not already running, its socket
is placed in the XDG_RUNTIME_DIR, and its PID is reported upon start.

Sets a default `DFT_BACKGROUND` environment variable.
---
 dot_config/private_fish/config.fish.tmpl | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/dot_config/private_fish/config.fish.tmpl b/dot_config/private_fish/config.fish.tmpl
index 8d1866a8ea9f7e18a6d48d5be0aae932bb8467b0..6d18369fc2d4fa095563e28a7d83cb7afb0c444a 100644
--- a/dot_config/private_fish/config.fish.tmpl
+++ b/dot_config/private_fish/config.fish.tmpl
@@ -1,4 +1,5 @@
 set -gx BAT_THEME "ansi"
+set -gx DFT_BACKGROUND "light"
 
 # XDG variables
 set -gx XDG_DATA_HOME "$HOME/.local/share"
@@ -75,7 +76,12 @@ set -gx PYTHON_KEYRING_BACKEND "keyring.backends.null.Keyring"
 set -gx UV_PUBLISH_TOKEN '{{ onepasswordRead "op://Private/PyPI/uv angmar" }}'
 
 # Authenticate to local Radicle (.xyz) node
-set -gx RAD_PASSWORD '{{ onepasswordRead "op://Private/2ujzijel6ni3np2uj5k5syptzm/password" }}'
+{{ if eq .chezmoi.hostname "angmar" }}
+set -gx RAD_PASSWORD '{{ onepasswordRead "op://Private/2ujzijel6ni3np2uj5k5syptzm/angmar" }}'
+{{ end }}
+{{ if eq .chezmoi.hostname "sidhe" }}
+set -gx RAD_PASSWORD '{{ onepasswordRead "op://Private/2ujzijel6ni3np2uj5k5syptzm/sidhe" }}'
+{{ end }}
 
 set -gx JIRA_API_TOKEN '{{ onepasswordRead "op://Private/Atlassian/jira key" }}'
 set -gx KAGI_API_KEY '{{ onepasswordRead "op://Shared/Kagi/api_key" }}'
@@ -128,7 +134,14 @@ if status is-interactive
     enable_transience
 end
 
-eval (ssh-agent -c)
+if status is-login
+    set -q SSH_AUTH_SOCK; or set -gx SSH_AUTH_SOCK "$XDG_RUNTIME_DIR/ssh-agent.socket"
+    ssh-add -l > /dev/null 2>&1
+    if test $status -ne 0
+        eval (ssh-agent -c -a "$SSH_AUTH_SOCK" > /dev/null)
+        echo "Spawned new ssh-agent. PID: $SSH_AGENT_PID"
+    end
+end
 
 # Do not use fish_add_path (added in Fish 3.2) because it
 # potentially changes the order of items in PATH