feat: open-proxy
This commit is contained in:
@@ -41,6 +41,7 @@ in
|
||||
|
||||
services = {
|
||||
sketchybar = enabled;
|
||||
open-proxy.server = enabled;
|
||||
};
|
||||
|
||||
security = {
|
||||
|
||||
@@ -33,6 +33,16 @@ else
|
||||
echo " [✓] VM SOCKS Proxy Already Running"
|
||||
fi
|
||||
|
||||
# Reverse tunnel so the VM's `open`/`xdg-open` reach open-proxy serve on this host.
|
||||
if ! pgrep -f "ssh -N -R 7777:127.0.0.1:7777 adios-cs" > /dev/null; then
|
||||
echo " [*] VM Open Proxy Starting..."
|
||||
ssh -N -R 7777:127.0.0.1:7777 adios-cs &> /dev/null &
|
||||
disown
|
||||
echo " [✓] VM Open Proxy Started"
|
||||
else
|
||||
echo " [✓] VM Open Proxy Already Running"
|
||||
fi
|
||||
|
||||
echo -e " [*] Connecting..."
|
||||
|
||||
# Connect to VM
|
||||
|
||||
@@ -17,6 +17,7 @@ in
|
||||
|
||||
services = {
|
||||
ssh-agent = enabled;
|
||||
open-proxy.client = enabled;
|
||||
};
|
||||
|
||||
security = {
|
||||
|
||||
@@ -241,7 +241,12 @@ setup_lsp("gopls", {
|
||||
})
|
||||
end,
|
||||
filetypes = { "go" },
|
||||
cmd = { "gopls", "-remote=auto" },
|
||||
cmd = function(dispatchers, config)
|
||||
return vim.lsp.rpc.start({ "gopls", "-remote=auto" }, dispatchers, {
|
||||
cwd = config.root_dir,
|
||||
env = { GOMEMLIMIT = "6GiB" },
|
||||
})
|
||||
end,
|
||||
settings = {
|
||||
gopls = {
|
||||
buildFlags = { "-tags=e2e" },
|
||||
|
||||
@@ -46,7 +46,9 @@ Full-file reads are fine when genuinely needed, but avoid them as the default re
|
||||
|
||||
4. **Rephrase over append**: When extending existing content (docs, comments, prose, code), prefer rephrasing to capture the new intent over tacking on more verbosity.
|
||||
|
||||
5. **Knowledge Capture Check**: Before the final response, ask whether the task revealed a non-obvious convention, pitfall, repeatable workflow, or missing helper. If yes, briefly recommend exactly where to capture it: package/project AGENTS.md, global AGENTS.md, a skill, or a helper script. Skip this note when there is nothing meaningful.
|
||||
5. **Positive framing over prohibition**: State what _to_ do, not what _not_ to do. Default to omitting an instruction entirely rather than adding a "don't do X" rule — omission costs less context and avoids the failure mode where deleting a prohibition gets inverted into a mandate. Reserve explicit prohibitions for cases where the wrong behavior is a likely default that positive guidance alone can't redirect.
|
||||
|
||||
6. **Knowledge Capture Check**: Before the final response, ask whether the task revealed a non-obvious convention, pitfall, repeatable workflow, or missing helper. If yes, briefly recommend exactly where to capture it: package/project AGENTS.md, global AGENTS.md, a skill, or a helper script. Skip this note when there is nothing meaningful.
|
||||
|
||||
## Style
|
||||
|
||||
|
||||
@@ -48,6 +48,7 @@ description: "<One-liner: what it does and when to trigger. Keep under ~200 char
|
||||
- **Needs configurable values (paths, identifiers, etc.; not secrets — values are stored as plaintext files)?** Copy `assets/variable.sh` into the new skill's `scripts/` dir as-is. Callers use `variable.sh --get NAME [--require-exec RELPATH]`; the helper prints self-explaining `--set` instructions on "unset" or "set-but-invalid" and exits non-zero, so callers just propagate. The helper self-ignores its `.vars/` store on first `--set`, so no `.gitignore` setup is needed.
|
||||
- **Frontmatter is required.** `name` and `description` fields. The description is what the agent uses to decide whether to load the skill, so make it specific about trigger conditions.
|
||||
- **Don't over-specify.** Trust the agent to fill gaps. Document the _what_ and _when_, not every micro-step.
|
||||
- **Frame positively; omit rather than prohibit.** Write what the agent _should_ do. Prefer leaving a rule out over adding "don't do X" (see AGENTS.md principle: _Positive framing over prohibition_).
|
||||
- **Split workflow from reference when the reference surface grows.** If a skill accumulates lookup tables, mapping rules, or capability references that the workflow consults, move them into a sibling `<skill>/<category>/` directory (e.g. `mappings/`, `references/`) with one sub-doc per category and an index `README.md`. Keep `SKILL.md` focused on the hot path — workflow, hard rules, and a short table pointing at the sub-docs. Include a brief style guide in the index README covering (a) defer to authoritative sources (stubs, schemas, generated docs) whenever possible, (b) row/entry formatting conventions, (c) when to create a new sub-doc vs. extend an existing one.
|
||||
|
||||
### 3. Present for Review
|
||||
|
||||
61
modules/home/services/open-proxy/default.nix
Normal file
61
modules/home/services/open-proxy/default.nix
Normal file
@@ -0,0 +1,61 @@
|
||||
{ config
|
||||
, lib
|
||||
, pkgs
|
||||
, namespace
|
||||
, ...
|
||||
}:
|
||||
let
|
||||
inherit (lib) mkIf mkEnableOption;
|
||||
cfg = config.${namespace}.services.open-proxy;
|
||||
package = pkgs.reichard.open-proxy;
|
||||
in
|
||||
{
|
||||
options.${namespace}.services.open-proxy = {
|
||||
server.enable = mkEnableOption "open-proxy host server (opens forwarded URLs/files on this machine)";
|
||||
client.enable = mkEnableOption "open-proxy client (shadows open/xdg-open to forward to the host)";
|
||||
};
|
||||
|
||||
config = lib.mkMerge [
|
||||
(mkIf cfg.server.enable {
|
||||
assertions = [
|
||||
{
|
||||
assertion = pkgs.stdenv.isDarwin;
|
||||
message = "reichard.services.open-proxy.server is only supported on macOS (Darwin).";
|
||||
}
|
||||
];
|
||||
|
||||
launchd.agents.open-proxy = {
|
||||
enable = true;
|
||||
config = {
|
||||
Label = "io.reichard.open-proxy";
|
||||
ProgramArguments = [ "${package}/bin/open-proxy" "serve" ];
|
||||
RunAtLoad = true;
|
||||
KeepAlive = true;
|
||||
# open(1) lives in /usr/bin; launchd agents don't inherit a login PATH.
|
||||
EnvironmentVariables.PATH = "/usr/bin:/bin:/usr/sbin:/sbin";
|
||||
StandardOutPath = "${config.home.homeDirectory}/Library/Logs/open-proxy/open-proxy.out.log";
|
||||
StandardErrorPath = "${config.home.homeDirectory}/Library/Logs/open-proxy/open-proxy.err.log";
|
||||
};
|
||||
};
|
||||
})
|
||||
|
||||
(mkIf cfg.client.enable {
|
||||
assertions = [
|
||||
{
|
||||
assertion = pkgs.stdenv.isLinux;
|
||||
message = "reichard.services.open-proxy.client is only supported on Linux.";
|
||||
}
|
||||
];
|
||||
|
||||
# Shadow the openers via ~/.local/bin (prepended to PATH below). open-proxy
|
||||
# keys off argv[0], so these symlinks run in client mode and fall back to
|
||||
# any real opener further down PATH when the host is unreachable.
|
||||
home.file = {
|
||||
".local/bin/open".source = "${package}/bin/open-proxy";
|
||||
".local/bin/xdg-open".source = "${package}/bin/open-proxy";
|
||||
};
|
||||
|
||||
home.sessionPath = [ "$HOME/.local/bin" ];
|
||||
})
|
||||
];
|
||||
}
|
||||
25
packages/open-proxy/default.nix
Normal file
25
packages/open-proxy/default.nix
Normal file
@@ -0,0 +1,25 @@
|
||||
{ lib
|
||||
, buildGoModule
|
||||
, fetchgit
|
||||
}:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "open-proxy";
|
||||
version = "unstable-2026-06-09";
|
||||
|
||||
src = fetchgit {
|
||||
url = "https://gitea.va.reichard.io/evan/open-proxy.git";
|
||||
rev = "2cedcf448c984192d043b82ec9d614a349b0450b";
|
||||
hash = "sha256-R7JbWPkU8A6uABroNYBu+8K75xDK+VTuuBUPOaOEb+k=";
|
||||
};
|
||||
|
||||
vendorHash = null;
|
||||
|
||||
meta = {
|
||||
description = "Forward `open`/`xdg-open` from a remote VM to the host machine";
|
||||
homepage = "https://gitea.va.reichard.io/evan/open-proxy";
|
||||
license = lib.licenses.mit;
|
||||
maintainers = with lib.maintainers; [ evanreichard ];
|
||||
mainProgram = "open-proxy";
|
||||
};
|
||||
}
|
||||
Reference in New Issue
Block a user