starred/nix-config
1
0
Fork 0
mirror of https://github.com/ryan4yin/nix-config.git synced 2026-05-29 19:00:47 +02:00
Code Issues Packages Projects Releases 10 Wiki Activity

chore: remove kimi-cli, add opencode permission template

Browse Source
This commit is contained in:
Ryan Yin
2026-05-29 08:38:00 +08:00
parent 88a51d4569
commit 9eb532a461
4 changed files with 180 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
agents/install-cli.md
+2 -10
View File
@@ -7,17 +7,9 @@ Reference commands for installing and updating agent CLIs. Run only the commands
Installed via Nix: Installed via Nix:
- codex - codex
- cursor-cli
- claude-code
- opencode - opencode
- cursor-agent(cli)
Install Manually: - claude-code
```bash
# kimi-cli
uv tool install --python 3.13 kimi-cli
uv tool upgrade kimi-cli --no-cache
```
## Optional tooling ## Optional tooling
agents/opencode-permission-tmpl.json
+175
View File
@@ -0,0 +1,175 @@
{
"$schema": "https://opencode.ai/config.json",
"permission": {
"read": {
"*": "allow",
"*.env": "deny",
"*.env.*": "deny",
"*.env.example": "allow",
"*.pem": "deny",
"*.key": "deny",
"*kubeconfig*": "deny",
".ssh/**": "deny",
".aws/**": "deny",
".kube/**": "deny",
".gnupg/**": "deny"
},
"edit": "allow",
"glob": "allow",
"grep": "allow",
"task": "allow",
"lsp": "allow",
"skill": "allow",
"question": "allow",
"todowrite": "allow",
"webfetch": "allow",
"websearch": "allow",
"external_directory": "ask",
"doom_loop": "deny",
"bash": {
"*": "ask",
"git status *": "allow",
"git diff *": "allow",
"git log *": "allow",
"git show *": "allow",
"git branch *": "allow",
"git remote *": "allow",
"git tag *": "allow",
"git blame *": "allow",
"git reflog *": "allow",
"git stash list *": "allow",
"git lfs *": "allow",
"kubectl get *": "allow",
"kubectl describe *": "allow",
"kubectl logs *": "allow",
"kubectl top *": "allow",
"kubectl api-*": "allow",
"kubectl config *": "allow",
"kubectl explain *": "allow",
"kubectl kustomize *": "allow",
"kustomize *": "allow",
"terraform plan *": "allow",
"terraform show *": "allow",
"terraform state *": "allow",
"terraform output *": "allow",
"terraform version *": "allow",
"terraform providers *": "allow",
"terraform fmt *": "allow",
"gh repo view *": "allow",
"gh repo list *": "allow",
"gh issue view *": "allow",
"gh issue list *": "allow",
"gh pr view *": "allow",
"gh pr list *": "allow",
"gh pr diff *": "allow",
"gh pr checks *": "allow",
"gh api *": "allow",
"gh search *": "allow",
"gh gist list *": "allow",
"gh gist view *": "allow",
"gh release view *": "allow",
"gh release list *": "allow",
"gh workflow list *": "allow",
"gh workflow view *": "allow",
"gh run list *": "allow",
"gh run view *": "allow",
"gh status *": "allow",
"gh auth status *": "allow",
"helm list *": "allow",
"helm get *": "allow",
"helm show *": "allow",
"helm search *": "allow",
"helm repo *": "allow",
"helm status *": "allow",
"helm version *": "allow",
"helm template *": "allow",
"gcloud * list *": "allow",
"gcloud * describe *": "allow",
"gcloud * get-iam-policy *": "allow",
"gcloud config *": "allow",
"gcloud auth *": "allow",
"gcloud version *": "allow",
"nix eval *": "allow",
"nix build *": "allow",
"nix flake *": "allow",
"nix profile *": "allow",
"nix store *": "allow",
"nix search *": "allow",
"nix doctor *": "allow",
"nixos-rebuild build *": "allow",
"darwin-rebuild build *": "allow",
"nom build *": "allow",
"just --list *": "allow",
"just --show *": "allow",
"just --dry-run *": "allow",
"statix check *": "allow",
"deadnix *": "allow",
"nixfmt *": "allow",
"shellcheck *": "allow",
"hadolint *": "allow",
"actionlint *": "allow",
"ruff check *": "allow",
"clippy *": "allow",
"prettier --check *": "allow",
"tokei *": "allow",
"systemctl status *": "allow",
"systemctl list-*": "allow",
"systemctl show *": "allow",
"journalctl *": "allow",
"lspci *": "allow",
"lsusb *": "allow",
"lsblk *": "allow",
"df *": "allow",
"free *": "allow",
"uptime *": "allow",
"uname *": "allow",
"sensors *": "allow",
"lsof *": "allow",
"go version *": "allow",
"go env *": "allow",
"go list *": "allow",
"go doc *": "allow",
"go vet *": "allow",
"cargo --version *": "allow",
"cargo tree *": "allow",
"cargo metadata *": "allow",
"python3 --version *": "allow",
"python3 -m py_compile *": "allow",
"node --version *": "allow",
"pnpm list *": "allow",
"uv pip list *": "allow",
"rg *": "allow",
"fd *": "allow",
"cp *": "allow",
"mv *": "allow",
"chmod *": "allow",
"ls *": "allow",
"cat *": "allow",
"head *": "allow",
"tail *": "allow",
"wc *": "allow",
"find *": "allow",
"which *": "allow",
"echo *": "allow",
"pwd *": "allow",
"date *": "allow",
"env *": "allow",
"printenv *": "allow",
"file *": "allow",
"stat *": "allow",
"du *": "allow",
"tree *": "allow",
"bat *": "allow",
"eza *": "allow",
"jq *": "allow",
"yq *": "allow",
"tldr *": "allow",
"mkdir *": "allow",
"rmdir *": "allow",
"grep *": "allow",
"rm *": "ask",
"rm -rf *": "ask",
"sudo *": "deny"
}
}
}
hosts/idols-ai/README.md
+2 -1
View File
@@ -127,7 +127,8 @@ nvme0n1 259:0 0 1.8T 0 disk
/home/ryan/.kube /home/ryan/.kube
/home/ryan/.gradle /home/ryan/.gradle
/home/ryan/.gnupg /home/ryan/.gnupg
/home/ryan/.kimi
/home/ryan/.ipython /home/ryan/.ipython
/home/ryan/.docker /home/ryan/.docker
hosts/idols-ai/preservation.nix
+1 -1
View File
@@ -150,7 +150,7 @@ in
".config/opencode" ".config/opencode"
".local/share/opencode" ".local/share/opencode"
".local/state/opencode" ".local/state/opencode"
".kimi" # kimi-cli
".context7" # up-to-date docs and code examples for for LLMs & agents ".context7" # up-to-date docs and code examples for for LLMs & agents
# nvim # nvim