use sops for secret management

scripts/py/common/common.py

@@ -13,6 +13,8 @@ def notify(
     icon: Path | None = None,
     desktop_entry: str | None = None,
 ) -> None:
+    if not which("notify-send"):
+        raise FileNotFoundError("notify-send is not installed.")
     args = ["notify-send", "-a", application_name, "-u", urgency]
     if category:
         args.append("-c")
@@ -21,6 +23,8 @@ def notify(
         args.append("-i")
         args.append(str(icon))
     if desktop_entry:
+        if not does_desktop_entry_exist(desktop_entry=desktop_entry):
+            raise FileNotFoundError("Desktop entry does not exist.")
         args.append("-h")
         args.append(f"string:desktop-entry:{desktop_entry}")
     args.append(title)
@@ -29,12 +33,15 @@ def notify(
     subprocess.run(args)
 
 
-def read_secret_file(secret: str) -> str:
-    path = f"/var/secrets/{secret}"
+def read_secret_file(secret: str, home: bool = False) -> str:
+    if home:
+        path = os.path.expanduser(f"~/.secrets/{secret}")
+    else:
+        path = f"/var/secrets/{secret}"
     if not os.path.exists(path):
         raise FileNotFoundError(f"Secret file {path} does not exist or cannot be read.")
-    with open(f"/var/secrets/{secret}", "r") as f:
-        secret = f.read().strip()
+    with open(file=path, mode="r") as secret_file:
+        secret = secret_file.read().strip()
     if not secret:
         raise ValueError(f"Secret file {path} is empty.")
     return secret

scripts/py/spectacle-screenshot.py

@@ -60,7 +60,7 @@ def spectacle_screenshot(
 
         try:
             opts = [
-                "zipline.py",
+                "/etc/nixos/scripts/py/zipline.py",
                 file_path,
                 "--application-name",
                 "Spectacle",

scripts/py/zipline.py

@@ -5,12 +5,10 @@ import argparse
 import mimetypes
 import os
 from pathlib import Path
-from shutil import which
 from typing import Any
 
 import requests  # type: ignore
 from common.common import (  # type: ignore
-    does_desktop_entry_exist,
     notify,
     read_secret_file,
 )
@@ -23,19 +21,11 @@ def zipline(
     application_name: str | None = None,
     desktop_entry: str | None = None,
 ) -> Any:
-    token = read_secret_file("zipline")
+    token = read_secret_file(secret="zipline", home=True)
 
     if not os.path.isfile(file_path):
         raise FileNotFoundError(f"File at {file_path} does not exist.")
 
-    use_notify_send = False
-    if application_name and desktop_entry:
-        if not does_desktop_entry_exist(desktop_entry=desktop_entry):
-            raise FileNotFoundError("Desktop entry does not exist.")
-        if not which("notify-send"):
-            raise FileNotFoundError("notify-send is not installed.")
-        use_notify_send = True
-
     content_type = mimetypes.guess_type(file_path)[0] or "application/octet-stream"
 
     try:
@@ -55,7 +45,7 @@ def zipline(
                 copy(text=link)
                 print(f"Link copied to clipboard: {link}")
 
-                if use_notify_send:
+                if application_name and desktop_entry:
                     notify(
                         application_name=application_name,
                         title="Upload Successful",
@@ -71,7 +61,7 @@ def zipline(
             raise Exception(error_message)
 
     except BaseException as e:
-        if use_notify_send:
+        if application_name and desktop_entry:
             notify(
                 application_name=application_name,
                 title="Upload Failed",