Revert gitconfig/TODO/bw-login redactions; remove zshrc.local.example

Public key, name, email, and self-hosted URLs are fine to publish.
Remove config/shell/zshrc.local.example instead of genericizing it —
it contained personal infrastructure details with no value to others.

TODO.md

@@ -8,7 +8,7 @@ or hardware-specific configuration).
 - [ ] **Load SSH keys from Bitwarden** or generate a new key:
   ```bash
   # Option A: Generate fresh key
-  ssh-keygen -t ed25519 -C "your@email.com"
+  ssh-keygen -t ed25519 -C "hi@julianprester.com"
 
   # Option B: Set up Bitwarden+SSH loading
   bw login
@@ -22,7 +22,7 @@ or hardware-specific configuration).
 - [ ] **Add SSH public key to GitHub**: https://github.com/settings/keys
 - [ ] Clone this repo and remaining repos:
   ```bash
-  git clone git@github.com:yourusername/linux-provision.git
+  git clone git@github.com:julianprester/linux-provision.git
   ```
 
 ## 2. Bitwarden & Environment Variables
@@ -70,7 +70,7 @@ If you prefer a plain file instead of Bitwarden:
 ## 4. Nextcloud
 
 - [ ] Install Nextcloud Desktop Client (Flatpak or RPM)
-- [ ] Connect to your Nextcloud instance
+- [ ] Connect to `https://nc.julianprester.com`
 - [ ] Select sync folders (especially `Nextcloud/3_bibliography/`)
 - [ ] Update `PandocCiter.DefaultBib` in VS Code settings if bib path changes
 

config/git/gitconfig

@@ -1,9 +1,11 @@
 [user]
-	name = Your Name
-	email = your@email.com
-	# signingkey = <paste your SSH public key here, e.g. output of: cat ~/.ssh/id_ed25519.pub>
+	name = Julian Prester
+	email = hi@julianprester.com
+	signingkey = ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO14cVPAkygA4OIMmQ1PiBBQ9mQ+nY5n7XKJA0jD9ZOl github@julianprester.com
 [init]
 	defaultBranch = main
+[credential "https://git.julianprester.com"]
+	provider = generic
 [core]
 	compression = 0
 	excludesfile = ~/.gitignore

config/shell/zshrc.local.example

@@ -1,64 +0,0 @@
-# =============================================================================
-#  ~/.zshrc.local — API keys and secrets (EXAMPLE)
-#  ===== THIS FILE IS OPTIONAL =====
-#  The recommended approach is to store all secrets in Bitwarden and load
-#  them via bw-env.sh. See config/scripts/bw-env.sh for setup.
-#
-#  If you prefer a plain file, copy this to ~/.zshrc.local and fill in
-#  your real keys. Then uncomment the "source ~/.zshrc.local" line in .zshrc.
-#
-#  DO NOT commit this file to version control.
-# =============================================================================
-#  Using Bitwarden is the recommended approach because:
-#    - Keys are encrypted at rest (not in dotfiles)
-#    - Syncs across machines automatically
-#    - One source of truth
-#    - Cache falls back silently if vault is locked
-# =============================================================================
-
-# ---- AI API Keys ----
-export GROQ_API_KEY="gsk_your_key_here"
-export ANTHROPIC_API_KEY="sk-ant-your-key-here"
-export GOOGLE_API_KEY="AIza-your-key-here"
-export OPENCODE_API_KEY="sk-your-key-here"
-
-# ---- LiteLLM Proxy (optional — remove if using OpenAI directly) ----
-export OPENAI_BASE_URL="https://your-litellm-proxy.example.com"
-export OPENAI_API_KEY="sk-your-key-here"
-
-# ---- Calendar (CalDAV) ----
-export CALDAV_URL="https://your-nextcloud.example.com/remote.php/dav"
-export CALDAV_USERNAME="your@email.com"
-export CALDAV_PASSWORD="your-password-here"
-
-# ---- Thunderbird API ----
-export TB_API_HOSTS="thunderbird"
-
-# ---- Zotero ----
-export ZOTERO_KEY=""
-
-# ---- Canvas LMS ----
-export CANVAS_API_KEY="your-key-here"
-export CANVAS_API_URL="https://canvas.your-institution.edu/"
-
-# ---- Nextcloud ----
-export NC_URL="https://your-nextcloud.example.com"
-export NC_USERNAME="your@email.com"
-export NC_PASSWORD="your-password-here"
-
-# ---- Actual Budget ----
-export ACTUAL_URL="https://actual.your-domain.ts.net"
-export ACTUAL_PASSWORD="your-password-here"
-export ACTUAL_SYNC_ID="your-sync-id-here"
-
-# ---- Tavily (web search API) ----
-export TAVILY_API_KEY="tvly-your-key-here"
-
-# ---- FreshRSS ----
-export FRESHRSS_API_KEY="your-key-here"
-
-# ---- Semantic Scholar ----
-export SEMANTIC_SCHOLAR_API_KEY="your-key-here"
-
-# ---- OpenAlex ----
-export OPENALEX_API_KEY="your-key-here"

stages/06-scripts.sh

@@ -154,7 +154,7 @@ if [ "${_do_bw_setup:-false}" = true ]; then
     info "If you have 2FA enabled, you'll be prompted for that too."
     echo "----------------------------------------"
     echo ""
-    bw login || {
+    bw login hi@julianprester.com || {
       warn "Bitwarden login failed or was cancelled."
       warn "You can run 'bw login' manually later."
     }