From a249dec1ba6276972c750f1c1ad75ca5ed8da92f Mon Sep 17 00:00:00 2001
From: Julian Prester <hi@julianprester.com>
Date: Sun, 7 Jun 2026 15:23:53 +1000
Subject: [PATCH] Revert gitconfig/TODO/bw-login redactions; remove
 zshrc.local.example
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Public key, name, email, and self-hosted URLs are fine to publish.
Remove config/shell/zshrc.local.example instead of genericizing it —
it contained personal infrastructure details with no value to others.
---
 TODO.md                          |  6 +--
 config/git/gitconfig             |  8 ++--
 config/shell/zshrc.local.example | 64 --------------------------------
 stages/06-scripts.sh             |  2 +-
 4 files changed, 9 insertions(+), 71 deletions(-)
 delete mode 100755 config/shell/zshrc.local.example

diff --git a/TODO.md b/TODO.md
index 52bd006..ce372e8 100755
--- a/TODO.md
+++ b/TODO.md
@@ -8,7 +8,7 @@ or hardware-specific configuration).
 - [ ] **Load SSH keys from Bitwarden** or generate a new key:
   ```bash
   # Option A: Generate fresh key
-  ssh-keygen -t ed25519 -C "your@email.com"
+  ssh-keygen -t ed25519 -C "hi@julianprester.com"
 
   # Option B: Set up Bitwarden+SSH loading
   bw login
@@ -22,7 +22,7 @@ or hardware-specific configuration).
 - [ ] **Add SSH public key to GitHub**: https://github.com/settings/keys
 - [ ] Clone this repo and remaining repos:
   ```bash
-  git clone git@github.com:yourusername/linux-provision.git
+  git clone git@github.com:julianprester/linux-provision.git
   ```
 
 ## 2. Bitwarden & Environment Variables
@@ -70,7 +70,7 @@ If you prefer a plain file instead of Bitwarden:
 ## 4. Nextcloud
 
 - [ ] Install Nextcloud Desktop Client (Flatpak or RPM)
-- [ ] Connect to your Nextcloud instance
+- [ ] Connect to `https://nc.julianprester.com`
 - [ ] Select sync folders (especially `Nextcloud/3_bibliography/`)
 - [ ] Update `PandocCiter.DefaultBib` in VS Code settings if bib path changes
 
diff --git a/config/git/gitconfig b/config/git/gitconfig
index 9022e40..d440162 100755
--- a/config/git/gitconfig
+++ b/config/git/gitconfig
@@ -1,9 +1,11 @@
 [user]
-	name = Your Name
-	email = your@email.com
-	# signingkey = <paste your SSH public key here, e.g. output of: cat ~/.ssh/id_ed25519.pub>
+	name = Julian Prester
+	email = hi@julianprester.com
+	signingkey = ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO14cVPAkygA4OIMmQ1PiBBQ9mQ+nY5n7XKJA0jD9ZOl github@julianprester.com
 [init]
 	defaultBranch = main
+[credential "https://git.julianprester.com"]
+	provider = generic
 [core]
 	compression = 0
 	excludesfile = ~/.gitignore
diff --git a/config/shell/zshrc.local.example b/config/shell/zshrc.local.example
deleted file mode 100755
index ff5704b..0000000
--- a/config/shell/zshrc.local.example
+++ /dev/null
@@ -1,64 +0,0 @@
-# =============================================================================
-#  ~/.zshrc.local — API keys and secrets (EXAMPLE)
-#  ===== THIS FILE IS OPTIONAL =====
-#  The recommended approach is to store all secrets in Bitwarden and load
-#  them via bw-env.sh. See config/scripts/bw-env.sh for setup.
-#
-#  If you prefer a plain file, copy this to ~/.zshrc.local and fill in
-#  your real keys. Then uncomment the "source ~/.zshrc.local" line in .zshrc.
-#
-#  DO NOT commit this file to version control.
-# =============================================================================
-#  Using Bitwarden is the recommended approach because:
-#    - Keys are encrypted at rest (not in dotfiles)
-#    - Syncs across machines automatically
-#    - One source of truth
-#    - Cache falls back silently if vault is locked
-# =============================================================================
-
-# ---- AI API Keys ----
-export GROQ_API_KEY="gsk_your_key_here"
-export ANTHROPIC_API_KEY="sk-ant-your-key-here"
-export GOOGLE_API_KEY="AIza-your-key-here"
-export OPENCODE_API_KEY="sk-your-key-here"
-
-# ---- LiteLLM Proxy (optional — remove if using OpenAI directly) ----
-export OPENAI_BASE_URL="https://your-litellm-proxy.example.com"
-export OPENAI_API_KEY="sk-your-key-here"
-
-# ---- Calendar (CalDAV) ----
-export CALDAV_URL="https://your-nextcloud.example.com/remote.php/dav"
-export CALDAV_USERNAME="your@email.com"
-export CALDAV_PASSWORD="your-password-here"
-
-# ---- Thunderbird API ----
-export TB_API_HOSTS="thunderbird"
-
-# ---- Zotero ----
-export ZOTERO_KEY=""
-
-# ---- Canvas LMS ----
-export CANVAS_API_KEY="your-key-here"
-export CANVAS_API_URL="https://canvas.your-institution.edu/"
-
-# ---- Nextcloud ----
-export NC_URL="https://your-nextcloud.example.com"
-export NC_USERNAME="your@email.com"
-export NC_PASSWORD="your-password-here"
-
-# ---- Actual Budget ----
-export ACTUAL_URL="https://actual.your-domain.ts.net"
-export ACTUAL_PASSWORD="your-password-here"
-export ACTUAL_SYNC_ID="your-sync-id-here"
-
-# ---- Tavily (web search API) ----
-export TAVILY_API_KEY="tvly-your-key-here"
-
-# ---- FreshRSS ----
-export FRESHRSS_API_KEY="your-key-here"
-
-# ---- Semantic Scholar ----
-export SEMANTIC_SCHOLAR_API_KEY="your-key-here"
-
-# ---- OpenAlex ----
-export OPENALEX_API_KEY="your-key-here"
diff --git a/stages/06-scripts.sh b/stages/06-scripts.sh
index f0e659a..117ecf5 100755
--- a/stages/06-scripts.sh
+++ b/stages/06-scripts.sh
@@ -154,7 +154,7 @@ if [ "${_do_bw_setup:-false}" = true ]; then
     info "If you have 2FA enabled, you'll be prompted for that too."
     echo "----------------------------------------"
     echo ""
-    bw login || {
+    bw login hi@julianprester.com || {
       warn "Bitwarden login failed or was cancelled."
       warn "You can run 'bw login' manually later."
     }