feat: add claude code config, MCP servers, and user profiles

[johnae]

Add claude code wrapper with secrets, env.sh, rules, agents, and commands.
Add MCP server profiles (devenv, context7, exa, gitlab, jira).
Add 9k and bizniz user profiles with per-host secrets.
Remove unused aichat and aider profiles.
Fix HM agenix host key permissions via POSIX ACL.

[claude]

Claude finished @johnae's task —— View job

---

PR Review: Claude Code Integration and MCP Servers

I've completed my review of this PR. Here's my comprehensive feedback:

Review Tasks

• Analyze Claude Code configuration and setup
• Review MCP server profiles for security and best practices
• Examine user profiles and secrets management
• Check for potential bugs or issues
• Assess performance considerations
• Review security concerns
• Evaluate test coverage

---

🟢 Code Quality and Best Practices

Strengths:

• Clean separation of concerns: User profiles (9k.nix, bizniz.nix) are well-structured with clear responsibilities
• Follows Nix conventions: Proper use of let ... in, explicit package references, no rec or with at top level (users/profiles/claude/rules/nix.md:6-9)
• Good modular design: Rules, commands, and agents are separated into distinct files for maintainability
• Version control best practice: Using jujutsu (jj) as the primary VCS with clear commit conventions (users/profiles/claude/base.md:19-40)

Areas for improvement:

• The Claude wrapper script sources secrets from ~/.claude/secrets.sh without validation (users/profiles/claude.nix:5-8)
• Consider adding error handling for missing secrets file

---

🟡 Potential Bugs or Issues

1. Docker dependency for MCP Atlassian (users/profiles/bizniz.nix:27-39): The Atlassian MCP server requires Docker to be running. There's no check to ensure Docker is available or running before attempting to use this server.

2. Hardcoded paths in env.sh (users/profiles/claude.nix:14-31): The script assumes devenv is available in PATH without checking. Consider adding command existence checks.

3. POSIX ACL dependency (profiles/home-manager.nix:11-13): The tmpfiles rule adds read permissions for the admin user on the SSH host key. This depends on the filesystem supporting ACLs, which might not be the case on all systems.

---

⚡ Performance Considerations

1. Environment sourcing overhead: The wrapper script sources secrets on every invocation (users/profiles/claude.nix:4-10). Consider caching or lazy loading for frequently used commands.

2. Multiple MCP servers: The configuration loads multiple MCP servers (devenv, exa, context7, playwright, gitlab, atlassian). Consider documenting resource requirements and potential for lazy initialization.

3. Docker container startup (users/profiles/bizniz.nix:27-39): The Atlassian MCP runs in Docker with --rm, causing container startup overhead on each invocation.

---

🔒 Security Concerns

Good security practices:

• ✅ Secrets are managed through age encryption
• ✅ Per-host secret rekeying is implemented
• ✅ API keys are stored encrypted and only decrypted at runtime
• ✅ Proper file permissions set on secrets (executable flag on secrets.sh)

Security considerations:

1. Secret exposure in environment (users/profiles/9k.nix:14-17, users/profiles/bizniz.nix:52-59):

   • Secrets are exported as environment variables, making them visible to all child processes
   • Consider using more targeted secret injection methods

2. SSH host key permissions (profiles/home-manager.nix:11-13):

   • Granting read access to SSH host keys via ACL could be a security concern if the admin user is compromised
   • Document the security implications and ensure this is necessary for the agenix workflow

3. API key transmission (users/profiles/mcp.nix:11-20):

   • API keys are passed in HTTP headers to MCP servers
   • Ensure these connections are always over HTTPS

4. Docker socket access (users/profiles/bizniz.nix:27-39):

   • The Atlassian MCP requires Docker socket access
   • This grants significant system privileges

---

🧪 Test Coverage

Missing test coverage:

• No tests for the Claude wrapper script functionality
• No validation tests for MCP server configurations
• No tests for secret decryption and environment setup
• Consider adding integration tests for the complete Claude Code setup

Recommendations:

1. Add smoke tests to verify MCP servers are reachable
2. Add validation for required environment variables
3. Create tests for the wrapper script's secret sourcing logic
4. Add CI checks to ensure secrets can be properly decrypted

---

📝 Additional Observations

1. Good documentation structure: The Claude rules and commands are well-documented with clear markdown files
2. Thoughtful agent design: The code-simplifier agent (users/profiles/claude/agents/code-simplifier.md) has clear boundaries and restrictions
3. Security-focused tooling: The security-reviewer command (users/profiles/claude/commands/security-reviewer.md) shows good security awareness with comprehensive vulnerability categories

---

Summary

This PR successfully integrates Claude Code with proper configuration management and MCP server support. The implementation follows Nix best practices and demonstrates good separation of concerns. While there are some security considerations around secret management and a few potential runtime issues to address, the overall architecture is solid. The main recommendation is to add comprehensive testing to ensure reliability of the configuration across different environments.

The removal of unused aichat and aider profiles also helps maintain a cleaner codebase.