refactor(fish): use op-env namespace and xdg.configHome for env template path

HM creating ~/.config/op/ with 755 prevents op CLI from running (requires 700).
Move template to ~/.config/1password/, use nix-darwin programs._1password module.

home/default.nix

@@ -49,9 +49,6 @@
 
       # Secrets management (WSL uses Windows op.exe via interop)
     ]
-    ++ lib.optionals pkgs.stdenv.isDarwin [
-      _1password-cli
-    ]
     ++ (with pkgs; [
       # AI coding agent
       opencode

home/shell/fish.nix

@@ -1,9 +1,13 @@
-{ ... }:
+{ config, ... }:
 
+let
+  envTpl = "${config.xdg.configHome}/op-env/env.tpl";
+in
 {
   # ── 1Password env template ──────────────────────────
   # op:// references only — no real secrets, safe to commit
-  xdg.configFile."op/env.tpl".text = ''
+  # Kept outside ~/.config/op — that dir must be 700 and owned by op CLI
+  xdg.configFile."op-env/env.tpl".text = ''
     AI_GATEWAY_BASE_URL={{ op://Private/AI Gateway API/URL }}
     AI_GATEWAY_API_KEY={{ op://Private/AI Gateway API/credential }}
     EXA_API_KEY={{ op://Private/Exa API/credential }}
@@ -62,10 +66,10 @@
 
       # 1Password → env vars (single op call, silent if locked)
       function op-env --description "Load secrets from 1Password"
-        if not type -q op; or not test -f ~/.config/op/env.tpl
+        if not type -q op; or not test -f ${envTpl}
           return 1
         end
-        for line in (op inject < ~/.config/op/env.tpl 2>/dev/null)
+        for line in (op inject < ${envTpl} 2>/dev/null)
           string match -qr '^\s*(#|$)' -- $line; and continue
           set -l kv (string split -m 1 '=' $line)
           if test (count $kv) -ge 2

modules/darwin/default.nix

@@ -7,6 +7,9 @@
   # ── Shell ──────────────────────────────────────────
   programs.fish.enable = true;
 
+  # ── 1Password CLI ───────────────────────────────────
+  programs._1password.enable = true;
+
   # ── SSH ───────────────────────────────────────────
   services.openssh.enable = true;