wollax/dotfiles-chezmoi
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
My personal dotfiles using chezmoi
29 commits 1 branch 0 tags 92 KiB
  • Lua 94.7%
  • Shell 5.3%
Find a file
Exact
Alexander Wollan d48fb686d1
 Add JAVA_HOME, ANDROID_HOME, and Android SDK PATH to .zshrc template
2026-02-19 22:40:36 -06:00
.github/workflows Fix GitHub Actions workflow permissions per security scan 2026-02-13 05:39:20 +00:00
dot_claude Add .claude/settings.json 2026-02-10 01:20:14 -06:00
dot_config Update .config/ghostty/config 2026-02-13 17:53:28 -06:00
dot_local/private_bin Update .config/ghostty/config 2026-02-13 17:53:28 -06:00
.gitignore Address code review feedback - fix documentation and regex patterns 2026-02-13 05:38:21 +00:00
.gitleaks.toml Address code review feedback - fix documentation and regex patterns 2026-02-13 05:38:21 +00:00
.pre-commit-hook Address code review feedback - fix documentation and regex patterns 2026-02-13 05:38:21 +00:00
dot_gitconfig Update .gitconfig 2026-02-10 15:33:44 -06:00
dot_gitconfig-ndit Add .gitconfig-ndit 2026-02-10 01:12:09 -06:00
dot_zprofile Add .zprofile 2026-02-10 01:12:52 -06:00
dot_zshenv Add .zshenv 2026-02-07 01:20:54 -06:00
dot_zshrc.tmpl Add JAVA_HOME, ANDROID_HOME, and Android SDK PATH to .zshrc template 2026-02-19 22:40:36 -06:00
README.md Add comprehensive security safeguards for secret management 2026-02-13 05:34:58 +00:00
SECURITY.md Address code review feedback - fix documentation and regex patterns 2026-02-13 05:38:21 +00:00

README.md

Dotfiles

Personal dotfiles managed with chezmoi.

🚀 Quick Start

Prerequisites

Setup

# Initialize chezmoi with this repository
chezmoi init https://github.com/wollax/dotfiles-chezmoi.git

# Fetch secrets from Proton Pass
chezmoi-secrets

# Preview changes
chezmoi diff

# Apply dotfiles
chezmoi apply -v

🔒 Security

This is a public repository. All secrets are managed securely:

  • Secrets stored externally (Proton Pass)
  • Pre-commit hooks prevent accidental commits
  • GitHub Actions scan for leaked secrets
  • Comprehensive .gitignore rules
  • Template-based secret injection

See SECURITY.md for complete security documentation.

Quick Security Setup

# Install pre-commit hook to prevent secret commits
ln -s ../../.pre-commit-hook .git/hooks/pre-commit
chmod +x .git/hooks/pre-commit

📁 Repository Structure

.
├── dot_config/          # Application configurations
│   ├── gh/             # GitHub CLI
│   ├── zed/            # Zed editor
│   └── ...
├── dot_local/
│   └── private_bin/    # Custom scripts including chezmoi-secrets
├── dot_claude/         # Claude Code settings
├── dot_gitconfig       # Git configuration
├── dot_zshrc.tmpl      # Zsh configuration (templated for secrets)
├── .gitleaks.toml      # Secret scanning configuration
└── .pre-commit-hook    # Pre-commit security checks

🛠️ Customization

Adding New Dotfiles

# Add a file to chezmoi
chezmoi add ~/.myconfig

# Edit a managed file
chezmoi edit ~/.myconfig

# Apply changes
chezmoi apply -v

Using Secrets

Secrets are managed through the chezmoi-secrets script and Proton Pass:

  1. Add secret to Proton Pass
  2. Update dot_local/private_bin/executable_chezmoi-secrets to fetch it
  3. Reference in templates: {{ .secrets.secret_name }}

Example in dot_zshrc.tmpl:

{{ if hasKey . "secrets" }}
export MY_SECRET={{ .secrets.my_secret }}
{{ end }}

🔄 Daily Workflow

# Update from repository
chezmoi update -v

# See what changed
chezmoi diff

# Edit and apply
chezmoi edit --apply ~/.zshrc

📝 Notes

  • Files prefixed with private_ are naming convention only (not encrypted)
  • .chezmoidata/ contains secrets and is excluded from git
  • See SECURITY.md for detailed security practices

📚 Resources

📄 License

Personal dotfiles - use at your own discretion.