Personal dotfiles managed with chezmoi for macOS with automated setup scripts.

• Automated package installation via Homebrew
• Encrypted secrets management with age encryption
• Fish shell configuration with vi keybindings
• Development tools setup (Go, Rust, Node.js, Python)
• Kubernetes and cloud infrastructure tools
• Terminal environment (Ghostty, Wezterm, Tmux)
• Neovim configuration

• macOS 10.15 or later

Run the bootstrap script to go from zero to fully configured:

curl -fsSL https://raw.githubusercontent.com/dalssaso/dotfiles/main/bootstrap.sh | zsh

This will:

1. Install Xcode Command Line Tools
2. Install Homebrew
3. Install chezmoi via Homebrew
4. Run chezmoi init --apply dalssaso/dotfiles

During the chezmoi init, you'll be prompted for:

• Email address
• Work email address
• Whether this is a work machine

The setup will then automatically:

• Install 1Password and 1Password CLI
• Install packages from Brewfile
• Configure age encryption for secrets
• Set up Fish shell as default
• Install development tools via mise
• Configure macOS system preferences

The bootstrap script is idempotent — safe to re-run if interrupted.

After making changes to dotfiles:

chezmoi apply

To see what would change without applying:

chezmoi diff

.
├── dot_config/              # Application configurations
│   ├── bat/                 # bat (cat alternative) config
│   ├── btop/                # btop system monitor
│   ├── eza/                 # eza (ls alternative) config
│   ├── ghostty/             # Ghostty terminal
│   ├── lazygit/             # LazyGit TUI
│   ├── nvim/                # Neovim configuration
│   ├── private_fish/        # Fish shell config
│   ├── tmux/                # Tmux configuration
│   ├── wezterm/             # WezTerm terminal
│   └── starship.toml        # Starship prompt
├── dot_scripts/             # Personal scripts
│   └── work/                # Work-specific scripts
├── dot_ssh/                 # SSH configuration
│   └── encrypted_config.age # Encrypted SSH config
├── .chezmoiscripts/         # Automated setup scripts
│   └── darwin/              # macOS-specific scripts
├── private_Applications/    # macOS Applications
├── private_Library/         # macOS Library files
├── encrypted_*              # Encrypted configs (git, authinfo, wakatime, netrc)
├── Brewfile                 # Homebrew packages
├── dot_tool-versions        # mise/asdf tool versions
├── dot_default-golang-pkgs  # Default Go packages to install
├── dot_default-npm-packages # Default npm packages to install
├── .chezmoi.toml.tmpl       # chezmoi configuration template
└── .chezmoiignore           # Files to ignore during apply

• Languages: Go, Rust, Python 3.11/3.12, Node.js, Lua
• Version Management: mise (asdf successor)
• Editors: Neovim, Emacs 30
• Shell: Fish with vi keybindings, Starship prompt

• File Navigation: eza, fd, fzf, zoxide
• File Viewing: bat, less
• System Monitoring: btop, htop
• Git: lazygit, git-delta, gh, glab
• Search: ripgrep, the_silver_searcher
• Multiplexers: tmux, zellij

• Kubernetes: kubectl, k9s, helm, kustomize, kubectx, krew, minikube
• AWS: awscli, clusterawsadm, clusterctl
• Terraform/IaC: terraform, pulumi, ansible
• Service Mesh/Tools: consul, vault, argocd, temporal
• Containers: docker, orbstack, dive, skaffold, tilt

• Terminals: Ghostty, WezTerm
• Password: 1Password + 1Password CLI
• Launcher: Raycast
• Automation: Keyboard Maestro
• Communication: Slack, Telegram, WhatsApp, Discord, Zoom

Sensitive configuration files are encrypted using age:

• .gitconfig (personal, work, and OSS variants)
• .authinfo.gpg (personal and work)
• .ssh/config
• .wakatime.cfg
• .netrc

The age key is decrypted from 1Password during initial setup.

Scripts in .chezmoiscripts/darwin/ run automatically:

• run_once_before_01_decrypt-age-key.sh - Decrypts age encryption key from 1Password
• run_once_before_02_configure-sudo-passwordless.sh - Configures passwordless sudo
• run_onchange_before_install-packages.sh - Installs packages from Brewfile

• run_once_after_change-default-shell.sh - Changes default shell to Fish
• run_once_after_configure-gpg-keys.fish - Sets up GPG keys
• run_once_after_configure-ssh-keys.fish - Configures SSH keys
• run_once_after_install-fisher.fish - Installs Fisher plugin manager
• run_once_after_install-mise.fish - Installs mise version manager
• run_once_after_install-rust.fish - Installs Rust toolchain
• run_once_after_install-tpm.fish - Installs Tmux Plugin Manager
• run_once_after_bat-cache-build.fish - Builds bat cache
• run_once_after_enable-fish-vi-keybindings.fish - Enables vi keybindings
• run_once_after_fish-pieces-config.fish - Configures Fish Pieces
• run_once_after_macos_settings.sh - Applies macOS system preferences

chezmoi update

chezmoi edit ~/.config/fish/config.fish

chezmoi add ~/.config/newapp/config.toml

chezmoi state delete-bucket --bucket=scriptState
chezmoi apply

After installing new packages with brew install:

brew bundle dump --force --file=~/.local/share/chezmoi/Brewfile

Ensure 1Password CLI is installed and configured:

op signin

Update Homebrew and try again:

brew update
brew doctor

Manually change shell:

chsh -s $(which fish)