As someone that always prefers cli tools and have customized and personalized every bit those tools and the shell itself, I always feel crippled in enviroments other than my local ones. At the same time even keeping a consistent env in my own machines and homelab can be really daunting.
My approach for handing the local envs as consistent as possible has been keeping my dotfiles in a repo with origin at my homelab but even that was not as seamless as i wanted cuz I use both mac and linux (ubuntu and debian) on a daily basis and beside my homelab and devices, I spend a fair amount of time on remote servers. The remote servers are where I mostly struggled and even with chezmoi that will continue in those that the policies of the owners/componies don’t let you customize or even if there’s no policy it’s not logical to change anything in them.
Although using chezmoi can’t fully omit the feeling but imo, it’s as good of solution as it gets.
First of all it has tooling and sctructure to confidently push you dotfiles to a public repository and Secondly it let’s you easily pull different setups for OSs and remote use cases.
My goal here is to document my flow of using chezmoi in a way that in apparochig a new env this would be my source and because of that I’m gonna explain a lot, but I’m gonna provide source and references for most of what I has been my source of learning and also for further reading.
For start:
https://www.chezmoi.io/quick-start/
install
# For Mac
brew install chezmoi
# Oneline Binary for Linux and Mac
sh -c "$(curl -fsLS get.chezmoi.io/lb)"
# Oneliner for install and pull dotfiles from public github repo
sh -c "$(curl -fsLS get.chezmoi.io/lb)" -- init --apply $GITHUB_USERNAME
# If you're using a private repo
sh -c "$(curl -fsLS get.chezmoi.io/lb)" -- init --apply [email protected]:$GITHUB_USERNAME/dotfiles.gitinit and basic concepts
# This initialized a repo in ~/.local/share/chezmoi
chezmoi init
# Adding file ( copy `~/.zshrc` to `~/.local/share/chezmoi/dot_zshrc`)
chezmoi add ~/.zsh
# Edit file (open `~/.local/share/chezmoi/dot_zshrc` in your `$EDITOR`)
chezmoi edit ~/.zsh
# See the changes
chezmoi diff
# See how apply will play verbose(-v) and dry run(-n)
chezmoi -n -v apply
# Apply changes
chenzoi -v apply
# Commiting the changes to repo
chezmoi cd # get you to local repo dir (~/.local/share/chezmoi)
git add .
git commit -m "Initial commit"
# Adding a remote git repo and pushing
git remote add origin [email protected]:$GITHUB_USERNAME/dotfiles.git
git branch -M main
git push -u origin main
# invoke a merge to changes between the current contents of the file, the file in your working copy, and the computed contents of the file
chezmoi merge $FILE
# pull and applly from repo
chezmoi update -v
init on other devices
First pull the dotfiles from repo using install
# check the changes and apply
chezmoi diff
chezmoi apply -v
# invoke a merge to changes between the current contents of the file, the file in your working copy, and the computed contents of the file
chezmoi merge $FILE
# pull and applly from repo
chezmoi update -vTill now everything is basic git flow with a little templating for file names applied.
Let’s get to the powerful parts
Here’s a concise summary of chezmoi’s key features:
- Flexibility & Cross-Platform
• Supports template-based dotfiles configuration • Works across all major platforms (Linux, macOS, Windows) and niche ones • Allows shared configs while maintaining machine-specific settings
- Security & Privacy
• Local-first approach - data stays on your machine • Git-based configuration management • Integrates with multiple password managers and secret vaults (1Password, Bitwarden, gopass, etc.) • Supports file encryption with GnuPG or age
- Transparency & Control
• Offers dry-run and verbose modes for preview • Uses simple file/directory structure • Easy migration if you decide to switch tools • One-to-one mapping with home directory
- Declarative Management
• State-based configuration approach • Atomic updates prevent incomplete changes • Ensures system consistency • Fail-safe implementation
- Performance & Usability
• Git-like command structure • Fast execution times • Simple one-line commands for common operations • Automated sync with dotfiles repository
In essence, chezmoi is a robust, secure, and user-friendly dotfiles manager that combines the reliability of declarative configuration with the flexibility of cross-platform support.
I use gopass and keychain as password/secret manager and gnuPG for encryption