Skip to content

bdossantos/dotfiles

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,318 Commits
.config
.config
 
 
.github
.github
 
 
.gnupg
.gnupg
 
 
.ssh
.ssh
 
 
.sshrc.d
.sshrc.d
 
 
bin
bin
 
 
.Xmodmap
.Xmodmap
 
 
.agignore
.agignore
 
 
.aliases
.aliases
 
 
.ansible.cfg
.ansible.cfg
 
 
.bash_logout
.bash_logout
 
 
.bash_profile
.bash_profile
 
 
.bashrc
.bashrc
 
 
.brew
.brew
 
 
.curlrc
.curlrc
 
 
.editorconfig
.editorconfig
 
 
.gemrc
.gemrc
 
 
.gitconfig
.gitconfig
 
 
.gitignore
.gitignore
 
 
.gitignore_global
.gitignore_global
 
 
.gitmessage
.gitmessage
 
 
.goaccessrc
.goaccessrc
 
 
.htoprc
.htoprc
 
 
.hushlogin
.hushlogin
 
 
.inputrc
.inputrc
 
 
.macos
.macos
 
 
.macos_hardening
.macos_hardening
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
.profile
.profile
 
 
.rspec
.rspec
 
 
.sshrc
.sshrc
 
 
.tigrc
.tigrc
 
 
.tmux.conf
.tmux.conf
 
 
.vimrc
.vimrc
 
 
.wgetrc
.wgetrc
 
 
LICENCE
LICENCE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

~/.dotfiles

CI License: WTFPL

Personal dotfiles for macOS, managed with GNU Stow.

What's included

File / directory Description
.config/ghostty/ Ghostty terminal with Dracula colour scheme
.config/nvim/ Neovim config with lazy.nvim plugin manager and a pinned lazy-lock.json lockfile
.aliases Handy shell aliases
.bash_profile / .bashrc / .profile Bash startup files
.brew Homebrew formulae and casks
.gitconfig Git settings (diff-so-fancy, GPG signing, …)
.gitmessage Conventional Commits message template
.gnupg/ GPG configuration
.macos Sensible macOS defaults
.macos_hardening Security-focused macOS hardening settings
.ssh/ SSH client configuration
.tmux.conf tmux with vi-style key bindings
.vimrc Vim with Vundle plugins (fzf, ALE, airline, …)
bin/ Utility scripts

Prerequisites

  • git
  • GNU Stow — brew install stow (macOS) or apt install stow (Debian/Ubuntu)

Installation

git clone https://github.com/bdossantos/dotfiles ~/.dotfiles
cd ~/.dotfiles
make install

Uninstallation

cd ~/.dotfiles
make uninstall

macOS setup

Sensible macOS defaults

When setting up a new Mac, you may want to apply sensible defaults and security hardening:

su - admin -c "env PATH=$PATH:/usr/sbin/ bash -x $HOME/.dotfiles/.macos"
su - admin -c "env PATH=$PATH:/usr/sbin/ bash -x $HOME/.dotfiles/.macos_hardening"

Install Homebrew formulae and apps

make run-brew

Bash

Set Bash as default shell

chsh -s "$(brew --prefix)/bin/bash"
exec $SHELL

Choosing between .bashrc, .profile, .bash_profile, etc.

  • ~/.bash_profile should be super-simple and just load ~/.profile and ~/.bashrc (in that order)
  • ~/.profile has the stuff NOT specifically related to bash, such as environment variables (PATH and friends)
  • ~/.bashrc has anything you'd want at an interactive command line. Command prompt, EDITOR variable, bash aliases for my use

A few other notes:

  • Anything that should be available to graphical applications OR to sh (or bash invoked as sh) MUST be in ~/.profile
  • ~/.bashrc must not output anything
  • Anything that should be available only to login shells should go in ~/.profile
  • Ensure that ~/.bash_login does not exist.

See also https://www.gnu.org/software/bash/manual/html_node/Bash-Startup-Files.html

Neovim

Updating plugins safely

Do not blindly run :Lazy update. A supply chain attack relies on developers pulling malicious updates without reviewing them first.

Follow these steps instead:

  1. Check for updates without applying them

    :Lazy check

    This fetches the latest commits for every plugin but does not install anything.

  2. Review the pending changes

    Open the Lazy UI (:Lazy). It lists every commit between your locked version and the remote tip. Skim the commit messages for anything suspicious before proceeding.

  3. Update deliberately

    Once you are satisfied that the updates are legitimate, press U inside the Lazy UI to apply them.

  4. Commit the updated lockfile

    Immediately after updating and confirming Neovim still works, commit lazy-lock.json so that the pinned versions are recorded:

    git add .config/nvim/lazy-lock.json
git commit -m "chore(nvim): update lazy-lock.json"

Testing

pre-commit is used for linting (shellcheck, YAML, trailing whitespace, …). Run the full test suite with:

make test

Licence

WTFPL © Benjamin Dos Santos

About

💻 $HOME/.dotfiles

Topics

shell dotfiles

Resources

Readme

License

WTFPL license
Activity

Stars

12 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages