{"id":18749910,"url":"https://github.com/ribugent/dotfiles","last_synced_at":"2025-07-03T14:07:07.165Z","repository":{"id":37704208,"uuid":"497833282","full_name":"ribugent/dotfiles","owner":"ribugent","description":"Gerard Ribugent - Dotfiles","archived":false,"fork":false,"pushed_at":"2025-05-16T06:47:54.000Z","size":424,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-14T23:42:29.398Z","etag":null,"topics":["arch-linux","chezmoi","dotfiles","fish","git","gradle","jenv","linux","oh-my-fish","pass","plenv","pyenv","yay"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ribugent.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-05-30T07:23:15.000Z","updated_at":"2025-05-16T06:47:58.000Z","dependencies_parsed_at":"2023-11-14T08:42:08.232Z","dependency_job_id":"107f9caa-be41-4cfa-927e-ef7c2bcc9ae3","html_url":"https://github.com/ribugent/dotfiles","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ribugent/dotfiles","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ribugent%2Fdotfiles","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ribugent%2Fdotfiles/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ribugent%2Fdotfiles/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ribugent%2Fdotfiles/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ribugent","download_url":"https://codeload.github.com/ribugent/dotfiles/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ribugent%2Fdotfiles/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263339928,"owners_count":23451516,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["arch-linux","chezmoi","dotfiles","fish","git","gradle","jenv","linux","oh-my-fish","pass","plenv","pyenv","yay"],"created_at":"2024-11-07T17:09:13.951Z","updated_at":"2025-07-03T14:07:07.132Z","avatar_url":"https://github.com/ribugent.png","language":"Shell","readme":"# Gerard Ribugent - Dotfiles\n\n\u003e_There's no place like šŸ”_\n\nThis repository contains all the dotfiles I use on my work computer, which currently supports Arch Linux and macOS\n\nAll the files are managed using [chezmoi](https://www.chezmoi.io/), but the secrets and sensitive information are stored using [pass](https://www.passwordstore.org/)\n\n## Prerequisites\n\n- All OSes:\n\n - [chezmoi](https://www.chezmoi.io/)\n - [pass](https://www.passwordstore.org/)\n - [gnupg](https://gnupg.org/)\n - [git](https://git-scm.com/)\n - [git-delta](https://github.com/dandavison/delta)\n - My gpg keys šŸ™ˆ\n\n- Arch Linux:\n - [yay](https://github.com/Jguer/yay) (Arch Linux only)\n - [base-devel](https://archlinux.org/packages/core/any/base-devel/)\n - User sudo enabled\n\n- macOS:\n\n - [Brew](https://brew.sh)\n\n\n## Bootstrapping\n\n0. Install needed software\n1. Import my gpg keys\n2. Clone password store\n\n ```sh\n git@github.com:ribugent/$SECRETS.git ~/.password-store\n ```\n\n3. Create `~/.config/chezmoi/chezmoi.toml` and fill it with the information\n\n ```toml\n [diff]\n command = \"delta\"\n args = [\"--pager=never\"]\n\n [data.git]\n name = \"\u003cyour name\u003e\"\n\n [data.git.work]\n email = \"\u003cwork email\u003e\"\n signkey = \"\u003cwork gpg sign key\u003e\"\n remotePrefix = \"\u003cwork git remote prefix\u003e\"\n\n [data.git.personal]\n email = \"\u003cpersonal email\u003e\"\n signkey = \"\u003cpersonal gpg sign key\u003e\"\n remotePrefix = \"\u003cpersonal git remote prefix\u003e\"\n\n [date.noisetorch]\n device_unit = \"\u003cmicrophone device unit\u003e\"\n device_name = \"\u003cmicrophone device name\u003e\"\n ```\n\n4. Finally apply\n\n ```sh\n chezmoi init --apply git@github.com:ribugent/dotfiles.git\n ```\n\n## Included configuration\n\n### Fish shell\n\nDrop-in files for `$PATH` management:\n\n- [jenv](https://www.jenv.be/)\n- [nodenv](https://github.com/nodenv/nodenv)\n- [plenv](https://github.com/tokuhirom/plenv)\n- [pyenv](https://github.com/pyenv/pyenv)\n- `~/.local/bin`\n\nSet some default env variables in order to:\n\n- (Linux only) Disable ugly GTK+ options\n- (Linux only) Default(terminal) editor to `vim`\n- (Linux only) Set `$BROWSER` to use `xdg-open`\n- Enable colors on man pages\n- Aliases\n - `cat` for [`bat -pp`](https://github.com/sharkdp/bat)\n - `cz` for `chezmoi`\n - `df` for [`duf`](https://github.com/muesli/duf)\n\nCurrently, I'm using [oh-my-fish](https://github.com/oh-my-fish/oh-my-fish). The repo includes:\n\n- Installs it automatically\n- Trigger install when the packages list is updated\n- Sets my favorite theme\n\n\n### Git\n\n- Setups globally my work information\n- Setup specific dirs to use my personal information\n- Enables company git hooks software only in specific dir\n- Enables verbose doing commits\n- Customize diff tool\n- Customize colours\n- `main` as a default branch on init\n- Use [gitdelta](https://github.com/dandavison/delta) as (terminal) diff viewer\n- Use [git-interactive-rebase-tool](https://github.com/MitMaro/git-interactive-rebase-tool) as interactive rebase tool\n\n### GnuPG\n\nSet `pinentry-qt` as the default pinentry program in Linux and set `$GPG_TTY` environment variable to allow pinentry-curses working in macOS.\n\n### Gradle\n\nDisable ram consuming gradle daemon... I have 16GB of RAM, but it's not enough sometimes.\n\n### Jenv\n\n*ā„¹ļø Linux Only*\n\nAutomatically register and refresh jdk versions using systemd user units\n\n- [jenv-refresh.path](https://github.com/ribugent/dotfiles/blob/main/private_dot_config/systemd/user/jenv-refresh.path)\n- [jenv-refresh.service](https://github.com/ribugent/dotfiles/blob/main/private_dot_config/systemd/user/jenv-refresh.service)\n\n### Ssh\n\nBasic ssh configuration with known hosts and rendering work sensitive hosts from the secret store using a [template](https://github.com/ribugent/dotfiles/blob/main/.chezmoitemplates/ssh_config_host).\n\n### Arch Linux system\n\n*ā„¹ļø Arch Linux Only*\n\nInstalling automatically packages and optional package dependencies using [yay](https://github.com/Jguer/yay), the lists can be found in [\\[1\\]](https://github.com/ribugent/dotfiles/blob/main/archlinux/packages.txt) and [\\[2\\]](https://github.com/ribugent/dotfiles/blob/main/archlinux/packages-optional.txt).\n\nSome drop-in configuration system files are installed using `makepkg`:\n\n- SDDM\n - Enable HiDPI in Wayland\n - Disable listening tcp connections in xorg\n - Plasma Desktop settings\n- Kernel parameters\n - Hardening\n - Restrict `dmesg` to root only\n - Disable `kexec` syscall\n - Restrict pointers in proc filesystem\n - Set swappiness to 20\n- [Reflector](https://wiki.archlinux.org/title/reflector): Options for selecting the mirrors\n- Faillock: block accounts after 5 consecutive authentication failures\n- Systemd resolved\n - Disables default DNS servers\n - Enable stub listener to be integrated with Docker (this solve issues DNS resolutions with custom domains on VPN connections)\n- xorg: Enforce 1080p resolution on my Dell XPS 13 laptop with 4k screen\n\n### macOS system\n\n*ā„¹ļø macOS Only*\n\n- Installing automatically packages from a [Brewfile](https://github.com/ribugent/dotfiles/blob/main/macos/Brewfile)\n- GNU coreutils and recent version of curl in `$PATH`\n- Fix keybindings for Home/End keys using a regular keyboard\n- Quarantine bit auto-removal from few specific apps\n- Setup qtpass to find out git and gpg utlities from brew\n- Enable uptimed and locate services\n- Enable fingerprint for sudo\n\n### ClamAV\n\n*ā„¹ļø Linux Only*\n\n- Installs ClamAV\n- Enables update signatures services\n- Tune up the daemon configuration\n- ~~Set up daily scanning and reporting via notification~~\n\n### Firewalld\n\n*ā„¹ļø Linux Only*\n\nEnable the firewalld by default, and [integrate the docker interface](https://docs.docker.com/network/iptables/#integration-with-firewalld) to the specified zone.\n\n### Yakuake\n\n*ā„¹ļø Linux Only*\n\nSet up dropdown terminal with Fira Code nerdfonts\n\n### iTerm2\n\n*ā„¹ļø macOS Only*\n\nSet up dropdown terminal with Fira Code nerdfonts\n\n### Yay\n\n*ā„¹ļø Linux Only*\n\nSetup system java, perl and python versions to avoid issues when building packages.\nThird-party account settings\n\n### Third-party services setup\n\n- Increase AWS S3 concurrent requests\n- Docker registries\n- npm private registry\n- Databricks service\n\n\n# Password store structure\nFor those who want to reuse these dotfiles, this requires the following structure:\n\n```\nPassword Store\nā”œā”€ā”€ aws\nā”‚Ā Ā  ā”œā”€ā”€ accountId -\u003e password\nā”‚Ā Ā  ā””ā”€ā”€ region -\u003e password\nā”œā”€ā”€ databricks\nā”‚Ā Ā  ā”œā”€ā”€ prod -\u003e password(api key), fields(host)\nā”‚Ā Ā  ā””ā”€ā”€ staging -\u003e password(api key), fields(host)\nā”œā”€ā”€ docker\nā”‚Ā Ā  ā”œā”€ā”€ dockerRegistry -\u003e password(token)\nā”‚Ā Ā  ā””ā”€ā”€ githubRegistry -\u003e password(token)\nā”œā”€ā”€ npm\nā”‚Ā Ā  ā””ā”€ā”€ github -\u003e password(token)\nā””ā”€ā”€ ssh\n ā”œā”€ā”€ hosts -\u003e raw(json array equivalent of ssh regular config, see how is rendered in .chezmoitemplates/ssh_config_host )\n ā””ā”€ā”€ keys\n ā”œā”€ā”€ arch-aur -\u003e raw(ssh key)\n ā”œā”€ā”€ github -\u003e raw(ssh key)\n ā””ā”€ā”€ work -\u003e raw(ssh key)\n```\n\nEvery entry details how is stored the info, as password, password with fields or just raw; in brackets some clarifications are specified.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fribugent%2Fdotfiles","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fribugent%2Fdotfiles","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fribugent%2Fdotfiles/lists"}