Add LAN hosts script; clean up README onboarding
This commit is contained in:
parent
bd9b295b24
commit
f4a0b59b7e
2 changed files with 108 additions and 22 deletions
55
README.md
55
README.md
|
|
@ -25,6 +25,7 @@ dot_config/
|
|||
paru/ (arch-only) paru config
|
||||
|
||||
run_once_00-install-bootstrap-tools.sh.tmpl
|
||||
run_once_05-install-hosts.sh.tmpl merge LAN host entries into /etc/hosts
|
||||
run_once_10-add-chaotic-aur.sh.tmpl (arch-only)
|
||||
run_once_20-install-user-packages.sh.tmpl
|
||||
run_onchange_30-ensure-cargo.sh.tmpl
|
||||
|
|
@ -32,43 +33,53 @@ run_onchange_30-ensure-cargo.sh.tmpl
|
|||
|
||||
## Onboarding a new box
|
||||
|
||||
On a fresh debian-stable or arch-base install:
|
||||
**One command.** Copy/paste this on a fresh debian-stable or arch-base install:
|
||||
|
||||
```bash
|
||||
# 1. Install chezmoi binary itself (one-time, before this repo's run_once runs)
|
||||
sh -c "$(curl -fsSL https://raw.githubusercontent.com/...")" -- -b "$HOME/.local/bin" \
|
||||
&& export PATH="$HOME/.local/bin:$PATH" \
|
||||
&& chezmoi init --apply https://git.melonbread.xyz/rain/gnu-plus-dotfiles.git
|
||||
```
|
||||
|
||||
Or as a heredoc that installs chezmoi then runs the bootstrap (more verbose, easier to read):
|
||||
|
||||
```bash
|
||||
export PATH="$HOME/.local/bin:$PATH"
|
||||
sh -c "$(curl -fsSL get.chezmoi.io)" -- -b "$HOME/.local/bin"
|
||||
|
||||
# 2. Initialize from your repo (HTTPS — works without SSH keys on a fresh box)
|
||||
chezmoi init --apply https://git.melonbread.xyz/rain/gnu-plus-dotfiles.git
|
||||
```
|
||||
|
||||
# 3. The bootstrap scripts run automatically. They will:
|
||||
# - install age, git, curl (run_once_00)
|
||||
# - on arch: add Chaotic-AUR + install paru (run_once_10)
|
||||
# - install zsh, tmux, neovim, oh-my-zsh, all CLI tools, Maple Mono NF font (run_once_20)
|
||||
# - install rustup if cargo missing (run_onchange_30)
|
||||
The bootstrap scripts run automatically as part of `chezmoi init --apply`. They will:
|
||||
|
||||
# 4. Reboot or `exec zsh` to start using the new shell
|
||||
1. **run_once_00**: install `age`, `git`, `curl`, `ca-certificates` via the OS package manager
|
||||
2. **run_once_05**: merge LAN host entries (`miche.local`, `kaiser.local`, etc.) into `/etc/hosts` so omp/curl can resolve them
|
||||
3. **run_once_10** (arch only): add Chaotic-AUR repo + signing key, install `paru`
|
||||
4. **run_once_20**: install zsh, tmux, neovim (binary tarball, arch-aware URL), oh-my-zsh + plugins (autosuggestions, syntax-highlighting, history-substring-search, fzf-tab), tpm, all modern CLI tools (`bat` via cargo or PM, `btop`, `eza`, `fzf`, `fd`, `ripgrep`, `zoxide`, `starship`, `lazygit`, `yt-dlp`, `jq`, etc.), set zsh as login shell (via `sudo chsh`), install Maple Mono NF font (GitHub release zip)
|
||||
5. **run_onchange_30**: ensure rustup/cargo; install topgrade (`pacman` on arch via chaotic-aur, `cargo` on debian) and cargo-update
|
||||
|
||||
After bootstrap completes (~5-10 min on x86_64, longer on aarch64 with `cargo install bat`):
|
||||
|
||||
```bash
|
||||
exec zsh
|
||||
```
|
||||
|
||||
The first run will take a few minutes (downloading packages, cloning oh-my-zsh plugins, tpm, LazyVim plugins via nvim).
|
||||
fastfetch will run on shell start, starship prompt active, all tools on PATH.
|
||||
|
||||
## Adding age encryption (when you have secrets)
|
||||
### Per-machine age key (required to decrypt secrets)
|
||||
|
||||
The repo contains encrypted secrets (`~/.omp/agent/zai.key`, `~/.omp/agent/.env`) that only your per-machine age key can decrypt. After bootstrap, generate the key on this box:
|
||||
|
||||
```bash
|
||||
# On your main workstation:
|
||||
mkdir -p ~/.config/chezmoi/keys
|
||||
age-keygen -o ~/.config/chezmoi/keys/recovery.key
|
||||
# Save the printed secret key in your password manager.
|
||||
|
||||
# On each machine, generate a per-machine identity:
|
||||
age-keygen -o ~/.config/chezmoi/key.txt
|
||||
# Paste the public key back to your main workstation.
|
||||
|
||||
# In .chezmoi.yaml.tmpl, uncomment and fill the recipients block, then:
|
||||
chezmoi age rekey
|
||||
# Paste the printed public key into ~/.local/share/chezmoi/.chezmoi.yaml.tmpl
|
||||
# under the recipients list, then:
|
||||
cd ~/.local/share/chezmoi
|
||||
git pull
|
||||
# (You'll be prompted to add --force if you have local changes)
|
||||
chezmoi apply
|
||||
```
|
||||
|
||||
If you skip this step, the omp config files will still land (they're not encrypted), but `zai.key` and `.env` will be missing and omp won't be able to authenticate against providers.
|
||||
## Editing dotfiles
|
||||
|
||||
```bash
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue