Personal dotfiles managed with GNU Stow for modular configuration across macOS and Linux systems.
- Modular Structure: Each application has its own directory, managed independently via Stow
- Cross-Platform: Supports both macOS (ARM/Intel) and Linux
- Shell Configuration: Zsh with Oh My Zsh, custom functions, and environment setup
- Developer Tools: Pre-configured for Go, Python, Java, Node.js, and more
- AWS Utilities: 90+ functions for ECS, S3, SSM, CloudWatch, and more
- Security-First: Credentials managed via environment variables or
pass, never committed to git
# macOS
xcode-select --install
# Install Homebrew (if not already installed)
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
# Linux
sudo apt-get install git stow # Debian/Ubuntu
sudo dnf install git stow # Fedora/RHEL-
Clone this repository
git clone https://github.com/YOUR_USERNAME/dotfiles.git ~/.dotfiles cd ~/.dotfiles
-
Install packages via Homebrew
brew bundle --file=brew/.Brewfile
-
Deploy configurations with Stow
# Deploy all configurations stow */ # Or deploy specific configurations stow zsh git brew ssh # Note: Use --no-folding if needed to prevent symlinking entire directories stow --no-folding <directory>
-
Reload your shell
exec $SHELL -l # Or use the alias: refreSH
.dotfiles/
├── zsh/ # Zsh configuration (.zshrc, .zshenv)
├── git/ # Git config with workspace-specific settings
├── sources/ # Shell function libraries
│ ├── general/ # Cross-platform utilities
│ │ ├── dev.sh # Development tools (Go, Python, Java, NVM)
│ │ ├── aws.sh # AWS CLI utilities (90+ functions)
│ │ ├── docker.sh # Docker helpers
│ │ ├── media.sh # Media download/playback utilities
│ │ ├── file.sh # File operations
│ │ ├── ssh.sh # SSH key management
│ │ ├── network.sh # Network utilities
│ │ ├── jenkins.sh # Jenkins CLI utilities
│ │ ├── utils.sh # General utility functions
│ │ └── linux.sh # Linux-specific utilities
├── brew/ # Homebrew packages (see brew/README.md)
├── python/ # Python dev tools (see python/README.md)
├── nodejs/ # Node.js guidelines (see nodejs/README.md)
├── nvim/ # Neovim IDE setup (15 LSP servers, 9 linters, Neo-tree)
├── ghostty/ # Ghostty terminal (see ghostty/README.md)
├── aws/ # AWS CLI configuration
├── ssh/ # SSH client configuration
├── gnupg/ # GPG configuration
├── mpv/ # mpv player configuration
├── mycli/ # MySQL CLI configuration
├── pgcli/ # PostgreSQL CLI configuration
├── ranger/ # Ranger file manager configuration
├── jenkins/ # Jenkins CLI configuration
├── macos/ # macOS-specific setup scripts
├── linux/ # Linux-specific setup scripts
├── claude/ # Claude Code configuration
├── xbar/ # xbar menu bar plugins (macOS)
└── ...
Note: Each major component has its own README with detailed setup instructions.
IMPORTANT: Never commit secrets to version control!
Use pass (password manager, already in Brewfile):
# Initialize pass
pass init your-gpg-key-id
# Store secrets
pass insert llm/deepseek
pass insert llm/groq
pass insert llm/openrouter
# Use in shell scripts or aliases:
export API_KEY=$(pass llm/deepseek)System-wide tools including linters for Shell, Dockerfile, Lua, YAML, Markdown, and Go.
cd brew && brew bundleSee: brew/README.md
Linters and formatters for Python development.
cd python && ./install.shSee: python/README.md
JavaScript/TypeScript tools (installed per-project). See: nodejs/README.md
All linters are integrated with Neovim's LSP and lint plugin. See: nvim/README.md
- Auto-configures GOROOT and GOPATH
- Helper functions:
go-build-linux-arm64,go-build-linux-amd64,go-test-coverage - Linter:
golangci-lint(via brew)
- Uses pyenv for version management
- Aliases:
python→python3,pip→pip3 - Linters:
pylint,flake8,bandit(via pip)
- Switch versions with
jdk <version>(e.g.,jdk 17)
- NVM configured (works on both ARM and Intel Macs)
- Auto-loads completion
- Linters:
eslint_d(per-project)
- Run
setup-llm-keysto load API keys frompass - Supports: DeepSeek, Groq, OpenRouter
90+ functions for AWS operations:
# ECS
ecs-clusters # List clusters
ecs-services <cluster> # List services
ecs-metrics <cluster> <service> all -120M -0S 60 # Get metrics
# S3
s3-buckets # List buckets
s3-cat <bucket> <key> # View file
s3-dl <bucket> <key> [local_path] # Download
# SSM
ssm-params <name_filter> # List parameters
ssm-get-param <name> # Get valueSee sources/general/aws.sh for the complete list.
All destructive operations include safety confirmations:
docker-stop-all # Stop all containers
docker-rm-all-containers # Remove all containers (with confirmation)
docker-rm-all-images # Remove all images (with confirmation)
docker-ips # Show container IP addressesModern, secure key generation:
ssh-keygen-ed25519 "email@example.com" # RECOMMENDED
ssh-keygen-rsa "email@example.com" # 4096-bit RSA
ssh-keygen-ecdsa "email@example.com" # ECDSA 521-bit
# ssh-keygen-dsa is deprecated (shows error)- ✅ ARM Macs (M1/M2/M3) -
/opt/homebrew - ✅ Intel Macs -
/usr/local - Auto-detects architecture and adjusts paths
- ✅ Ubuntu/Debian
- ✅ Fedora/RHEL
- Includes Linux-specific utilities in
sources/general/linux.sh
Includes conditional configurations for different projects:
[includeIf "gitdir:~/workspace/acme/"]
path = ~/.dotfiles/git/workspace/acme/.acme.gitconfig
[includeIf "gitdir:~/workspace/techcorp/"]
path = ~/.dotfiles/git/workspace/techcorp/.techcorp.gitconfigEach workspace can have its own email, signing key, etc.
Menu bar utilities (macOS only):
- worldclock.30s.sh: World clock with multiple timezones
- mmi.5m.sh: Market Mood Index tracker
- toolbox.12h.sh: Developer utilities (UUID, hash generators, etc.)
- totp.20s.sh: TOTP/2FA token generator
brew update
brew upgrade
brew bundle dump --file=brew/.Brewfile --force # Update Brewfileomz updatePre-commit hooks are configured to automatically check scripts before commits:
# Hooks are installed automatically after cloning
# They run on git commit
# Manually run all hooks on all files
pre-commit run --all-files
# Run only shellcheck
pre-commit run shellcheck --all-files
# Skip hooks for a specific commit (not recommended)
git commit --no-verifyYou can also manually check scripts:
# Install shellcheck (already in Brewfile)
brew install shellcheck
# Check all scripts
shellcheck sources/general/*.sh
# Check specific script
shellcheck sources/general/dev.sh# Make sure you've deployed with stow
cd ~/.dotfiles
stow zsh
# Reload shell
exec $SHELL -l# Ensure NVM is installed via Homebrew
brew install nvm
# Reload shell
refreSH# Install AWS CLI
brew install awscli
# Configure AWS
aws configure sso- Never commit
.aws/credentialsor SSH private keys (gitignored by default) - Rotate credentials if accidentally exposed
- Use
passfor credential management instead of plain environment variables - Avoid
set-sudo-wo-pwdon production/shared systems - Review permissions before running scripts with elevated privileges
If you're Claude or another AI assistant working on this repository, please read CLAUDE.md for:
- Project structure and philosophy
- Guidelines for using official documentation
- Configuration best practices
- Common pitfalls to avoid
- Workflow and commit standards
This is a personal dotfiles repository, but feel free to:
- Fork it and adapt for your own use
- Report issues or security concerns
- Suggest improvements via issues
MIT License - Feel free to use and modify as needed.