Initial public release
A chezmoi-based fleet-dotfiles template for macOS workstations: - Two-way auto-sync via launchd watcher + 5-min puller - Mesh SSH via modify_authorized_keys driven by .chezmoidata/fleet.yaml - age-encrypted secrets file - Bundled Claude Code agentic team (11 agents) + /lite + /lite-sub commands - Verify-before-claiming Stop hook - Generic statusline + project-boundary validate-path hook - Reference launchd plist for cross-fleet task-durations aggregation (companion repo: gitea.tojo.team/cardinale/task-durations) - AGENTS.md walks an agent through the entire setup Q&A interactively - docs/ covers architecture, security model, fleet onboarding
This commit is contained in:
@@ -0,0 +1,27 @@
|
||||
# Fleet manifest — list every machine that should sync with the others.
|
||||
#
|
||||
# `pubkey` enables passwordless SSH between fleet machines: the
|
||||
# private_dot_ssh/modify_private_authorized_keys.tmpl script reads this
|
||||
# file and appends every entry's pubkey to ~/.ssh/authorized_keys on
|
||||
# apply, so any machine in the list can SSH to any other.
|
||||
#
|
||||
# When a new machine joins the fleet:
|
||||
# 1. Generate its identity key: ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519
|
||||
# 2. Add its pubkey to this file
|
||||
# 3. Commit + push (or `chezmoi update` on every existing machine)
|
||||
#
|
||||
# Move this file to `.chezmoidata/fleet.yaml` (drop the `.example` suffix)
|
||||
# and replace the placeholder entries with your real fleet.
|
||||
|
||||
fleet:
|
||||
laptop1:
|
||||
user: alice
|
||||
pubkey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAA<REPLACE_WITH_REAL_PUBKEY> alice@laptop1"
|
||||
|
||||
laptop2:
|
||||
user: alice
|
||||
pubkey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAA<REPLACE_WITH_REAL_PUBKEY> alice@laptop2"
|
||||
|
||||
desktop:
|
||||
user: alice
|
||||
pubkey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAA<REPLACE_WITH_REAL_PUBKEY> alice@desktop"
|
||||
Reference in New Issue
Block a user