Initial public release

A chezmoi-based fleet-dotfiles template for macOS workstations:

- Two-way auto-sync via launchd watcher + 5-min puller
- Mesh SSH via modify_authorized_keys driven by .chezmoidata/fleet.yaml
- age-encrypted secrets file
- Bundled Claude Code agentic team (11 agents) + /lite + /lite-sub commands
- Verify-before-claiming Stop hook
- Generic statusline + project-boundary validate-path hook
- Reference launchd plist for cross-fleet task-durations aggregation
  (companion repo: gitea.tojo.team/cardinale/task-durations)
- AGENTS.md walks an agent through the entire setup Q&A interactively
- docs/ covers architecture, security model, fleet onboarding
This commit is contained in:
Anthony Cardinale
2026-05-02 17:26:32 -04:00
commit ebccdda936
42 changed files with 2994 additions and 0 deletions
+41
View File
@@ -0,0 +1,41 @@
# SSH config — chezmoi-templated so each machine renders its own version.
#
# The {{ if ne .chezmoi.hostname "<HOST>" }} guards prevent a machine
# from generating a Host stanza for itself (which would loop back).
#
# To use: copy to private_dot_ssh/config.tmpl in your fork, replace
# the placeholder host aliases / hostnames with your real fleet, and
# replace the <USERNAME> tokens with the matching user from fleet.yaml.
# ── Fleet machines ──────────────────────────────────────────────
{{ if ne (lower .chezmoi.hostname) "laptop1" }}
Host laptop1
HostName laptop1
User <USERNAME_FOR_LAPTOP1>
IdentityFile ~/.ssh/id_ed25519
StrictHostKeyChecking accept-new
{{ end }}
{{ if ne (lower .chezmoi.hostname) "laptop2" }}
Host laptop2
HostName laptop2
User <USERNAME_FOR_LAPTOP2>
IdentityFile ~/.ssh/id_ed25519
StrictHostKeyChecking accept-new
{{ end }}
{{ if ne (lower .chezmoi.hostname) "desktop" }}
Host desktop
HostName desktop
User <USERNAME_FOR_DESKTOP>
IdentityFile ~/.ssh/id_ed25519
StrictHostKeyChecking accept-new
{{ end }}
# ── External hosts (servers, etc.) ──────────────────────────────
# Host my-vps
# HostName vps.example.com
# User root
# IdentityFile ~/.ssh/id_ed25519_vps # encrypt via `chezmoi add --encrypt`