ebccdda936
A chezmoi-based fleet-dotfiles template for macOS workstations: - Two-way auto-sync via launchd watcher + 5-min puller - Mesh SSH via modify_authorized_keys driven by .chezmoidata/fleet.yaml - age-encrypted secrets file - Bundled Claude Code agentic team (11 agents) + /lite + /lite-sub commands - Verify-before-claiming Stop hook - Generic statusline + project-boundary validate-path hook - Reference launchd plist for cross-fleet task-durations aggregation (companion repo: gitea.tojo.team/cardinale/task-durations) - AGENTS.md walks an agent through the entire setup Q&A interactively - docs/ covers architecture, security model, fleet onboarding
28 lines
1.0 KiB
Plaintext
28 lines
1.0 KiB
Plaintext
# Fleet manifest — list every machine that should sync with the others.
|
|
#
|
|
# `pubkey` enables passwordless SSH between fleet machines: the
|
|
# private_dot_ssh/modify_private_authorized_keys.tmpl script reads this
|
|
# file and appends every entry's pubkey to ~/.ssh/authorized_keys on
|
|
# apply, so any machine in the list can SSH to any other.
|
|
#
|
|
# When a new machine joins the fleet:
|
|
# 1. Generate its identity key: ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519
|
|
# 2. Add its pubkey to this file
|
|
# 3. Commit + push (or `chezmoi update` on every existing machine)
|
|
#
|
|
# Move this file to `.chezmoidata/fleet.yaml` (drop the `.example` suffix)
|
|
# and replace the placeholder entries with your real fleet.
|
|
|
|
fleet:
|
|
laptop1:
|
|
user: alice
|
|
pubkey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAA<REPLACE_WITH_REAL_PUBKEY> alice@laptop1"
|
|
|
|
laptop2:
|
|
user: alice
|
|
pubkey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAA<REPLACE_WITH_REAL_PUBKEY> alice@laptop2"
|
|
|
|
desktop:
|
|
user: alice
|
|
pubkey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAA<REPLACE_WITH_REAL_PUBKEY> alice@desktop"
|