ebccdda936
A chezmoi-based fleet-dotfiles template for macOS workstations: - Two-way auto-sync via launchd watcher + 5-min puller - Mesh SSH via modify_authorized_keys driven by .chezmoidata/fleet.yaml - age-encrypted secrets file - Bundled Claude Code agentic team (11 agents) + /lite + /lite-sub commands - Verify-before-claiming Stop hook - Generic statusline + project-boundary validate-path hook - Reference launchd plist for cross-fleet task-durations aggregation (companion repo: gitea.tojo.team/cardinale/task-durations) - AGENTS.md walks an agent through the entire setup Q&A interactively - docs/ covers architecture, security model, fleet onboarding
42 lines
1.4 KiB
Plaintext
42 lines
1.4 KiB
Plaintext
# SSH config — chezmoi-templated so each machine renders its own version.
|
|
#
|
|
# The {{ if ne .chezmoi.hostname "<HOST>" }} guards prevent a machine
|
|
# from generating a Host stanza for itself (which would loop back).
|
|
#
|
|
# To use: copy to private_dot_ssh/config.tmpl in your fork, replace
|
|
# the placeholder host aliases / hostnames with your real fleet, and
|
|
# replace the <USERNAME> tokens with the matching user from fleet.yaml.
|
|
|
|
# ── Fleet machines ──────────────────────────────────────────────
|
|
|
|
{{ if ne (lower .chezmoi.hostname) "laptop1" }}
|
|
Host laptop1
|
|
HostName laptop1
|
|
User <USERNAME_FOR_LAPTOP1>
|
|
IdentityFile ~/.ssh/id_ed25519
|
|
StrictHostKeyChecking accept-new
|
|
{{ end }}
|
|
|
|
{{ if ne (lower .chezmoi.hostname) "laptop2" }}
|
|
Host laptop2
|
|
HostName laptop2
|
|
User <USERNAME_FOR_LAPTOP2>
|
|
IdentityFile ~/.ssh/id_ed25519
|
|
StrictHostKeyChecking accept-new
|
|
{{ end }}
|
|
|
|
{{ if ne (lower .chezmoi.hostname) "desktop" }}
|
|
Host desktop
|
|
HostName desktop
|
|
User <USERNAME_FOR_DESKTOP>
|
|
IdentityFile ~/.ssh/id_ed25519
|
|
StrictHostKeyChecking accept-new
|
|
{{ end }}
|
|
|
|
# ── External hosts (servers, etc.) ──────────────────────────────
|
|
|
|
# Host my-vps
|
|
# HostName vps.example.com
|
|
# User root
|
|
# IdentityFile ~/.ssh/id_ed25519_vps # encrypt via `chezmoi add --encrypt`
|