Report a Bug · Request a Feature
My collection of dotfiles
- About
- Getting started
- Usage
- Roadmap
- Support
- Project assistance
- Contributing
- Authors & contributors
- Security
- License
- Acknowledgements
My collection of dotfiles. I mainly use this with Ghostty as a terminal emulator on macOS, and Windows Terminal on Windows.
Zed is my main editor, though I do keep Visual Studio Code around mainly for Windows support and Jupyter Notebooks (until that feature gets merged into mainline Zed).
Other than that,
- 1Password is my secrets manager.
- Lens is my Kubernetes IDE. I don't like TUI's but I also
don't like typing
kubectl(even with aliases) thousands of times per day. - Monodraw is my diagramming tool.
- OrbStack runs my Docker containers, since Docker Desktop is just slow, and gets in my way a lot.
- Passepartout is my VPN manager, other than Tailscale.
- RapidAPI is used for playing with API's, if xh isn't enough.
- Secretive is my SSH agent.
- SnippetsLab is where I keep my code snippets.
- TablePlus is my database browser.
- Tailscale is my personal VPN.
- Ulysses is my long form Markdown editor.
- UTM is my virtualization manager.
- Xcode kinda just exists.
- A macOS or Linux environment to copy or symlink everything into.
These dotfiles are managed with chezmoi. The chezmoi
source state lives in home/ (see .chezmoiroot).
# Install chezmoi (macOS)
brew install chezmoi
# Initialise from this repo and apply
chezmoi init --apply pgodschalk/dotfilesOn a fresh machine, also remove any system-level ZDOTDIR override so the
chezmoi-managed ~/.zshenv can bootstrap it:
sudo rm -f /etc/zshenv # macOS
sudo rm -f /etc/zsh/zshenv # LinuxEdit the source and apply:
chezmoi edit ~/.config/git/config # opens the source file
chezmoi apply # write changes to your home directory
chezmoi cd # drop into the source directoryThe repo keeps the XDG convention, so $XDG_CONFIG_HOME resolves to
~/Library/Application Support on macOS but ~/.config on Linux. Because
chezmoi derives each target path statically from its source path, shared files
are stored once as a canonical copy at their Linux target path
(home/dot_config/…, home/dot_local/…) and a small macOS stub under
home/Library/… pulls the canonical bytes in with chezmoi's include function.
home/.chezmoiignore selects the right subtree per OS.
These dotfiles apply inside a dev container or
GitHub Codespace
through the editor's personal dotfiles integration. Point your client at this
repo — in VS Code, set dotfiles.repository to pgodschalk/dotfiles — and it
clones the repo into the container and runs install.sh, which bootstraps
chezmoi from home/.
Zed uses its own native dev-container support — it does not
call the devcontainer CLI and has no dotfiles setting, so its "Reopen in Dev
Container" won't apply these on its own. Instead, bring the container up with
the devcontainer CLI first (installed via Homebrew — brew "devcontainer"),
then let Zed attach to it:
devcontainer up --workspace-folder . \
--dotfiles-repository https://github.com/pgodschalk/dotfilesThe CLI clones this repo into the container and auto-runs install.sh, and tags
the container with labels derived from the workspace path. Zed reuses an
existing container matching those labels, so opening the same folder in Zed
attaches to the already-personalised container instead of building a fresh one.
install.sh bootstraps into ~/.local/bin a curated set of general-purpose CLI
tools the shell integrates with:
- chezmoi (to apply the dotfiles), via get.chezmoi.io.
- Via mise — into a dedicated
conf.ddrop-in:starship,eza,bat,fd,fzf,ripgrep,zoxide,delta,difftastic,jaq,yq,xh,doggo,zellij,gh,glab,jj,helix,claude(claude-code). - Straight from their GitHub releases (not in mise's registry for every arch):
tldr,procs,tspin,macchina,miniserve, plusbat-extras(batgrep,batman, …).
Language toolchains are deliberately left to the dev container definition.
install.sh exports DOTFILES_DEVCONTAINER, which makes the mise config skip
its language list (see home/.chezmoitemplates/mise-config.tmpl) — so the
[tools] block is empty in a container, while the CLI niceties above come from
the conf.d drop-in. Tools that need a runtime — gemini-cli/aicommit2
(Node), llm (Python) — are left out for the same reason. Anything missing
degrades gracefully behind its (( $+commands[…] )) guard.
Secret-backed configs resolve each secret in order: a named environment
variable first, then 1Password via op, then an empty fallback. So in a
container — where 1Password is usually unavailable — supply the secrets as env
vars through your platform's mechanism
(Codespaces secrets,
or a local dev container's remoteEnv), and the apply picks them up. Anything
left unset degrades to empty instead of failing the apply. The variables are:
CONTEXT7_API_KEY— Context7 MCP server (Zed, Gemini).GITHUB_PERSONAL_ACCESS_TOKEN— GitHub MCP server (Zed, Gemini); falls back toGITHUB_TOKENwhen unset.GHA_LANGUAGE_SERVER_TOKEN— Zed gh-actions-language-server.INTELEPHENSE_LICENCE_KEY— intelephense license.
Codespaces injects a scoped GITHUB_TOKEN/GH_TOKEN automatically (and
pre-authenticates gh), so the GitHub MCP server picks it up via the fallback
above — subject to that token's scopes. The other variables are never set
automatically; add each one you want populated as a
Codespaces secret
(or via a local dev container's remoteEnv).
A few things lean on the macOS host.
SSH & commit signing use the Secretive (Secure Enclave) agent — forward the
host agent and both work, the key never leaving the Mac. Locally, add the
OrbStack agent socket at up time:
devcontainer up --workspace-folder . \
--dotfiles-repository https://github.com/pgodschalk/dotfiles \
--mount type=bind,source=/run/host-services/ssh-auth.sock,target=/ssh-agent \
--remote-env SSH_AUTH_SOCK=/ssh-agentIn Codespaces the local agent isn't forwarded automatically. For git, enable
GPG verification (Settings → Codespaces) and GitHub signs commits with its
own key (Verified) via the system-level gh-gpgsign; the dotfiles detect
$CODESPACES and switch gpg.format back to openpgp (dropping the SSH
signing key) so they don't shadow it. For jj, or to sign with your own
enclave key, connect with gh codespace ssh (forwards the agent); the web
editor can't sign jj. Note signing stays forced, so without GPG verification
enabled (or a forwarded agent) commits fail rather than going unsigned.
-
1Password (
op) has no desktop-app socket in a container, so op-gated commands degrade (they run without their secrets). -
Browser / ports. Locally, Zed honors
appPortand OrbStack routes<name>.orb.local; Codespaces forwards ports automatically tohttps://<codespace>-<port>.app.github.dev. -
Theme. The shell follows macOS light/dark by querying the terminal (OSC 11), and themes from your Dracula Pro repos when they can be cloned (
pgodschalk/dracula-pro-extras,dracula-pro/dracula-pro) — via the forwarded agent /ghlocally, or aDOTFILES_THEME_PATCodespaces secret (classic PAT,reposcope). It falls back to built-in themes otherwise.
See the open issues for a list of proposed features (and known issues).
- Top Feature Requests (Add your votes using the 👍 reaction)
- Top Bugs (Add your votes using the 👍 reaction)
- Newest Bugs
Reach out to the maintainer at one of the following places:
- GitHub issues
- Contact options listed on this GitHub profile
If you want to say thank you or/and support active development of dotfiles:
- Add a GitHub Star to the project.
- Write interesting articles about the project on Dev.to, Medium or your personal blog.
Together, we can make dotfiles better!
First off, thanks for taking the time to contribute! Contributions are what make the open-source community such an amazing place to learn, inspire, and create. Any contributions you make will benefit everybody else and are greatly appreciated.
Please read our contribution guidelines, and thank you for being involved!
The original setup of this repository is by Patrick Godschalk.
For a full list of all authors and contributors, see the contributors page.
dotfiles follows good practices of security, but 100% security cannot be assured. dotfiles is provided "as is" without any warranty. Use at your own risk.
For more information and to report security issues, please refer to our security documentation.
This project is licensed under the EUPL-1.2 license.
See LICENSE for more information.
- $HOME/.hushlogin from @mathiasbynens
- $HOME/.ssh/config from @mozilla
- $XDG_BIN_HOME/beep from @garybernhardt
- $XDG_BIN_HOME/git-churn
- $XDG_BIN_HOME/git-divergence
- $XDG_BIN_HOME/git-goodness
- $XDG_BIN_HOME/git-what-the-hell-just-happened
- $XDG_BIN_HOME/git-whodoneit
- $XDG_BIN_HOME/githelpers from @garybernhardt
- $XDG_BIN_HOME/gn
- $XDG_BIN_HOME/gn.py
- $XDG_CONFIG_HOME/com.mitchellh.ghostty/config from @mitchellh
- $XDG_CONFIG_HOME/git/attributes from @gitattributes
- $XDG_CONFIG_HOME/git/config from @garybernhardt
- $XDG_CONFIG_HOME/git/config from @gitbutler
- $XDG_CONFIG_HOME/git/config from @gittower
- $XDG_CONFIG_HOME/git/config from @jvns
- $XDG_CONFIG_HOME/git/config from @mathiasbynens
- $XDG_CONFIG_HOME/git/config from @mischah
- $XDG_CONFIG_HOME/git/ignore from @github
- $XDG_CONFIG_HOME/jj/config from @mitchellh
- $XDG_CONFIG_HOME/nano/nanorc from Elliot Cooper
- $XDG_CONFIG_HOME/python/pythonrc from @b3nj5m1n
- $XDG_CONFIG_HOME/readline/inputrc from @mathiasbynens
- $XDG_CONFIG_HOME/starship/starship.toml from @starship
- $XDG_CONFIG_HOME/vim/vimrc from @mathiasbynens
- $XDG_CONFIG_HOME/.curlc from @mathiasbynens
- $XDG_CONFIG_HOME/wgetrc from @mathiasbynens
- $XDG_DATA_HOME/gnupg/gpg.conf from @drduh
- $XDG_DATA_HOME/gnupg/gpg-agent.conf from @drduh
- $ZDOTDIR/.aliases from @mathiasbynens
- $ZDOTDIR/.aliases from @mitchellh
- $ZDOTDIR/.exports from @mathiasbynens
- $ZDOTDIR/.functions from @mathiasbynens
- $ZDOTDIR/.zprezto from @sorin-ionescu