Create an account


Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Fedora - Take back your dotfiles with Chezmoi

#1
Take back your dotfiles with Chezmoi

In Linux, dotfiles are hidden text files that are used to store various configuration settings for many such as Bash and Git to more complex applications like i3 or VSCode.

Most of these files are contained in the ~/.config directory or right in the home directory. Editing these files allows you to customize applications beyond what a settings menu may provide, and they tend to be portable across devices and even other Linux distributions. But one talking point across the Linux enthusiast community is how to manage these dotfiles and how to share them.

We will be showcasing a tool called Chezmoi that does this task a little differently from the others.

The history of dotfile management


If you search GitHub for dotfiles, what you will see are over 100k repositories after one goal: Store people’s dotfiles in a shareable and repeatable manor. However, other than using git, they store their files differently.

While Git has solved code management problems that also translates to config file management, It does not solve how to separate between distributions, roles (such as home vs work computers) secrets management, and per device configuration.

Because of this, many users decide to craft their own solutions, and the community has responded with multiple answers over the years. This article will briefly cover some of the solutions that have been created.

Experiment in an isolated environment


Do you want to try these below solutions quickly in a contained environment? Run:

$ podman run --rm -it fedora

… to create a Fedora container to try the applications in. This container will automatically delete itself when you exit the shell.

The install problem


If you store your dotfiles in Git repository, you will want to make it easy for your changes to automatically be applied inside your home directory, the easiest way to do this at first glance is to use a symlink, such as ln -s ~/.dotfies/bashrc ~/.bashrc. This will allow your changes to take place instantly when your repository is updated.

The problem with symlinks is that managing symlinks can be a chore. Stow and RCM (covered here on Fedora Magazine) can help you manage those, but these are not seamless solutions. Files that are private will need to be modified and chmoded properly after download. If you revamp your dotfiles on one system, and download your repository to another system, you may get conflicts and require troubleshooting.

Another solution to this problem is writing your own install script. This is the most flexible option, but has the tradeoff of requiring more time into building a custom solution.

The secrets problem


Git is designed to track changes. If you store a secret such as a password or an API key in your git repository, you will have a difficult time and will need to rewrite your git history to remove that secret. If your repository is public, your secret would be impossible to recover if someone else has downloaded your repository. This problem alone will prevent many individuals from sharing their dotfiles with the public world.

The multi-device config problem


The problem is not pulling your config to multiple devices, the problem is when you have multiple devices that require different configuration. Most individuals handle this by either having different folders or by using different forks. This makes it difficult to share configs across the different devices and role sets

How Chezmoi works


Chezmoi is a tool to manage your dotfiles with the above problems in mind, it doesn’t blindly copy or symlink files from your repository. Chezmoi acts more like a template engine to generate your dotfiles based on system variables, templates, secret managers, and Chezmoi’s own config file.

Getting Started with Chezmoi


Currently Chezmoi is not in the default repositories. You can download the current version of Chezmoi as of writing with the following command.

$ sudo dnf install https://github.com/twpayne/chezmoi/relea...x86_64.rpm

This will install the pre-packaged RPM to your system.

Lets go ahead and create your repository using:

$ chezmoi init

It will create your new repository in ~/.local/share/chezmoi/. You can easily cd to this directory by using:

$ chezmoi cd

Lets add our first file:

chezmoi add ~/.bashrc 

… to add your bashrc file to your chezmoi repository.

Note: if your bashrc file is actually a symlink, you will need to add the -f flag to follow it and read the contents of the real file.

You can now edit this file using:

$ chezmoi edit ~/.bashrc

Now lets add a private file, This is a file that has the permissions 600 or similar. I have a file at .ssh/config that I would like to add by using

$ chezmoi add ~/.ssh/config

Chezmoi uses special prefixes to keep track of what is a hidden file and a private file to work around Git’s limitations. Run the following command to see it:

$ chezmoi cd

Do note that files that are marked as private are not actually private, they are still saved as plain text in your git repo. More on that later.

You can apply any changes by using:

$ chezmoi apply

and inspect what is different by using

$ chezmoi diff

Using variables and templates


To export all of your data Chezmoi can gather, run:

$ chezmoi data

Most of these are information about your username, arch, hostname, os type and os name. But you can also add our own variables.

Go ahead and run:

$ chezmoi edit-config

… and input the following:

[data] email = "fedorauser@example.com" name = "Fedora Mcdora"

Save your file and run chezmoi data again. You will see on the bottom that your email and name are now added. You can now use these with templates with Chezmoi. Run:

$ chezmoi add -T --autotemplate ~/.gitconfig

… to add your gitconfig as a template into Chezmoi. If Chezmoi is successful in inferring template correctly, you could get the following:

[user] email = "{{ .email }}" name = "{{ .name }}"

If it does not, you can change the file to this instead.

Inspect your file with:

$ chezmoi edit ~/.gitconfig

After using

$ chezmoi cat ~/.gitconfig

… to see what chezmoi will generate for this file. My generated example is below:

[root@a6e273a8d010 ~]# chezmoi cat ~/.gitconfig [user] email = "fedorauser@example.com" name = "Fedora Mcdora" [root@a6e273a8d010 ~]# 

It will generate a file filled with the variables in our chezmoi config.
You can also use the varibles to perform simple logic statements. One example is:

{{- if eq .chezmoi.hostname "fsteel" }}
# this will only be included if the host name is equal to "fsteel"
{{- end }}

Do note that for this to work the file has to be a template. You can check this by seeing if the file has a “.tmpl” appended to its name on the file in chezmoi cd, or by readding the file using the -T option

Keeping secrets… secret


To troubleshoot your setup, use the following command.

$ chezmoi doctor 

What is important here is that it also shows you the password managers it supports.

[root@a6e273a8d010 ~]# chezmoi doctor warning: version dev ok: runtime.GOOS linux, runtime.GOARCH amd64 ok: /root/.local/share/chezmoi (source directory, perm 700) ok: /root (destination directory, perm 550) ok: /root/.config/chezmoi/chezmoi.toml (configuration file) ok: /bin/bash (shell) ok: /usr/bin/vi (editor) warning: vimdiff (merge command, not found) ok: /usr/bin/git (source VCS command, version 2.25.1)
ok: /usr/bin/gpg (GnuPG, version 2.2.18) warning: op (1Password CLI, not found) warning: bw (Bitwarden CLI, not found) warning: gopass (gopass CLI, not found) warning: keepassxc-cli (KeePassXC CLI, not found) warning: lpass (LastPass CLI, not found) warning: pass (pass CLI, not found) warning: vault (Vault CLI, not found) [root@a6e273a8d010 ~]#

You can use either of these clients, or a generic client, or your system’s Keyring.

For GPG, you will need to add the following to your config using:

$ chezmoi edit-config
[gpg] recipient = "<Your GPG keys Recipient"

You can use:

$ chezmoi add --encrypt

… to add any files, these will be encrypted in your source respository and not exposed to the public world as plain text. Chezmoi will automatically decrypt them when applying.

We can also use them in templates. For example, a secret token stored in Pass (covered on Fedora Magazine). Go ahead and generate your secret.

In this example, it’s called “githubtoken”:

rwaltr@fsteel:~] $ pass ls Password Store └── githubtoken [rwaltr@fsteel:~] $ 

Next, edit your template, such as your .gitconfig we created earlier and add this lines.

token = {{ pass "githubtoken" }}

Then lets inspect using:

$ chezmoi cat ~/.gitconfig
[rwaltr@fsteel:~] $ chezmoi cat ~/.gitconfig This is Git's per-user configuration file. [user] name = Ryan Walter email = rwalt@pm.me token = mysecrettoken [rwaltr@fsteel:~] $ 

Now your secrets are properly secured in your password manager, your config can be publicly shared without risk!

Final notes


This is only scratching the surface. Please check out Chezmoi’s website for more information. The author also has his dotfiles public if you are looking for more examples on how to use Chezmoi.



https://www.sickgaming.net/blog/2020/04/...h-chezmoi/
Reply



Possibly Related Threads…
Thread Author Replies Views Last Post
  Fedora - Podman with capabilities on Fedora xSicKxBot 0 12 11-17-2020, 02:07 AM
Last Post: xSicKxBot
  Fedora - Using Fedora 33 with Microsoft’s WSL2 xSicKxBot 0 22 11-11-2020, 10:30 PM
Last Post: xSicKxBot
  Fedora - How to rebase to Fedora 33 on Silverblue xSicKxBot 0 32 10-31-2020, 12:26 AM
Last Post: xSicKxBot
  Fedora - What’s new in Fedora 33 Workstation xSicKxBot 0 29 10-28-2020, 11:24 PM
Last Post: xSicKxBot
  Fedora - Fedora 33 is officially here! xSicKxBot 0 32 10-27-2020, 09:34 PM
Last Post: xSicKxBot
  Fedora - Contribute at the Fedora Test Week for Kernel 5.9 xSicKxBot 0 38 10-25-2020, 12:22 AM
Last Post: xSicKxBot
  Fedora - Announcing the release of Fedora 33 Beta xSicKxBot 0 71 09-29-2020, 09:01 PM
Last Post: xSicKxBot
  Fedora - Now available: Fedora on Lenovo laptops! xSicKxBot 0 60 09-25-2020, 07:51 PM
Last Post: xSicKxBot
  Fedora - Ankur Sinha: How do you Fedora? xSicKxBot 0 74 09-11-2020, 02:22 PM
Last Post: xSicKxBot
  Fedora - Contribute at the Fedora Test Week for Btrfs xSicKxBot 0 93 08-26-2020, 01:20 PM
Last Post: xSicKxBot

Forum Jump:

Become a Patron!
[-]
Upcoming Events

[-]
Latest Threads
Quixel Mixer 2020.1.6 Released
Last Post: xSicKxBot
Today 10:21 PM
» Replies: 0
» Views: 1
News - Wonder Woman 1984: Release Dates ...
Last Post: xSicKxBot
Today 10:20 PM
» Replies: 0
» Views: 1
DarkRP Update 9/23/16
Last Post: cathleence3
Today 08:38 PM
» Replies: 1
» Views: 1244
Sick Gaming Welcomes All Gamers
Last Post: cathleence3
Today 08:06 PM
» Replies: 2
» Views: 3602
Official Sick Gaming Social Links: Twitt...
Last Post: Bradleygaw
Today 07:51 PM
» Replies: 3
» Views: 1767
News - Deep Stone Crypt World First Winn...
Last Post: xSicKxBot
Today 04:27 PM
» Replies: 0
» Views: 4
Xbox Wire - This Week on Xbox: November ...
Last Post: xSicKxBot
Today 04:26 PM
» Replies: 0
» Views: 4
News - Video: A deep dive into Ubisoft’s...
Last Post: xSicKxBot
Today 04:26 PM
» Replies: 0
» Views: 5
DarkRP Update 9/28/16
Last Post: maryannebo1
Today 04:24 PM
» Replies: 1
» Views: 1277
ISO: Staff Members for Website, Discord,...
Last Post: maryannebo1
Today 04:07 PM
» Replies: 4
» Views: 438

[-]
Twitter

[-]
Sponsored
Get the Deal of the Week at RefurBees.com

Copyright © SickGaming.net 2012-2020