-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy path.chezmoi.toml.tmpl
More file actions
74 lines (68 loc) · 2.54 KB
/
.chezmoi.toml.tmpl
File metadata and controls
74 lines (68 loc) · 2.54 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
{{- /* Profile-driven machine configuration for chezmoi
Profile is selected interactively during chezmoi init, or via:
DOTFILES_PROFILE=arch chezmoi init
chezmoi init --promptChoice profile=arch
Auto-detects from distro if non-interactive.
*/ -}}
{{- /* Load profiles from single source of truth */ -}}
{{- $profiles := (include ".chezmoidata/profiles.yaml" | fromYaml).profiles -}}
{{- /* Detect distribution and map to default profile */ -}}
{{- $distro := "unknown" -}}
{{- $defaultProfile := "" -}}
{{- if eq .chezmoi.os "darwin" -}}
{{- $distro = "macos" -}}
{{- $defaultProfile = "macos-work" -}}
{{- else if stat "/run/ostree-booted" -}}
{{- $distro = "silverblue" -}}
{{- $defaultProfile = "silverblue" -}}
{{- else if stat "/etc/arch-release" -}}
{{- $distro = "arch" -}}
{{- $defaultProfile = "arch-desktop" -}}
{{- else if stat "/etc/debian_version" -}}
{{- $distro = "debian" -}}
{{- $defaultProfile = "debian-server" -}}
{{- end -}}
{{- /* Resolve profile: env var > interactive prompt > auto-detect */ -}}
{{- $envProfile := env "DOTFILES_PROFILE" -}}
{{- $profile := "" -}}
{{- if ne $envProfile "" -}}
{{- $profile = $envProfile -}}
{{- else -}}
{{- $choices := keys $profiles | sortAlpha -}}
{{- writeToStdout "\nAvailable profiles:\n" -}}
{{- range $name := $choices -}}
{{- $p := index $profiles $name -}}
{{- writeToStdout (printf " %-20s %s\n" $name $p.desc) -}}
{{- end -}}
{{- writeToStdout "\n" -}}
{{- $profile = promptChoiceOnce . "profile" "Machine profile" $choices $defaultProfile -}}
{{- end -}}
{{- /* Read profile properties from profiles.yaml */ -}}
{{- $profileData := index $profiles $profile -}}
{{- $tags := $profileData.tags -}}
{{- $wantsDecrypt := or (get $profileData "decrypt") false -}}
{{- $work := or (get $profileData "work") false -}}
{{- $de := "" -}}
{{- if hasKey $profileData "de" -}}{{- $de = $profileData.de -}}
{{- end -}}
{{- /* Enable encryption when the profile declares it. The run_before decrypt
script ensures the key exists (via env var, 1Password, or manual placement)
before chezmoi processes any encrypted files. */ -}}
{{ if $wantsDecrypt -}}
encryption = "age"
{{ end }}
[data]
distro = "{{ $distro }}"
profile = "{{ $profile }}"
tags = "{{ $tags }}"
work = {{ $work }}
decrypt = {{ $wantsDecrypt }}
de = "{{ $de }}"
{{ if $wantsDecrypt }}
[age]
identity = "~/.config/chezmoi/age-key.txt"
recipients = [
"{{ include ".age-public-key" | trim }}",
"{{ include ".age-public-key-work" | trim }}",
]
{{- end }}