Chezmoi-securely manage point files on multiple computers

You can download this article in PDF format via the link below to support us.
Download the guide in PDF formatturn off

How do you handle dotfiles located in multiple servers that you manage or support? Whether it’s .bashrc or .zshrc containing your precious aliases or countless other useful settings for dot files that make your work easier or worthwhile, you agree that creating them immediately every time you move to a new environment When it becomes cumbersome or there is a new workload (server) in the cluster. This guide is great news for everyone who needs something that will make them create them over and over again.

With Chezmoi, you will have the opportunity to manage point files on multiple computers in an organized, presentable and safe manner. You will be able to manage configuration files across multiple computers, such as your personal macOS laptop, your work Ubuntu desktop, and your work Linux laptop. We will delve into this miracle of the tool and make sure that your dotfile is no longer a thorny issue in your work. Therefore, we will install and see how Chezmoi accomplishes the completed tasks and heavy work.

Main functions of Chezmoi

Chezmoi solves many point file problems with the following functions:

  • flexibility: You can share as much configuration as you want among all computers, while still being able to control computer-specific details.
  • Personal and security: You can use the version control system of your choice to manage your configuration, and you can write the configuration file in the format of your choice. chezmoi can retrieve secrets from 1Password, Bitwarden, gopass, KeePassXC, LastPass, pass, Vault, Keychain, Keyring or any command line utility of your choice.
  • transparency: chezmoi includes detailed and dry-running modes, so you can see exactly what changes it will make to the home directory before making changes.
  • It is declarative and robust: You declare the desired status of files, directories and symbolic links in the source of truth, and then chezmoi updates your home directory to match that status.
  • It is fast and easy to use: chezmoi can run in a fraction of a second and make most daily operations only one line of commands, including installation, initialization and keeping the computer up to date

Please note that you need a Git account and repurchase in any Git system you like (GitLab, GitHub, BitBucket, etc.)

Before that, it is worth noting that Chezmoi can be installed in various ways, as they have been recorded on it. GitHub page

Install Chezmoi on various Linux distributions

Before installing chezmoi, be sure to update the system and install git.

###Install git on Centos###
sudo yum -y install git

###Install git on Ubuntu###
sudo apt install git -y

###Install git on Arch Linux###
sudo pacman -S git

Chezmoi can be installed in various Linux distributions as follows.

Install on Alpine Linux

apk add chezmoi

Install on Arch Linux

sudo pacman -S chezmoi

Install on Guix Linux

guix install chezmoi

Install on NixOS Linux

nix-env -i chezmoi

Install on Void Linux

xbps-install -S chezmoi

Install Chezmoi on macOS

Install Chezmoi on MacOS using Homebrew as shown below

brew install chezmoi

Install Chezmoi with a single-line binary file

Another option for installing chezmoi is to use a single-line binary file. In this way, the correct binary file for your operating system and architecture will be installed in ./bin with one command.

cd ~
curl -sfL | sh
sudo cp -r ~/bin/chezmoi /usr/local/bin 

Let Chezmoi work

According to its documentation, chezmoi stores the desired state of your dot files in the ~/.local/share/chezmoi directory. When you run chezmoi apply, chezmoi will calculate the required content and permissions for each point file, and then make the necessary changes to make your point file match the state.

To start using chezmoi, we must initialize it as follows:

$ chezmoi init

Initialized empty Git repository in /home/tech/.local/share/chezmoi/.git/

This will create a new git repository in ~/.local/share/chezmoi with a permission of 0700, where chezmoi will store the source state. chezmoi only modifies files in the working copy. It is your responsibility to make changes.

If you already have a point file that you want to “join” chezmoi, you can use the following chezmoi command to manage

chezmoi add ~/.zshrc

Doing so will copy ~/.zshrc to ~/.local/share/chezmoi/dot_bashrc.If you want to add the entire folder to chezmoi, you must add -r Parameters/switches after adding.

After adding the file to chezmoi, you can edit the source status of the file as follows:

chezmoi edit ~/.zshrc

This will open ~/.local/share/chezmoi/dot_zshrc in $EDITOR. For me, it will use the vi editor to open the file because this is the default editor. You can change this setting by editing the content pointed to by the $EDITOR environment variable. Make some changes and save.

The advantage of chezmoi is that you can view the changes made by chezmoi before saving the following files:

chezmoi diff

Once you are satisfied with the changes, you can apply the changes as follows:

chezmoi -v apply

Finally, open a shell in the source directory, commit the changes to the local git repository, and exit. issue”Chezmoi cd“Navigates you to the ~/.local/share/chezmoi directory.

chezmoi cd
git add dot_zshrc
git commit -m "Add .zshrc"

Create a configuration file

If it does not exist yet, “chezmoi init” can automatically create a configuration file. In your repository, identify one named “.chezmoi. .tmpl” file, where format is one of the supported configuration file formats (such as json, toml or yaml), then chezmoi init will execute the template to generate your initial configuration file as follows. Please choose a file format you like .

$ chezmoi cd

##For toml file format##
touch .chezmoi.toml.tmpl 

##For json file format##
touch .chezmoi.json.tmpl

##For yaml file format##
touch .chezmoi.yaml.tmpl

After creating the file, run chezmoi init to create the “~/.config/chezmoi/chezmoi.toml” configuration file. Please note that the extension will change according to the file format you selected above.

chezmoi init

Use chezmoi on multiple machines

In order to access the local dotfile on different computers, we need to save the file in a central location. Chezmoi cooperates with Git. Go ahead and clone the git repo in ~/.local/share/chezmoi to a hosted Git service, such as GitHub, GitLab, or BitBucket.

chezmoi cd
git init
git commit -m "dotfiles commit"
git branch -M main
git remote add origin
git push -u origin main

You can use any name to name the repository, but many people prefer to call their dotfiles repos dotfiles. From there, install chezmoi on the other computer described in the previous steps, and then clone the git repo as follows:

Note: You must have created a repository with a name of your choice, such as dotfiles.

$ chezmoi init

Cloning into '/home/tech/.local/share/chezmoi'...
Username for '': <your-username> 
Password for 'https://<your-username>': 
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Compressing objects: 100% (2/2), done.
remote: Total 3 (delta 0), reused 3 (delta 0), pack-reused 0
Unpacking objects: 100% (3/3), done.

This will check out the warehouse and all submodules, and optionally create a chezmoi configuration file for you. Before running, it will not make any changes to the home directory:

chezmoi apply

In addition, you can get the latest changes from the repository and view the changes without actually applying the changes by running the following command:

chezmoi source pull -- --rebase && chezmoi diff

This command runs git pull –rebase in the source directory, and then chezmoi diff displays the difference between the target state calculated from the source directory and the actual state.

After making any changes on the git repository file, you can log in to any computer and use the following command to extract and apply the latest changes from your repository:

chezmoi update

In this way, all dotfiles can now be easily placed on any computer that wishes to use them. You no longer have to write a new point file on each new computer. Your job should now be as simple as typing the chezmoi command.

Use Bitwarden to keep secrets

chezmoi supports Bitwarden with the following commands: Bitwarden CLI Expose the data as a template function. If Bitwarden is not already installed, you can easily install it using Snapcraft. In addition, you must have a Bitwarden account to use its services.

Install Bitwarden CLI using snap or npm as follows

$ sudo snap install bw

##or using npm##

$ npm install -g @bitwarden/cli

Then you can log in to your account

$ bw login                                                                                                    
? Email address: <your-email-address>
? Master password: [hidden]
You are logged in!

Unlock your Bitwarden vault:

bw unlock

Follow the instructions to set the BW_SESSION environment variable.

###For Linux###SSS
export BW_SESSION="2cvamm4lAfeH+Ztlsdtwerhwrtjwt3qEbTqsdfasgry36ceIuY7/lfC1pVS7esIHDFoITq7DIy3V3xTpFK=="

###For PowerShell###

The structured data from “bw get” can be used as a bitwarden template function in the configuration file, for example:

username = {{ (bitwarden "item" "GeeksAdmin").login.username }}
password = {{ (bitwarden "item" "StrongPassword").login.password }}

Concluding remarks

So far, what we have covered in the guide is just a drop in the ocean. With Chezmoi, you can use your favorite password security tools (such as Bitwarden, gopass and KeePassXC) to protect the most private point files.To learn more about what chezmoi can do, check out its Detailed operation guide And experience more features that this amazing tool can provide.

You can download this article in PDF format via the link below to support us.
Download the guide in PDF formatturn off