This dotfiles setup supports three machine types with different configurations.
| Type | Kubernetes | 1Password Mode | Use Case |
|---|---|---|---|
| home | ✅ kubectl, k9s, kubeseal | Interactive account | Personal laptop |
| work | ❌ Skipped | Interactive account | Work laptop |
| server | ❌ Skipped | Service account token | AI assistant, automation |
- Core dev tools: git, gh, lazygit, node
- Programming languages: Go, Python, Rust, Bun
- Modern CLI tools: bat, eza, fd, fzf, ripgrep, zoxide, neovim
- Container tools: Docker, Docker Compose, Colima
- Utilities: curl, wget, tmux
- Kubernetes tools: kubectl, k9s, kubeseal
- 1Password uses service account (token-based, no interactive login)
- Requires
OP_SERVICE_ACCOUNT_TOKENenvironment variable
When you bootstrap a fresh machine, you'll be prompted:
sh -c "$(curl -fsLS get.chezmoi.io)" -- init --apply yourusername/dotfiles
# Prompts:
Email address: your@email.com
Machine type (home/work/server): home # ← Choose oneBefore running chezmoi on a server, set your 1Password service account token:
# Get your service account token from 1Password
# https://developer.1password.com/docs/service-accounts/get-started/
export OP_SERVICE_ACCOUNT_TOKEN="ops_your_token_here"
# Then run chezmoi
sh -c "$(curl -fsLS get.chezmoi.io)" -- init --apply yourusername/dotfiles
# When prompted, select:
Machine type: serverchezmoi edit-configAdd or modify:
[data]
email = "your@email.com"
osid = "darwin" # or "linux-ubuntu", etc.
isWorkMachine = false # ← Add this line (true or false)# Remove stored answer
chezmoi state delete-bucket --bucket=configState
# This will prompt again on next apply
chezmoi initchezmoi data | grep -A 5 '"data"'# See what Brewfile would be generated
chezmoi execute-template < ~/.local/share/chezmoi/Brewfile.tmpl
# Or apply and check
chezmoi apply
cat ~/Brewfile| Setting | Kubernetes | 1Password Mode | Use Case |
|---|---|---|---|
machineType = "home" |
✅ Installed | account | Personal laptop |
machineType = "work" |
❌ Skipped | account | Work laptop |
machineType = "server" |
❌ Skipped | service-account | AI assistant, server |
If you initially set up as "work" but want to change to "home":
# 1. Update config
chezmoi edit-config
# Change: isWorkMachine = false
# 2. Regenerate Brewfile
chezmoi apply
# 3. Install new packages
brew bundle --global
# 4. Verify
brew list | grep kubectl # Should show kubectl if home machineEdit Brewfile.tmpl:
{{ if ne .isWorkMachine true -}}
# Home/Personal Machine Only
brew "kubernetes-cli"
brew "k9s"
brew "your-personal-tool" # ← Add here
{{ end -}}
{{ if eq .isWorkMachine true -}}
# Work Machine Only
brew "your-work-specific-tool" # ← Add work-only tools
{{ end -}}# Preview as work machine
chezmoi execute-template --init \
--promptString "email=test@test.com" \
--promptBool isWorkMachine=true \
< Brewfile.tmpl
# Preview as home machine
chezmoi execute-template --init \
--promptString "email=test@test.com" \
--promptBool isWorkMachine=false \
< Brewfile.tmplThe setting is stored in ~/.config/chezmoi/chezmoi.toml, so you can always check:
cat ~/.config/chezmoi/chezmoi.tomlIf you have different work environments, you could extend this:
[data]
machineType = "home" # or "work-clientA", "work-clientB"Then in Brewfile:
{{ if eq .machineType "work-clientA" -}}
brew "client-a-specific-tool"
{{ end -}}If you get template errors, make sure .chezmoi.toml has:
[data]
isWorkMachine = false # or true# Generate work machine Brewfile
echo 'isWorkMachine: true' | chezmoi execute-template < Brewfile.tmpl > /tmp/brewfile-work
# Generate home machine Brewfile
echo 'isWorkMachine: false' | chezmoi execute-template < Brewfile.tmpl > /tmp/brewfile-home
# Compare
diff /tmp/brewfile-work /tmp/brewfile-home