This repository is a public bootstrapper for my personal dotfiles, which are managed with chezmoi and live in a separate, private repository.
Its job is deliberately narrow: provide safe, explicit entry points for setting up new machines or environments — without leaking secrets, baking in assumptions, or duplicating logic.
All real configuration lives in the dotfiles repo. This repo only gets you to that point.
The scripts in this repository (minimal.sh, full.sh) are generated from templates in the dotfiles repository.
Do not edit these scripts directly. To update them:
- Edit the templates in
dotfiles/scripts/templates/ - Run
make bootstrap-scriptsin dotfiles - The generator copies updated scripts here
- Commit both repos
See dotfiles/BOOTSTRAP_GENERATION.md for details.
- Public
- Minimal and auditable
- Safe to
curl | bash - Focused on bootstrapping
chezmoi, not configuring your system
- My actual dotfiles
- A secrets store
- A monolithic “do everything” installer
If something feels “too fancy” for a bootstrapper, it probably belongs in the dotfiles repo instead.
This bootstrap repo provides two entry points depending on your situation:
Fresh Machine / Unknown Environment
│
├─ minimal.sh ──────────→ Working shell (self-contained)
│
└─ full.sh ─────────────→ Complete setup (requires dotfiles access)
- No dependencies or assumptions
- No private repo access required
- Works on macOS and Linux
- Output: git, curl, zsh, basic shell config
- Use when: Fresh machine, unsure what's installed, CI/containers
Example:
curl -fsSL https://raw.githubusercontent.com/mkhnsn/bootstrap/main/minimal.sh | bash
exec zsh- Requires GitHub access to private dotfiles repo
- Installs chezmoi and applies all dotfiles
- Installs Homebrew and packages (macOS)
- Output: Full configuration, all tools, all settings
- Use when: Personal machine setup, you have repo access
Example:
bash full.sh
exec zshThese scripts are generated. The actual source code lives in the dotfiles repository:
dotfiles/scripts/
├── templates/
│ ├── minimal.sh.template
│ └── full.sh.template
├── generate-bootstrap.sh
└── Makefile
To update the scripts: edit the templates, run make bootstrap-scripts, commit both repos.
Works on macOS and Linux. Assumes nothing beyond a basic shell.
curl -fsSL https://raw.githubusercontent.com/mkhnsn/bootstrap/main/minimal.sh | bashUse this when:
- You’re on a brand‑new machine
- You’re not sure what’s installed
- You want a reversible, low‑risk setup
bash install.shThis script is intentionally boring. It exists so there is exactly one supported way to apply
dotfiles once chezmoi is present.
For machines you own and intend to keep.
./bootstrap/personal.shThis layer installs opinionated tooling (Homebrew, GUI apps, defaults) and then re‑applies chezmoi
to wire everything together.
- Ensures
chezmoiis installed - Runs one of:
chezmoi init --apply(first run)chezmoi apply(subsequent runs)
- Exits
No package installs. No secrets. No magic.
This repository is not used directly by Codespaces.
Instead:
- GitHub’s Dotfiles feature points at the private dotfiles repo
- GitHub automatically runs
install.sh(per official docs) - Codespaces behavior matches local machines as closely as possible
This repo exists mainly to bootstrap outside Codespaces.
- This repository contains no secrets
- All credentials (GitHub tokens, SSH keys, API keys) live in 1Password
- Secrets are accessed at apply‑time via
chezmoi’s 1Password integration - Nothing sensitive is written to disk here
If you’re auditing this repo before running it: you’re doing it right.
- Bootstrap code should be boring
- Idempotence beats cleverness
- One obvious path is better than many clever ones
- Anything interactive belongs after bootstrap
MIT. Use freely. Modify aggressively. Just don’t expect it to configure your machines 😄