Personal development configuration files managed with GNU Stow and Nix + home-manager.
Supports Fedora and Ubuntu with desktop and server profiles.
One-liner (on a fresh system):
git clone https://github.com/csessh/.dotfiles.git ~/.dotfiles && ~/.dotfiles/bootstrap.shOr step by step:
# Clone the repo (uses HTTPS for fresh systems without SSH keys)
git clone https://github.com/csessh/.dotfiles.git ~/.dotfiles
# Run bootstrap script
~/.dotfiles/bootstrap.shThe bootstrap script will:
- Prompt for host type (desktop/server)
- Install Nix (Fedora: native package, others: official installer)
- Enable flakes via stow
- Save host type to
~/.config/host-type - Install home-manager and apply configuration
- Install system packages (Docker)
- Add user to docker group
- Install oh-my-zsh, remove stock .zshrc, stow shell config
- Install TPM (Tmux Plugin Manager)
- Stow configuration packages (desktop-only: ghostty, ssh)
- Set zsh as default shell
After bootstrap, log out and back in for all changes to take effect.
Bootstrap prompts for host type:
| Profile | Packages | Stow |
|---|---|---|
| Desktop | Base + 1password, claude-code, fonts, xclip, pam_u2f, yubikey-manager | All packages + ghostty, ssh, Yubico |
| Server | Base only (CLI tools, dev tools, languages) | Core packages only |
To change host type after bootstrap:
echo "server" > ~/.config/host-type # or "desktop"
home-manager switch --impureEdit ~/.dotfiles/home-manager/.config/home-manager/packages.nix:
let
basePackages = with pkgs; [
# Packages for all hosts
newpackage
];
desktopPackages = with pkgs; [
# Desktop-only packages
gui-app
];
in { ... }Then apply:
home-manager switch --impure# Update flake inputs (gets latest nixpkgs)
nix flake update ~/.config/home-manager
# Apply updates
home-manager switch --impure# Remove old generations
nix-collect-garbage -d# List previous generations
home-manager generations
# Roll back to previous generation
home-manager switch --rollbackConfigurations are managed with GNU Stow. Each tool has its own directory that mirrors the target filesystem structure.
cd ~/.dotfiles
# Deploy a config
stow nvim
# Remove a config
stow -D nvim
# Restow (remove then deploy)
stow -R nvim| Package | Description | Desktop Only |
|---|---|---|
| bat | cat replacement with syntax highlighting | |
| fastfetch | system information tool | |
| ghostty | terminal emulator | Yes |
| git | git and lazygit configuration | |
| nvim | neovim configuration | |
| shell | zsh configuration (requires oh-my-zsh) | |
| ssh | SSH configuration | Yes |
| tmux | tmux configuration |
| Component | Manager | Notes |
|---|---|---|
| CLI tools (ripgrep, fd, fzf, bat, etc.) | Nix | Declarative, reproducible |
| Dev tools (neovim, tmux, git) | Nix | Same versions across machines |
| Languages (nodejs, python, go) | Nix | Consistent toolchain |
| Desktop apps (1password) | Nix | Desktop profile only |
| Ghostty | System (dnf/apt) | OpenGL compatibility |
| Docker | System (dnf/apt/brew) | System integration |
| oh-my-zsh | curl installer | Shell framework |
| Configs | Stow | Symlinked from dotfiles |
Bootstrap configures YubiKey for SSH (PIV smart card) automatically. For PAM authentication (login/sudo with FIDO2), run the setup wizard:
~/.dotfiles/setup-yubikey-pam.shThe wizard guides you through:
- FIDO2 PIN setup (skippable if already set)
- Key registration (primary + backup keys)
- PAM file configuration with backup and test-after-each
- Optional fingerprint reader disable
See Yubikey-auth.md for manual steps and recovery instructions.