# Dotfiles Installation Packages Configuration # This file defines packages to install based on installation profiles and distribution-specific mappings #====================================== # Installation Profiles #====================================== # Core packages needed by all installations common: - git - curl - wget # Essential packages for basic functionality essentials: - zsh - bash - vim - openssh - sudo - man - bc - time - rsync - tree # Minimal development environment minimal: - gcc - make - python - jq - fzf - neovim - tmux # Full development environment dev: - clang - meson - gdb - cmake - go - ninja - ripgrep - fd - nodejs - emacs - vscode - ansible # Server-focused packages server: - ufw - net-tools - htop - btop - powertop - clamav - ntp - networkmanager - smartmontools - hdparm - acpi - parted - sysstat - hwinfo - ansible # Desktop environment packages desktop: - xorg - wayland - xclip - xterm - gtk - firefox - mpv - discord - libinput - nnn - ranger - obs-studio - unrar - unzip - p7zip - imagemagick - ffmpeg - wezterm - ncdu - picom - rofi - udiskie - brightnessctl - wl-clipboard - nemo - blueman - bluez # Window managers wm: - hyprland - bspwm - sxhkd - polybar # Audio/Media packages media: - mpd - pipewire - ncmpcpp # Gaming gaming: - wine - steam # Virtualization virtualization: - libvirt - qemu # Fonts fonts: - hack-font - nerd-fonts - font-awesome - dejavu-fonts #====================================== # Distribution-specific package mappings # Format: generic_name -> distro_specific_name #====================================== arch: # Core tools python: python nodejs: nodejs man: man-pages man-db tree: tree ntp: ntpsec hack-font: ttf-hack nerd-fonts: ttf-nerd-fonts-symbols-mono font-awesome: ttf-font-awesome dejavu-fonts: ttf-dejavu networkmanager: networkmanager qemu: qemu-full vscode: code # Desktop specific xorg: xorg xorg-server wayland: wayland xorg-xwayland gtk: gtk3 gtk4 libinput: libinput xf86-input-libinput bluez: bluez bluez-utils bluez-tools # Media pipewire: pipewire wireplumber debian: # Core tools python: python3 python3-pip nodejs: nodejs npm man: man-pages-dev man-db tree: tree ntp: ntp hack-font: fonts-hack nerd-fonts: fonts-nerd-font-symbols font-awesome: fonts-font-awesome dejavu-fonts: fonts-dejavu networkmanager: network-manager qemu: qemu-system vscode: code fd: fd-find openssh: openssh-server ansible: ansible fedora: # Core tools python: python3 python3-pip nodejs: nodejs npm man: man-pages man-db tree: tree ntp: chrony hack-font: adobe-source-code-pro-fonts nerd-fonts: powerline-fonts font-awesome: fontawesome-fonts dejavu-fonts: dejavu-fonts-common networkmanager: NetworkManager qemu: qemu-kvm vscode: code-oss fd: fd-find openssh: openssh-server ansible: ansible ninja: ninja-build # Desktop specific xorg: xorg xserver-xorg wayland: libwayland-dev xwayland gtk: libgtk-3-dev libgtk-4-dev libinput: libinput10 xserver-xorg-input-libinput bluez: bluez bluez-tools # Media pipewire: pipewire wireplumber # System tools ufw: ufw net-tools: net-tools btop: btop powertop: powertop clamav: clamav smartmontools: smartmontools hdparm: hdparm acpi: acpi parted: parted cups: cups sysstat: sysstat hwinfo: hwinfo rhel: # Core tools python: python3 python3-pip nodejs: nodejs npm man: man-pages man-db tree: tree ntp: chrony hack-font: adobe-source-code-pro-fonts nerd-fonts: powerline-fonts font-awesome: fontawesome-fonts dejavu-fonts: dejavu-fonts-common networkmanager: NetworkManager qemu: qemu-kvm vscode: code fd: fd-find openssh: openssh-server ansible: ansible ninja: ninja-build # Desktop specific xorg: xorg-x11-server-Xorg wayland: wayland-devel xorg-x11-server-Xwayland gtk: gtk3-devel gtk4-devel libinput: libinput bluez: bluez bluez-tools # System tools ufw: firewalld net-tools: net-tools btop: htop powertop: powertop clamav: clamav smartmontools: smartmontools hdparm: hdparm acpi: acpi parted: parted cups: cups sysstat: sysstat opensuse: # Core tools python: python3 python3-pip nodejs: nodejs16 npm16 man: man-pages man tree: tree ntp: chrony hack-font: adobe-sourcecodepro-fonts nerd-fonts: powerline-fonts font-awesome: fontawesome-fonts dejavu-fonts: dejavu-fonts networkmanager: NetworkManager qemu: qemu vscode: code openssh: openssh ansible: ansible gentoo: # Core tools with full package paths git: dev-vcs/git curl: net-misc/curl wget: net-misc/wget zsh: app-shells/zsh bash: app-shells/bash vim: app-editors/vim neovim: app-editors/neovim tmux: app-misc/tmux openssh: net-misc/openssh sudo: app-admin/sudo man: sys-apps/man-pages sys-apps/man-db bc: sys-devel/bc time: sys-process/time rsync: net-misc/rsync tree: app-text/tree gcc: sys-devel/gcc clang: sys-devel/clang make: sys-devel/make cmake: dev-util/cmake meson: dev-util/meson gdb: sys-devel/gdb ninja: dev-util/ninja ripgrep: sys-apps/ripgrep fd: sys-apps/fd python: dev-lang/python nodejs: net-libs/nodejs jq: app-misc/jq fzf: app-shells/fzf emacs: app-editors/emacs vscode: app-editors/vscode go: dev-lang/go htop: sys-process/htop ufw: net-firewall/ufw net-tools: sys-apps/net-tools btop: sys-process/btop powertop: sys-power/powertop clamav: app-antivirus/clamav ntp: net-misc/chrony networkmanager: net-misc/networkmanager smartmontools: sys-apps/smartmontools hdparm: sys-apps/hdparm acpi: sys-power/acpi parted: sys-block/parted cups: net-print/cups sysstat: app-admin/sysstat hwinfo: sys-apps/hwinfo hack-font: media-fonts/hack nerd-fonts: media-fonts/nerd-fonts font-awesome: media-fonts/fontawesome dejavu-fonts: media-fonts/dejavu # Desktop xorg: x11-base/xorg-server wayland: dev-libs/wayland x11-base/xwayland xclip: x11-misc/xclip xterm: x11-terms/xterm gtk: x11-libs/gtk+ firefox: www-client/firefox mpv: media-video/mpv discord: net-im/discord-bin libinput: dev-libs/libinput x11-drivers/xf86-input-libinput nnn: app-misc/nnn ranger: app-misc/ranger obs-studio: media-video/obs-studio unrar: app-arch/unrar unzip: app-arch/unzip p7zip: app-arch/p7zip imagemagick: media-gfx/imagemagick ffmpeg: media-video/ffmpeg wezterm: x11-terms/wezterm ncdu: sys-fs/ncdu picom: x11-misc/picom rofi: x11-misc/rofi udiskie: sys-fs/udiskie brightnessctl: app-misc/brightnessctl wl-clipboard: gui-apps/wl-clipboard nemo: gnome-extra/nemo blueman: net-wireless/blueman bluez: net-wireless/bluez # Window managers hyprland: gui-wm/hyprland bspwm: x11-wm/bspwm sxhkd: x11-misc/sxhkd polybar: x11-misc/polybar # Media mpd: media-sound/mpd pipewire: media-video/pipewire media-video/wireplumber ncmpcpp: media-sound/ncmpcpp # Gaming wine: app-emulation/wine-vanilla steam: games-util/steam-launcher # Virtualization libvirt: app-emulation/libvirt qemu: app-emulation/qemu alpine: python: python3 py3-pip nodejs: nodejs npm man: man-pages man-db ntp: chrony htop: htop openssh: openssh ansible: ansible void: python: python3 python3-pip nodejs: nodejs man: man-pages ntp: chrony openssh: openssh ripgrep: ripgrep fd: fd btop: btop networkmanager: NetworkManager ansible: ansible macos: # Homebrew packages - git - curl - wget - zsh - bash - vim - neovim - tmux - openssh - python3 - node - jq - fzf - ripgrep - fd - bat - htop - rsync - cmake - ninja - go - emacs - visual-studio-code - ansible windows: - git - ripgrep - fd - sudo - win32yank - microsoft-windows-terminal - wsl - firefox - setdefaultbrowser - nodejs - bat - 7zip - python - javaruntime - autohotkey - bitwarden - notepadplusplus - neovim bloatware: # - Anytime - BioEnrollment # - Browser - ContactSupport - Cortana # - Defender - Feedback - Flash # - Gaming # Breaks Xbox Live Account Login # - Holo # - InternetExplorer - Maps # - MiracastView - OneDrive # - SecHealthUI - Wallet # - Xbox # Causes a bootloop since upgrade 1511? default: # default Windows 10 apps # - Microsoft.3DBuilder - Microsoft.Appconnector - Microsoft.BingFinance - Microsoft.BingNews - Microsoft.BingSports - Microsoft.BingTranslator - Microsoft.BingWeather # - Microsoft.FreshPaint # - Microsoft.Microsoft3DViewer - Microsoft.MicrosoftOfficeHub - Microsoft.MicrosoftSolitaireCollection - Microsoft.MicrosoftPowerBIForWindows - Microsoft.MinecraftUWP # - Microsoft.MicrosoftStickyNotes # - Microsoft.NetworkSpeedTest - Microsoft.Office.OneNote # - Microsoft.OneConnect - Microsoft.People # - Microsoft.Print3D - Microsoft.SkypeApp - Microsoft.Wallet # - Microsoft.Windows.Photos # - Microsoft.WindowsAlarms # - Microsoft.WindowsCalculator - Microsoft.WindowsCamera - microsoft.windowscommunicationsapps - Microsoft.WindowsMaps - Microsoft.WindowsPhone - Microsoft.WindowsSoundRecorder - Microsoft.WindowsStore # - Microsoft.XboxApp # - Microsoft.XboxGameOverlay # - Microsoft.XboxIdentityProvider # - Microsoft.XboxSpeechToTextOverlay - Microsoft.ZuneMusic - Microsoft.ZuneVideo # Threshold 2 apps - Microsoft.CommsPhone - Microsoft.ConnectivityStore - Microsoft.GetHelp - Microsoft.Getstarted - Microsoft.Messaging - Microsoft.Office.Sway - Microsoft.OneConnect - Microsoft.WindowsFeedbackHub # Redstone apps - Microsoft.BingFoodAndDrink - Microsoft.BingTravel - Microsoft.BingHealthAndFitness - Microsoft.WindowsReadingList # non-Microsoft - king.com.CandyCrushSaga - king.com.CandyCrushSodaSaga - king.com.* - Facebook.Facebook # apps which cannot be removed using Remove-AppxPackage # - Microsoft.BioEnrollment # - Microsoft.MicrosoftEdge # - Microsoft.Windows.Cortana # - Microsoft.WindowsFeedback # - Microsoft.XboxGameCallableUI # - Microsoft.XboxIdentityProvider # - Windows.ContactSupport #====================================== # Gentoo USE flags configuration #====================================== gentoo_use_flags: git: "curl gpg perl python" curl: "ssl http2 ipv6" wget: "ssl ipv6 nls" zsh: "unicode pcre gdbm" bash: "net nls readline" tmux: "vim-syntax" vim: "python lua ruby perl cscope" neovim: "lua python ruby" emacs: "gtk jpeg png svg tiff xpm cairo dbus json ssl xml" gcc: "cxx fortran graphite jit nptl openmp pch pie ssp" clang: "static-analyzer" python: "sqlite ssl readline ncurses xml" nodejs: "ssl" htop: "unicode lm-sensors" openssh: "ssl kerberos ldap pam" firefox: "dbus gtk3 pulseaudio startup-notification wifi" mpv: "alsa pulseaudio lua drm wayland X" gtk: "wayland X cups introspection" pipewire: "alsa bluetooth jack pulseaudio sound-server" ffmpeg: "alsa encode mp3 opus pulseaudio theora vorbis webp x264 x265" networkmanager: "bluetooth dhclient introspection wifi" bluez: "alsa cups obex readline" qemu: "aio alsa bluetooth curl gtk jpeg ncurses opengl png pulseaudio sdl spice ssh usb vnc" libvirt: "firewalld libssh nfs numa parted qemu sasl udev" #====================================== # System tweaks and configurations #====================================== system_tweaks: gnome: # Power management settings - gsettings set org.gnome.desktop.session idle-delay 0 - gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-ac-type 'nothing' - gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-battery-type 'nothing' # Interface tweaks - gsettings set org.gnome.desktop.interface clock-show-weekday true - gsettings set org.gnome.desktop.interface show-battery-percentage true kde: # Power management - kwriteconfig5 --file powermanagementprofilesrc --group AC --group DimDisplay --key idleTime 300000 - kwriteconfig5 --file powermanagementprofilesrc --group AC --group DPMSControl --key idleTime 600000 windows: registry: # Explorer settings - path: "HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced" name: "Hidden" value: 1 type: "DWORD" description: "Show hidden files" - path: "HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced" name: "HideFileExt" value: 0 type: "DWORD" description: "Show file extensions" - path: "HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced" name: "TaskbarGlomLevel" value: 2 type: "DWORD" description: "Never combine taskbar buttons" - path: "HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced" name: "TaskbarSmallIcons" value: 1 type: "DWORD" description: "Use small taskbar icons" # Dark mode - path: "HKCU:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Themes\\Personalize" name: "AppsUseLightTheme" value: 0 type: "DWORD" description: "Use dark theme for apps" - path: "HKCU:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Themes\\Personalize" name: "SystemUsesLightTheme" value: 0 type: "DWORD" description: "Use dark theme for system" # Search settings - path: "HKCU:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Search" name: "SearchBoxTaskbarMode" value: 0 type: "DWORD" description: "Hide search box from taskbar" features: - name: "Microsoft-Windows-Subsystem-Linux" description: "Windows Subsystem for Linux" requires_admin: true - name: "VirtualMachinePlatform" description: "Virtual Machine Platform" requires_admin: true hardening: registry: # Security hardening registry settings - path: "HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System" name: "EnableLUA" value: 1 type: "DWORD" description: "Enable User Account Control" - path: "HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System" name: "ConsentPromptBehaviorAdmin" value: 2 type: "DWORD" description: "UAC prompt for administrators" - path: "HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings" name: "DisablePasswordCaching" value: 1 type: "DWORD" description: "Disable password caching" - path: "HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Lsa" name: "LimitBlankPasswordUse" value: 1 type: "DWORD" description: "Limit blank password use" - path: "HKLM:\\SYSTEM\\CurrentControlSet\\Services\\lanmanserver\\parameters" name: "AutoDisconnectTimeout" value: 15 type: "DWORD" description: "Auto disconnect timeout" - path: "HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System" name: "DontDisplayLastUserName" value: 1 type: "DWORD" description: "Don't display last username" services: disable: - "Fax" - "TelnetD" - "RemoteRegistry" - "Messenger" - "NetMeeting Remote Desktop Sharing" - "Remote Desktop Help Session Manager" - "Routing and Remote Access" - "Simple TCP/IP Services" - "SNMP Service" firewall: - "netsh advfirewall set allprofiles state on" - "netsh advfirewall firewall set rule group=\"File and Printer Sharing\" new enable=No" - "netsh advfirewall firewall set rule group=\"Network Discovery\" new enable=No" linux: hardening: sysctl: # Network security - net.ipv4.ip_forward = 0 - net.ipv4.conf.all.send_redirects = 0 - net.ipv4.conf.default.send_redirects = 0 - net.ipv4.conf.all.accept_source_route = 0 - net.ipv4.conf.default.accept_source_route = 0 - net.ipv4.conf.all.accept_redirects = 0 - net.ipv4.conf.default.accept_redirects = 0 - net.ipv4.conf.all.secure_redirects = 0 - net.ipv4.conf.default.secure_redirects = 0 - net.ipv4.conf.all.log_martians = 1 - net.ipv4.conf.default.log_martians = 1 - net.ipv4.icmp_echo_ignore_broadcasts = 1 - net.ipv4.icmp_ignore_bogus_error_responses = 1 - net.ipv4.conf.all.rp_filter = 1 - net.ipv4.conf.default.rp_filter = 1 - net.ipv4.tcp_syncookies = 1 - net.ipv6.conf.all.accept_ra = 0 - net.ipv6.conf.default.accept_ra = 0 - net.ipv6.conf.all.accept_redirects = 0 - net.ipv6.conf.default.accept_redirects = 0 # Kernel security - kernel.dmesg_restrict = 1 - kernel.kptr_restrict = 2 - kernel.yama.ptrace_scope = 1 - kernel.kexec_load_disabled = 1 - kernel.unprivileged_bpf_disabled = 1 - net.core.bpf_jit_harden = 2 # Memory protection - kernel.randomize_va_space = 2 - vm.mmap_min_addr = 65536 packages: security: - fail2ban - ufw - rkhunter - chkrootkit - lynis - aide - apparmor - apparmor-utils services: disable: - avahi-daemon - cups - bluetooth - whoopsie - apport enable: - ufw - fail2ban - apparmor filesystem: - "chmod 700 /root" - "chmod 644 /etc/passwd" - "chmod 600 /etc/shadow" - "chmod 644 /etc/group" - "chmod 600 /etc/gshadow" - "find /home -name '.netrc' -delete" - "find /home -name '.rhosts' -delete" macos: hardening: defaults: # Security settings - domain: "com.apple.screensaver" key: "askForPassword" value: 1 type: "int" description: "Require password after screensaver" - domain: "com.apple.screensaver" key: "askForPasswordDelay" value: 0 type: "int" description: "Require password immediately" - domain: "com.apple.Safari" key: "SendDoNotTrackHTTPHeader" value: 1 type: "bool" description: "Enable Do Not Track" - domain: "com.apple.Safari" key: "AutoFillPasswords" value: 0 type: "bool" description: "Disable password autofill" - domain: "com.apple.loginwindow" key: "GuestEnabled" value: 0 type: "bool" description: "Disable guest account" - domain: "com.apple.loginwindow" key: "SHOWFULLNAME" value: 1 type: "bool" description: "Show full name in login window" system: - "sudo spctl --master-enable" # Enable Gatekeeper - "sudo defaults write /Library/Preferences/com.apple.alf globalstate -int 1" # Enable firewall - "sudo launchctl load /System/Library/LaunchDaemons/com.apple.locate.plist" # Enable locate database services: disable: - "com.apple.AirPlayXPCHelper" - "com.apple.RemoteDesktop.agent" packages: security: - gpg - gnupg - pinentry-mac #====================================== # Service configurations #====================================== services: enable: all: - sshd - networkmanager server: - firewalld - chronyd desktop: - bluetooth - cups disable: server: - bluetooth - cups - gdm minimal: - cups - bluetooth #====================================== # Development environment configurations #====================================== development: git_config: - git config --global init.defaultBranch main - git config --global pull.rebase false - git config --global core.editor vim rust: components: - rustc - cargo - clippy - rustfmt nodejs: global_packages: - typescript - eslint - prettier python: global_packages: - black - flake8 - mypy - requests - virtualenvwrapper #====================================== # System update checks and maintenance #====================================== system_updates: linux: kernel_check: - "uname -r" # Current kernel - "ls /boot/vmlinuz-* | tail -1 | sed 's/.*vmlinuz-//'" # Latest available distro_updates: arch: check: "checkupdates" update: "pacman -Syu" kernel_update: "pacman -S linux linux-headers" debian: check: "apt list --upgradable" update: "apt update && apt upgrade -y" kernel_update: "apt install linux-image-generic linux-headers-generic" rhel: check: "dnf check-update" update: "dnf update -y" kernel_update: "dnf update kernel kernel-headers" gentoo: check: "emerge -pv --update --deep --newuse @world" update: "emerge --update --deep --newuse @world" kernel_update: "emerge gentoo-sources && genkernel all" macos: system_updates: check: "softwareupdate -l" update: "softwareupdate -ia" major_check: "softwareupdate --list-full-installers" windows: system_updates: check: "Get-WindowsUpdate -MicrosoftUpdate" update: "Install-WindowsUpdate -MicrosoftUpdate -AcceptAll -AutoReboot" feature_updates: "Get-WindowsUpdate -UpdateType Software" #====================================== # Custom installation commands #====================================== custom_installs: yq: condition: "! command -v yq" linux: | mkdir -p "$HOME/.local/bin" YQ_VERSION=$(curl -s https://api.github.com/repos/mikefarah/yq/releases/latest | grep 'tag_name' | cut -d'"' -f4) YQ_BINARY="yq_linux_amd64" curl -L "https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/${YQ_BINARY}" -o "$HOME/.local/bin/yq" chmod +x "$HOME/.local/bin/yq" macos: "brew install yq" windows: "choco install yq" homebrew: condition: "test $(uname) = Darwin && ! command -v brew" macos: '/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"' system_updates: condition: "true" # Always available description: "Check and install system updates" linux: | case "$CFG_DISTRO" in arch) checkupdates && sudo pacman -Syu ;; debian|ubuntu) apt list --upgradable && sudo apt update && sudo apt upgrade -y ;; rhel|fedora|centos) dnf check-update && sudo dnf update -y ;; gentoo) emerge -pv --update --deep --newuse @world && sudo emerge --update --deep --newuse @world ;; *) echo "Unsupported distribution for automatic updates" ;; esac macos: "softwareupdate -l && sudo softwareupdate -ia" windows: | if (Get-Module -ListAvailable -Name PSWindowsUpdate) { Get-WindowsUpdate -MicrosoftUpdate Install-WindowsUpdate -MicrosoftUpdate -AcceptAll -AutoReboot } else { Write-Host "PSWindowsUpdate module not installed. Install with: Install-Module PSWindowsUpdate" } zsh_plugins: condition: "command -v zsh" description: "Install common Zsh plugins" linux: | ZPLUG_DIR="$HOME/.config/zsh/plugins"; mkdir -p "$ZPLUG_DIR"; command -v git >/dev/null 2>&1 || exit 0; c(){ n="$1"; u="$2"; [ -d "$ZPLUG_DIR/$n" ] && return 0; env -i PATH="$PATH" HOME="$HOME" GIT_TERMINAL_PROMPT=0 GIT_ASKPASS=/bin/true git -c credential.helper= -c core.askPass= clone --depth 1 --single-branch "$u" "$ZPLUG_DIR/$n" 2>/dev/null || true; }; c zsh-you-should-use https://github.com/MichaelAquilina/zsh-you-should-use.git; c zsh-syntax-highlighting https://github.com/zsh-users/zsh-syntax-highlighting.git; c zsh-autosuggestions https://github.com/zsh-users/zsh-autosuggestions.git macos: | ZPLUG_DIR="$HOME/.config/zsh/plugins"; mkdir -p "$ZPLUG_DIR"; command -v git >/dev/null 2>&1 || exit 0; c(){ n="$1"; u="$2"; [ -d "$ZPLUG_DIR/$n" ] && return 0; env -i PATH="$PATH" HOME="$HOME" GIT_TERMINAL_PROMPT=0 GIT_ASKPASS=/bin/true git -c credential.helper= -c core.askPass= clone --depth 1 --single-branch "$u" "$ZPLUG_DIR/$n" 2>/dev/null || true; }; c zsh-you-should-use https://github.com/MichaelAquilina/zsh-you-should-use.git; c zsh-syntax-highlighting https://github.com/zsh-users/zsh-syntax-highlighting.git; c zsh-autosuggestions https://github.com/zsh-users/zsh-autosuggestions.git vscode_extensions: condition: "command -v code" description: "Install template VSCode extensions" linux: | for e in ms-python.python ms-vscode.cpptools golang.Go rust-lang.rust-analyzer esbenp.prettier-vscode eamodio.gitlens ms-azuretools.vscode-docker hashicorp.terraform redhat.ansible; do code --install-extension "$e" --force >/dev/null 2>&1 || true; done macos: | for e in ms-python.python ms-vscode.cpptools golang.Go rust-lang.rust-analyzer esbenp.prettier-vscode eamodio.gitlens ms-azuretools.vscode-docker hashicorp.terraform redhat.ansible; do code --install-extension "$e" --force >/dev/null 2>&1 || true; done nix_home_manager: condition: "command -v nix-env" description: "Bootstrap Home Manager if missing" linux: | if ! command -v home-manager >/dev/null 2>&1; then nix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager || true; nix-channel --update || true; nix-shell '' -A install || true; fi macos: | if ! command -v home-manager >/dev/null 2>&1; then nix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager || true; nix-channel --update || true; nix-shell '' -A install || true; fi #====================================== # Profile-specific package lists #====================================== profiles: essentials: description: "Essential packages only (git, curl, wget, vim, zsh)" packages: - common - essentials minimal: description: "Minimal setup for basic development" packages: - common - essentials - minimal dev: description: "Full development environment" packages: - common - essentials - minimal - dev enable_development: true server: description: "Server configuration" packages: - common - essentials - minimal - server enable_services: server full: description: "Complete installation with all packages" packages: - common - essentials - minimal - dev - server - desktop - wm - media - fonts enable_development: true enable_services: desktop #====================================== # Package management helpers #====================================== package_managers: arch: update: "pacman -Syu" install: "pacman -S --noconfirm" search: "pacman -Ss" debian: update: "apt update && apt upgrade -y" install: "apt install -y" search: "apt search" rhel: update: "dnf update -y" install: "dnf install -y" search: "dnf search" fedora: update: "dnf update -y" install: "dnf install -y" search: "dnf search" opensuse: update: "zypper update -y" install: "zypper install -y" search: "zypper search" gentoo: update: "emerge --sync && emerge -uDN @world" install: "emerge" search: "emerge --search" alpine: update: "apk update && apk upgrade" install: "apk add" search: "apk search" void: update: "xbps-install -Su" install: "xbps-install -y" search: "xbps-query -Rs" macos: update: "brew update && brew upgrade" install: "brew install" search: "brew search" windows: update: "choco upgrade all -y" install: "choco install -y" search: "choco search" nix: update: "nix-channel --update && nix-env -u" install: "nix-env -iA" search: "nix-env -qaP"