From 5bbf5b4b3bb1a121d1b38848c00a09ef813c535c Mon Sep 17 00:00:00 2001 From: Li Tang Date: Tue, 24 Mar 2026 17:51:47 +0800 Subject: [PATCH] feat: 1Password SSH agent auto-setup and SSH config template - Add 1Password SSH agent socket symlink creation in setup.sh - Copy ssh/example template to ~/.ssh/config on fresh install - Update Brewfile with additional packages (bun, pnpm, qq, teamviewer, etc.) - Update documentation (CHECKLIST, MIGRATION_GUIDE, README) --- Brewfile | 12 ++++++++++-- CHECKLIST.md | 3 +++ MIGRATION_GUIDE.md | 6 ++++-- README.md | 3 +++ setup.sh | 46 ++++++++++++++++++++++++++++++++++++++++++++++ ssh/example | 8 ++------ 6 files changed, 68 insertions(+), 10 deletions(-) diff --git a/Brewfile b/Brewfile index 25e8ef3..340c1b1 100644 --- a/Brewfile +++ b/Brewfile @@ -1,8 +1,8 @@ tap "anomalyco/tap" tap "farion1231/ccswitch" tap "minio/stable" +tap "oven-sh/bun" tap "vitobotta/tap" -brew "act" brew "argocd" brew "asciinema" brew "autojump" @@ -43,8 +43,8 @@ brew "neovim" brew "nexttrace" brew "ripgrep" brew "opencode" +brew "pnpm" brew "postgresql@17", restart_service: :changed -brew "rclone" brew "redis", restart_service: :changed brew "rustup" brew "starship" @@ -56,6 +56,7 @@ brew "wget" brew "xcbeautify" brew "zsh" brew "minio/stable/mc" +brew "oven-sh/bun/bun" brew "vitobotta/tap/hetzner_k3s" cask "1password" cask "alacritty" @@ -83,23 +84,29 @@ cask "notion" cask "obsidian" cask "only-switch" cask "orbstack" +cask "qq" cask "raycast" cask "spotify" cask "stats" +cask "teamviewer" cask "telegram" cask "typeless" cask "visual-studio-code@insiders" cask "wechat" +cask "wechatwork" +cask "wpsoffice-cn" mas "1Password for Safari", id: 1569813296 mas "GarageBand", id: 682658836 mas "iMovie", id: 408981434 mas "Keynote", id: 409183694 mas "Numbers", id: 409203825 mas "Pages", id: 409201541 +vscode "alefragnani.project-manager" vscode "anthropic.claude-code" vscode "donjayamanne.githistory" vscode "dreamecho.git-blame-lens" vscode "eamodio.gitlens" +vscode "esbenp.prettier-vscode" vscode "github.copilot-chat" vscode "golang.go" vscode "gruntfuggly.todo-tree" @@ -115,6 +122,7 @@ vscode "openai.chatgpt" vscode "redhat.vscode-yaml" vscode "rust-lang.rust-analyzer" vscode "vscodevim.vim" +vscode "vue.volar" vscode "wakatime.vscode-wakatime" go "rsc.io/2fa" go "golang.org/x/tools/cmd/callgraph" diff --git a/CHECKLIST.md b/CHECKLIST.md index e478c40..015b1cd 100644 --- a/CHECKLIST.md +++ b/CHECKLIST.md @@ -39,6 +39,8 @@ - [ ] **自动** ~/.config/wezterm 软链接 - [ ] **自动** ~/.config/starship.toml 软链接 - [ ] **自动** ~/.gitconfig 软链接 +- [ ] **自动** 如不存在则用 `ssh/example` 初始化 ~/.ssh/config +- [ ] **自动** 如可用则创建 ~/.1password/agent.sock 符号链接 - [ ] **自动** Git 全局配置 (excludesfile, defaultBranch) - [ ] **自动** fzf 安装和配置 @@ -74,6 +76,7 @@ cat ~/.ssh/id_ed25519.pub | pbcopy - [ ] **手动** 生成 SSH 密钥 - [ ] **手动** 添加密钥到 1Password - [ ] **手动** 添加公钥到代码托管平台 +- [ ] **手动** 按需调整 ~/.ssh/config 中的主机配置 ### 验证 Git 配置 ```bash diff --git a/MIGRATION_GUIDE.md b/MIGRATION_GUIDE.md index f67586b..ba927ea 100644 --- a/MIGRATION_GUIDE.md +++ b/MIGRATION_GUIDE.md @@ -33,6 +33,7 @@ | `starship.toml` | Starship 配置 | Shell 提示符 | | `Brewfile` | Homebrew 包列表 | 所有工具和应用 | | `setup.sh` | 安装脚本 | 一键配置 | +| `ssh/example` | SSH 配置模板 | 初始化 `~/.ssh/config` | | `CHECKLIST.md` | 检查清单 | 配置验证 | | `QUICKSTART.md` | 快速开始 | 3-5 分钟配置 | | `README.md` | 完整文档 | 使用说明 | @@ -67,7 +68,7 @@ secrets.txt # 密钥文件 - [ ] Git 用户信息 (name, email) - [ ] 1Password SSH Agent - [ ] Kubeconfig (工作集群配置) -- [ ] SSH config (如果有自定义主机) +- [ ] SSH config 中的自定义主机条目(如需额外调整) ### 需要单独备份的 @@ -98,6 +99,7 @@ cd ~/.dotfiles - ✅ zsh antigen 安装 - ✅ asdf 版本管理器安装 - ✅ dotfiles 软链接创建 +- ✅ 如 `~/.ssh/config` 不存在,则用模板初始化 - ✅ Git 基础配置 - ✅ fzf 安装 @@ -129,7 +131,7 @@ cat ~/.ssh/id_ed25519.pub #### 1Password SSH Agent (如果使用) ```bash -# 创建符号链接 +# 如果 install 没自动创建,再手动创建符号链接 mkdir -p ~/.1password ln -s ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock ~/.1password/agent.sock diff --git a/README.md b/README.md index bbce027..cf214d4 100644 --- a/README.md +++ b/README.md @@ -313,6 +313,7 @@ MIT |------|------|-----------| | **Brewfile** | Homebrew 包列表 | ✅ | | **SSH 公钥** | `~/.ssh/*.pub` | ⚠️ 不提交 | +| **SSH 配置备份** | `~/.ssh/config` | ⚠️ 不提交 | | **Git 配置摘要** | 用户信息(脱敏) | ⚠️ 不提交 | | **1Password 配置** | SSH Agent 设置 | ✅ | | **VSCode 扩展** | 已安装扩展列表 | ✅ | @@ -336,6 +337,8 @@ git commit -m 'backup: update dotfiles' - ⚠️ **不要提交**: `.git_config_summary.txt`, `ssh_backup_*/` - ✅ **可以提交**: `Brewfile`, `.1password_config.txt`, `.vscode_extensions.txt` +- `./setup.sh install` / `./setup.sh full-recover` 会在 `~/.ssh/config` 不存在时,用 `ssh/example` 初始化一份本地配置 +- `./setup.sh install` 也会在检测到 1Password socket 后,自动创建 `~/.1password/agent.sock` --- diff --git a/setup.sh b/setup.sh index 55fa717..9f87d1e 100755 --- a/setup.sh +++ b/setup.sh @@ -191,6 +191,28 @@ function cmd_install() { mkdir -p "$HOME_DIR/.config" mkdir -p "$HOME_DIR/.ssh" mkdir -p "$HOME_DIR/.kube" + mkdir -p "$HOME_DIR/.1password" + + local op_agent_target="$HOME_DIR/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock" + local op_agent_link="$HOME_DIR/.1password/agent.sock" + if [ -S "$op_agent_target" ]; then + if [ -L "$op_agent_link" ]; then + local op_link_target + op_link_target=$(readlink "$op_agent_link") + if [ "$op_link_target" = "$op_agent_target" ]; then + print_success "1Password SSH agent link already exists" + else + print_warning "~/.1password/agent.sock points elsewhere; leaving it unchanged" + fi + elif [ -e "$op_agent_link" ]; then + print_warning "~/.1password/agent.sock already exists; leaving it unchanged" + else + ln -s "$op_agent_target" "$op_agent_link" + print_success "Linked 1Password SSH agent" + fi + else + print_warning "1Password SSH agent socket not found yet" + fi # Link files print_warning "Linking files..." @@ -228,6 +250,28 @@ function cmd_install() { print_warning "Not found: $from" fi done + + # Install SSH config from template without symlinking it into the repo. + local ssh_template="$WORKING_DIR/ssh/example" + local ssh_target="$HOME_DIR/.ssh/config" + if [ -f "$ssh_template" ]; then + if [ -L "$ssh_target" ]; then + local ssh_link_target + ssh_link_target=$(readlink "$ssh_target") + if [ "$ssh_link_target" = "$WORKING_DIR/ssh/config" ] || [ "$ssh_link_target" = "$ssh_template" ]; then + rm "$ssh_target" + cp "$ssh_template" "$ssh_target" + print_success "Copied SSH config from template" + else + print_warning "~/.ssh/config is a custom symlink; leaving it unchanged" + fi + elif [ -f "$ssh_target" ]; then + print_warning "~/.ssh/config already exists; leaving it unchanged" + else + cp "$ssh_template" "$ssh_target" + print_success "Copied SSH config from template" + fi + fi # Initialize git config excludesfile print_warning "Configuring git..." @@ -518,6 +562,8 @@ function cmd_full_recover() { echo " git config --file ~/.gitconfig user.email 'your@email.com'" echo " git config --file ~/.gitconfig user.signingkey 'your-ssh-key'" echo "" + echo " # SSH config template is in ~/.dotfiles/ssh/example" + echo " # 1Password SSH agent symlink should exist at ~/.1password/agent.sock" echo " # Generate new SSH keys" echo " ssh-keygen -t ed25519 -C 'your@email.com'" echo "" diff --git a/ssh/example b/ssh/example index 396a3d0..f37e91a 100644 --- a/ssh/example +++ b/ssh/example @@ -1,7 +1,6 @@ -Host * - #HostkeyAlgorithms +ssh-rsa - #PubkeyAcceptedAlgorithms +ssh-rsa +Include ~/.orbstack/ssh/config +Host * IdentityAgent "~/.1password/agent.sock" ServerAliveInterval 60 TCPKeepAlive yes @@ -10,11 +9,9 @@ Host github.com Hostname ssh.github.com Port 443 User git - # set to personal by default IdentityFile ~/.ssh/Personal.pub IdentitiesOnly yes -# Personal Host personalgit Hostname ssh.github.com Port 443 @@ -22,7 +19,6 @@ Host personalgit IdentityFile ~/.ssh/Personal.pub IdentitiesOnly yes -# Work Host workgit Hostname ssh.github.com Port 443