dotfiles/dot_config/git/config, branch masterMy linux config and rc fileshttps://git.sommerfeld.dev/dotfiles/atom/dot_config/git/config?h=master2026-06-05T10:06:03ZAdd no-hooks rebase alias2026-06-05T10:06:03Zsommerfeldsommerfeld@sommerfeld.dev2026-06-05T10:06:03Zurn:sha1:af3b15af163231eb16feff46bbbba85729d07f31Refactor git resign alias2026-06-05T10:06:03Zsommerfeldsommerfeld@sommerfeld.dev2026-06-05T10:06:03Zurn:sha1:44ef6219949675c6ab46b230a7f87fb8f6c9665fperf(git): disable delta hyperlinks2026-05-22T09:41:21Zsommerfeldsommerfeld@sommerfeld.dev2026-05-22T09:41:21Zurn:sha1:148ec6044004941bc0be63fadea6f9be903c1671
Delta's hyperlink resolution shells out to git rev-parse for every
blob to build clickable file links, which is fine on bare metal but
death-by-fork on a slow VM — 'git diff' could take many seconds
while 'git diff | cat' returns instantly. Turn hyperlinks off; we
get clickable nothing but visible-everything-fast diffs.
feat: add another work includeIf2026-05-14T09:59:45Zsommerfeldsommerfeld@sommerfeld.dev2026-05-14T09:59:45Zurn:sha1:41926591c513a42a30992a641e5d2875395c1c86feat(git): add resign alias2026-05-14T09:58:37Zsommerfeldsommerfeld@sommerfeld.dev2026-05-14T09:58:37Zurn:sha1:74b3cb9b574b3e4a88020b1b3eb45fcfa4d448be
Rebases onto @{u} re-signing each commit with the current author
identity and key, while stripping any Co-authored-by lines. Hooks are
disabled (core.hooksPath=/dev/null) so chezmoi's post-commit hook
doesn't fire once per replayed commit.
feat(remote-dev): add zoxide/clang-tools/node/uv/AI agents; bring git+ssh; SSH-format signing2026-05-14T09:58:14Zsommerfeldsommerfeld@sommerfeld.dev2026-05-14T09:58:14Zurn:sha1:db4c6bdcd2af6aa2b95f587974f34c0246f62cb8
home.nix:
- Add zoxide (fixes 'command not found' on shell start), clang-tools
(no compiler driver), nodejs (Mason npm LSPs), uv (Mason python LSPs;
does not install python3 in PATH, so Ubuntu's /usr/bin/python3 stays
the system default), claude-code, github-copilot-cli.
- Refine the leaf-tools policy comment: explicit denylist of build-
toolchain binaries that would shadow Ubuntu's via PATH, plus a
carve-out for editor/AI runtimes (node, uv, clang-tools).
- Symlink ~/.config/git/{config,attributes,ignore} and ~/.ssh/config
from the dotfiles tree.
dot_config/zsh/dot_zshrc: guard direnv/zoxide/fzf inits with
'command -v X >/dev/null &&' so a fresh machine without one of them
no longer prints a stderr error on every shell start.
dot_config/git/config: append unconditional '[include] path =
~/.config/git/config.local' for machine-local overrides (used on the
remote-dev VM to switch to SSH-format signing via the forwarded
agent). Git silently skips missing include files.
remote-dev/README.md: document the update flow (config-only vs HM
rebuild), the single-shell leaf-tools policy, and the one-time VM
setup for SSH-format commit signing (allowed_signers + config.local,
ForwardAgent yes on the host).
feat(git): global pre-push hook rejecting unsigned commits2026-05-13T12:43:34Zsommerfeldsommerfeld@sommerfeld.dev2026-05-13T12:43:34Zurn:sha1:0ee8f260727f3e88d26d06f59e5c2fa71211a06d
Activated via core.hooksPath = ~/.config/git/hooks in the global
git config. The hook walks each ref being pushed (range: remote..local
or, for new branches, local --not --remotes) and checks %G? on every
commit. Accepts G/U/X/Y (good signature variants), rejects N/B/E/R
(no signature, bad, missing key, revoked).
Bypass: git push --no-verify
This repo overrides hooksPath to .githooks/ for its just-check
pre-commit gate, so a thin .githooks/pre-push delegates to the global
hook to keep the policy enforced here too.
fix(git): allow self-signed cert for ProtonMail Bridge SMTP2026-05-13T12:43:24Zsommerfeldsommerfeld@sommerfeld.dev2026-05-13T12:43:24Zurn:sha1:215c027b2546aafab79f824eacded9c3f2c5cf09
The Bridge presents a self-signed cert on its 127.0.0.1:1025 STARTTLS
listener, so git send-email's default cert verification fails with
SSL_verify_cert. Setting smtpSslCertPath to empty disables chain
verification for this single, loopback-only endpoint.
Per https://git-send-email.io/#step-2 (Proton Bridge note).
feat(git): configure git send-email via ProtonMail Bridge2026-05-13T12:43:24Zsommerfeldsommerfeld@sommerfeld.dev2026-05-13T12:43:24Zurn:sha1:3b69f8e3c6c1494da1ab85c65476efc90fa13dfb
Add a [sendemail] block targeting the local Bridge SMTP listener
(127.0.0.1:1025, STARTTLS) and a credential helper scoped to that URL
that fetches the password from pass (proton/bridge-smtp). The helper
command is public; the secret stays in the password store. The bridge
SMTP username (sensitive but not secret) goes in the per-identity
private overlay (~/doxfiles), not here.
Also pull in the Perl SMTP modules git send-email needs at runtime.
refactor: restructure to chezmoi source state2026-04-21T00:23:18Zsommerfeldsommerfeld@sommerfeld.dev2026-04-21T00:23:18Zurn:sha1:d00bf2cb2d5087164fa509a4f20a2be62a519044
Rename home/ contents to chezmoi naming conventions:
- dot_ prefix for dotfiles and dot-dirs
- private_dot_ for .gnupg and .ssh directories
- private_ for 0600 files (nym.pub)
- executable_ for scripts in .local/bin and display-toggle.sh
- symlink_ for mimeapps.list symlink