YADM (Yet Another Dotfiles Manager) & Keybase

Posted on July 13, 2018 in How-to, Interesting

I use multiple Mac workstations to manage all my systems and services (AWS infrastructure, Kubernetes)  so it is a challenge to manage the keys and credentials needed to access those systems. YADM (Yet Another Dotfiles Manager) does a great job of managing this files and storing them in a git repository but I wasn't comfortable hosting that repository on a public facing service (Github or Gitlab) so I took advantage of Keybase's private encrypted git repo feature.

Thanks to Rami Al-Ghanmi & Mosab Al-Ghanmi's presentation at Scale16x for introducing me to YADM (Yet Another Dotfiles Manager).

The Setup

YADM (Yet Another Dotfiles Manager)

> brew install yadm
> yadm init
> yadm add <important file>
> yadm commit
> yadm remote add origin <url> # See Use Keybase below to avoid public git repos
> yadm push -u origin master

YADM file encryption

YADM has a means to handle sensitive information (SSH keys, AWS credentials)

> vim $HOME/.yadm/encrypt

add list of file locations of sensitive files


Continue with YADM's encryption process

> yadm encrypt # set password. This creates a file $HOME/.yadm/files.gpg
> yadm add .yadm/encrypt
> yadm add .yadm/files.gpg
> yadm commit
> yadm push -u origin master

Now let's setup our dotfiles on a second machine.

> brew install yadm
> yadm clone <url>
# The clone command will attempt to merge your existing repository, but if it fails, it will stash any conflicting data. See this question in the FAQ if you need help.
> yadm status

Use Keybase encrypted git repository to safely store your YADM repository

  1. Setup Keybase
  2. Create a private Git repository named ‘dotfiles’ or similar
  3. Continue with setup steps above.