Variables
The following configuration variables are available:
Section | Variable | Type | Default value | Description |
---|---|---|---|---|
Top level | cacheDir |
string | $XDG_CACHE_HOME/chezmoi $HOME/.cache/chezmoi %USERPROFILE%/.cache/chezmoi |
Cache directory |
color |
string | auto |
Colorize output | |
data |
object | none | Template data | |
destDir |
string | $HOME %USERPROFILE% |
Destination directory | |
encryption |
string | none | Encryption type, either age or gpg |
|
env |
object | none | Extra environment variables for scripts and commands | |
format |
string | json |
Format for data output, either json or yaml |
|
interactive |
string | false |
Prompt for all changes | |
mode |
string | file |
Mode in target dir, either file or symlink |
|
pager |
string | $PAGER |
Default pager CLI command | |
persistentState |
string | $XDG_CONFIG_HOME/chezmoi/chezmoi.boltdb $HOME/.config/chezmoi/chezmoi.boltdb %USERPROFILE%/.config/chezmoi/chezmoi.boltdb |
Location of the persistent state file | |
progress |
bool | false |
Display progress bars | |
scriptEnv |
object | none | Extra environment variables for scripts and commands | |
scriptTempDir |
string | none | Temporary directory for scripts | |
sourceDir |
string | $XDG_SHARE_HOME/chezmoi $HOME/.local/share/chezmoi %USERPROFILE%/.local/share/chezmoi |
Source directory | |
tempDir |
string | from system | Temporary directory | |
umask |
int | from system | Umask | |
useBuiltinAge |
string | auto |
Use builtin age if age command is not found in $PATH |
|
useBuiltinGit |
string | auto |
Use builtin git if git command is not found in $PATH |
|
verbose |
bool | false |
Make output more verbose | |
workingTree |
string | source directory | git working tree directory | |
add |
encrypt |
bool | false |
Encrypt by default |
secrets |
string | warning |
Action when secrets are found when adding files | |
templateSymlinks |
bool | false |
Template symlinks to source and home dirs | |
age |
args |
[]string | none | Extra args to age CLI command |
command |
string | age |
age CLI command | |
identities |
[]string | none | age identity files | |
identity |
string | none | age identity file | |
passphrase |
bool | false |
Use age passphrase instead of identity | |
recipient |
string | none | age recipient | |
recipients |
[]string | none | age recipients | |
recipientsFile |
string | none | age recipients file | |
recipientsFiles |
[]string | none | age recipients files | |
suffix |
string | .age |
Suffix appended to age-encrypted files | |
symmetric |
bool | false |
Use age symmetric encryption | |
awsSecretsManager |
profile |
string | none | AWS shared profile name |
region |
string | none | AWS region | |
azureKeyVault |
defaultVault |
string | none | Default Azure Key Vault name |
bitwarden |
command |
string | bw |
Bitwarden CLI command |
bitwardenSecrets |
command |
string | bws |
Bitwarden Secrets CLI command |
cd |
args |
[]string | none | Extra args to shell in cd command |
command |
string | none | Shell to run in cd command |
|
completion |
custom |
bool | false |
Enable custom shell completions |
dashlane |
args |
[]string | none | Extra args to Dashlane CLI command |
command |
string | dcli |
Dashlane CLI command | |
diff |
args |
[]string | see diff |
Extra args to external diff command |
command |
string | none | External diff command | |
exclude |
[]string | none | Entry types to exclude from diffs | |
pager |
string | none | Diff-specific pager | |
reverse |
bool | false |
Reverse order of arguments to diff | |
scriptContents |
bool | true |
Show script contents | |
doppler |
args |
[]string | none | Extra args to Doppler CLI command |
command |
string | doppler |
Doppler CLI command | |
config |
string | none | Default config (aka environment) if none is specified | |
project |
string | none | Default project name if none is specified | |
edit |
apply |
bool | false |
Apply changes on exit |
args |
[]string | none | Extra args to edit command | |
command |
string | $EDITOR / $VISUAL |
Edit command | |
hardlink |
bool | true |
Invoke editor with a hardlink to the source file | |
minDuration |
duration | 1s |
Minimum duration for edit command | |
watch |
bool | false |
Automatically apply changes when files are saved | |
ejson |
key |
string | none | The private key to use for decryption, will supersede using the keyDir if set. |
keyDir |
string | none | Path to directory containing private keys. Defaults to /opt/ejson/keys. Setting the EJSON_KEYDIR environment will also set this value, with lower precedence. | |
git |
autoAdd |
bool | false |
Add changes to the source state after any change |
autoCommit |
bool | false |
Commit changes to the source state after any change | |
autoPush |
bool | false |
Push changes to the source state after any change | |
command |
string | git |
git CLI command | |
commitMessageTemplate |
string | none | Commit message template | |
commitMessageTemplateFile |
string | none | Commit message template file (relative to source directory) | |
gitHub |
refreshPeriod |
duration | 1m |
Minimum duration between identical GitHub API requests |
gopass |
command |
string | gopass |
gopass CLI command |
gpg |
args |
[]string | none | Extra args to GPG CLI command |
command |
string | gpg |
GPG CLI command | |
recipient |
string | none | GPG recipient | |
recipients |
[]string | none | GPG recipients | |
suffix |
string | .asc |
Suffix appended to GPG-encrypted files | |
symmetric |
bool | false |
Use symmetric GPG encryption | |
hcpVaultSecrets |
applicationName |
string | none | Default application name if none is specified |
args |
[]string | none | Extra args to HCP Vault Secrets CLI command | |
command |
string | vlt |
HCP Vault Secrets CLI command | |
organizationId |
string | none | Default organization ID if none is specified | |
projectId |
string | none | Default project ID if none is specified | |
hooks |
command.post.args |
[]string | none | Extra arguments to command to run after command |
command.post.command |
[]string | none | Command to run after command | |
command.pre.args |
[]string | none | Extra arguments to command to run before command | |
command.pre.command |
[]string | none | Command to run before command | |
interpreters |
extension.args |
[]string | none | See Scripts on Windows |
extension.command |
string | special | See Scripts on Windows | |
keepassxc |
args |
[]string | none | Extra args to KeePassXC CLI command |
command |
string | keepassxc-cli |
KeePassXC CLI command | |
database |
string | none | KeePassXC database | |
mode |
string | cache-password |
See KeePassXC functions | |
prompt |
bool | true |
Prompt for password | |
keeper |
args |
[]string | none | Extra args to Keeper CLI command |
command |
string | keeper |
Keeper CLI command | |
lastpass |
command |
string | lpass |
LastPass CLI command |
merge |
args |
[]string | See merge |
Extra args to three-way merge CLI command |
command |
string | none | Three-way merge CLI command | |
onepassword |
cache |
bool | true |
Enable optional caching provided by op |
command |
string | op |
1Password CLI command | |
mode |
string | account |
See 1Password Secrets Automation | |
prompt |
bool | true |
Prompt for sign-in when no valid session is available | |
onepasswordSDK |
token |
string | none | See 1Password SDK functions |
tokenEnvVar |
string | none | See 1Password SDK functions | |
pass |
command |
string | pass |
Pass CLI command |
passhole |
args |
[]string | none | Extra args to Passhole CLI command |
command |
string | ph |
Passhole CLI command | |
prompt |
bool | true |
Prompt for password | |
pinentry |
args |
[]string | none | Extra args to pinentry CLI command |
command |
string | none | pinentry CLI command | |
options |
[]string | See pinentry |
Extra options for pinentry | |
rbw |
command |
string | rbw |
Unofficial Bitwarden CLI command |
secret |
args |
[]string | none | Extra args to secret CLI command |
command |
string | none | Generic secret CLI command | |
status |
exclude |
[]string | none | Entry types to exclude from status |
pathStyle |
string | relative |
How to present the path to files in status output | |
template |
options |
[]string | ["missingkey=error"] |
Template options |
textconv |
[]object | none | See textconv | |
update |
apply |
bool | true |
Apply after pulling |
args |
[]string | none | Extra args to update command | |
command |
string | none | Update command | |
recurseSubmodules |
bool | true |
Update submodules recursively | |
vault |
command |
string | vault |
Vault CLI command |
verify |
exclude |
[]string | none | Entry types to exclude from verify |
warnings |
object | none | See Warnings |