Kai cross-platform dotfiles - nushell config, in-process SSM secrets loader, shared aliases
  • Python 78%
  • Shell 10.3%
  • Go 6.9%
  • Dockerfile 3%
  • Go Template 1.5%
  • Other 0.3%
Find a file
coilyco-ops 83b6cc2a53
Some checks failed
ci / gate (push) Successful in 1m19s
mirror-to-github / test (push) Successful in 1m21s
mirror-to-github / mirror (push) Successful in 16s
promote / gate (push) Successful in 1m29s
dev-base-publish / publish-lang-node (push) Blocked by required conditions
dev-base-publish / publish-lang-go (push) Blocked by required conditions
dev-base-publish / publish-lang-dotnet (push) Blocked by required conditions
dev-base-publish / publish-ops (push) Blocked by required conditions
dev-base-publish / publish-agent (push) Blocked by required conditions
dev-base-publish / publish-full (push) Blocked by required conditions
promote / promote-release (push) Successful in 5s
dev-base-publish / plan-draft (push) Successful in 4s
ci / ward-doctor (push) Successful in 3m4s
dev-base-publish / publish-core (push) Failing after 15m23s
fix(dev-base): add core publish breadcrumbs (#585)
2026-07-15 11:16:10 +00:00
.agentic-os feat(repo-tracker): scope stray detection to fleet orgs 2026-06-24 09:02:44 -07:00
.agents/skills docs: update sidequest ward dispatch flow 2026-07-13 17:44:08 +00:00
.forgejo/workflows fix(dev-base): bound ward source clone in core publish (#582) 2026-07-15 10:27:39 +00:00
.github feat: expand aos pre-commit hygiene suite 2026-07-08 17:20:37 +00:00
.ward fix: use bare kubectl exec target (#554) 2026-07-15 05:43:59 +00:00
actions fix(dev-base): resolve publish retry and retag wait (#579) 2026-07-15 09:46:46 +00:00
agentic_os feat(forgejo): promote runner-token fetch overlay (#537) 2026-07-14 19:40:41 +00:00
aos-say Build Go aos-say client and launchd socket relay (#519) 2026-07-14 09:29:38 +00:00
docker/dev-base fix(dev-base): bound ward source clone in core publish (#582) 2026-07-15 10:27:39 +00:00
docs fix(dev-base): resolve publish retry and retag wait (#579) 2026-07-15 09:46:46 +00:00
karabiner chore: karabiner RDP keyboard capture asset + gulp skill clarification 2026-06-13 21:51:54 -07:00
scripts fix(dev-base): add core publish breadcrumbs (#585) 2026-07-15 11:16:10 +00:00
shell docker completions 2026-07-14 21:47:48 -07:00
static feat(warp): zsh warp theme verb plus four shipped themes (closes #152) 2026-05-22 23:13:32 -07:00
swiftbar feat(swiftbar): make priority lines clickable links into their Forgejo repo 2026-06-23 22:13:00 -07:00
tests fix(dev-base): add core publish breadcrumbs (#585) 2026-07-15 11:16:10 +00:00
warp Default fresh shells to projects root 2026-07-14 21:34:06 -07:00
.gitattributes fix(gitattributes): pin eol=lf for extensionless shell files and *.go 2026-07-04 08:40:27 +00:00
.gitignore chore: delete openclaw configs and harness wiring 2026-06-25 16:24:25 +00:00
.pre-commit-config.yaml Build Go aos-say client and launchd socket relay (#519) 2026-07-14 09:29:38 +00:00
.pre-commit-hooks.yaml fix: wildcard ward-specs packaging 2026-07-10 11:29:24 +00:00
.typos.toml fix(ward-kdl): refresh Forgejo ops bundle 2026-07-10 06:56:59 +00:00
AGENTS.claude.md refactor: migrate coily -> ward across agentic-os 2026-06-12 10:16:56 +00:00
AGENTS.codex.md feat(agent-compose): per-harness section overrides 2026-06-07 10:44:40 -07:00
AGENTS.md fix(ward): move advisor to personal overlay (#543) 2026-07-15 01:29:18 +00:00
CLAUDE.md Add standard repo baseline: AGENTS, CLAUDE, FEATURES, coily.yaml 2026-05-13 19:41:12 -07:00
CODE-REVIEW.md add code review contract hook 2026-07-10 04:00:55 +00:00
pyproject.toml AGENTS.md: prohibit warded engineers from debugging live deployments (#522) 2026-07-14 10:00:20 +00:00
README.md docs: add compact warded workflow repo maps (#527) 2026-07-14 10:36:15 +00:00
SSM.md fix: install Forgejo SSM git credentials 2026-07-13 10:25:59 -07:00
uv.lock chore(deps): bump aos package version floors to current upstream 2026-07-04 09:05:03 +00:00

agentic-os

Sombra hacking skull

Cross-platform shell + terminal setup plus cross-repo pre-commit hooks for coilysiren/* repos. Zsh on Mac, Linux, and Windows (Git Bash). Warp on Mac and Windows; both configs symlink into ~/.warp/.

Layout

  • shell/ - shared common.sh plus thin zshrc + bashrc, so bash and zsh match. warp.zsh is the zsh-only Warp dispatcher.
  • warp/ - Warp config (settings.toml, tab_configs/) plus the ward exec warp Go module.
  • aos-say/ - the ward exec aos-say Go module for the speech helper client and relay.
  • karabiner/ - Karabiner-Elements complex modification assets (brew install --cask karabiner-elements), symlinked into the local Karabiner config tree.
  • scripts/ - portable utilities (gpg-ssm wrapper, agent-name + session-pulse hooks, aws-config lint).
  • .agents/skills/ - SKILL.md docs for the configs that live here. A private overlay repo's skill mount walks this dir as a peer skill source.
  • agentic_os/ - packaged hooks, generators, shared config/data, plus the hygiene guardrails that back the pre-commit suite.

Full breakdown: docs/repo-layout.md.

Install

Host config is converged by Ansible (rollout lives in infrastructure, per AGENTS.md). Manual fallback:

ward exec apply-shell-links

Equivalent links on Mac and Linux:

ln -sf "$PWD/shell/zshrc"  ~/.zshrc      # both source shell/common.sh
ln -sf "$PWD/shell/bashrc" ~/.bashrc
ln -sf "$PWD/scripts/gpg-ssm" ~/.local/bin/gpg-ssm
ward exec warp apply                     # warp config

On Windows, ward exec apply-shell-links manages ~/.zshrc and the gpg-ssm.cmd shim only. It also links the Forgejo git credential helper; Git Bash popup shells should not recreate ~/.bashrc.

Agent self-name + session-pulse hooks, per-host steps, and gpg wiring: docs/install.md.

Secrets pattern

The current pattern keeps secrets off disk entirely:

ssm-load                          # pull every / parameter into the current shell env
ssm-get /eco/server-api-token     # fetch one value without storing it

No disk write at any point. Same call works on Mac, Linux, Windows. AWS profile defaults to default; override with ssm-load <profile> <region>. For secrets at shell startup, append ssm-load to the end of shell/common.sh. The legacy cleartext-on-disk dump (~/.cache/ssm-env.sh) was deleted.

agent-compose

Opt-in tooling that composes global agent context and symlinks each harness load point to it. Sources are shared unless optional harnesses frontmatter selects a harness-specific slice. Inert until ~/.config/agent-compose/agent-compose.yaml exists. See docs/FEATURES.md.

Prior art. The idea is fresh in the agentic space but well-trodden in config management, and agent-compose is best understood as Hiera-for-agent-doctrine, deployed Stow-style, scoped chezmoi-style:

  • GNU Stow - symlink-farm manager. The "one canonical file, N symlinks" deployment mechanism.
  • chezmoi - dotfile manager with per-machine targeting. The model for scoping context to each host.
  • Hiera (Puppet) - hierarchical, scope-based data lookup. The conceptual twin of the machine-scope intersection that selects which sources compose.

Naming. The field's vocabulary is weave / layer / compose / overlay / blend. We chose compose over the working name meld, which collides with GNOME Meld on both search and semantics.

Credits

  • static/wallpaper.jpg - Sombra hacking skull, from the Overwatch Sombra ARG promotional materials, Blizzard Entertainment, circa 2016. All Overwatch art and iconography © Blizzard Entertainment. Used here for personal terminal decoration only.

See also

  • AGENTS.md - public-safe agent operating conventions and the global load point.
  • docs/FEATURES.md - inventory of what ships today.
  • Repo maps - compact starting points for high-churn warded workflow areas.
  • CODE-REVIEW.md - root review contract for repo-local invariants and historical issues.
  • .ward/ward.yaml - allowlisted dev commands. Agents route through ward.

Cross-reference convention from features-release-tooling.md.