vitorpy's Dotfiles
vitorpy.com
Secret Management with Keeper Commander#
This setup integrates Keeper Password Manager with your dotfiles for secure secret management.
Quick Setup#
Run the setup script to install and configure Keeper Commander:
~/.local/share/chezmoi/scripts/setup-keeper-secrets.sh
How It Works#
-
Fish Shell Integration: The
~/.config/fish/secrets.fishfile automatically loads secrets from Keeper when you start a new shell session. -
Secrets Managed:
ANTHROPIC_API_KEY- For AI assistant toolsNPM_TOKEN- For npm package management
-
No Templates Required: Unlike typical chezmoi templates, this uses plain Fish shell checks to load secrets dynamically.
Configuration#
After running the setup script, you need to:
-
Find your Keeper record UIDs:
keeper list # Or for JSON output: keeper list --format=json | jq -r '.[] | {title, record_uid}' -
Update the UIDs in
secrets.fish: Edit~/.config/fish/secrets.fishand replace:ANTHROPIC_RECORD_UIDwith your Anthropic API key record UIDNPM_RECORD_UIDwith your NPM token record UID
Manual Fallback#
If you prefer not to use Keeper, create a local secrets file:
cat > ~/.config/fish/secrets.local.fish << 'EOF'
set -gx ANTHROPIC_API_KEY "your-api-key-here"
set -gx NPM_TOKEN "your-npm-token-here"
EOF
chmod 600 ~/.config/fish/secrets.local.fish
Security Notes#
- Secrets are never committed to the repository
- Keeper Commander stores credentials encrypted locally
- The
secrets.fishfile only contains the logic, not actual secrets - Local fallback files (
.local.fish) should be in.gitignore
Testing#
To verify secrets are loaded correctly:
# Start a new fish shell
fish
# Check if secrets are loaded
echo $ANTHROPIC_API_KEY
echo $NPM_TOKEN
Troubleshooting#
- Keeper not found: Run the setup script
- Not logged in: Run
keeper login - Record not found: Check the UID with
keeper list - Python errors: Ensure Python 3 is installed