Skip to content

Variables

The following configuration variables are available:

Section Variable Type Default value Description
Top level cacheDir string $XDG_CACHE_HOME/chezmoi
$HOME/.cache/chezmoi
%USERPROFILE%/.cache/chezmoi		 Cache directory
color string auto Colorize output
data object none Template data
destDir string $HOME
%USERPROFILE%		 Destination directory
encryption string none Encryption type, either age or gpg
format string json Format for data output, either json or yaml
mode string file Mode in target dir, either file or symlink
pager string $PAGER Default pager CLI command
persistentState string $XDG_CONFIG_HOME/chezmoi/chezmoi.boltdb
$HOME/.local/share/chezmoi/chezmoi.boltdb
%USERPROFILE%/.local/share/chezmoi/chezmoi.boltdb		 Location of the persistent state file
progress bool false Display progress bars
scriptEnv object none Extra environment variables for scripts
scriptTempDir string none Temporary directory for scripts
sourceDir string $XDG_SHARE_HOME/chezmoi
$HOME/.local/share/chezmoi
%USERPROFILE%/.local/share/chezmoi		 Source directory
umask int from system Umask
useBuiltinAge string auto Use builtin age if age command is not found in $PATH
useBuiltinGit string auto Use builtin git if git command is not found in $PATH
verbose bool false Make output more verbose
workingTree string source directory git working tree directory
add templateSymlinks bool false Template symlinks to source and home dirs
age args []string none Extra args to age CLI command
command string age age CLI command
identities []string none age identity files
identity string none age identity file
passphrase bool false Use age passphrase instead of identity
recipient string none age recipient
recipientFile string none age recipient file
recipientFiles []string none age recipient files
recipients []string none age recipients
suffix string .age Suffix appended to age-encrypted files
symmetric bool false Use age symmetric encryption
awsSecretsManager profile string none AWS shared profile name
region string none AWS region
bitwarden command string bw Bitwarden CLI command
cd args []string none Extra args to shell in cd command
command string none Shell to run in cd command
completion custom bool false Enable custom shell completions
dashlane args []string none Extra args to Dashlane CLI command
command string dcli Dashlane CLI command
diff args []string see diff below Extra args to external diff command
command string none External diff command
exclude []string none Entry types to exclude from diffs
pager string none Diff-specific pager
reverse bool false Reverse order of arguments to diff
scriptContents bool true Show script contents
edit apply bool false Apply changes on exit
args []string none Extra args to edit command
command string $EDITOR / $VISUAL Edit command
hardlink bool true Invoke editor with a hardlink to the source file
minDuration duration 1s Minimum duration for edit command
watch bool false Automatically apply changes when files are saved
ejson key string none The private key to use for decryption, will supersede using the keyDir if set.
keyDir string none Path to directory containing private keys. Defaults to /opt/ejson/keys. Setting the EJSON_KEYDIR environment will also set this value, with lower precedence.
git autoAdd bool false Add changes to the source state after any change
autoCommit bool false Commit changes to the source state after any change
autoPush bool false Push changes to the source state after any change
command string git git CLI command
gitHub refreshPeriod duration 1m Minimum duration between identical GitHub API requests
gopass command string gopass gopass CLI command
gpg args []string none Extra args to GPG CLI command
command string gpg GPG CLI command
recipient string none GPG recipient
recipients []string none GPG recipients
suffix string .asc Suffix appended to GPG-encrypted files
symmetric bool false Use symmetric GPG encryption
hooks command.post.args []string none Extra arguments to command to run after command
command.post.command []string none Command to run after command
command.pre.args []string none Extra arguments to command to run before command
command.pre.command []string none Command to run before command
interpreters extension.args []string none See section on "Scripts on Windows"
extension.command string special See section on "Scripts on Windows"
keepassxc args []string none Extra args to KeePassXC CLI command
command string keepassxc-cli KeePassXC CLI command
database string none KeePassXC database
prompt bool true Prompt for password
keeper args []string none Extra args to Keeper CLI command
command string keeper Keeper CLI command
lastpass command string lpass LastPass CLI command
merge args []string see merge below Extra args to three-way merge CLI command
command string none Three-way merge CLI command
onepassword cache bool true Enable optional caching provided by op
command string op 1Password CLI command
prompt bool true Prompt for sign-in when no valid session is available
pass command string pass Pass CLI command
passhole args []string none Extra args to Passhole CLI command
command string ph Passhole CLI command
prompt bool true Prompt for password
pinentry args []string none Extra args to pinentry CLI command
command string none pinentry CLI command
options []string see pinentry below Extra options for pinentry
rbw command string rbw Unofficial Bitwarden CLI command
secret args []string none Extra args to secret CLI command
command string none Generic secret CLI command
status exclude []string none Entry types to exclude from status
template options []string ["missingkey=error"] Template options
textconv []object none See section on "textconv"
update args []string none Extra args to update command
command string none Update command
recurseSubmodules bool true Update submodules recursively
vault command string vault Vault CLI command
verify exclude []string none Entry types to exclude from verify
warnings object none See section on "Warnings"