Zero-to-productive setup for a new Mac. ZSH + Starship + Claude Code.
Most dotfiles repos are either too minimal to be useful or too personal to adapt. This one is built for production/infra engineers — people who live in Kubernetes, AWS, Terraform, and Go all day.
- No oh-my-zsh — it's slow and bloated. zinit loads plugins lazily and starts the shell in milliseconds.
- Starship over p10k — actively maintained, written in Rust, works the same across every machine without manual config wizards.
- Claude Code setup that actually works — hierarchical config with rules, skills, and agents tuned for infra/cloud work. Not just a blank CLAUDE.md.
- Zero manual steps — one command, everything works. No font installs, no settings changes, no wizard prompts.
| Component | Details |
|---|---|
| ZSH | Clean config via zinit — no oh-my-zsh |
| Prompt | Starship — shows Git, K8s context, AWS profile, Terraform workspace |
| Plugins | zsh-autosuggestions, zsh-syntax-highlighting, zsh-completions |
| Tools | eza (ls), bat (cat), ripgrep (grep), zoxide (cd), fzf, pyenv (Python versions) |
| Git | Sensible defaults, global gitignore, local identity override |
| Claude Code | Full hierarchical global config — rules, commands, skills, agents, memory, hooks |
| Team setup | Project template with shared hooks, MCP config, security rules, local override pattern |
Everything at once:
git clone https://github.com/cloudprobe/dotfiles ~/.dotfiles
cd ~/.dotfiles
make installOr pick only what you need:
make zsh # ZSH + Starship only
make git # Git config only
make claude # Claude Code config onlyThen create your local overrides (never committed):
# Git identity — required
cat > ~/.gitconfig.local << EOF
[user]
name = Your Name
email = your@email.com
EOF
# Machine-specific env vars, paths, secrets
# A template is provided — copy and fill in what you need:
cp ~/.dotfiles/zsh/.zshrc.local.template ~/.zshrc.local
# AWS profiles — copy the sample and fill in your accounts:
mkdir -p ~/.aws
cp ~/.dotfiles/aws/config.sample ~/.aws/configdotfiles/
├── zsh/
│ ├── .zshrc # zinit + starship + pyenv, no oh-my-zsh
│ ├── .aliases # k8s, aws, git, docker, terraform + h() search
│ ├── starship.toml # prompt: git, k8s, aws, terraform, go, python
│ └── .zshrc.local.template # copy to ~/.zshrc.local for machine-specific config
├── git/
│ ├── .gitconfig # defaults, identity via ~/.gitconfig.local
│ └── .gitignore_global # .DS_Store, .env, .terraform, secrets
├── aws/
│ └── config.sample # copy to ~/.aws/config, fill in your profiles/roles
├── claude/
│ ├── CLAUDE.md # global instructions
│ ├── settings.json # permissions + hooks (gofmt on save, notifications)
│ ├── rules/
│ │ ├── code-style.md # Go, Shell conventions
│ │ └── infra.md # Terraform, K8s, AWS rules
│ ├── commands/
│ │ ├── commit.md # /commit — staged diff → commit message
│ │ ├── review.md # /review — branch diff review
│ │ └── standup.md # /standup — daily standup from git log + open PRs
│ ├── skills/
│ │ ├── infra-context.md # auto: apply infra rules when touching infra files
│ │ ├── secret-guard.md # auto: flag secrets in every session
│ │ └── go-conventions.md # auto: apply Go rules when editing .go files
│ ├── agents/
│ │ ├── infra-reviewer.md # specialized infra review agent
│ │ └── pr-reviewer.md # PR review via gh with CRITICAL/WARNING/INFO output
│ ├── memory/
│ │ └── README.md # how Claude uses persistent memory across sessions
│ └── project-template/ # copy into new repos as .claude/
│ ├── CLAUDE.md # team-ready template with conventions, CI/CD, reviewers
│ ├── settings.json # shared hooks: secret protection + auto-format
│ ├── settings.local.json.template # copy → settings.local.json (gitignored)
│ ├── .mcp.json # GitHub MCP server for PR/issue access
│ ├── .gitignore # ensures settings.local.json is never committed
│ ├── rules/
│ │ ├── project-rules.md # branching, dependencies
│ │ ├── testing.md # test structure and requirements
│ │ └── security.md # secrets, IAM, K8s security rules
│ └── commands/
│ └── ship.md # /ship — pre-PR checklist
├── .editorconfig # consistent indentation across editors/tools
└── install.sh # one-click or modular bootstrap
This repo sets up the global layer (~/.claude/). There are three layers in total:
~/.claude/CLAUDE.md ← global baseline: stack, style, preferences (this repo)
~/CLAUDE.md ← personal layer: org/team/work context (private, not committed)
project/.claude/CLAUDE.md ← per-project: committed to that repo, extends both layers above
The dotfiles CLAUDE.md is intentionally public-safe — it describes your stack and preferences but nothing org-specific. For work context (company tools, team conventions, Jira/Slack config, internal URLs), create ~/CLAUDE.md:
cat > ~/CLAUDE.md << 'EOF'
# Personal context
## Work environment
- Company: <your org>
- Primary repo: ~/work/...
## Tools and access
- ...
EOFClaude Code loads all three layers every session, from most general to most specific.
For each new project, copy claude/project-template/ into your repo as .claude/ and fill in the project-specific CLAUDE.md.
The claude/project-template/ is designed for teams. Copy it into a repo once — every team member gets the same Claude behavior automatically:
cp -r ~/.dotfiles/claude/project-template/ my-repo/.claude
cd my-repo
# Edit .claude/CLAUDE.md with your project context
# Edit .claude/.mcp.json with your GitHub token env var name
git add .claude/
git commit -m "add Claude Code team config"Each team member then creates their local override (never committed):
cp .claude/settings.local.json.template .claude/settings.local.json
# Edit with machine-specific paths and AWS profilesWhat the team config gives you:
| Feature | How |
|---|---|
| Secret file protection | PreToolUse hook blocks writes to .env, *.key, *.pem |
| Auto-format on save | PostToolUse hooks run gofmt, terraform fmt, shellcheck |
| GitHub PR/issue access | .mcp.json with GitHub MCP server |
| Security rules | .claude/rules/security.md — IAM, K8s, secrets |
| Testing standards | .claude/rules/testing.md — table tests, boundary testing |
| PR review | /pr-reviewer <number> — CRITICAL/WARNING/INFO output via gh |
| Standup summary | /standup — git log + open PRs formatted for standup |
| Local overrides | settings.local.json (gitignored) for per-dev machine config |
~/work/myproject main ✓ ⎈ prod(default) ☁️ prod-aws
❯
Shows: directory · git branch/status · Kubernetes context · AWS profile