Skip to main content

Project banner

Dotfiles Flying Circus

Dotfiles Flying Circus is a comprehensive dotfiles and automation framework for macOS (with Linux support) that takes a fresh machine from factory state to fully configured development environment. System preferences, security hardening, package installation, shell configuration, ongoing management--all of it scripted, all of it repeatable.

The Problem

Setting up a new Mac is a multi-hour exercise in clicking through System Preferences, running Homebrew commands, configuring shells, and trying to remember the 47 terminal defaults you changed on the last machine. Doing it reproducibly--the same way every time, across multiple machines, for different use cases--turns that exercise into a multi-day one.

Exploded isometric view of a Mac setup: five layers from macOS base to security.

Dotfiles Flying Circus collapses that into a scripted, declarative process. Pick a role (developer, personal, work), pick a privacy profile (standard, privacy, lockdown), and the framework handles the rest: 140+ packages via Homebrew, 55+ macOS defaults scripts across 15 categories, Oh My Zsh with a custom plugin, 100+ role-based aliases, and 30 enterprise-grade security features. The first run takes minutes. Every subsequent machine is identical.

What It Includes

The system configuration layer applies macOS defaults for everything from Finder behavior to accessibility settings to Dock layout. These are organized into 15+ categories, each idempotent, each individually runnable. You can apply just the Dock settings without touching anything else. Or everything at once. Your call.

Three privacy profiles on a selector wheel: Personal, Developer, and Secure.

Security hardening covers 30 features (labeled S01–S30): input validation, privilege escalation prevention, file system protection, integrity checking, audit logging, network security. Three privacy profiles control how aggressively these are applied. The lockdown profile is genuinely paranoid. (That's the point.)

The fc command is where you live after setup. 40+ subcommands for daily operations: disk management, DNS control, encrypted backups, SSH key generation, firewall configuration, secrets management. It's the ongoing management interface that makes the framework useful beyond day one.

Package management uses role-specific Brewfiles to install the right packages for each use case, with verified tap validation to ensure you're not pulling from compromised sources. The shell environment configures Oh My Zsh with a custom Circus plugin, 21 environment configuration files, and role-based aliases.

Backup and sync supports encrypted backup via GPG, Restic, or Borg with remote synchronization through rclone to 40+ cloud providers. APFS snapshots provide safe rollback points before major changes--so when you inevitably break something at 2 AM, you can get back to where you started.

Technology

  • Language: Bash/Shell
  • Configuration: Declarative YAML
  • Platforms: macOS (primary), Linux (Ubuntu, Fedora, Arch)
  • Integrations: 1Password, Keychain, HashiCorp Vault, Alfred, Raycast

A terminal command tree: Dotfiles Flying Circus branches into setup, security, manage, dotfiles, apps, network, and defaults.

How It Connects

Dotfiles Flying Circus is the environment that everything else runs in. The development setup it configures includes the .NET SDK, Node.js, Python, and the toolchain needed to build every other project on this site. Not glamorous. But foundational. And tested--by shell-spec, which was born specifically because a 40+ subcommand framework with 30 security features needs automated testing or it will break when you need it most.

Where to Find It