Public key, name, email, and self-hosted URLs are fine to publish.
Remove config/shell/zshrc.local.example instead of genericizing it —
it contained personal infrastructure details with no value to others.
- config/git/gitconfig: replace real name, email, SSH signing key, and
self-hosted git credential URL with placeholder values
- stages/06-scripts.sh: remove hardcoded personal email from bw login;
CLI prompts interactively
- config/shell/zshrc.local.example: replace personal server URLs
(Nextcloud, LiteLLM proxy), university email address, institution-
specific Canvas LMS URL, and identifying Canvas key prefix with
generic example.com placeholders
- TODO.md: replace personal email and Nextcloud URL in code examples
with generic placeholders
- stages/07-uv-projects.sh: remove private org name from comment
- lib/distro.sh: add DISTRO_CODENAME from VERSION_CODENAME; remove
unused REPO_ADD_RPM variable; export DISTRO_CODENAME
- stages/01-repos.sh: replace repeated '. /etc/os-release' subshell
calls with $DISTRO_CODENAME in Docker and Tailscale repo lines
- stages/00-envcheck.sh: combine four mkdir -p calls into one
- stages/02-packages.sh: remove identical if/else branches in fd
symlink block; both branches were the same command
- stages/03-toolchains.sh: set NVM_DIR once before the if/else instead
of twice; remove dead commented-out duplicate curl line
- stages/04-shell.sh: capture $(date +%Y%m%d) into _bak_date once per
backup and reuse in cp and warn to avoid redundant forks
- stages/06-scripts.sh: split 'export VAR=$(cmd)' into assignment +
export to correctly propagate errors under set -euo pipefail
- stages/07-uv-projects.sh: remove unused has_package_json field (always
false, never read); fix stage completion message 06 -> 07
- stages/08-systemd.sh: remove mempi-sync.timer (deploy, enable, header
comment); deploy mempi-sync.service only
- stages/09-desktop.sh: remove duplicate mkdir -p in COSMIC section;
remove unused repo_url parameter from install_nerd_font()
- stages/12-other-apps.sh: replace manual distro branch for Nextcloud
with pkg_install_mapped
- config/scripts/bw-load-ssh.sh: split 'export BW_SESSION=$(cat ...)'
into assignment + export
- config/systemd/mempi-sync.timer: delete file
- config/scripts/bw-load-ssh.sh: add ssh-agent retry loop (graphical
session may not be ready when systemd fires); use process substitution
instead of pipe to avoid subshell + set -e issues with LOADED counter
- stages/05-git.sh: remove interactive SSH key generation prompt (keys
come from Bitwarden); pre-accept GitHub host key via ssh-keyscan
to avoid first-connect prompt during git clone
- stages/04-shell.sh: add sudo chsh fallback (chsh may fail in
non-interactive provisioning without PAM auth)
- config/git/gitconfig: real name, email, and SSH signing key
- config/shell/zshrc: fix typo 'powerlevel10zsh' → 'powerlevel10k'
- config/systemd/bw-ssh-keys.service: depend on graphical-session
instead of network (ssh-agent starts with session); add explicit
PATH so bw and jq are found; add RemainAfterExit=yes
(avoids restart loop on oneshot services)
