Architecture & Migration Tiers

Three-Tier Migration Strategy

Tier	Scope	Timeline	Repos
1: Bootstrap	Functional desktop + editor + secrets	First 30 minutes	3 repos + secrets
2: Development	Documentation site + active projects + full stow	First day	~15 repos
3: Full	Everything else, as needed	First week+	Remaining ~47 repos

Tier

Scope

Timeline

Repos

1: Bootstrap

Functional desktop + editor + secrets

First 30 minutes

3 repos + secrets

2: Development

Documentation site + active projects + full stow

First day

~15 repos

3: Full

Everything else, as needed

First week+

Remaining ~47 repos

Tier 1: Bootstrap (Critical Path)

System packages (pacman/yay)

# Core WM
pacman -S hyprland waybar wofi mako hyprlock hypridle hyprpaper

# Terminals
pacman -S kitty

# Editor
pacman -S neovim

# Shell & tools
pacman -S zsh git stow age gopass fzf fd ripgrep bat eza jq yq

# Build tools
pacman -S base-devel nodejs npm python python-pip rustup

# Fonts
pacman -S ttf-jetbrains-mono-nerd ttf-nerd-fonts-symbols

# AUR (via yay)
yay -S ghostty oh-my-posh-bin

Stow packages (essential only)

Package Why Essential

Package	Why Essential
`zsh`	Primary shell
`bash`	Fallback + scripts expect it
`shell`	Shared aliases, functions, vault wrappers
`git`	Git config + global gitignore
`hyprland`	Window manager (core desktop)
`waybar`	Status bar
`wofi`	App launcher
`mako`	Notifications
`kitty`	Primary terminal
`oh-my-posh`	Shell prompt
`bin`	37 custom scripts
`share`	awk/bash/sed/grep libraries
`btop`	System monitor
`fastfetch`	System info
`fzf`	Fuzzy finder
`fd`	Find alternative
`ripgrep`	Grep alternative
`claude`	Claude Code settings + hooks

zsh

Primary shell

bash

Fallback + scripts expect it

shell

Shared aliases, functions, vault wrappers

git

Git config + global gitignore

hyprland

Window manager (core desktop)

waybar

Status bar

wofi

App launcher

mako

Notifications

kitty

Primary terminal

oh-my-posh

Shell prompt

bin

37 custom scripts

share

awk/bash/sed/grep libraries

btop

System monitor

fastfetch

System info

fzf

Fuzzy finder

fd

Find alternative

ripgrep

Grep alternative

claude

Claude Code settings + hooks

cd ~/atelier/_projects/personal/dots-quantum
stow -t ~ zsh bash shell git hyprland waybar wofi mako \
         kitty oh-my-posh bin share btop fastfetch fzf fd ripgrep claude

Repositories

Repo Purpose

Repo	Purpose
`dots-quantum`	Dotfiles (stow source)
`domus-nvim`	Neovim configuration
secrets (manual)	SSH keys, GPG, gopass store

dots-quantum

Dotfiles (stow source)

domus-nvim

Neovim configuration

secrets (manual)

SSH keys, GPG, gopass store

SSH config encryption (age)

SSH config is stowed from dots-quantum/ssh/.ssh/config but contains infrastructure topology (IPs, hostnames, ports). It’s encrypted with age before committing so only ciphertext reaches the remote.

On current machine (encrypt before commit):

age -e -R ~/.age/recipients/self.txt -o ~/atelier/_projects/personal/dots-quantum/ssh/.ssh/config.age ~/atelier/_projects/personal/dots-quantum/ssh/.ssh/config

git add ssh/.ssh/config.age .gitignore

gach << 'EOF'
feat(ssh): Add age-encrypted SSH config

- Encrypt ssh config with age for safe remote storage
- Update .gitignore: track .age file, ignore plaintext only
- Plaintext stays local via stow, ciphertext goes to remote
EOF

On new machine (decrypt after clone):

age -d -i ~/.age/identities ~/atelier/_projects/personal/dots-quantum/ssh/.ssh/config.age > ~/atelier/_projects/personal/dots-quantum/ssh/.ssh/config

stow -t ~ ssh

What’s tracked vs ignored:

File Git Status Reason

File	Git Status	Reason
`ssh/.ssh/config`	Gitignored	Plaintext with IPs, hostnames, ports
`ssh/.ssh/config.age`	Tracked	age-encrypted ciphertext, safe for remote

ssh/.ssh/config

Gitignored

Plaintext with IPs, hostnames, ports

ssh/.ssh/config.age

Tracked

age-encrypted ciphertext, safe for remote

The .gitignore uses !ssh/.ssh/config.age to override the global *.age ignore rule.

Tier 2: Development Environment

Documentation repos (Antora site)

Repo Purpose

Repo	Purpose
`domus-docs`	Hub aggregator + playbook
`domus-captures`	Worklogs, codex, education
`domus-infra-ops`	Infrastructure runbooks
`domus-ise-linux`	802.1X methodology
`domus-secrets-ops`	Secrets management docs
`domus-linux-ops`	Linux administration
`domus-antora-ui`	Custom UI bundle

domus-docs

Hub aggregator + playbook

domus-captures

Worklogs, codex, education

domus-infra-ops

Infrastructure runbooks

domus-ise-linux

802.1X methodology

domus-secrets-ops

Secrets management docs

domus-linux-ops

Linux administration

domus-antora-ui

Custom UI bundle

Active project repos

Repo Purpose

Repo	Purpose
`netapi`	Network automation CLI
`netapi-tui`	NetAPI terminal UI
`domus-cli`	Domus CLI tooling
`ise-automation`	ISE Python automation
`domus-digitalis`	Main site
`evanusmodestus-site`	Personal site

netapi

Network automation CLI

netapi-tui

NetAPI terminal UI

domus-cli

Domus CLI tooling

ise-automation

ISE Python automation

domus-digitalis

Main site

evanusmodestus-site

Personal site

Additional stow packages

Package Purpose

Package	Purpose
`tmux`	Terminal multiplexer + 38 session templates
`vim`	Vim multi-profile (server fallback)
`lazygit`	Git TUI
`vscodium`	Backup editor
`zathura`	PDF viewer
`thunar`	File manager
`libvirt`	VM management
`ghostty`	Alternative terminal

tmux

Terminal multiplexer + 38 session templates

vim

Vim multi-profile (server fallback)

lazygit

Git TUI

vscodium

Backup editor

zathura

PDF viewer

thunar

File manager

libvirt

VM management

ghostty

Alternative terminal

Tier 3: Full Environment (As Needed)

Remaining documentation repos

domus-ise-ops, domus-ise-windows, domus-python, domus-windows-ops, domus-identity-ops, domus-automation-ops, domus-siem-ops, domus-o11y-ops, domus-netapi-docs, domus-math, domus-musica, domus-gabriel-docs

Reference and learning repos

Principia, Principia-Labor, Sapientia, Doctrina, Aethelred-Codex, mdn-content, mdn-asciidoc, enterprise-linux-8021x, Thomas Howard ISE repos (5), PRJ-ANTORA-PRINCIPALIS

Candidates for skip/archive

Repo Reason

Repo	Reason
`Casa_Digital_Personal`	Superseded by domus-digitalis
`PRJ-ANTORA-PRINCIPALIS`	Superseded by domus-docs
`instrumentum-nvim`	Superseded by domus-nvim
`modulus-nvim`	Superseded by domus-nvim
`modulus-fidus-nvim`	Superseded by domus-nvim
`nvim-core`	Superseded by domus-nvim
`claude-config`	Merged into dots-quantum/claude
`tmux-config`	Merged into dots-quantum/tmux
`vim-odyssey`	Learning complete, codex has patterns

Casa_Digital_Personal

Superseded by domus-digitalis

PRJ-ANTORA-PRINCIPALIS

Superseded by domus-docs

instrumentum-nvim

Superseded by domus-nvim

modulus-nvim

Superseded by domus-nvim

modulus-fidus-nvim

Superseded by domus-nvim

nvim-core

Superseded by domus-nvim

claude-config

Merged into dots-quantum/claude

tmux-config

Merged into dots-quantum/tmux

vim-odyssey

Learning complete, codex has patterns