Modular shell scripts for automating system setup and tooling on OpenBSD, starting with a fully working Obsidian Git host. Built with security, maintainability, and automation in mind — with future plans to expand into general-purpose OpenBSD tools. This branch prepares for the v1.0.2 release, restoring .ssh setup for both OBS_USER and GIT_USER, improving logging with exit-code capture, and expanding the test suite to 59 checks. Refer to the CHANGELOG for details.

The fastest way to get started is to run the installer directly from GitHub Pages:

ftp -o - https://deadhedd.github.io/openbsd-toolkit/install.sh | sh

Alternatively, clone the repo manually:

git clone https://github.com/deadhedd/openbsd-toolkit
cd openbsd-toolkit
sh install-modules.sh

Use --help for options:

sh install-modules.sh --help

Then validate your setup:

sh test-all.sh

• OpenBSD 7.4+
• Obsidian with the Git plugin (on your client)
• Optional: SSH keys, GitHub repo for vault prefill

This toolkit currently includes:

• A base-system setup module for configuring OpenBSD itself (users, doas, network, etc.)
• A Git bare repo module to host an Obsidian-compatible vault with auto-deploy
• A minimal GitHub module for immediate push capability after setup

The v1.0.2 update reinstates automatic .ssh configuration for both OBS_USER and GIT_USER, simplifying secure access.

All modules are modular and extensible. The long-term vision includes additional OpenBSD automation tools for broader system management.

Directory layout:

openbsd-toolkit/
├── config/ # Secrets and module selection
├── logs/ # Contains logging.sh and generated log files
├── modules/ # One folder per module
│ └── <module>/
│ ├── setup.sh # Configures that module
│ └── test.sh # Verifies it works
├── install-modules.sh # Installs selected modules
└── test-all.sh # Runs all tests

Modules are declared in config/enabled_modules.conf. Each module’s setup.sh and test.sh can be run independently or as part of a full stack install/test.

Each module:

• Can be run independently
• Can be toggled via enabled_modules.conf
• Supports logging flags and will generate a separate log file when run on its own
• When run via install-modules.sh or test-all.sh, logs are combined into a single output file

Test a single module:

sh modules/<module>/test.sh

Run full system tests:

sh test-all.sh

The full suite currently covers 59 checks.

Logs are saved to the logs/ directory. By default, logs are only saved when a test fails.

Use --debug[=FILE] to enable verbose tracing and optionally direct output to a specific log file.

Use --log[=FILE] to force a log file to be written even when all tests pass (only supported by test scripts).

Scripts source logs/logging.sh and invoke one of these convenience functions:

. "$PROJECT_ROOT/logs/logging.sh"
start_logging "0ドル" "$@" # for test scripts
# or
start_logging_if_debug "setup-my-module" "$@" # for setup scripts

start_logging automatically sets up logging, captures exit codes via improved trap handling, enables debug tracing when --debug is provided, and registers finalize_logging on exit.

• SSH keys and passwords are defined in config/secrets.env
• The --debug option will include secrets and other sensitive data in the logs; take care when sharing debug output
• All Git hooks run as limited users with appropriate doas.conf constraints

BSD 2-Clause License. See LICENSE for full details.