Sync your OpenCode configurations across machines via Git, with optional encryption for secrets.

• Cross-platform: Works on Linux, macOS, and Windows
• Any git host: GitHub, GitLab, Bitbucket, self-hosted, etc.
• Any auth method: SSH keys, 1Password, gh auth, credential helpers
• Standalone: Works before OpenCode starts (no chicken-egg problem)
• Interactive: Guided setup and menu-driven interface
• Encrypted secrets: Optional age encryption for sensitive data

curl -fsSL https://raw.githubusercontent.com/GareArc/opencode-sync/main/install.sh | bash

Or with a specific version:

VERSION=v0.1.0 curl -fsSL https://raw.githubusercontent.com/GareArc/opencode-sync/main/install.sh | bash

go install github.com/GareArc/opencode-sync@latest

Download the latest release from the releases page.

brew tap GareArc/tap
brew install opencode-sync

scoop bucket add garearc https://github.com/GareArc/scoop-bucket
scoop install opencode-sync

# Run interactive setup
opencode-sync

# Or use direct commands
opencode-sync setup     # First-time setup wizard
opencode-sync sync      # Pull and push changes
opencode-sync status    # Check sync status

Just run opencode-sync without arguments to get an interactive menu:

$ opencode-sync

  What would you like to do?

  > Sync now (pull + push)
    Pull remote changes
    Push local changes
    View status
    View diff
    Settings
    Exit

For scripting or power users:

opencode-sync uninstall

This will:

• Remove the binary (may require sudo)
• Optionally remove config (~/.config/opencode-sync/) and data (~/.local/share/opencode-sync/)
• Your OpenCode configurations are not affected

• git must be installed and available in PATH

opencode-sync uses your system's git installation, so any URL format and authentication method your git supports will work:

# SSH (recommended)
git@github.com:username/repo.git
git@gitlab.com:username/repo.git

# HTTPS
https://github.com/username/repo.git
https://gitlab.com/username/repo.git

All standard git authentication methods are supported:

• SSH keys (including 1Password SSH agent, ssh-agent)
• HTTPS credentials via gh auth login
• Git credential helpers (macOS Keychain, Windows Credential Manager, etc.)
• .netrc files

Works with any git host: GitHub, GitLab, Bitbucket, self-hosted, etc.

Config file location:

• Linux/macOS: ~/.config/opencode-sync/config.json
• Windows: %APPDATA%\opencode-sync\config.json

{
  "repo": {
    "url": "git@github.com:username/opencode-config.git",
    "branch": "main"
  },
  "encryption": {
    "enabled": true,
    "keyFile": "~/.config/opencode-sync/age.key"
  },
  "sync": {
    "includeAuth": false,
    "includeMcpAuth": false,
    "exclude": ["node_modules", "*.log"]
  }
}

• opencode.json / opencode.jsonc - Main config
• oh-my-opencode.json - Oh My OpenCode config
• AGENTS.md - Global rules
• agent/, command/, skill/, mode/, themes/, plugin/ - Custom extensions

• auth.json - OAuth tokens (requires sync.includeAuth: true)
• mcp-auth.json - MCP auth (requires sync.includeMcpAuth: true)

• Session data
• Logs
• node_modules/

opencode-sync uses age for encryption of sensitive files (auth tokens).

┌─────────────────────────────────────────────────────────────────┐
│                        PUSH (Machine A)                         │
├─────────────────────────────────────────────────────────────────┤
│  auth.json ──encrypt──► auth.json.age ──push──► Git Remote     │
│  (local)      (key)       (repo)                                │
└─────────────────────────────────────────────────────────────────┘

┌─────────────────────────────────────────────────────────────────┐
│                        PULL (Machine B)                         │
├─────────────────────────────────────────────────────────────────┤
│  Git Remote ──pull──► auth.json.age ──decrypt──► auth.json     │
│                         (repo)         (key)       (local)      │
└─────────────────────────────────────────────────────────────────┘

Decryption is automatic during pull/clone/sync — but only if:

• You have the private key on the machine (~/.config/opencode-sync/age.key)
• Encryption is enabled in config (encryption.enabled: true)
• Auth sync is enabled (sync.includeAuth: true)

# 1. Run setup wizard
opencode-sync setup
#    → Enter repo URL
#    → Enable encryption? Yes
#    → Sync auth tokens? Yes (if you want cross-machine auth)

# 2. Key is auto-generated. BACK IT UP NOW:
opencode-sync key export
#    → Copy the AGE-SECRET-KEY-1... to your password manager

# 3. Initialize and push
opencode-sync init
opencode-sync push

# 1. Import your key FIRST (before clone)
opencode-sync key import "AGE-SECRET-KEY-1..."

# 2. Run setup with same settings
opencode-sync setup
#    → Same repo URL
#    → Enable encryption? Yes
#    → Sync auth tokens? Yes

# 3. Clone - auth tokens are automatically decrypted
opencode-sync clone git@github.com:user/opencode-config.git
#    ✓ Configs applied
#    ✓ auth.json decrypted automatically
#    → You're logged in!

If you clone without importing the key:

opencode-sync clone git@github.com:user/opencode-config.git
#    ✓ Configs applied (opencode.json, agents, etc.)
#    ⚠ auth.json.age skipped (no key to decrypt)
#    → You'll need to re-authenticate in OpenCode

If you lose your private key:

• ❌ Encrypted auth tokens are unrecoverable
• ✅ Configs, agents, commands, themes are not encrypted — still accessible

Recovery steps:

# 1. Generate a new key
opencode-sync key regen

# 2. Re-authenticate in OpenCode (get new auth.json)

# 3. Push with new encryption
opencode-sync push

• Private key stored at: ~/.config/opencode-sync/age.key
• Key is never synced to remote — stays local only
• Encrypted files use .age extension in repo
• Back up your key immediately after setup to a password manager

# Clone the repo
git clone https://github.com/GareArc/opencode-sync.git
cd opencode-sync

# Install dependencies
make deps

# Build
make build

# Run tests
make test

# Run locally
make run

MIT