/mac-setup

Set up a new mac using ansible

Primary LanguageShellBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

Ansible macOS setup

Tested on Monterey. Requires python3. Only supports intel macs for now.

Prerequisites

Install XCode. (The command line tools are insufficient. python3 seems to be unable to verify ssl certificates without the full app).

How do?

For the impatient

  1. Run init.sh. You'll be prompted for your password.
  2. Grant yourself passwordless sudo permission: sudoers.sh -K -e nopasswd=yes. You'll be prompted for your password.
  3. Run the bootstrap script: bootstrap.sh.
  4. Run the playbook: setup.sh.

For the more patient

  1. Run init.sh, which does the following:
    1. Accepts the Xcode license (may prompt for admin password)
    2. Installs ansible (pip3 install --user ansible)
    3. Installs task dependencies in requirements.txt (again, with pip3 install --user).
    4. Installs dependencies in requirements.yml using ansible-galaxy.
  2. Optionally grant users the ability to use sudo with sudoers.sh -K. See sudoers-playbook.yml for options.
  3. Run bootstrap.sh -K (omit -K if you're set up with passwordless sudo). This runs bootstrap-playbook.yml, which runs the Xcode first launch tasks (if necessary) and installs MacPorts, along with several ports needed to make setup tasks work properly. You only need to do this once. The playbook is imported in setup-playbook.yml, so the tasks will run again if necessary.
  4. Sign in to the app store app. mas cannot install apps unless you do so, and sign in via the command line no longer works. See mas known issues.
  5. Run setup.sh -K (omit -K if you're set up with passwordless sudo). The script passes all arguments on to ansible-playbook.
  6. The following tags are defined (which you can pass to the script, e.g., setup.sh --tags ports):

    • apps: Install applications from the app store using mas and from non-app-store disk images (see vars/mas.yml and vars/dmgs.yml). You must be signed in to the app store for mas to function properly.

    • customize: Customize app and OS settings. You need to log out and log back in to apply many of the changes.

    • dotfiles: Clone my dotfiles and emacs config.

    • emacs: Clone emacs from github, build, and install. Clones my emacs config.

    • fonts: Install fonts (see vars/fonts.yml).

    • launchd: Load launchd jobs (see vars/launchd.yml).

    • pip: Install pip packages (see vars/pip.yml).

    • ports: Install/update a configurable list of ports/variants (see vars/ports.yml).

    • tex: Install MacTeX.

Other software installed

  1. Postman
  2. iTerm2
  3. R
  4. terraform
  5. ngrok

...and more.

Fonts installed

  1. JetBrains Mono
  2. DejaVu

TODO

In general, more app preferences...

Jetbrains toolbox

  1. Accept the agreement.
  2. Install selected IDEs. The toolbox seems to be missing functionality to do this from the command line. Investigate AppleScript, Automator, etc.

VLC

Automatically enable metadata retrieval, so I don't have to click on the popup, or even see the popup.

See https://forum.videolan.org/viewtopic.php?t=126302 and https://community.jamf.com/t5/jamf-pro/suppressing-quot-enable-metadata-retrieval-quot-prompt-in-vlc/m-p/130327

GPG tools

GPG tools on requires some manual setup. Open Mail > Preferences > General, click on "Manage Plug-ins...", and check the box next to the GPGMailLoader plugin.

Other stuff

  • Fonts.
  • iTerm2 settings.
  • More settings via osx_defaults.
  • Secrets.
    • SSH public/private keys.
    • GPG public/private keys.
    • Log in to docker hub, jetbrains, and other accounts.