Ansible playbook to prepare and maintain macOS for development and desktop use.
- Tested on
- Configuring machine
- Roles
- Installs
- Desktop Applications
- Text Editors
- Communication
- Configuration
- Multimedia
- Browser Plugins
- Programming Languages
- Virtualization, Provisioning, Containers and System Tools
- Package Managers and Build Tools
- Shell
- Programming Utilities
- Security
- GNU Command Line Tools
- Data Systems
- Configuration, Monitoring and Debugging (tag: observability)
- Document Processors and Plotting
- Markup Tools
- Command line tools
- Miscellaneous
- Configures
- Installs
- Author
- License
I’ve been using macbook-playbook
for 6 years now. I’ve used it on at least
four MacBookPros with different macOS versions. The macOS version on my
current MacBookPros is 10.14.4
as of [2020-01-03 Fri].
Please let me know if you try macbook-playbook
out and bump into something.
Open the Terminal application and type `git` into the shell.
git clone https://github.com/mpereira/macbook-playbook.git
This password will be used to encrypt and decrypt the files referenced in the Encrypted files section. Please make sure to use a strong password.
echo 'SomePassword123$' > .ansible_vault_password
The files currently checked into this git repository are encrypted with my personal Ansible Vault password. Unless you have my password, roles referencing these files will fail to run.
Description | File | Role |
AWS CLI credentials | awscli/files/credentials | awscli |
BetterTouchTool license | better-touch-tool/files/license.xml | better-touch-tool |
Enviroment variables for dotfiles | dotfiles/vars/environment.yml | dotfiles |
Prey API key | prey/vars/api_key.yml | prey |
Private SSH key | ssh-keys/files/id_rsa | ssh-keys |
s3cmd configuration | s3cmd/files/.s3cfg | s3cmd |
You have two choices: skip these roles, and/or overwrite the encrypted files with your own.
To overwrite them first run
make truncate-sensitive-files
And then you’ll be able to overwrite them with your own files (for example
your own ~/.ssh/id_rsa
) and then encrypt them with make encrypt
.
This installs the macOS Command Line Developer tools and Ansible.
make bootstrap
This runs all roles under roles
.
make converge
ansible-playbook
arguments can be passed via the ARGS
environment
variable. For example, --tags
can be passed so that only matching roles
are run.
make converge ARGS='--tags google-chrome'
--skip-tags
can also be passed to avoid running certain roles.
make converge ARGS='--skip-tags unity'
All role tags can be seen in =main.yml=.
These are steps that are currently not automated either because: a) it would be difficult b) it would be impossible c) or I just didn’t have the time
- System Preferences -> Keyboard -> Input Sources
- Click +
- Select “English” on left column
- Select “U.S. International - PC” on right column
- Click “Add”
- Remove other keyboard layouts from the left column
- Check “Switch to device when” “Device is attached”
- Reorder devices in priority list
Set to Hack Regular 18 pt.
System Preferences > Security & Privacy > Privacy > Accessibility
- BetterTouchTool.app
- Dropbox
- Emacs.app
- Persephone.app
- RescueTime
- VLC
Uncheck:
- Mission Control
- Move left a space
- Move right a space
- Switch to desktop 1
- Android File Transfer
- BitBar
- Cursorcerer
- Dash
- Divvy
- Dropbox
- Elgato Dock
- f.lux
- Firefox
- Google Chrome
- Google Photos
- Grammarly
- iStat Menus
- LICEcap
- PDF Expert
- Persephone
- RescueTime
- Skype
- Slack
- Sound Control
- Spotify
- Steam
- Teensy Loader
- ToggleDarkMode
- Unity
- Unity Hub
- VLC
- XQuartz
- YNAB (disabled by default, I use the online version)
- Clojure
- GNU Octave
- Go
- Haskell
- Java (AdoptOpenJDK)
- Lua
- LuaJIT
- Node.js
- PureScript
- Python 3
- R
- Ruby
- Rust
- Docker
- krew
- kubectl
- kubectl-tree
- OpenZFS
- Terraform
- Vagrant
- Vagrant vagrant-vbguest plugin
- VirtualBox
- Black
- clojure-lsp
- Ctags
- gron
- ktlint
- node-cljfmt
- Prettier
- Pyre
- rust-analyzer
- ShellCheck
- shfmt
- YAPF
- yq
- AWS CLI
- defaultbrowser
- delta
- delta
- git
- jq
- p7zip
- pgsanity
- pngpaste
- ripgrep
- s3cmd (disabled by default, I use the AWS CLI now)
- tealdeer
- terminal-notifier
- tree
- websocat
- wrk
- xz
- binutils
- coreutils
- diffutils
- ed
- findutils
- gawk
- gnu-indent
- gnu-sed
- gnu-tar
- gnu-which
- gnutls
- grep
- gzip
- screen
- watch
- wdiff
- wget