About macbook-playbook

Install all your applications and configure everything the way you like it with one command

m

Published by

mpereira

Visit View Profile

README.md

View on GitHub

+TITLE: macbook-playbook

+AUTHOR: Murilo Pereira [email protected]

:PROPERTIES: :TOC: ignore :END:

Install all your applications and configure everything the way you like it with one command.

TODO:

add brew to path when installing. (/opt/homebrew/bin)
add GitHub to known hosts: ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts
unencrypt and add SSH key to ssh session
figure out Emacs symbolic link internal directory
make caps lock -> ESC remapping work
fix glances webserver "msg: Destination directory /Users/mpereira/Library/LaunchAgents does not exist"
install insta360 link ap
wait 1s after install spotify and steam
GraalVM on apple silicon?
kubectl-krew isn't available right after installing
launch BTT on startup, load configuration and license
symlink id_rsa to mpereira@pluto SSH key
turn on dictation

** Table of Contents :PROPERTIES: :TOC: :include all :END: :CONTENTS:

[[#table-of-contents][Table of Contents]]
[[#tested-on][Tested on]]
[[#bootstrap-machine-make-bootstrap][Bootstrap machine (make bootstrap)]]
- [[#install-developer-tools-xcode-select][Install Developer Tools (xcode-select)]]
- [[#clone-repository][Clone repository]]
- [[#give-terminaliterm2emacsetc-assistive-access][Give Terminal/iTerm2/Emacs/etc. assistive access]]
- [[#secrets][Secrets]]
- [[#prepare-machine-to-run-the-ansible-playbooks][Prepare machine to run the Ansible playbooks]]
[[#configure-machine-make-converge][Configure machine (make converge)]]
- [[#provision-machine][Provision machine]]
- [[#manual-steps-post-make-converge][Manual steps post make converge]]
  - [[#change-keyboard-layout-to-us-international][Change keyboard layout to U.S. international]]
  - [[#istat-menus][iStat Menus]]
  - [[#pdf-expert][PDF Expert]]
  - [[#bettertouchtool][BetterTouchTool]]
  - [[#terminal][Terminal]]
    - [[#preferences--profiles--pro--font][Preferences > Profiles > Pro > Font]]
  - [[#system-preferences--security--privacy--privacy--accessibility][System Preferences > Security & Privacy > Privacy >]]
  - [[#system-preferences--keyboard--shortcuts--mission-control][System Preferences > Keyboard > Shortcuts > Mission Control]]
[[#roles][Roles]]
- [[#installs][Installs]]
  - [[#desktop-applications][Desktop Applications]]
  - [[#text-editors][Text Editors]]
  - [[#configuration][Configuration]]
  - [[#programming-languages][Programming Languages]]
  - [[#multimedia][Multimedia]]
  - [[#fonts][Fonts]]
  - [[#browser-plugins][Browser Plugins]]
  - [[#virtualization-provisioning-containers-and-system-tools][Virtualization, Provisioning, Containers and System Tools]]
  - [[#package-managers-and-build-tools][Package Managers and Build Tools]]
  - [[#shell][Shell]]
  - [[#programming-utilities][Programming Utilities]]
  - [[#data-systems][Data Systems]]
  - [[#configuration-monitoring-and-debugging][Configuration, Monitoring and Debugging]]
  - [[#document-processors-and-plotting][Document Processors and Plotting]]
  - [[#markup-tools][Markup Tools]]
  - [[#command-line-tools][Command line tools]]
  - [[#security][Security]]
  - [[#gnu-command-line-tools][GNU Command Line Tools]]
  - [[#miscellaneous][Miscellaneous]]
- [[#configures][Configures]]
  - [[#makes-google-chrome-the-default-browser][Makes Google Chrome the default browser]]
  - [[#passwordless-sudo][Passwordless sudo]]
  - [[#puts-ssh-keys-in-place][Puts SSH keys in place]]
  - [[#remaps-caps-lock-to-control][Remaps Caps-Lock to Control]]
[[#author][Author]]
[[#license][License]] :END:

** Tested on I've been using =macbook-playbook= since 2013. I've used it on at least eight MacBook Pros with different macOS versions. As of May 2023 I use it on my personal 16" 2023 Macbook Pro with Ventura installed and on my work 16" 2019 Macbook Pro with Monterey installed.

Please open an issue if you're trying this out and bump into anything.

** Bootstrap machine (=make bootstrap=) These are one-time steps that need to be done on machines that are running =macbook-playbook= for the first time.

*** Install Developer Tools (xcode-select) Open the "Terminal" application, type =git= into the shell and follow the instructions to install the Apple Developer Tools.

*** Clone repository Now your machine should have =git= and =python3= installed.

#+begin_src bash
git clone https://github.com/mpereira/macbook-playbook.git
#+end_src

*** Give Terminal/iTerm2/Emacs/etc. assistive access Depending on your macOS version you will be queried or not for assistive access while =make converge= runs. This is required for example to remap caps lock to control.

In case that task fails, or if you want to do it beforehand just in case, go
to "System Preferences > Security & Privacy > Privacy > [[https://www.howtogeek.com/297083/why-do-some-mac-apps-need-to-control-this-computer-using-accessibility-features/][Accessibility]]" and
add the application running =macbook-playbook= (Terminal/iTerm2/Emacs/etc.)
to the list.

*** Secrets :PROPERTIES: :CUSTOM_ID: secrets :END: I keep secrets encrypted in a file outside of this repository. I have a project (also outside of this repository) that will write all secrets required by this project's roles to =group_vars/localhost/vars.yml=. This file is git-ignored in this project.

These are the roles that use secrets:
| Description                       | Secret name                                | Role              |
| AWS CLI credentials               | =aws_credentials_file_base64=              | awscli            |
| BetterTouchTool license           | =better_touch_tool_license_file_base64=    | better-touch-tool |
| DaisyDisk license                 | =daisydisk_registration_key_file_base64=   | daisydisk         |
| Enviroment variables for [[https://github.com/mpereira/dotfiles][dotfiles]] | =dotfiles_environment_yml_file_base64=     | dotfiles          |
| iStat Menus settings              | =istat_menus_settings_file_base64=         | istat-menus       |
| Prey API key                      | =prey_api_key_yaml_file_base64=            | prey              |
| Private SSH key                   | =mpereira_at_pluto_ssh_private_key_base64= | ssh-keys          |
| s3cmd configuration               | =s3cmd_cfg_file_base64=                    | s3cmd             |

If a =group_vars/localhost/vars.yml= file with those secrets is absent
running these roles will fail.

You have two choices: skip these roles, or write your
=group_vars/localhost/vars.yml=.

To skip them, when you reach the [[#provision-machine][provision machine]] step, make Ansible skip
roles tagged with =uses-secrets=. You don't need to run this now, the
command below is just an example.

#+begin_src bash
make converge ARGS='--skip-tags uses-secrets'
#+end_src

*** Prepare machine to run the Ansible playbooks This will:

Set up passwordless =sudo=
Install a user Python3
Install Ansible

#+begin_src bash
make bootstrap
#+end_src

Your machine should now be ready to be provisioned! You won't need to run
the above steps again.

** Configure machine (=make converge=) Now that the machine is bootstrapped, we can provision it.

*** Provision machine :PROPERTIES: :CUSTOM_ID: provision-machine :END: This runs all non-disabled roles in [[file:main.yml][=main.yml=]].

#+begin_src bash
make converge ARGS='--skip-tags disabled'
#+end_src

~ansible-playbook~ arguments can be passed via the =ARGS= environment variable.
For example, =--tags= can be passed so that only matching roles are run.

#+begin_src bash
make converge ARGS='--tags google-chrome'
#+end_src

=--skip-tags= can also be passed to avoid running certain roles.

#+begin_src bash
make converge ARGS='--skip-tags disabled,unity'
#+end_src

All role tags can be seen in [[file:main.yml][=main.yml=]].

Tasks may fail due to intermittent reasons like temporary server
unavailability. When a task fails you can either disable its role via
=--skip-tags= or use =--start-at-task= with the =name= value of some task to
cause Ansible to start the playbook exactly there.

For example, if the "Install Emacs" task from the "build-emacs" role fails
for what seems to be an intermittent issue, you can pick up provisioning
from there so that previous tasks don't have to re-run.

#+begin_src bash
make converge ARGS='--skip-tags disabled --start-at-task "Install Emacs"'
#+end_src

Check the [[https://docs.ansible.com/ansible/latest/user_guide/playbooks_startnstep.html][official Ansible documentation]] for more details.

*** Manual steps post =make converge= These are steps that are currently not automated because:

it would be difficult
it would be impossible
or I just didn't have the time

**** Change keyboard layout to U.S. international

System Preferences -> Keyboard -> Input Sources
Click +
Select "English" on left column
Select "U.S. International - PC" on right column
Click "Add"
Remove other keyboard layouts from the left column

**** iStat Menus

Import license from =roles/istat-menus/files/iStat Menus Settings.ismp=

**** PDF Expert

Register license

**** BetterTouchTool

Register license

** Terminal *** Preferences > Profiles > Pro > Font Set to =Hack Regular 18 pt=.

**** System Preferences > Security & Privacy > Privacy > [[https://www.howtogeek.com/297083/why-do-some-mac-apps-need-to-control-this-computer-using-accessibility-features/][Accessibility]]

BetterTouchTool.app
Emacs-*.app
MacGPT
RescueTime
Terminal
VLC
WhatsApp

**** System Preferences > Keyboard > Shortcuts > Mission Control Uncheck:

Mission Control
Move left a space
Move right a space
Switch to desktop 1

 I use these keybindings on Emacs.

** Roles * Installs ** Desktop Applications

[[https://www.android.com/filetransfer/][Android File Transfer]]
[[https://getbitbar.com/][BitBar]]
[[https://chatgpt.com/][ChatGPT]]
[[https://claude.com/][Claude]]
[[https://getcleanshot.com/][CleanShot X]]
[[http://doomlaser.com/cursorcerer-hide-your-cursor-at-will/][Cursorcerer]]
[[https://daisydiskapp.com/][DaisyDisk]]
[[https://kapeli.com/dash][Dash]]
[[https://dbeaver.io/][DBeaver]]
[[http://mizage.com/divvy/][Divvy]]
[[https://www.dropbox.com/install][Dropbox]]
[[https://www.elgato.com/en/dock/support][Elgato Dock]]
[[https://www.elgato.com/en/downloads][Elgato Control Center]]
[[https://justgetflux.com/][f.lux]]
[[https://www.mozilla.org/en-US/firefox/new][Firefox]]
[[https://ghostty.org/][Ghostty]]
[[https://www.google.com/chrome/index.html][Google Chrome]]
[[https://photos.google.com/apps][Google Photos]]
[[https://www.grammarly.com/native/mac][Grammarly]]
[[https://bjango.com/mac/istatmenus/][iStat Menus]]
[[https://www.cockos.com/licecap/][LICEcap]]
[[https://maccy.app/][Maccy]]
[[https://pdfexpert.com/][PDF Expert]]
[[https://www.perplexity.ai/][Perplexity]]
[[https://persephone.fm/][Persephone]]
[[https://www.rescuetime.com/][RescueTime]]
[[https://www.skype.com/en/download-skype/skype-for-mac/][Skype]]
[[https://slack.com/downloads/osx][Slack]]
[[https://www.spotify.com/br/download/other/][Spotify]]
[[http://store.steampowered.com/about/][Steam]]
[[https://telegram.org/][Telegram]]
[[https://www.pjrc.com/teensy/loader_mac.html][Teensy Loader]]
[[https://github.com/mpereira/macbook-playbook/tree/master/roles/toggle-dark-mode/files/ToggleDarkMode.app/Contents][ToggleDarkMode]]
[[https://unity3d.com/get-unity/download][Unity]]
[[https://docs.unity3d.com/Manual/GettingStartedInstallingHub.html][Unity Hub]]
[[https://www.videolan.org/vlc/download-macosx.html][VLC]]
[[https://www.whatsapp.com/download][WhatsApp]]
[[https://www.wireshark.org/][Wireshark]]
[[https://www.xquartz.org/][XQuartz]]
[[https://classic.youneedabudget.com/][YNAB]] (disabled by default, I use the online version and the application binary isn't available anymore)
[[https://zoom.us/][Zoom]]
[[https://www.zwift.com/][Zwift]]

**** Text Editors

[[https://emacsformacosx.com/][Emacs 28.2]]
[[https://github.com/daviderestivo/homebrew-emacs-head][Emacs 30]]
[[http://macvim-dev.github.io/macvim/][MacVim]]
[[https://github.com/neovim/neovim/wiki/Installing-Neovim][Neovim]]
[[https://www.jetbrains.com/rider/][Rider]]
[[http://www.vim.org/][Vim]] (disabled by default until I figure out why it isn't compiling on macOS Big Sur with LLVM 12)
[[https://code.visualstudio.com/][VSCode]]

**** Configuration

macOS defaults in =configure.sh=
[[https://github.com/mpereira/.emacs.d][dotemacs]]
[[https://github.com/mpereira/dotfiles][dotfiles]]

 Biome's user-level config is provisioned directly by this playbook at
 =~/Library/Application Support/biome/biome.json=.

 Claude local settings are ignored through =.gitignore=.

**** Programming Languages

[[https://clojure.org/guides/getting_started][Clojure]]
[[https://www.gnu.org/software/octave/download.html][GNU Octave]]
[[https://golang.org/][Go]]
[[https://docs.haskellstack.org/en/stable/README/][Haskell]]
[[https://adoptopenjdk.net/][Java (AdoptOpenJDK)]]
[[https://www.lua.org/download.html][Lua]]
[[http://luajit.org/download.html][LuaJIT]]
[[https://dotnet.microsoft.com/en-us/download/visual-studio-sdks][.NET]]
[[https://nodejs.org/en/download/][Node.js]]
[[http://www.purescript.org/][PureScript]] (disabled by default until I figure out why =stack install purescript= is currently failing)
[[https://www.python.org/downloads/mac-osx/][Python 3.14.4]]
[[https://cran.r-project.org/bin/macosx/][R]]
[[https://www.ruby-lang.org][Ruby]]
[[https://www.rust-lang.org/][Rust]]

**** Multimedia

**** Fonts

**** Browser Plugins

[[https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/][Firefox Adblock Plus]]

**** Virtualization, Provisioning, Containers and System Tools

[[https://store.docker.com/editions/community/docker-ce-desktop-mac][Docker]] (using [[https://orbstack.dev/][OrbStack]] instead)
[[https://cloud.google.com/sdk/docs/install-sdk][gcloud]]
[[https://github.com/kubernetes-sigs/krew][krew]]
[[https://kubernetes.io/docs/reference/kubectl/kubectl/][kubectl]]
[[https://github.com/ahmetb/kubectl-tree][kubectl-tree]]
[[https://openzfsonosx.org/][OpenZFS]] (disabled by default until it works on macOS Big Sur)
[[https://orbstack.dev/][OrbStack]]
[[https://www.terraform.io/][Terraform]]
[[https://www.vagrantup.com/downloads.html][Vagrant]]
[[https://github.com/dotless-de/vagrant-vbguest][Vagrant vagrant-vbguest plugin]]
[[https://www.virtualbox.org/wiki/Downloads][VirtualBox]]

**** Package Managers and Build Tools

**** Shell

**** Programming Utilities

**** Data Systems

[[http://hadoop.apache.org/][Apache Hadoop]] (disabled by default, it conflicts with the =yarn= JavaScript package manager)

**** Configuration, Monitoring and Debugging

[[http://jmeter.apache.org/][Apache JMeter]]
[[https://nicolargo.github.io/glances/][Glances]]
[[http://hisham.hm/htop/][htop]]
[[https://github.com/jpr5/ngrep][ngrep]]
[[https://github.com/MrRio/vtop][vtop]]

**** Document Processors and Plotting

**** Markup Tools

**** Command line tools

[[https://aws.amazon.com/cli/][AWS CLI]]
[[https://github.com/krodak/clickup-cli][ClickUp CLI]]
[[https://github.com/kerma/defaultbrowser][defaultbrowser]]
[[https://github.com/dandavison/delta][delta]]
[[https://github.com/dandavison/delta][delta]]
[[https://git-scm.com/download/mac][git]]
[[https://cli.github.com/][gh]] The =gh= role links the legacy =~/.config/gh= path to the macOS Application Support config directory.
[[https://github.com/sharkdp/fd][fd]]
[[https://stedolan.github.io/jq/][jq]]
[[https://www.npmjs.com/package/local-ssl-proxy][local-ssl-proxy]]
[[https://github.com/tw93/Mole][Mole]]
[[http://www.7-zip.org/][p7zip]]
[[https://www.gnu.org/software/parallel/][parallel]]
[[https://pypi.python.org/pypi/pgsanity][pgsanity]]
[[https://github.com/jcsalterego/pngpaste][pngpaste]]
[[https://github.com/BurntSushi/ripgrep][ripgrep]]
[[http://s3tools.org/s3cmd][s3cmd]] (disabled by default, I use the AWS CLI)
[[https://github.com/boyter/scc][scc]]
[[https://stripe.com/docs/stripe-cli][stripe-cli]]
[[https://tldr.sh/][tealdeer]]
[[https://github.com/julienXX/terminal-notifier][terminal-notifier]]
[[http://brewformulas.org/Tree][tree]]
[[https://vercel.com/docs/cli][vercel]]
[[https://github.com/vi/websocat][websocat]]
[[https://github.com/wg/wrk][wrk]]
[[https://tukaani.org/xz/][xz]]

**** Security

[[https://www.preyproject.com/download][Prey]]
[[https://www.gnupg.org/download/index.html][GnuPG]]
[[https://github.com/GPGTools/pinentry][pinentry-mac]]
gpg-agent-config (configures gpg-agent.conf with pinentry-mac)
[[https://github.com/jcoglan/vault][vault]]

**** GNU Command Line Tools

binutils
coreutils
diffutils
ed
findutils
gawk
gnu-indent
gnu-sed
gnu-tar
gnu-which
gnutls
grep
gzip
screen
watch
wdiff
wget

**** Miscellaneous

[[https://mutagen.io/][Mutagen]]
[[https://chromedriver.chromium.org/home][ChromeDriver]]
[[http://fontforge.github.io/en-US/downloads/mac-dl/][FontForge]]
[[http://download.qt.io/official_releases/qt/5.9/5.9.2/][Qt 5]] (disabled by default)
[[https://wordnet.princeton.edu/download][WordNet]]

* Configures ** Makes Google Chrome the default browser Passwordless sudo Puts SSH keys in place **** Remaps Caps-Lock to Control Uses an AppleScript helper for the current System Settings flow.

macbook-playbook

About macbook-playbook

Platforms

Languages

Links

README.md

+TITLE: macbook-playbook

+AUTHOR: Murilo Pereira [email protected]

Local Variables:

before-save-hook: org-make-toc

End: