This repo helps provision a brand new or existing macOS system.
Some basics before you begin to provision your system. This tool requires Ansible and Homebrew to perform the installations. Why these tools? Ansible is a beautiful automation software. Homebrew is the best package management software for macOS systems. These two are meant for each other when it comes to provisioning a macOS. If I lost you already, don't worry about it. The tool installs all dependencies necessary for a beautiful easy automated installation. So kick back and relax.
Prepare system:
- (optional) System Preferences -> Trackpad -> Disable "Force Click and haptic feedback"
- Launch Mac App Store and authenticate using your Apple iCloud Account
- Launch Terminal app
- Run
gitcommand to install x-tools - Clone this repo:
git clone https://github.com/ansiblejunky/ansible-macos-provisioner.git - Configure vim editor:
cp data/.vimrc ~/.vimrc
- Run
- Run
./install_system.shto install basic system requirements such asx-tools - Run
./install_brew.shto install homebrew package manager on your Mac - Run
./install_python.shto install a python environment usingpyenvandansible - Backup/Restore to New Laptop
- Launch backup software on old system
- Select backup of specific folders
- Perform the backup to external device (USB Harddrive, Cloud, etc)
- Install your backup software on new system:
brew install carbon-copy-cloner - Register the software
- Restore to the new system
- Copy manually other selected files/folders (
.sshfolder,.files, etc)
Install the software:
- Customize the software defined for your system
- Run
ansible-playbook -v install_software.yml --ask-become-passto install software. Some software will require your password so this asks for it in the beginning so you can go get a coffee - Done!
Other things not automated yet, but common tasks to take care of.
- Browser configuration
- Launch Brave Browser
- Configure Sync to get extensions, tabs, settings from old laptop browser
- Navigate to Brave -> History to get opened tabs that were synced from old laptop
- Yubikey configuration (see instructions below)
- iTerm2 configuration
- Preference -> Advanced -> Mouse Tab, set
Scroll wheel sends arrow keys when in alternate screen modeto Yes - Configure zsh:
cp data/.zshrc ~/.zshrc - Install oh-my-zsh
- Preference -> Advanced -> Mouse Tab, set
- WebCatalog configuration; install these apps
- Gmail
- Google Keep
- Chat GPT
- Google Chat
- Conference tools configuration
- Test all conference tools to ensure they can share screens and mic works, etc. (this usually requires a lot of approvals for Mac security)
- Printer configuration in System Preferences
The following is my custom configuration of VSCode:
# Ansible
code --install-extension redhat.ansible
# TODO Highlight
code --install-extension wayou.vscode-todo-highlight
# VSCode Remote Developer
code --install-extension ms-vscode-remote.vscode-remote-extensionpack
# VSCode PDF Reader
code --install-extension tomoki1207.pdfSettings (edit $HOME/Library/Application\ Support/Code/User/settings.json):
{
"window.title": "${rootName}${separator}${profileName}",
"workbench.tree.indent": 20,
"python.terminal.activateEnvironment": false
}Open Windows:
# Open windows with common folders
code ~/Projects/customers
code ~/Projects/ansible-automation-journey
code ~/Projects/ansible-role-template
code ~/Projects/ansible-project-template
code ~/Projects/ansible-networkingUse the following steps to install and configure your Yubikey on your new Mac.
- Install Yubikey Manager tool:
brew install yubico-yubikey-manager - Start Yubikey Manager app
- Plug the Yubikey device into a Mac slot
- App should recognize it and display icon and firmware info
- Select "Applications" from the top
Slot 1 is for "short touch", Slot 2 is for "long touch" so you can setup 2 slots to manage 2 systems and out-of-the-box Yubikey configures slot 1 to work with their website. I don't care about connecting to Yubico and I prefer having the short touch mechanism, so I did the following...
- Select "Delete" on slot 1 to remove the existing configuration
- Select "Configure" on slot 1
- Select "OATH-HOTP" option
- To get a "Secret Key" we need to generate that from RH website
- Connect to Red Hat's VPN using Viscosity software and your current FreeOTP app on your phone
- Navigate to https://token.redhat.com/ and login using kerberos credentials
- Select "Create Software Token" from left-hand panel
- ensure "Generate OTP Key on the Server" is enabled
- enter a Description of the token
- enter the PIN you want (probably same you had before)
- select "Enroll Token" button
- Use the FreeOTP app on your phone to scan the QR code (it may ask for the issuer - use 'Red Hat')
- On the website, there is a link at the top to get the URL when you do not have a QR scanner. Use that and it shows you the Secret Key in the URL it generates.
- Place the secret key string into the Yubico Manager app - the last we left it sitting on a page where it requests the secret key. Ensure it has 6 digits set as well.
- Select "Finish" on the Yubico Manager app and it configures the slot correctly.
- Go back to the Red Hat token.redhat.com site and use the testing page to test your PIN and TOKEN. If necessary sync the token.
- You should get success on the sync and also testing it using the "TEST TOKEN" area on the bottom.
- You're done! Dang!
To find other homebrew software and formulae, use the following links.
For the best free Mac applications, look here: http://thriftmac.com
- TODO: Fix Ansible tasks for shortcuts, links
- Automate postman preferences and saved environments (export them and then import them)
- Automate iTerm2 preferences; for now backup your iTerm2 preferences using these commands
- Copy preferences file:
cp ~/Library/Preferences/com.googlecode.iterm2.plist data/ - Convert from binary to XML format:
plutil -convert xml1 data/com.googlecode.iterm2.plist - More information here
- Copy preferences file:
- Automate docked items
- Configure screen saver and wallpaper to point to
Pictures/images - Pages (verify book opens)
- GarageBand (transfer files)
- Register the Carbon Copy Cloner software
- Register Tuxera NTFS (for windows USB drives)
- Automate install of other stuff
- Install Keka as archive utility (or izip)
- Install and run Malwarebytes
- Install and run Bitdefender Virus Scanner
- Install and register Telegram
- iBooks Author - verify books open; Documents/Books/...
- BookWright (Blurb application)
- Install and register easyHDR3
- Install and register Panorama Maker
- Install and register Photomatix Pro 6
- Amazon Music
- Install printer and HP Easy Scan (verify scanner)
- XnConvert (convert multiple images):
brew cask install xnconvert - Balena Etcher disk burning tool:
brew cask install balenaetcher - Install wireshark
- Install gimp as image editor tool
The following tools are some fun and useful tools I have found. Some come with the Mac OS and some can be installed.
Mac file systems and FAT32. You might notice when working with FAT32 file systems (often on USB drives) that there are files created with a dot-underscore prefix (._). These are created in order to handle the different attributes that are managed by the different file systems. You can clean them using the not-so-famous 'dot_clean' tool that comes with the macOS.
cd /Volumes/USBDRIVE/
dot_clean -m .https://ss64.com/osx/ditto.html
Use Ansible say module to say things while the Playbook is running.
More information:
Examples:
# List all voices:
say -v ?
# List English-speaking voices:
say --voice='?' |grep "en[_-]"
say "Starting Ansible Automation" -v Samanthahttps://ss64.com/osx/caffeinate.html
banner -w [the width of the banner in pixels] [your message]
Provide copying and pasting to the pasteboard (the Clip-board) from command line http://osxdaily.com/2007/03/05/manipulating-the-clipboard-from-the-command-line/
You may need to rename multiple files at the same time, to conform to some naming convention.
Option #1: Use the Finder and this blog
Option #2: brew install rename http://plasmasturm.org/code/rename/
This was written by John Wadleigh, based on my personal need to automate everything.