#+TITLE: macbook-playbook #+AUTHOR: Murilo Pereira [email protected]

:PROPERTIES: :TOC: ignore :END:

Install all your applications and configure everything the way you like it with one command.

** Table of Contents :PROPERTIES: :TOC: this :END: - [[#tested-on][Tested on]] - [[#configuring-machine][Configuring machine]] - [[#install-developer-tools-xcode-select][Install Developer Tools (xcode-select)]] - [[#clone-repository][Clone repository]] - [[#create-an-ansible-vault-password][Create an Ansible Vault password]] - [[#encrypted-files-using-ansible-vault][Encrypted files (using Ansible Vault)]] - [[#prepare-machine-to-run-the-ansible-playbooks][Prepare machine to run the Ansible playbooks]] - [[#provision-machine][Provision machine]] - [[#manual-steps-post-make-converge][Manual steps post make converge]] - [[#httpmizagecomhelpaccessibilityhtmlenable-assistive-access-for-divvy][Enable assistive access for Divvy]] - [[#enable-assistive-access-for-terminal][Enable assistive access for Terminal]] - [[#enable-assistive-access-for-emacs][Enable assistive access for Emacs]] - [[#set-up-spotify-lastfm-connect][Set up Spotify Last.fm connect]] - [[#roles][Roles]] - [[#installs][Installs]] - [[#desktop-applications][Desktop Applications]] - [[#text-editors][Text Editors]] - [[#communication][Communication]] - [[#configuration][Configuration]] - [[#multimedia][Multimedia]] - [[#browser-plugins][Browser Plugins]] - [[#programming-languages][Programming Languages]] - [[#virtualization-provisioning-containers-and-system-tools][Virtualization, Provisioning, Containers and System Tools]] - [[#package-managers-and-build-tools][Package Managers and Build Tools]] - [[#shell][Shell]] - [[#programming-utilities][Programming Utilities]] - [[#security][Security]] - [[#gnu-command-line-tools][GNU Command Line Tools]] - [[#data-systems][Data Systems]] - [[#configuration-monitoring-and-debugging-tag-observability][Configuration, Monitoring and Debugging (tag: observability)]] - [[#document-processors-and-plotting][Document Processors and Plotting]] - [[#markup-tools][Markup Tools]] - [[#command-line-tools][Command line tools]] - [[#miscellaneous][Miscellaneous]] - [[#configures][Configures]] - [[#passwordless-sudo][Passwordless sudo]] - [[#remaps-caps-lock-to-control][Remaps Caps-Lock to Control]] - [[#puts-ssh-keys-in-place][Puts SSH keys in place]] - [[#makes-google-chrome-the-default-browser][Makes Google Chrome the default browser]] - [[#author][Author]] - [[#license][License]]

** Tested on I've been using =macbook-playbook= since 2013. I've used it on at least six MacBook Pros with different macOS versions. As of March 2021 I use it on both my current MacBook Pros, one with Catalina and the other with Big Sur installed.

Please open an issue if you're trying this out and bump into anything.

** Bootstrap machine (=make bootstrap=) These are one-time steps that need to be done on machines that are running =macbook-playbook= for the first time.

*** Install Developer Tools (xcode-select) Open the "Terminal" application, type =git= into the shell and follow the instructions to install the Apple Developer Tools.

*** Clone repository Now your machine should have =git= and =python3= installed.

#+begin_src bash
git clone https://github.com/mpereira/macbook-playbook.git
#+end_src

*** Give Terminal/iTerm2/Emacs/etc. assistive access Depending on your macOS version you will be queried or not for assistive access while =make converge= runs. This is required for example to remap caps lock to control.

In case that task fails, or if you want to do it beforehand just in case, go
to "System Preferences > Security & Privacy > Privacy > [[https://www.howtogeek.com/297083/why-do-some-mac-apps-need-to-control-this-computer-using-accessibility-features/][Accessibility]]" and
add the application running =macbook-playbook= (Terminal/iTerm2/Emacs/etc.)
to the list.

*** Create an Ansible Vault password This password will be used to encrypt and decrypt the files referenced in the [[#encrypted-files][Encrypted files]] section. Please make sure to use a [[https://1password.com/password-generator/][strong password]].

#+begin_src bash
echo 'SomePassword123$' > .ansible_vault_password
#+end_src

*** Encrypted files (using Ansible Vault) :PROPERTIES: :CUSTOM_ID: encrypted-files :END: The files currently checked into this git repository are encrypted with my personal Ansible Vault password. Unless you have my password, roles referencing these files will fail to run.

| Description                       | File                                        | Role              |
| AWS CLI credentials               | =awscli/files/credentials=                    | awscli            |
| BetterTouchTool license           | =better-touch-tool/files/license.xml=         | better-touch-tool |
| Enviroment variables for dotfiles | =dotfiles/vars/environment.yml=               | dotfiles          |
| iStat Menus settings              | =istat-menus/files/iStat Menus Settings.ismp= | istat-menus       |
| Prey API key                      | =prey/vars/api_key.yml=                       | prey              |
| Private SSH key                   | =ssh-keys/files/id_rsa=                       | ssh-keys          |
| s3cmd configuration               | =s3cmd/files/.s3cfg=                          | s3cmd             |

You have two choices: skip these roles, and/or overwrite the encrypted files
with your own.

To overwrite them first run
#+begin_src bash
make truncate-sensitive-files
#+end_src

And then you'll be able to overwrite them with your own files (for example
your own =~/.ssh/id_rsa=) and then encrypt them with ~make encrypt~.

*** Prepare machine to run the Ansible playbooks This will: 1. Set up passwordless =sudo= 2. Install a user Python3 3. Install Ansible 4. Set up the Git pre-commit hook that automatically encrypts secrets before Git commits

#+begin_src bash
make bootstrap
#+end_src

Your machine should now be ready to be provisioned! You won't need to run
the above steps again.

** Configure machine (=make converge=) Now that the machine is bootstrapped, we can provision it.

*** Provision machine This runs all non-disabled roles in [[file:main.yml][=main.yml=]].

#+begin_src bash
make converge ARGS='--skip-tags disabled'
#+end_src

~ansible-playbook~ arguments can be passed via the =ARGS= environment variable.
For example, =--tags= can be passed so that only matching roles are run.

#+begin_src bash
make converge ARGS='--tags google-chrome'
#+end_src

=--skip-tags= can also be passed to avoid running certain roles.

#+begin_src bash
make converge ARGS='--skip-tags disabled,unity'
#+end_src

All role tags can be seen in [[file:main.yml][=main.yml=]].

Tasks may fail due to intermittent reasons like temporary server
unavailability. When a task fails you can either disable its role via
=--skip-tags= or use =--start-at-task= with the =name= value of some task to
cause Ansible to start the playbook exactly there.

For example, if the "Install Emacs" task from the "build-emacs" role fails
for what seems to be an intermittent issue, you can pick up provisioning
from there so that previous tasks don't have to re-run.

#+begin_src bash
make converge ARGS='--skip-tags disabled --start-at-task "Install Emacs"'
#+end_src

Check the [[https://docs.ansible.com/ansible/latest/user_guide/playbooks_startnstep.html][official Ansible documentation]] for more details.

*** Manual steps post =make converge= These are steps that are currently not automated because: - it would be difficult - it would be impossible - or I just didn't have the time

**** Change keyboard layout to U.S. international 1. System Preferences -> Keyboard -> Input Sources 2. Click + 3. Select "English" on left column 4. Select "U.S. International - PC" on right column 5. Click "Add" 6. Remove other keyboard layouts from the left column

**** iStat Menus 1. Import license from =roles/istat-menus/files/iStat Menus Settings.ismp=

**** PDF Expert 1. Register license

**** Sound Control 1. Check "Check for updates automatically" 2. Register license 3. Preferences > Priority Devices > Output and Input - Check "Switch to device when" "Device is attached" - Reorder devices in priority list

**** BetterTouchTool 1. Register license

**** Terminal ***** Preferences > Profiles > Pro > Font Set to =Hack Regular 18 pt.=

**** System Preferences > Security & Privacy > Privacy > [[https://www.howtogeek.com/297083/why-do-some-mac-apps-need-to-control-this-computer-using-accessibility-features/][Accessibility]] - BetterTouchTool.app - Dropbox - Emacs.app - Persephone.app - RescueTime - VLC

**** System Preferences > Keyboard > Shortcuts > Mission Control Uncheck: - Mission Control - Move left a space - Move right a space - Switch to desktop 1

** Roles *** Installs **** Desktop Applications - [[https://www.android.com/filetransfer/][Android File Transfer]] - [[https://getbitbar.com/][BitBar]] - [[http://doomlaser.com/cursorcerer-hide-your-cursor-at-will/][Cursorcerer]] - [[https://daisydiskapp.com/][DaisyDisk]] - [[https://kapeli.com/dash][Dash]] - [[http://mizage.com/divvy/][Divvy]] - [[https://www.dropbox.com/install][Dropbox]] - [[https://www.elgato.com/en/dock/support][Elgato Dock]] - [[https://justgetflux.com/][f.lux]] - [[https://www.mozilla.org/en-US/firefox/new][Firefox]] - [[https://www.google.com/chrome/index.html][Google Chrome]] - [[https://photos.google.com/apps][Google Photos]] - [[https://www.grammarly.com/native/mac][Grammarly]] - [[https://bjango.com/mac/istatmenus/][iStat Menus]] - [[https://www.cockos.com/licecap/][LICEcap]] - [[https://maccy.app/][Maccy]] - [[https://pdfexpert.com/][PDF Expert]] - [[https://persephone.fm/][Persephone]] - [[https://www.rescuetime.com/][RescueTime]] - [[https://www.skype.com/en/download-skype/skype-for-mac/][Skype]] - [[https://slack.com/downloads/osx][Slack]] - [[https://staticz.com/soundcontrol/][Sound Control]] - [[https://www.spotify.com/br/download/other/][Spotify]] - [[http://store.steampowered.com/about/][Steam]] - [[https://www.pjrc.com/teensy/loader_mac.html][Teensy Loader]] - [[https://github.com/mpereira/macbook-playbook/tree/master/roles/toggle-dark-mode/files/ToggleDarkMode.app/Contents][ToggleDarkMode]] - [[https://unity3d.com/get-unity/download][Unity]] - [[https://docs.unity3d.com/Manual/GettingStartedInstallingHub.html][Unity Hub]] - [[https://www.videolan.org/vlc/download-macosx.html][VLC]] - [[https://www.xquartz.org/][XQuartz]] - [[https://classic.youneedabudget.com/][YNAB]] (disabled by default, I use the online version and the application binary isn't available anymore)

**** Text Editors - [[https://emacsformacosx.com/][Emacs 27.1]] - [[https://github.com/daviderestivo/homebrew-emacs-head][Emacs 28.0.50]] - [[http://macvim-dev.github.io/macvim/][MacVim]] - [[https://github.com/neovim/neovim/wiki/Installing-Neovim][Neovim]] - [[http://www.vim.org/][Vim]] (disabled by default until I figure out why it isn't compiling on macOS Big Sur with LLVM 12) - [[https://code.visualstudio.com/][VSCode]]

**** Configuration - [[https://github.com/mpereira/.emacs.d][dotemacs]] - [[https://github.com/mpereira/dotfiles][dotfiles]]

**** Programming Languages - [[https://clojure.org/guides/getting_started][Clojure]] - [[https://www.gnu.org/software/octave/download.html][GNU Octave]] - [[https://golang.org/][Go]] - [[https://docs.haskellstack.org/en/stable/README/][Haskell]] - [[https://adoptopenjdk.net/][Java (AdoptOpenJDK)]] - [[https://www.lua.org/download.html][Lua]] - [[http://luajit.org/download.html][LuaJIT]] - [[https://nodejs.org/en/download/][Node.js]] - [[http://www.purescript.org/][PureScript]] (disabled by default until I figure out why =stack install purescript= is currently failing) - [[https://www.python.org/downloads/mac-osx/][Python 3]] - [[https://cran.r-project.org/bin/macosx/][R]] - [[https://www.ruby-lang.org][Ruby]] - [[https://www.rust-lang.org/][Rust]]

**** Multimedia - [[http://beets.io/][Beets]] - [[http://www.ffmpegmac.net/][FFmpeg]] - [[https://www.lcdf.org/gifsicle/][gifsicle]] - [[https://www.imagemagick.org/][ImageMagick]] - [[https://www.musicpd.org/clients/mpc/][mpc]] - [[https://www.musicpd.org/download.html][mpd]] - [[https://www.musicpd.org/clients/mpdscribble/][mpdscribble]] - [[https://www.mpg123.de/][mpg123]] - [[https://mplayerosx.ch/][mplayer]] - [[https://github.com/hnarayanan/shpotify][shpotify]] - [[http://taglib.org/][TagLib]]

**** Fonts - [[https://docs.microsoft.com/en-us/typography/font-list/consolas][Consolas]] - [[https://sourcefoundry.org/hack/][Hack]]

**** Browser Plugins - [[https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/][Firefox Adblock Plus]]

**** Virtualization, Provisioning, Containers and System Tools - [[https://store.docker.com/editions/community/docker-ce-desktop-mac][Docker]] - [[https://github.com/kubernetes-sigs/krew][krew]] - [[https://kubernetes.io/docs/reference/kubectl/kubectl/][kubectl]] - [[https://github.com/ahmetb/kubectl-tree][kubectl-tree]] - [[https://openzfsonosx.org/][OpenZFS]] (disabled by default until it works on macOS Big Sur) - [[https://www.terraform.io/][Terraform]] - [[https://www.vagrantup.com/downloads.html][Vagrant]] - [[https://github.com/dotless-de/vagrant-vbguest][Vagrant vagrant-vbguest plugin]] - [[https://www.virtualbox.org/wiki/Downloads][VirtualBox]]

**** Package Managers and Build Tools - [[http://bundler.io/][bundler]] - [[https://cmake.org/][CMake]] - [[https://www.graalvm.org/][GraalVM]] - [[https://brew.sh/][Homebrew]] - [[https://leiningen.org/][leiningen]] - [[https://www.macports.org/][MacPorts]] - [[https://www.gnu.org/software/make/][Make]] - [[https://maven.apache.org/][Maven]] - [[https://www.npmjs.com/package/pulp][pulp]] - [[https://yarnpkg.com/][Yarn]]

**** Shell - [[https://github.com/babashka/babashka][Babashka]] - [[https://www.gnu.org/software/bash/][Bash]] - [[https://fishshell.com/][fish]] - [[https://github.com/oh-my-fish/plugin-foreign-env][fish-foreign-env]] - [[https://www.iterm2.com/][iTerm]] - [[https://github.com/tmux/tmux][tmux]] - [[https://github.com/tmuxinator/tmuxinator][tmuxinator]] - [[http://www.zsh.org/][Zsh]]

**** Programming Utilities - [[https://black.readthedocs.io/en/stable/][Black]] - [[https://clojure-lsp.github.io/clojure-lsp/][clojure-lsp]] - [[https://ctags.io/][Ctags]] - [[https://github.com/google/yapf][YAPF]] - [[https://github.com/kkinnear/zprint][zprint]] - [[https://github.com/mikefarah/yq][yq]] - [[https://github.com/mvdan/sh][shfmt]] - [[https://github.com/snoe/node-cljfmt][node-cljfmt]] - [[https://github.com/tomnomnom/gron][gron]] - [[https://ktlint.github.io/][ktlint]] - [[https://prettier.io/][Prettier]] - [[https://pyre-check.org/][Pyre]] - [[https://rust-analyzer.github.io/][rust-analyzer]] - [[https://www.shellcheck.net/][ShellCheck]]

**** Data Systems - [[http://hadoop.apache.org/][Apache Hadoop]] (disabled by default, it conflicts with the =yarn= JavaScript package manager)

**** Configuration, Monitoring and Debugging - [[http://jmeter.apache.org/][Apache JMeter]] - [[https://nicolargo.github.io/glances/][Glances]] - [[http://hisham.hm/htop/][htop]] - [[https://github.com/jpr5/ngrep][ngrep]] - [[https://github.com/MrRio/vtop][vtop]]

**** Document Processors and Plotting - [[http://www.gnuplot.info/][gnuplot]] - [[http://www.tug.org/mactex/][MacTeX]]

**** Markup Tools - [[https://github.com/joeyespo/grip][Grip]] - [[https://gohugo.io/][Hugo]] - [[https://daringfireball.net/projects/markdown/][Markdown]] - [[https://pandoc.org/][Pandoc]] - [[https://wkhtmltopdf.org/][wkhtmltopdf]]

**** Command line tools - [[https://aws.amazon.com/cli/][AWS CLI]] - [[https://github.com/kerma/defaultbrowser][defaultbrowser]] - [[https://github.com/dandavison/delta][delta]] - [[https://github.com/dandavison/delta][delta]] - [[https://git-scm.com/download/mac][git]] - [[https://stedolan.github.io/jq/][jq]] - [[http://www.7-zip.org/][p7zip]] - [[https://pypi.python.org/pypi/pgsanity][pgsanity]] - [[https://github.com/jcsalterego/pngpaste][pngpaste]] - [[https://github.com/BurntSushi/ripgrep][ripgrep]] - [[http://s3tools.org/s3cmd][s3cmd]] (disabled by default, I use the AWS CLI) - [[https://tldr.sh/][tealdeer]] - [[https://github.com/julienXX/terminal-notifier][terminal-notifier]] - [[http://brewformulas.org/Tree][tree]] - [[https://github.com/vi/websocat][websocat]] - [[https://github.com/wg/wrk][wrk]] - [[https://tukaani.org/xz/][xz]]

**** Security - [[https://www.preyproject.com/download][Prey]] - [[https://www.gnupg.org/download/index.html][GnuPG]] - [[https://github.com/jcoglan/vault][vault]]

**** GNU Command Line Tools - binutils - coreutils - diffutils - ed - findutils - gawk - gnu-indent - gnu-sed - gnu-tar - gnu-which - gnutls - grep - gzip - screen - watch - wdiff - wget

**** Miscellaneous - [[https://mutagen.io/][Mutagen]] - [[http://fontforge.github.io/en-US/downloads/mac-dl/][FontForge]] - [[http://download.qt.io/official_releases/qt/5.9/5.9.2/][Qt 5]] (disabled by default) - [[https://wordnet.princeton.edu/download][WordNet]]

*** Configures **** Makes Google Chrome the default browser **** Passwordless sudo **** Puts SSH keys in place **** Remaps Caps-Lock to Control

macbook-playbook
macbook-playbook copied to clipboard

Metadata

Local Variables:

before-save-hook: org-make-toc

End:

← Metadata

Owner

Metadata

macbook-playbook macbook-playbook copied to clipboard

Metadata

Local Variables:

before-save-hook: org-make-toc

End:

← Metadata

Owner

Metadata

macbook-playbook
macbook-playbook copied to clipboard