Install all your applications and configure everything the way you like it with one command.
- Table of Contents
- Tested on
- Bootstrap machine (make bootstrap)
- Configure machine (make converge)
- Roles
- Installs
- Desktop Applications
- Text Editors
- Configuration
- Programming Languages
- Multimedia
- Fonts
- Browser Plugins
- Virtualization, Provisioning, Containers and System Tools
- Package Managers and Build Tools
- Shell
- Programming Utilities
- Data Systems
- Configuration, Monitoring and Debugging
- Document Processors and Plotting
- Markup Tools
- Command line tools
- Security
- GNU Command Line Tools
- Miscellaneous
- Configures
- Installs
- Author
- License
I’ve been using macbook-playbook
since 2013. I’ve used it on at least eight
MacBook Pros with different macOS versions. As of May 2023 I use it on my
personal 16” 2023 Macbook Pro with Ventura installed and on my work 16” 2019
Macbook Pro with Monterey installed.
Please open an issue if you’re trying this out and bump into anything.
These are one-time steps that need to be done on machines that are running
macbook-playbook
for the first time.
Open the “Terminal” application, type git
into the shell and follow the
instructions to install the Apple Developer Tools.
Now your machine should have git
and python3
installed.
git clone https://github.com/mpereira/macbook-playbook.git
Depending on your macOS version you will be queried or not for assistive
access while make converge
runs. This is required for example to remap
caps lock to control.
In case that task fails, or if you want to do it beforehand just in case, go
to “System Preferences > Security & Privacy > Privacy > Accessibility” and
add the application running macbook-playbook
(Terminal/iTerm2/Emacs/etc.)
to the list.
group_vars/localhost/vars.yml
. This
file is git-ignored in this project.
These are the roles that use secrets:
Description | Secret name | Role |
AWS CLI credentials | aws_credentials_file_base64 | awscli |
BetterTouchTool license | better_touch_tool_license_file_base64 | better-touch-tool |
DaisyDisk license | daisydisk_registration_key_file_base64 | daisydisk |
Enviroment variables for dotfiles | dotfiles_environment_yml_file_base64 | dotfiles |
iStat Menus settings | istat_menus_settings_file_base64 | istat-menus |
Prey API key | prey_api_key_yaml_file_base64 | prey |
Private SSH key | mpereira_at_pluto_ssh_private_key_base64 | ssh-keys |
s3cmd configuration | s3cmd_cfg_file_base64 | s3cmd |
If a group_vars/localhost/vars.yml
file with those secrets is absent
running these roles will fail.
You have two choices: skip these roles, or write your
group_vars/localhost/vars.yml
.
To skip them, when you reach the provision machine step, make Ansible skip
roles tagged with uses-secrets
. You don’t need to run this now, the
command below is just an example.
make converge ARGS='--skip-tags uses-secrets'
This will:
- Set up passwordless
sudo
- Install a user Python3
- Install Ansible
make bootstrap
Your machine should now be ready to be provisioned! You won’t need to run the above steps again.
Now that the machine is bootstrapped, we can provision it.
This runs all non-disabled roles in =main.yml=.make converge ARGS='--skip-tags disabled'
ansible-playbook
arguments can be passed via the ARGS
environment variable.
For example, --tags
can be passed so that only matching roles are run.
make converge ARGS='--tags google-chrome'
--skip-tags
can also be passed to avoid running certain roles.
make converge ARGS='--skip-tags disabled,unity'
All role tags can be seen in =main.yml=.
Tasks may fail due to intermittent reasons like temporary server
unavailability. When a task fails you can either disable its role via
--skip-tags
or use --start-at-task
with the name
value of some task to
cause Ansible to start the playbook exactly there.
For example, if the “Install Emacs” task from the “build-emacs” role fails for what seems to be an intermittent issue, you can pick up provisioning from there so that previous tasks don’t have to re-run.
make converge ARGS='--skip-tags disabled --start-at-task "Install Emacs"'
Check the official Ansible documentation for more details.
These are steps that are currently not automated because:
- it would be difficult
- it would be impossible
- or I just didn’t have the time
- System Preferences -> Keyboard -> Input Sources
- Click +
- Select “English” on left column
- Select “U.S. International - PC” on right column
- Click “Add”
- Remove other keyboard layouts from the left column
- Import license from
roles/istat-menus/files/iStat Menus Settings.ismp
- Register license
- Register license
Set to Hack Regular 18 pt
.
System Preferences > Security & Privacy > Privacy > Accessibility
- BetterTouchTool.app
- Emacs-*.app
- MacGPT
- RescueTime
- Terminal
- VLC
Uncheck:
- Mission Control
- Move left a space
- Move right a space
- Switch to desktop 1
I use these keybindings on Emacs.
- Android File Transfer
- BitBar
- Cursorcerer
- DaisyDisk
- Dash
- Divvy
- Dropbox
- Elgato Dock
- Elgato Control Center
- f.lux
- Firefox
- Google Chrome
- Google Photos
- Grammarly
- iStat Menus
- LICEcap
- Maccy
- PDF Expert
- Persephone
- RescueTime
- Skype
- Slack
- Spotify
- Steam
- Teensy Loader
- ToggleDarkMode
- Unity
- Unity Hub
- VLC
- Wireshark
- XQuartz
- YNAB (disabled by default, I use the online version and the application binary isn’t available anymore)
- Zoom
- Zwift
- Emacs 28.2
- Emacs 29
- MacVim
- Neovim
- Rider
- Vim (disabled by default until I figure out why it isn’t compiling on macOS Big Sur with LLVM 12)
- VSCode
- Clojure
- GNU Octave
- Go
- Haskell
- Java (AdoptOpenJDK)
- Lua
- LuaJIT
- .NET
- Node.js
- PureScript (disabled by default until I figure out why
stack install purescript
is currently failing) - Python 3
- R
- Ruby
- Rust
- Docker (using OrbStack instead)
- gcloud
- krew
- kubectl
- kubectl-tree
- OpenZFS (disabled by default until it works on macOS Big Sur)
- OrbStack
- Terraform
- Vagrant
- Vagrant vagrant-vbguest plugin
- VirtualBox
- Black
- clojure-lsp
- Ctags
- YAPF
- zprint
- yq
- shfmt
- node-cljfmt
- gron
- ktlint
- Prettier
- Pyre
- rust-analyzer
- ShellCheck
- Apache Hadoop (disabled by default, it conflicts with the
yarn
JavaScript package manager)
- AWS CLI
- defaultbrowser
- delta
- delta
- git
- gh
- fd
- jq
- local-ssl-proxy
- p7zip
- parallel
- pgsanity
- pngpaste
- ripgrep
- s3cmd (disabled by default, I use the AWS CLI)
- scc
- stripe-cli
- tealdeer
- terminal-notifier
- tree
- vercel
- websocat
- wrk
- xz
- binutils
- coreutils
- diffutils
- ed
- findutils
- gawk
- gnu-indent
- gnu-sed
- gnu-tar
- gnu-which
- gnutls
- grep
- gzip
- screen
- watch
- wdiff
- wget
- Mutagen
- ChromeDriver
- FontForge
- Qt 5 (disabled by default)
- WordNet