Misc changes including MAS Ids
This commit is contained in:
Brian Zalewski
parent
7f65e743ad
commit
fed4440189
10 changed files with 142 additions and 48 deletions
|
|
@ -9,7 +9,6 @@ adobe-creative-cloud curl: (18) HTTP/2 stream 1 was reset
|
|||
|
||||
* NGINX /opt/homebrew/etc/nginx/nginx.conf, on port 8080 so no sudo required, nginx will load all files in /opt/homebrew/etc/nginx/servers/, brew services might require sudo if port 443 is used, Docroot /opt/homebrew/var/www
|
||||
* Full disk access to Terminal required for Parallels
|
||||
* Reset up YubiKeys
|
||||
|
||||
# TODOs
|
||||
|
||||
|
|
@ -236,3 +235,9 @@ The following items have been reviewed but need to be revisited due to complexit
|
|||
## Windows
|
||||
|
||||
- https://github.com/DDoSolitary/LxRunOffline
|
||||
|
||||
## Notes
|
||||
|
||||
* This might not be easily achievable since macOS encourages user input during setup but it would be nice to come up with a script that updates macOS from version 13 to 14 if an update is available (or 14 to 15 etc.). Normally, `softwareupdate` CLI command can handle 13.5 to 13.7 etc. but not major versions.
|
||||
* Configure firewall on macOS with `m firewall` on non-corp laptop
|
||||
* Link to CUPS printers (http://localhost:631/printers)
|
||||
|
|
@ -216,6 +216,7 @@ data:
|
|||
holdSudoPrivileges: true
|
||||
locale: "{{ $locale }}"
|
||||
name: "{{ $name }}"
|
||||
ntpServer: "time.apple.com"
|
||||
snapcraft:
|
||||
username: "{{ $snapcraftEmail }}"
|
||||
surgesh:
|
||||
|
|
|
|||
|
|
@ -21,29 +21,6 @@
|
|||
{{ includeTemplate "universal/profile-before" }}
|
||||
{{ includeTemplate "universal/logg-before" }}
|
||||
|
||||
### Configure hostname
|
||||
# Source: https://www.tecmint.com/set-hostname-permanently-in-linux/
|
||||
if [ -d /Applications ] && [ -d /System ]; then
|
||||
# Source: https://apple.stackexchange.com/questions/287760/set-the-hostname-computer-name-for-macos
|
||||
logg info 'Setting macOS hostname / local hostname / computer name'
|
||||
sudo scutil --set HostName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Changed HostName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
|
||||
sudo scutil --set LocalHostName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}' && logg success 'Changed LocalHostName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}'
|
||||
sudo scutil --set ComputerName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}' && logg success 'Changed ComputerName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}'
|
||||
logg info 'Flushing DNS cache'
|
||||
dscacheutil -flushcache
|
||||
elif [ -f /etc/passwd ]; then
|
||||
logg info 'Setting Linux hostname'
|
||||
hostname '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Changed hostname to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
|
||||
if command -v hostnamectl > /dev/null; then
|
||||
logg info 'Ensuring hostname persists after reboot'
|
||||
sudo hostnamectl set-hostname '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Permanently changed hostname to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
|
||||
else
|
||||
logg warn 'hostnamectl was not available in the PATH - this operating system type might be unsupported'
|
||||
fi
|
||||
else
|
||||
logg warn 'Could not configure hostname because system type was not detectable'
|
||||
fi
|
||||
|
||||
### Configure Firewall
|
||||
# TODO: If this is required, notes should be added describing the pros / cons of the security
|
||||
# if [ -d /Applications ] && [ -d /System ]; then
|
||||
|
|
@ -52,6 +29,7 @@ fi
|
|||
# fi
|
||||
|
||||
### System upgrade on macOS
|
||||
# Note: If a shutdown is required and the `softwareupdate` command restart command does not work then `m shutdown -f` might be useful or `m restart -f`
|
||||
if [ -d /Applications ] && [ -d /Library ] && [ -z "$NO_RESTART" ]; then
|
||||
if [ ! -f "$HOME/.zshrc" ] || ! cat "$HOME/.zshrc" | grep '# TEMPORARY FOR INSTALL DOCTOR MACOS' > /dev/null; then
|
||||
echo 'bash <(curl -sSL https://install.doctor/start) # TEMPORARY FOR INSTALL DOCTOR MACOS' >> "$HOME/.zshrc"
|
||||
|
|
|
|||
|
|
@ -75,7 +75,7 @@ decryptKey() {
|
|||
else
|
||||
installExpect
|
||||
expect -c "set timeout -1
|
||||
spawn age --decrypt --output "${XDG_CONFIG_HOME}/age/chezmoi.txt" "/usr/local/src/install.doctor/home/key.txt.age"
|
||||
spawn age --decrypt --output "${XDG_CONFIG_HOME}/age/chezmoi.txt" "${XDG_DATA_HOME:-$HOME/.local/share}/home/key.txt.age"
|
||||
expect \"Enter passphrase:\"
|
||||
send \"${AGE_PASSWORD}\r\"
|
||||
expect eof" > /dev/null || EXIT_CODE=$?
|
||||
|
|
|
|||
|
|
@ -30,3 +30,10 @@ fi
|
|||
if [ -d "$HOME/.wrangler" ]; then
|
||||
rm -rf "$HOME/.wrangler"
|
||||
fi
|
||||
|
||||
if [ -d /Applications ] && [ -d /System ]; then
|
||||
### Empty trash
|
||||
if command -v m > /dev/null; then
|
||||
logg info 'Emptying trash' && m trash clean
|
||||
fi
|
||||
fi
|
||||
|
|
@ -8,24 +8,98 @@
|
|||
{{ includeTemplate "universal/profile-before" }}
|
||||
{{ includeTemplate "universal/logg-before" }}
|
||||
|
||||
### Set hostname (if redefined)
|
||||
if command -v hostnamectl > /dev/null; then
|
||||
# Betelgeuse is the default hostname so only change when it is different
|
||||
if [ '{{ .host.hostname }}' != 'Betelgeuse' ]; then
|
||||
logg info "Setting hostname to {{ .host.hostname }}"
|
||||
sudo hostnamectl set-hostname {{ .host.hostname }}
|
||||
# @description Sets the hostname using `scutil` on macOS and using `hostname` and `hostnamectl` on Linux. On macOS, the HostName, LocalHostName, and ComputerName
|
||||
# are set equal to the value stored in `.host.hostname` (in `.chezmoi.yaml.tmpl`) but with the `.host.domain` stripped off. On Linux, the same is done
|
||||
# but only the hostname is set. On Linux, the hostname is set with the `hostname` command and then also with the `hostnamectl` command if it is available.
|
||||
#
|
||||
# ## Sources
|
||||
#
|
||||
# * [Changing Linux hostname permanently](https://www.tecmint.com/set-hostname-permanently-in-linux/)
|
||||
setHostname() {
|
||||
if [ -d /Applications ] && [ -d /System ]; then
|
||||
# Source: https://apple.stackexchange.com/questions/287760/set-the-hostname-computer-name-for-macos
|
||||
logg info 'Setting macOS hostname / local hostname / computer name'
|
||||
sudo scutil --set HostName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Changed HostName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
|
||||
sudo scutil --set LocalHostName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}' && logg success 'Changed LocalHostName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}'
|
||||
sudo scutil --set ComputerName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}' && logg success 'Changed ComputerName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}'
|
||||
logg info 'Flushing DNS cache'
|
||||
dscacheutil -flushcache
|
||||
elif [ -f /etc/passwd ]; then
|
||||
logg info 'Setting Linux hostname'
|
||||
hostname '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Changed hostname to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
|
||||
if command -v hostnamectl > /dev/null; then
|
||||
logg info 'Ensuring hostname persists after reboot'
|
||||
sudo hostnamectl set-hostname '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Permanently changed hostname to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
|
||||
else
|
||||
logg warn 'hostnamectl was not available in the PATH - this operating system type might be unsupported'
|
||||
fi
|
||||
else
|
||||
logg warn 'Could not configure hostname because system type was not detectable'
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
### Set timezone
|
||||
if command -v timedatectl > /dev/null; then
|
||||
logg info 'Setting timezone to {{ .user.timezone }}'
|
||||
sudo timedatectl set-timezone {{ .user.timezone }}
|
||||
fi
|
||||
# @description Sets the system timezone using `timedatectl` on Linux and `m` on macOS. If neither commands are available
|
||||
# then a warning message is printed.
|
||||
setTimezone() {
|
||||
if command -v timedatectl > /dev/null; then
|
||||
### Linux
|
||||
logg info 'Setting timezone to {{ .user.timezone }}'
|
||||
sudo timedatectl set-timezone {{ .user.timezone }}
|
||||
elif command -v m > /dev/null; then
|
||||
### macOS
|
||||
logg info 'Setting timezone to {{ .user.timezone }}' && m timezone set {{ .user.timezone }}
|
||||
else
|
||||
logg warn 'Neither timedatectl (Linux) or m (macOS) were found on the system'
|
||||
}
|
||||
|
||||
### Modify vm.max_map_count
|
||||
if command -v sysctl > /dev/null; then
|
||||
logg info 'Increasing vm.max_map_count size to 262144'
|
||||
sudo sysctl -w vm.max_map_count=262144 > /dev/null
|
||||
fi
|
||||
# @description Sets the NTP server using `m` on macOS
|
||||
setNtpServer() {
|
||||
if command -v m > /dev/null; then
|
||||
### macOS
|
||||
m ntp set {{ .user.ntpServer}}
|
||||
else
|
||||
logg warn 'Skipped setting the NTP server'
|
||||
fi
|
||||
}
|
||||
|
||||
# @description Increases the amount of memory a process can consume on Linux. In the case of `netdata` and other programs, many systems will suggest
|
||||
# increasing the `vm.max_map_count`. According to a [RedHat article](https://access.redhat.com/solutions/99913), the default value is `65530`.
|
||||
# This function increases that value to `262144` if `sysctl` is available on the system.
|
||||
increaseMapCount() {
|
||||
if command -v sysctl > /dev/null; then
|
||||
logg info 'Increasing vm.max_map_count size to 262144'
|
||||
sudo sysctl -w vm.max_map_count=262144 > /dev/null
|
||||
fi
|
||||
}
|
||||
|
||||
# @description Configures macOS to enable the notification center
|
||||
showNotificationCenter() {
|
||||
if command -v m > /dev/null; then
|
||||
logg info 'Configuring macOS to show notification center' && m notification showcenter YES
|
||||
fi
|
||||
}
|
||||
|
||||
# @description Disable the creation of `.DS_Store` files on macOS.
|
||||
disableDStoreFileCreation() {
|
||||
if command -v m > /dev/null; then
|
||||
logg info 'Disabling creation of .DS_Store files'
|
||||
echo y | m dir dsfiles off
|
||||
fi
|
||||
}
|
||||
|
||||
# @description Enables transparent dark-mode on macOS
|
||||
enableDarkTransparentMode() {
|
||||
if command -v m > /dev/null; then
|
||||
logg info 'Enabling dark mode' && m appearance darkmode YES
|
||||
logg info 'Enabling theme transparency' && m appearance transparency YES
|
||||
fi
|
||||
}
|
||||
|
||||
setHostname
|
||||
setTimezone
|
||||
setNtpServer
|
||||
increaseMapCount
|
||||
showNotificationCenter
|
||||
disableDStoreFileCreation
|
||||
enableDarkTransparentMode
|
||||
{{ end -}}
|
||||
|
|
|
|||
|
|
@ -192,11 +192,11 @@ if [ ! -d /Applications ] || [ ! -d /System ]; then
|
|||
# Create /etc/docker/daemon.json
|
||||
logg info 'Creating /etc/docker'
|
||||
sudo mkdir -p /etc/docker
|
||||
if [ -f /usr/local/src/install.doctor/home/dot_config/docker/daemon.json ]; then
|
||||
if [ -f "${XDG_DATA_HOME:-$HOME/.local/share}/home/dot_config/docker/daemon.json" ]; then
|
||||
logg info 'Creating /etc/docker/daemon.json'
|
||||
sudo cp "/usr/local/src/install.doctor/home/dot_config/docker/daemon.json" /etc/docker/daemon.json
|
||||
sudo cp "${XDG_DATA_HOME:-$HOME/.local/share}/home/dot_config/docker/daemon.json" /etc/docker/daemon.json
|
||||
else
|
||||
logg warn '/usr/local/src/install.doctor/home/dot_config/docker/daemon.json is not available so the /etc/docker/daemon.json file cannot be populated'
|
||||
logg warn "${XDG_DATA_HOME:-$HOME/.local/share}/home/dot_config/docker/daemon.json is not available so the /etc/docker/daemon.json file cannot be populated"
|
||||
fi
|
||||
|
||||
# Restart / enable Docker
|
||||
|
|
|
|||
13
home/Library/Scripts/disable-automatic-login.scpt
Normal file
13
home/Library/Scripts/disable-automatic-login.scpt
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
#!/usr/bin/osascript
|
||||
-- AppleScript to set Security settings "Disable automatic login" unchecked
|
||||
# @file Disable macOS Automatic Login
|
||||
# @brief Disables macOS automatic login via AppleScript
|
||||
# @description
|
||||
# This script disables the macOS automatic login feature in the system settings. The script was found
|
||||
# on [StackOverflow](https://apple.stackexchange.com/questions/307482/enabling-automatic-login-via-terminal).
|
||||
|
||||
tell application "System Events"
|
||||
tell security preferences
|
||||
set properties to { automatic login: true }
|
||||
end tell
|
||||
end tell
|
||||
|
|
@ -319,7 +319,7 @@ runChezmoi() {
|
|||
logg info 'Running chezmoi apply forcefully'
|
||||
if command -v unbuffer > /dev/null; then
|
||||
if command -v caffeinate > /dev/null; then
|
||||
unbuffer -p caffeinate chezmoi apply $DEBUG_MODIFIER -k --force 2>&1 | tee "$LOG_FILE"
|
||||
caffeinate unbuffer -p chezmoi apply $DEBUG_MODIFIER -k --force 2>&1 | tee "$LOG_FILE"
|
||||
else
|
||||
unbuffer -p chezmoi apply $DEBUG_MODIFIER -k --force 2>&1 | tee "$LOG_FILE"
|
||||
fi
|
||||
|
|
|
|||
20
software.yml
20
software.yml
|
|
@ -1436,6 +1436,7 @@ softwarePackages:
|
|||
github: github.com/bitwarden/desktop
|
||||
snap: bitwarden
|
||||
yay: bitwarden-git
|
||||
mas: 1352778147
|
||||
bitwarden-cli:
|
||||
_bin: bw
|
||||
_desc: '[Bitwarden CLI](https://github.com/bitwarden/cli) (i.e. bw) is a free and open-source official CLI for the [Bitwarden](https://bitwarden.com/) password manager. bw is available on Linux, macOS, and Microsoft Windows.'
|
||||
|
|
@ -3385,6 +3386,7 @@ softwarePackages:
|
|||
_name: Hidden Bar
|
||||
_when:cask: '! test -d "/Applications/Hidden Bar.app" && ! test -d "$HOME/Applications/Hidden Bar.app"'
|
||||
cask: hiddenbar
|
||||
mas: 1452453066
|
||||
flameshot:
|
||||
_bin: flameshot
|
||||
_desc: Powerful yet simple to use screenshot software
|
||||
|
|
@ -3497,6 +3499,7 @@ softwarePackages:
|
|||
_name: Eul
|
||||
_when:cask: '! test -d /Applications/eul.app && ! test -d $HOME/Applications/eul.app'
|
||||
cask: eul
|
||||
mas: 1537133867
|
||||
linkliar:
|
||||
_bin: null
|
||||
_desc: Menu bar application for macOS that allows you to spoof your MAC address
|
||||
|
|
@ -3522,8 +3525,9 @@ softwarePackages:
|
|||
_github: https://github.com/leits/MeetingBar
|
||||
_home: https://apps.apple.com/app/id1532419400
|
||||
_name: Meeting Bar
|
||||
_when:brew: test -d /Applications/MeetingBar.app
|
||||
brew:darwin: meetingbar
|
||||
_when:cask: test -d /Applications/MeetingBar.app
|
||||
cask: meetingbar
|
||||
mas: 1532419400
|
||||
crunch-app:
|
||||
_bin: null
|
||||
_desc: The macOS companion app for the crunch CLI tool that compresses PNG images.
|
||||
|
|
@ -3772,6 +3776,7 @@ softwarePackages:
|
|||
cask: telegram
|
||||
choco: telegram
|
||||
flatpak: org.telegram.desktop
|
||||
mas: 747648890
|
||||
google-assistant:
|
||||
_bin: g-assist
|
||||
_desc: '[Google Assistant for Desktop](https://github.com/Melvin-Abraham/Google-Assistant-Unofficial-Desktop-Client) is a cross-platform unofficial Google Assistant Client for Desktop.'
|
||||
|
|
@ -4838,6 +4843,7 @@ softwarePackages:
|
|||
flatpak: org.inkscape.Inkscape
|
||||
pacman: inkscape
|
||||
snap: inkscape
|
||||
mas: 2146510460
|
||||
intellij-idea-ce:
|
||||
_bin: intellij-idea-community
|
||||
_desc: '[IntelliJ IDEA](https://www.jetbrains.com/idea/) is an integrated development environment written in Java for developing computer software. It is developed by JetBrains, and is available as an Apache 2 Licensed community edition, and in a proprietary commercial edition. Both can be used for commercial development.'
|
||||
|
|
@ -5486,6 +5492,7 @@ softwarePackages:
|
|||
dnf: libreoffice
|
||||
flatpak: org.libreoffice.LibreOffice
|
||||
pacman: libreoffice
|
||||
mas: 1630474372
|
||||
license:
|
||||
_bin: license
|
||||
_desc: Command-line license text generator
|
||||
|
|
@ -5873,6 +5880,7 @@ softwarePackages:
|
|||
ansible: professormanhattan.microsofttodo
|
||||
cask: ao
|
||||
snap: microsoft-todo-unofficial
|
||||
mas: 1274495053
|
||||
hyperkit:
|
||||
_deps:darwin:
|
||||
- xcode
|
||||
|
|
@ -6139,6 +6147,7 @@ softwarePackages:
|
|||
_name: Profile Creator
|
||||
_when:cask: '! test -d /Applications/ProfileCreator.app && ! test -d $HOME/Applications/ProfileCreator.app'
|
||||
cask: profilecreator
|
||||
mas: 2141249187
|
||||
vagrant-manager:
|
||||
_bin: null
|
||||
_desc: Status bar menu application that allows you to manage Vagrant available on macOS and Windows
|
||||
|
|
@ -6620,6 +6629,7 @@ softwarePackages:
|
|||
_when:cask: '! test -d /Applications/Notion.app && ! test -d $HOME/Applications/Notion.app'
|
||||
cask: notion
|
||||
choco: notion
|
||||
mas: 1559269364
|
||||
zaproxy:
|
||||
_bin: zaproxy
|
||||
_desc: The world’s most widely used web app scanner. Free and open source. Actively maintained by a dedicated international team of volunteers. A GitHub Top 1000 project.
|
||||
|
|
@ -7110,6 +7120,7 @@ softwarePackages:
|
|||
_notes: For Homebrew Cask, this requires the terminal to have full disk access
|
||||
ansible:darwin: professormanhattan.parallels
|
||||
cask: parallels
|
||||
mas: 1085114709
|
||||
gnome-passwords-keys:
|
||||
_bin: seahorse
|
||||
flatpak: org.gnome.seahorse.Application
|
||||
|
|
@ -7904,6 +7915,7 @@ softwarePackages:
|
|||
_when:cask: '! test -d /Applications/RedisInsight.app && ! test -d $HOME/Applications/RedisInsight.app'
|
||||
cask: redisinsight
|
||||
flatpak: com.redis.RedisInsight
|
||||
mas: 2142946629
|
||||
recoverpy:
|
||||
_deps:
|
||||
- coreutils
|
||||
|
|
@ -7983,6 +7995,7 @@ softwarePackages:
|
|||
_name: Microsoft Remote Desktop
|
||||
_when:cask: '! test -d "/Applications/Microsoft Remote Desktop.app" && ! test -d "$HOME/Applications/Microsoft Remote Desktop.app"'
|
||||
cask: microsoft-remote-desktop
|
||||
mas: 1295203466
|
||||
aiac:
|
||||
_bin: aiac
|
||||
_github: https://github.com/gofireflyio/aiac
|
||||
|
|
@ -8706,6 +8719,7 @@ softwarePackages:
|
|||
choco: slack
|
||||
flatpak: com.slack.Slack
|
||||
snap: slack
|
||||
mas: 803453959
|
||||
slack-term:
|
||||
_bin: slack-term
|
||||
_desc: '[slack-term](https://github.com/erroneousboat/slack-term) features a colorful interface as well as keyboard shortcuts. It is one of, if not the, most well-received [Slack](https://slack.com/) client available on GitHub.'
|
||||
|
|
@ -9354,6 +9368,7 @@ softwarePackages:
|
|||
go: tailscale.com/cmd/tailscale{,d}@main
|
||||
pacman: tailscale
|
||||
port: tailscale
|
||||
mas: 1475387142
|
||||
task:
|
||||
_bin: task
|
||||
_desc: A task runner / simpler Make alternative written in Go
|
||||
|
|
@ -10924,6 +10939,7 @@ softwarePackages:
|
|||
choco: yubico-authenticator
|
||||
flatpak: com.yubico.yubioath
|
||||
script:darwin: curl -sSL https://developers.yubico.com/yubioath-flutter/Releases/yubico-authenticator-latest-mac.dmg > "/tmp/Yubico Authenticator.dmg" && hdiutil attach "/tmp/Yubico Authenticator.dmg" && sudo cp -R "/Volumes/Yubico Authenticator/Yubico Authenticator.app" /Applications && sudo hdiutil detach "/Volumes/Yubico Authenticator" && rm -f "/tmp/Yubico Authenticator.dmg"
|
||||
mas: 1497506650
|
||||
yubikey-manager:
|
||||
_bin: ykman
|
||||
_desc: Use the YubiKey Manager to configure FIDO2, OTP and PIV functionality on your YubiKey on Windows, macOS, and Linux operating systems.
|
||||
|
|
|
|||
Loading…
Reference in a new issue