Automated macOS and Linux provisioning with Ansible.
I never wanted to manually configure my OS environment again.
After years of having to set aside a day or two to setup a new computer or reconfigure my environment after a clean OS install, I wanted to find a better way.
I started off with a simple shell script that copied my
.zshrc files to my home directory and installed some
Then a colleague introduced me to Ansible...
Ansible is a framework that structures the provisioning process for a new machine or clean OS with declarative YAML files.
The basic components of Ansible are:
- Inventory: the machine or OS that Ansible will run on.
- Play: a unique, declared environment that will be installed on an Inventory.
- Role: a single configuration task. Example tasks that each would be an independent role:
Install my Homebrew packages,
Configure my zsh, or
Set my standard macOS defaults.
bootstrap.sh: single script that can be triggered to provision a local machine. It likely will clone the
.filesrepo, installs Ansible, and start the Ansible playbook.
.files repo holds my Ansible configuration, and all static scripts and files I need for a new machine. It works great on a clean macOS environment and I'll be expanding it to work on Linux soon.
If you'd like to build your own, feel free to fork my repo or check out any of the helpful resources and examples below!
- Ansible docs very thorough spec for all standard Ansible modules and functionality
- macOS-Security-and-Privacy-Guide - @drduh consolidates best practices from enterprise IT and government to secure macOS from many standard threat models
- mac-dev-playbook - @geerlingguy one of the best macOS Ansible playbooks I found, he also wrote many great Ansible Roles which you can use in your own playbook too
- .tmux - @gpakosz awesome tmux configuration file for terminal multiplexing (multiple shell instances in the same terminal session)
- iterm2-solarized - @kevin-smets really nice iTerm2 configuration with a
- dotfiles/.macos - @mathiasbynens >900 lines of great common sense macOS defaults and configuration that you can easily clone and customize
- dockutil - @kcrawford great shell script for customizing macOS dock items
- mac-dev-playbook - @ricbra another great example (this includes
- hosts - @StevenBlack community built lists of undesirable domains that can be blocked using your
- macOS-home-call-drop - @karek314 shell script that restricts macOS daemons and agents from "phoning home" to Cupertino
- AutoDMG - @MagerValp simply macOS app that builds macOS install images for easy machine imaging
- CreateUserPkg - @MagerValp macOS app that creates macOS pkg containing configuration for a macOS user account, can be included with an