-
Notifications
You must be signed in to change notification settings - Fork 91
/
setupscript.sh
224 lines (215 loc) · 9.3 KB
/
setupscript.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
#!/bin/bash
# REQUEST ADMIN PASSWORD AND KEEP ALIVE
sudo -v
while true; do sudo -n true; sleep 60; kill -0 "$$" || exit; done 2>/dev/null &
# Display some system stats before starting
# Get serial number and model
serial_number=$(system_profiler SPHardwareDataType | awk '/Serial/ {print $4}')
model=$(system_profiler SPHardwareDataType | awk '/Model Identifier/ {print $3}')
# Get friendly Mac model name
modelfriendly=$(defaults read ~/Library/Preferences/com.apple.SystemProfiler.plist 'CPU Names' | cut -sd '"' -f 4 | uniq) > /dev/null 2>&1
# Get CPU info and memory
cpu_info=$(sysctl -n machdep.cpu.brand_string)
memory=$(sysctl hw.memsize | awk '{print $2/1073741824" GB RAM"}')
# Get active network interface
interface=$(route get google.com | grep interface | awk '/interface/ {print $2}')
# Get primary IP address
ip_address=$(ifconfig $interface | grep inet | awk '$1=="inet" {print $2}')
# Get ethernet connection speed
ethernet_speed=$(networksetup -getMedia $interface | awk '/Active/ {print $2}')
output="
IP Address: $ip_address
Mac Model: $modelfriendly ($model)
CPU: $cpu_info
Memory: $memory
Serial: $serial_number
Ethernet Speed: $ethernet_speed
"
echo "$output"
# MAKES SURE WE ARE AT LEAST RUNNING 10.8 OR NEWER
if [[ $(sw_vers -productVersion | awk -F '.' '{print $1 "." $2}' | grep -E '10.[7-9]|1[0-9]') ]]
then
# CLEAR NVRAM IN CASE FIND MY MAC WAS PREVIOUSLY ENABLED
sudo nvram -d fmm-computer-name
sudo nvram -d fmm-mobileme-token-FMM
# DISABLE BONJOUR ADVERTISING
if [[ $(sw_vers -productVersion | grep '10.[6-9]') ]]
then
# CHECKS FOR FLAG IN CURRENT PLIST FILE
if [[ $(sudo /usr/libexec/PlistBuddy -c Print /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist | grep 'NoMulticast') ]]
then
echo "MULTICAST DISABLED, NO CHANGES MADE"
else
sudo /usr/libexec/PlistBuddy -c "Add :ProgramArguments: string -NoMulticastAdvertisements" /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
echo "MULTICAST DISABLED (OS X 10.6-10.9)"
fi
fi
# SET ENERGY PREFERENCES
# SET AUTO POWER ON / WAKE EVERY MIDNIGHT
sudo systemsetup -setallowpowerbuttontosleepcomputer off > /dev/null 2>&1
sudo pmset sleep 0
sudo pmset disksleep 0
sudo pmset displaysleep 0
sudo pmset autorestart 1
sudo pmset womp 1
sudo pmset repeat wakeorpoweron MTWRFSU 23:00:00
sudo pmset -c powernap 0
echo "ENERGY PREFERENCES ARE SET"
# SET DNS RESOLVERS AND TIMEZONE
while true; do
read -p "IS THIS MACHINE IN MKE1 or PHX1? [M/P]" sp
case $sp in
[Mm]* ) sudo networksetup -setdnsservers Ethernet 66.185.16.131 66.185.16.130; sudo systemsetup -settimezone America/Chicago; break;;
[Pp]* ) sudo networksetup -setdnsservers Ethernet 162.253.135.67 162.253.135.66; sudo systemsetup -settimezone America/Phoenix; break;;
* ) echo "Please type either an M or a P.";;
esac
done
# SET SEARCH DOMAIN AND CLEAR DNS CACHE TO USE CACHING SERVERS
sudo networksetup -setsearchdomains Ethernet macminivault.com
sudo killall -HUP mDNSResponder
# REMOVE PREFERRED WIFI NETWORKS
sudo networksetup -removeallpreferredwirelessnetworks en1
# DISABLES WIFI/BLUETOOTH NETWORKING
sudo networksetup -deletepppoeservice "Bluetooth PAN"
sudo networksetup -deletepppoeservice "Bluetooth DUN"
sudo networksetup -deletepppoeservice "Thunderbolt Bridge"
sudo networksetup -deletepppoeservice "FireWire"
# REMOVE SAVED WIFI PASSWORDS AS USER AND ROOT
security delete-generic-password -D "AirPort network password"
sudo security delete-generic-password -D "AirPort network password"
echo "NETWORK PREFERENCES ARE SET"
# SET PREFERENCES FOR FINDER AND LOGIN WINDOW
defaults write com.apple.finder ShowExternalHardDrivesOnDesktop -bool true
defaults write com.apple.finder ShowHardDrivesOnDesktop -bool true
defaults write com.apple.finder ShowMountedServersOnDesktop -bool true
defaults write com.apple.finder ShowRemovableMediaOnDesktop -bool true
sudo killall Finder
echo "FINDER PREFERENCES ARE SET"
sudo defaults write /Library/Preferences/com.apple.loginwindow PowerOffDisabled -bool true
sudo defaults write /Library/Preferences/com.apple.loginwindow SHOWFULLNAME -bool true
sudo defaults write /Library/Preferences/com.apple.loginwindow showInputMenu -bool true
sudo defaults write /Library/Preferences/com.apple.loginwindow AdminHostInfo HostName
echo "LOGIN WINDOW PREFERENCES ARE SET"
# SET COMPUTER NAME, DISABLE AND REENABLE REMOTE LOGIN AND SCREEN SHARING
MINI=xxx
echo "WHAT MACHINE IS THIS? (e.g.; a1-8, d8-8, e16-5)"
read MINI
sudo scutil --set ComputerName "$MINI.macminivault.com"
sudo scutil --set HostName "$MINI.macminivault.com"
echo "COMPUTER NAME SET"
echo "yes" | sudo systemsetup -setremotelogin off > /dev/null 2>&1
sleep 5
#sudo systemsetup -setremotelogin on > /dev/null 2>&1
if [[ $(sw_vers -productVersion | grep '10.[6-9]') ]]
then
sudo defaults write /var/db/launchd.db/com.apple.launchd/overrides.plist com.apple.screensharing -dict Disabled -bool true
sleep 5
sudo defaults write /var/db/launchd.db/com.apple.launchd/overrides.plist com.apple.screensharing -dict Disabled -bool false
sudo launchctl load /System/Library/LaunchDaemons/com.apple.screensharing.plist
fi
if [[ $(sw_vers -productVersion | awk -F '.' '{print $1 "." $2}' | grep -E '10.1[0-5]|1[1-5].[0-9]') ]]
then
sudo launchctl enable system/com.apple.screensharing
sleep 5
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.screensharing.plist
fi
echo "REMOTE LOGIN AND SCREEN SHARING ARE ENABLED"
# DISABLES THE ANNOYING "NO KEYBOARD" BLUETOOTH POPUP
# MOUNTAIN LION SPECIFIC SETTINGS
if [[ $(sw_vers -productVersion | grep '10.8') ]]
then
sudo rm /System/Library/LaunchAgents/com.apple.btsa.plist
launchctl unload -w /System/Library/LaunchAgents/com.apple.bluetoothUIServer.plist
launchctl unload -w /System/Library/LaunchAgents/com.apple.bluetoothAudioAgent.plist
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.blued.plist
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.bnepd.plist
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.IOBluetoothUSBDFU.plist
cd /System/Library/CoreServices
sudo mv Bluetooth\ Setup\ Assistant.app/ Bluetooth\ Setup\ Assistant-OFF.app/
cd -
echo "BLUETOOTH IS DISABLED"
fi
echo "...."
echo "...."
# MAVERICKS SPECIFIC SETTINGS
if [[ $(sw_vers -productVersion | grep '10.9') ]]
then
sudo defaults write /Library/Preferences/com.apple.Bluetooth ControllerPowerState '0' > /dev/null 2>&1
sudo defaults write /Library/Preferences/com.apple.Bluetooth BluetoothAutoSeekKeyboard '0' > /dev/null 2>&1
sudo defaults write /Library/Preferences/com.apple.Bluetooth BluetoothAutoSeekPointingDevice '0' > /dev/null 2>&1
echo "BLUETOOTH IS DISABLED"
# DISABLE IDIOTIC SETTING 'DISPLAYS HAVE SEPERATE SPACES'
defaults write com.apple.spaces spans-displays -bool TRUE
# DISABLES UNICAST ARP CACHE VALIDATION
if [[ -f /etc/sysctl.conf ]]
then
if grep 'unicast' /etc/sysctl.conf > /dev/null 2>&1
then
echo "PATCH WAS PREVIOUSLY ENABLED"
fi
else
sudo sysctl -w net.link.ether.inet.arp_unicast_lim=0 > /dev/null 2>&1
echo "net.link.ether.inet.arp_unicast_lim=0" | sudo tee -a /etc/sysctl.conf > /dev/null 2>&1
sudo chown root:wheel /etc/sysctl.conf
sudo chmod 644 /etc/sysctl.conf
echo "PATCH ENABLED"
fi
fi
echo "...."
echo "...."
# 10.10+ SETTINGS
if [[ $(sw_vers -productVersion | awk -F '.' '{print $1 "." $2}' | grep -E '10.1[0-5]|1[1-5].[0-9]') ]]
then
sudo defaults write /Library/Preferences/com.apple.Bluetooth ControllerPowerState '0' > /dev/null 2>&1
sudo defaults write /Library/Preferences/com.apple.Bluetooth BluetoothAutoSeekKeyboard '0' > /dev/null 2>&1
sudo defaults write /Library/Preferences/com.apple.Bluetooth BluetoothAutoSeekPointingDevice '0' > /dev/null 2>&1
echo "BLUETOOTH IS DISABLED"
# DISABLE IDIOTIC SETTING 'DISPLAYS HAVE SEPERATE SPACES'
defaults write com.apple.spaces spans-displays -bool TRUE
fi
echo "...."
echo "...."
echo "RUN SOFTWARE UPDATES MANUALLY AFTER THE REBOOT."
# PROGRESS SPINNER AND SOFTWARE UPDATES
echo "RUNNING SOFTWARE UPDATES"
echo "MACHINE WILL REBOOT AFTER SOFTWARE UPDATES ARE INSTALLED"
echo "SOFTWARE UPDATES CAN TAKE 10+ MINUTES"
spinner()
{
local pid=softwareupdate
local delay=0.5
local spinstr='|/-\'
while [ "$(ps a | awk '{print $5}' | grep $pid)" ]; do
local temp=${spinstr#?}
printf " [%c] " "$spinstr"
local spinstr=$temp${spinstr%"$temp"}
sleep $delay
printf "\b\b\b\b\b\b"
done
printf " \b\b\b\b"
}
if [[ $(sw_vers -productVersion | awk -F '.' '{print $1 "." $2}' | grep -E '10.[7-9]|10.1[0-3]') ]]
then
sudo softwareupdate -i -r > /dev/null 2>&1 &
fi
# New 2018 minis that require an EFI firmware update will not come back online unless the --restart option is selected - obviously this means the rest of the script won't be run, which is fine.
if [[ $(sw_vers -productVersion | awk -F '.' '{print $1 "." $2}' | grep -E '10.1[4-5]') ]]
then
sudo softwareupdate -i -r --restart > /dev/null 2>&1 &
fi
# SCRIPTED UPDATES NO LONGER WORK ON BIG SUR+ DUE TO SECONDARY AUTH PROMPT, SKIPPING TO REBOOT
if [[ $(sw_vers -productVersion | awk -F '.' '{print $1 "." $2}' | grep -E '1[1-5].[0-9]') ]]
then
sudo reboot > /dev/null 2>&1
fi
sleep 1
/bin/echo -n "SOFTWARE UPDATES ARE DOWNLOADING AND INSTALLING" && spinner
echo ""
history -c
clear
# WE ARE GOING TO REBOOT FOR ALL CHANGES AND UPDATES TO TAKE EFFECT
sudo reboot > /dev/null 2>&1
else
echo "SORRY, THIS IS ONLY FOR OS X 10.8 OR NEWER"
fi
exit