A script to bootstrap a minimal macOS development system. This does not assume you're doing Ruby/Rails/web development but installs the minimal set of software every macOS developer will want.
Replacing Boxen in GitHub with a better tool. This post outlines the problems with Boxen and requirements for Strap and other tools used by GitHub: https://mikemcquaid.com/2016/06/15/replacing-boxen/
- Disables Java in Safari (for better security)
- Enables the macOS screensaver password immediately (for better security)
- Enables the macOS application firewall (for better security)
- Adds a
Found this computer?message to the login screen (for machine recovery)
- Enables full-disk encryption and saves the FileVault Recovery Key to the Desktop (for better security)
- Installs the Xcode Command Line Tools (for compilers and Unix tools)
- Agree to the Xcode license (for using compilers without prompts)
- Installs Homebrew (for installing command-line software)
- Installs Homebrew Bundle (for
- Installs Homebrew Services (for managing Homebrew-installed services)
- Installs Homebrew Cask (for installing graphical software)
- Installs the latest macOS software updates (for better security)
- Installs dotfiles from a user's
https://github.com/username/dotfilesrepository. If they exist and are executable: runs
script/setupto configure the dotfiles and
script/strap-after-setupafter setting up everything else.
- Installs software from a user's
.Brewfilein their home directory.
- A simple web application to set Git's name, email and GitHub token (needs authorised on any organisations you wish to access)
Out of Scope Features
- Enabling any network services by default (instead enable them when needed)
- Installing Homebrew formulae by default for everyone in an organisation (install them with
Brewfiles in project repositories instead of mandating formulae for the whole organisation)
- Opting-out of any macOS updates (Apple's security updates and macOS updates are there for a reason)
- Disabling security features (these are a minimal set of best practises)
- Add phone number to security screen message (want to avoid prompting users for information on installation)
Open https://macos-strap.herokuapp.com/ in your web browser.
Instead, to run Strap locally run:
git clone https://github.com/MikeMcQuaid/strap cd strap bash bin/strap.sh # or bash bin/strap.sh --debug for more debugging output
Instead, to run the web application locally run:
git clone https://github.com/MikeMcQuaid/strap cd strap ./script/bootstrap GITHUB_KEY="..." GITHUB_SECRET="..." ./script/server
Instead, to deploy to Heroku click:
Web Application Configuration Environment Variables
GITHUB_KEY: the GitHub.com Application Client ID.
GITHUB_SECRET: the GitHub.com Application Client Secret.
SESSION_SECRET: the secret used for cookie session storage.
WEB_CONCURRENCY: the number of Unicorn (web server) processes to run (defaults to 3).
STRAP_ISSUES_URL: the URL where users should file issues (defaults to no URL).
STRAP_BEFORE_INSTALL: instructions displayed in the web application for users to follow before installing Strap (wrapped in
CUSTOM_HOMEBREW_TAP: an optional Homebrew tap to install with
brew tap. Specify multiple arguments to brew tap by separating values with spaces.
CUSTOM_BREW_COMMAND: a single
brewcommand that is run after all other stages have completed.
Stable and in active development.