Strap: Bootstrap Your macOS Development System

Strap

A script to bootstrap a minimal macOS development system. This does not assume you're doing Ruby/Rails/web development but installs the minimal set of software every macOS developer will want.

Features

  • Enables sudo using TouchID
  • Disables Java in Safari (for better security)
  • Enables the macOS screensaver password immediately (for better security)
  • Enables the macOS application firewall (for better security)
  • Adds a Found this computer? message to the login screen (for machine recovery)
  • Enables full-disk encryption and saves the FileVault Recovery Key to the Desktop (for better security)
  • Installs the Xcode Command Line Tools (for compilers and Unix tools)
  • Agree to the Xcode license (for using compilers without prompts)
  • Installs Homebrew (for installing command-line software)
  • Installs Homebrew Bundle (for bundler-like Brewfile support)
  • Installs Homebrew Services (for managing Homebrew-installed services)
  • Installs Homebrew Cask (for installing graphical software)
  • Installs the latest macOS software updates (for better security)
  • Installs dotfiles from a user's https://github.com/username/dotfiles repository. If they exist and are executable: runs script/setup to configure the dotfiles and script/strap-after-setup after setting up everything else.
  • Installs software from a user's Brewfile in their https://github.com/username/homebrew-brewfile repository or .Brewfile in their home directory.
  • A simple web application to set Git's name, email and GitHub token (needs authorised on any organisations you wish to access)
  • Idempotent

Out of Scope Features

  • Enabling any network services by default (instead enable them when needed)
  • Installing Homebrew formulae by default for everyone in an organisation (install them with Brewfiles in project repositories instead of mandating formulae for the whole organisation)
  • Opting-out of any macOS updates (Apple's security updates and macOS updates are there for a reason)
  • Disabling security features (these are a minimal set of best practises)
  • Add phone number to security screen message (want to avoid prompting users for information on installation)

Usage

Open https://strap.mikemcquaid.com/ in your web browser.

Instead, to run Strap locally run:

git clone https://github.com/MikeMcQuaid/strap
cd strap
bash bin/strap.sh # or bash bin/strap.sh --debug for more debugging output

Instead, to run the web application locally run:

git clone https://github.com/MikeMcQuaid/strap
cd strap
./script/bootstrap
GITHUB_KEY="..." GITHUB_SECRET="..." ./script/server

Strap is also available as a Docker image on Docker Hub (mikemcquaid/strap) and GitHub Packages (ghcr.io/mikemcquaid/strap).

Web Application Configuration Environment Variables

  • GITHUB_KEY: the GitHub.com Application Client ID.
  • GITHUB_SECRET: the GitHub.com Application Client Secret.
  • SESSION_SECRET: the secret used for cookie session storage.
  • WEB_CONCURRENCY: the number of Puma (web server) threads to run (defaults to 3).
  • STRAP_ISSUES_URL: the URL where users should file issues (defaults to no URL).
  • STRAP_BEFORE_INSTALL: instructions displayed in the web application for users to follow before installing Strap (wrapped in <li> tags).
  • CUSTOM_HOMEBREW_TAP: an optional Homebrew tap to install with brew tap. Specify multiple arguments to brew tap by separating values with spaces.
  • CUSTOM_BREW_COMMAND: a single brew command that is run after all other stages have completed.

Status

Stable and in active development.

Motivation

Replacing Boxen in GitHub with a better tool. This post outlines the problems with Boxen and requirements for Strap and other tools used by GitHub: https://mikemcquaid.com/2016/06/15/replacing-boxen/


Download Details:

Author: MikeMcQuaid
Source Code: https://github.com/MikeMcQuaid/strap 
License:  MIT License

#bootstrap #macos #xcode

Strap: Bootstrap Your macOS Development System
1.65 GEEK