AI21Labs/strap

AI21Labs/strap

Description: :boot: Bootstrap your macOS development system.

Language: Shell

License: MIT

Stars: 0

Forks: 0

Open issues: 0

Created: 2017-11-13T20:35:59Z

Pushed: 2019-02-19T14:10:14Z

Default branch: master

Fork: yes

Parent repository: MikeMcQuaid/strap

Archived: yes

README:

Strap

A script to bootstrap a minimal macOS development system. This does not assume you're doing Ruby/Rails/web development but installs the minimal set of software every macOS developer will want.

Motivation

Replacing Boxen in GitHub with a better tool. This post outlines the problems with Boxen and requirements for Strap and other tools used by GitHub: https://mikemcquaid.com/2016/06/15/replacing-boxen/

Features

• Disables Java in Safari (for better security)
• Enables the macOS screensaver password immediately (for better security)
• Enables the macOS application firewall (for better security)
• Adds a Found this computer? message to the login screen (for machine recovery)
• Enables full-disk encryption and saves the FileVault Recovery Key to the Desktop (for better security)
• Installs the Xcode Command Line Tools (for compilers and Unix tools)
• Agree to the Xcode license (for using compilers without prompts)
• Installs Homebrew (for installing command-line software)
• Installs Homebrew Bundle (for bundler-like Brewfile support)
• Installs Homebrew Services (for managing Homebrew-installed services)
• Installs Homebrew Cask (for installing graphical software)
• Installs the latest macOS software updates (for better security)
• Installs dotfiles from a user's https://github.com/username/dotfiles repository and runs script/setup to configure them.
• Installs software from a user's Brewfile in their https://github.com/username/homebrew-brewfile repository or .Brewfile in their home directory.
• A simple web application to set Git's name, email and GitHub token (needs authorized on any organisations you wish to access)
• Idempotent

Out of Scope Features

• Enabling any network services by default (instead enable them when needed)
• Installing Homebrew formulae by default for everyone in an organisation (install them with Brewfiles in project repositories instead of mandating formulae for the whole organisation)
• Opting-out of any macOS updates (Apple's security updates and macOS updates are there for a reason)
• Disabling security features (these are a minimal set of best practises)
• Add phone number to security screen message (want to avoid prompting users for information on installation)

Usage

Open https://macos-strap.herokuapp.com/ in your web browser.

Instead, to run Strap locally run:

git clone https://github.com/MikeMcQuaid/strap
cd strap
bash bin/strap.sh # or bash bin/strap.sh --debug for more debugging output

Instead, to run the web application locally run:

git clone https://github.com/MikeMcQuaid/strap
cd strap
GITHUB_KEY="..." GITHUB_SECRET="..." ./script/server

Instead, to deploy to Heroku click:


Web Application Configuration Environment Variables

• GITHUB_KEY: the GitHub.com Application Client ID.
• GITHUB_SECRET: the GitHub.com Application Client Secret.
• SESSION_SECRET: the secret used for cookie session storage.
• WEB_CONCURRENCY: the number of Unicorn (web server) processes to run (defaults to 3).
• STRAP_ISSUES_URL: the URL where users should file issues (defaults to https://github.com/MikeMcQuaid/strap/issues/new).
• STRAP_BEFORE_INSTALL: instructions displayed in the web application for users to follow before installing Strap (wrapped in `` tags).
• CUSTOM_HOMEBREW_TAP: an optional Homebrew tap to install with brew tap. Specify multiple arguments to brew tap by separating values with spaces.
• CUSTOM_BREW_COMMAND: a single brew command that is run after all other stages have completed.

Status

Stable and in active development.

Contact

[Mike McQuaid](mailto:mike@mikemcquaid.com)

License

Licensed under the MIT License. The full license text is available in LICENSE.txt.