Those files are the ansible playbooks and roles I use to manage my local macOS machine (currently a MBP). When I found myself reconfiguring the same stuff over and over again, whenever I created a new user on my system, I made my decision to invest time into automating all those steps.
In my opinion ansible offers mainly four advantages:
- Oranization: With ansible you are encouraged to organize your concerns. E.g. it takes care of automatically including files at the right position
- Orchestration: ansible can run the same tasks on many hosts. It manages all the trouble of connecting to those hosts and executing the tasks.
- Granulation: With ansible one can adavance step by step or exclude tasks from beeing run (e.g. using tags)
- Idempotency: ansible encourages to write idempotent tasks.
The project is organized on three abstraction levels: tasks, roles and playbooks. Tasks are like one command in a script. A role is a collection of tasks and a playbook is a connection between tasks and roles on one side and hosts on the other side.
Currently there are the following roles:
| Role | Description |
|---|---|
| appmanager | Makes sure a local app manager exists. A local app manager is a system user (uid <= 500), who has no administrator rights on the system, besides installing those apps, which do not need any special rights. |
| homebrew | Ensure homebrew is installed on the local machine. Homebrew needs a folder, where it can be installed to and a link in /usr/local/bin. |
and the following playbooks:
| Playbook | Roles used | Description |
|---|---|---|
| appmanagement | appmanager | Ensures an easy and more secure way of app installation on the system by a local app manager |
Just get a copy of the repository or clone it:
# In Terminal.app:
# clone the repo
git clone https://github.com/rqelibari/ansible-osx-playbooks.git ./ansible-osx-playbooks
# switch to the new directory
cd ./ansible-osx-playbooks
Then choose a playbook you want to run and execute the following from inside the repository directory:
./ansible-playbook.pex -i ./hosts {{playbook-to-run}}.yml --ask-vault-pass
Replace {{playbook-to-run}} with the name of the playbook, you want to run.
Important: The vault pass for vaults in this repo is vaultPassword