- name: Set up macOS hosts: all tasks: - name: Create ~/Library directories ansible.builtin.file: path: ~/Library/{{ item }} state: directory mode: '0755' loop: - Colors - Dictionaries - KeyBindings - name: Symlink Emacs-style keybindings for OS X ansible.builtin.file: src: ~/.dotfiles/macos/DefaultKeyBinding.dict dest: ~/Library/KeyBindings/DefaultKeyBinding.dict state: link - name: Symlink OS X colors palettes ansible.builtin.file: src: "{{ item }}" dest: ~/Library/Colors/{{ item | basename }} state: link with_fileglob: ~/.dotfiles/macos/colors/* - name: Install Webster's 1913 dictionary ansible.builtin.copy: src: ~/.dotfiles/macos/websters-1913.dictionary/ dest: ~/Library/Dictionaries/websters-1913.dictionary mode: '644' - name: Enable Touch ID for sudo become: true ansible.builtin.lineinfile: path: /etc/pam.d/sudo insertafter: '^auth\s+sufficient' regexp: '^auth\s+sufficient\s+pam_tid.so$' line: "auth sufficient pam_tid.so" - name: Enable Touch ID for sudo in tmux become: true ansible.builtin.lineinfile: path: /etc/pam.d/sudo insertbefore: '^auth\tsufficient\tpam_tid.so' regexp: '^auth\s+optional\s+.*pam_reattach.so$' line: "auth optional /opt/homebrew/lib/pam/pam_reattach.so" # https://github.com/tmux/tmux/issues/2262 - name: Fix tmux-256color terminfo block: - name: Create temporary file ansible.builtin.tempfile: state: file register: tempfile - name: Create terminfo source file ansible.builtin.copy: src: macos/tmux-256color dest: "{{ tempfile.path }}" mode: '644' - name: Install terminfo ansible.builtin.command: /usr/bin/tic -x {{ tempfile.path }} changed_when: true - name: Delete temporary file ansible.builtin.file: path: "{{ tempfile.path }}" state: absent # https://infosec.exchange/@briankrebs/111434555426146154 - name: Change TTL to 65 for fooling tethering detection become: true ansible.builtin.command: sysctl -w {{ item }}=65 loop: - net.inet.ip.ttl - net.inet6.ip6.hlim changed_when: true # vim: ft=yaml.ansible