You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
80 lines
2.4 KiB
80 lines
2.4 KiB
- name: Set up macOS
|
|
hosts: all
|
|
tasks:
|
|
|
|
- name: Create ~/Library directories
|
|
ansible.builtin.file:
|
|
path: ~/Library/{{ item }}
|
|
state: directory
|
|
mode: '0755'
|
|
loop:
|
|
- Colors
|
|
- Dictionaries
|
|
- KeyBindings
|
|
|
|
- name: Symlink Emacs-style keybindings for OS X
|
|
ansible.builtin.file:
|
|
src: ~/.dotfiles/macos/DefaultKeyBinding.dict
|
|
dest: ~/Library/KeyBindings/DefaultKeyBinding.dict
|
|
state: link
|
|
|
|
- name: Symlink OS X colors palettes
|
|
ansible.builtin.file:
|
|
src: "{{ item }}"
|
|
dest: ~/Library/Colors/{{ item | basename }}
|
|
state: link
|
|
with_fileglob: ~/.dotfiles/macos/colors/*
|
|
|
|
- name: Install Webster's 1913 dictionary
|
|
ansible.builtin.copy:
|
|
src: ~/.dotfiles/macos/websters-1913.dictionary/
|
|
dest: ~/Library/Dictionaries/websters-1913.dictionary
|
|
mode: '644'
|
|
|
|
- name: Enable Touch ID for sudo
|
|
become: true
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/pam.d/sudo
|
|
insertafter: '^auth\s+sufficient'
|
|
regexp: '^auth\s+sufficient\s+pam_tid.so$'
|
|
line: "auth\t\tsufficient\tpam_tid.so"
|
|
|
|
- name: Enable Touch ID for sudo in tmux
|
|
become: true
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/pam.d/sudo
|
|
insertbefore: '^auth\tsufficient\tpam_tid.so'
|
|
regexp: '^auth\s+optional\s+.*pam_reattach.so$'
|
|
line: "auth\t\toptional\t/opt/homebrew/lib/pam/pam_reattach.so"
|
|
|
|
# https://github.com/tmux/tmux/issues/2262
|
|
- name: Fix tmux-256color terminfo
|
|
block:
|
|
- name: Create temporary file
|
|
ansible.builtin.tempfile:
|
|
state: file
|
|
register: tempfile
|
|
- name: Create terminfo source file
|
|
ansible.builtin.copy:
|
|
src: macos/tmux-256color
|
|
dest: "{{ tempfile.path }}"
|
|
mode: '644'
|
|
- name: Install terminfo
|
|
ansible.builtin.command: /usr/bin/tic -x {{ tempfile.path }}
|
|
changed_when: true
|
|
- name: Delete temporary file
|
|
ansible.builtin.file:
|
|
path: "{{ tempfile.path }}"
|
|
state: absent
|
|
|
|
# https://infosec.exchange/@briankrebs/111434555426146154
|
|
- name: Change TTL to 65 for fooling tethering detection
|
|
become: true
|
|
ansible.builtin.command: sysctl -w {{ item }}=65
|
|
loop:
|
|
- net.inet.ip.ttl
|
|
- net.inet6.ip6.hlim
|
|
changed_when: true
|
|
|
|
# vim: ft=yaml.ansible
|