Created
May 24, 2016 12:10
-
-
Save popsikle/5b29d3c263f29977260bf3f296c919d9 to your computer and use it in GitHub Desktop.
Outset boot-once scripts that wait for network.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # This script sets up the Wireless Connection | |
| # | |
| # Sleeping for 30 seconds to allow the new default User Template folder to be moved into place | |
| sleep 30 | |
| # Determine OS and build version, as well as serial number | |
| osvers=$(sw_vers -productVersion | awk -F. '{print $2}') | |
| sw_vers=$(sw_vers -productVersion) | |
| sw_build=$(sw_vers -buildVersion) | |
| serial_number=`system_profiler SPHardwareDataType | grep 'Serial Number (system)' | awk '{print $NF}'` | |
| # Set Hostname to serial number | |
| scutil --set ComputerName AB-${serial_number} | |
| scutil --set LocalHostName AB-${serial_number} | |
| scutil --set HostName AB-${serial_number} | |
| # Add our wireless network | |
| WIFI=`/usr/sbin/networksetup -listallhardwareports | awk '/^Hardware Port: Wi-Fi/,/^Ethernet Address/' | head -2 | tail -1 | cut -c 9-` | |
| if [[ ${osvers} -ge 7 ]]; then | |
| /usr/sbin/networksetup -addpreferredwirelessnetworkatindex $WIFI $SSID WirelessNet 0 WPA2 password | |
| else | |
| /usr/sbin/networksetup -addpreferredwirelessnetworkatindex AirPort $SSID WirelessNet 0 WPA2 password | |
| fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Just gonna wait until network comes up, or 300 seconds has passed. | |
| # | |
| # Functions | |
| function post_to_slack () { | |
| # format message as a code block ```${msg}``` | |
| SLACK_MESSAGE="\`\`\`$1\`\`\`" | |
| SLACK_URL=https://hooks.slack.com/services/zzz/yyy/zzz | |
| SLACK_ICON=':slack:' | |
| curl -X POST --data "payload={\"text\": \"${SLACK_ICON} ${SLACK_MESSAGE}\"}" ${SLACK_URL} | |
| } | |
| ################## NETWORK WAIT ######################## | |
| echo -n "Waiting for resolvers to come up ..." | |
| count=0 | |
| ping -q -c 1 google.com > /dev/null 2> /dev/null | |
| while [ $? -ne 0 ]; do | |
| count=$((count+1)) | |
| if [ $count -gt 300 ]; then | |
| echo " FAILED" | |
| exit 1 | |
| fi | |
| sleep 1 | |
| ping -q -c 1 google.com > /dev/null 2> /dev/null | |
| done | |
| echo " DONE" | |
| post_to_slack "$(hostname) - Network online, bootstrapping" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Initial setup script for Mac OS X 10.11.x | |
| # | |
| # Adapted from Initial setup script for Mac OS X 10.11.x | |
| # Rich Trouton, created July 29, 2015 | |
| # Last modified 1-21-2016 | |
| # | |
| # Functions | |
| function post_to_slack () { | |
| # format message as a code block ```${msg}``` | |
| SLACK_MESSAGE="\`\`\`$1\`\`\`" | |
| SLACK_URL=https://hooks.slack.com/services/zzz/yyy/zzz | |
| SLACK_ICON=':slack:' | |
| curl -X POST --data "payload={\"text\": \"${SLACK_ICON} ${SLACK_MESSAGE}\"}" ${SLACK_URL} | |
| } | |
| # Determine OS and build version, as well as serial number | |
| osvers=$(sw_vers -productVersion | awk -F. '{print $2}') | |
| sw_vers=$(sw_vers -productVersion) | |
| sw_build=$(sw_vers -buildVersion) | |
| serial_number=`system_profiler SPHardwareDataType | grep 'Serial Number (system)' | awk '{print $NF}'` | |
| if [[ ${osvers} -eq 10 ]]; then | |
| VERSIONNUMBER=4 | |
| elif [[ ${osvers} -ge 11 ]]; then | |
| VERSIONNUMBER=5 | |
| fi | |
| # Do we send shit to apple? | |
| SUBMIT_DIAGNOSTIC_DATA_TO_APPLE=FALSE | |
| SUBMIT_DIAGNOSTIC_DATA_TO_APP_DEVELOPERS=FALSE | |
| # Default to NY Timezone and setup NTP | |
| /usr/sbin/systemsetup -settimezone America/New_York | |
| /usr/sbin/systemsetup -setnetworktimeserver time.apple.com | |
| echo "server 0.pool.ntp.org" >> /etc/ntp.conf | |
| echo "server 1.pool.ntp.org" >> /etc/ntp.conf | |
| # Enables the Mac to set its clock using the network time server(s) | |
| /usr/sbin/systemsetup -setusingnetworktime on | |
| # Disable Time Machine's pop-up message whenever an external drive is plugged in | |
| /usr/bin/defaults write /Library/Preferences/com.apple.TimeMachine DoNotOfferNewDisksForBackup -bool true | |
| # Enable OS X updates to be installed automatically on 10.10.x and later. | |
| /usr/bin/defaults write /Library/Preferences/com.apple.commerce AutoUpdateRestartRequired -bool TRUE | |
| # Disable root login by setting root's shell to /usr/bin/false | |
| # To revert it back to /bin/sh, run the following command: | |
| # /usr/bin/dscl . -change /Users/root UserShell /usr/bin/false /bin/sh | |
| /usr/bin/dscl . -create /Users/root UserShell /usr/bin/false | |
| # Make a symbolic link from /System/Library/CoreServices/Applications/Directory Utility.app | |
| # to /Applications/Utilities so that Directory Utility.app is easier to access. | |
| if [[ ! -e "/Applications/Utilities/Directory Utility.app" ]]; then | |
| ln -s "/System/Library/CoreServices/Applications/Directory Utility.app" "/Applications/Utilities/Directory Utility.app" | |
| fi | |
| if [[ -L "/Applications/Utilities/Directory Utility.app" ]]; then | |
| rm "/Applications/Utilities/Directory Utility.app" | |
| ln -s "/System/Library/CoreServices/Applications/Directory Utility.app" "/Applications/Utilities/Directory Utility.app" | |
| fi | |
| # Make a symbolic link from /System/Library/CoreServices/Applications/Network Utility.app | |
| # to /Applications/Utilities so that Network Utility.app is easier to access. | |
| if [[ ! -e "/Applications/Utilities/Network Utility.app" ]]; then | |
| ln -s "/System/Library/CoreServices/Applications/Network Utility.app" "/Applications/Utilities/Network Utility.app" | |
| fi | |
| if [[ -L "/Applications/Utilities/Network Utility.app" ]]; then | |
| rm "/Applications/Utilities/Network Utility.app" | |
| ln -s "/System/Library/CoreServices/Applications/Network Utility.app" "/Applications/Utilities/Network Utility.app" | |
| fi | |
| # Make a symbolic link from /System/Library/CoreServices/Screen Sharing.app | |
| # to /Applications/Utilities so that Screen Sharing.app is easier to access. | |
| if [[ ! -e "/Applications/Utilities/Screen Sharing.app" ]]; then | |
| ln -s "/System/Library/CoreServices/Applications/Screen Sharing.app" "/Applications/Utilities/Screen Sharing.app" | |
| fi | |
| if [[ -L "/Applications/Utilities/Screen Sharing.app" ]]; then | |
| rm "/Applications/Utilities/Screen Sharing.app" | |
| ln -s "/System/Library/CoreServices/Applications/Screen Sharing.app" "/Applications/Utilities/Screen Sharing.app" | |
| fi | |
| # Set separate power management settings for desktops and laptops | |
| # If it's a laptop, the power management settings for "Battery" are set to have the computer sleep in 15 minutes, disk will spin down | |
| # in 10 minutes, the display will sleep in 5 minutes and the display itslef will dim to half-brightness before sleeping. While plugged | |
| # into the AC adapter, the power management settings for "Charger" are set to have the computer never sleep, the disk doesn't spin down, | |
| # the display sleeps after 30 minutes and the display dims before sleeping. | |
| # | |
| # If it's not a laptop (i.e. a desktop), the power management settings are set to have the computer never sleep, the disk doesn't spin down, the display | |
| # sleeps after 30 minutes and the display dims before sleeping. | |
| # | |
| # Detects if this Mac is a laptop or not by checking the model ID for the word "Book" in the name. | |
| IS_LAPTOP=`/usr/sbin/system_profiler SPHardwareDataType | grep "Model Identifier" | grep "Book"` | |
| if [ "$IS_LAPTOP" != "" ]; then | |
| pmset -b sleep 15 disksleep 10 displaysleep 5 halfdim 1 | |
| pmset -c sleep 0 disksleep 0 displaysleep 30 halfdim 1 | |
| else | |
| pmset sleep 0 disksleep 0 displaysleep 30 halfdim 1 | |
| fi | |
| # Set the login window to name and password | |
| /usr/bin/defaults write /Library/Preferences/com.apple.loginwindow SHOWFULLNAME -bool true | |
| # Disable external accounts (i.e. accounts stored on drives other than the boot drive.) | |
| /usr/bin/defaults write /Library/Preferences/com.apple.loginwindow EnableExternalAccounts -bool false | |
| # Set the ability to view additional system info at the Login window | |
| # The following will be reported when you click on the time display | |
| # (click on the time again to proceed to the next item): | |
| # | |
| # Computer name | |
| # Version of OS X installed | |
| # IP address | |
| # This will remain visible for 60 seconds. | |
| /usr/bin/defaults write /Library/Preferences/com.apple.loginwindow AdminHostInfo HostName | |
| # Sets the "Show scroll bars" setting (in System Preferences: General) | |
| # to "Always" in your Mac's default user template and for all existing users. | |
| # Code adapted from DeployStudio's rc130 ds_finalize script, where it's | |
| # disabling the iCloud and gestures demos | |
| # Checks the system default user template for the presence of | |
| # the Library/Preferences directory. If the directory is not found, | |
| # it is created and then the "Show scroll bars" setting (in System | |
| # Preferences: General) is set to "Always". | |
| for USER_TEMPLATE in "/System/Library/User Template"/* | |
| do | |
| if [ ! -d "${USER_TEMPLATE}"/Library/Preferences ] | |
| then | |
| mkdir -p "${USER_TEMPLATE}"/Library/Preferences | |
| fi | |
| if [ ! -d "${USER_TEMPLATE}"/Library/Preferences/ByHost ] | |
| then | |
| mkdir -p "${USER_TEMPLATE}"/Library/Preferences/ByHost | |
| fi | |
| if [ -d "${USER_TEMPLATE}"/Library/Preferences/ByHost ] | |
| then | |
| /usr/bin/defaults write "${USER_TEMPLATE}"/Library/Preferences/.GlobalPreferences AppleShowScrollBars -string Always | |
| fi | |
| done | |
| # Checks the existing user folders in /Users for the presence of | |
| # the Library/Preferences directory. If the directory is not found, | |
| # it is created and then the "Show scroll bars" setting (in System | |
| # Preferences: General) is set to "Always". | |
| for USER_HOME in /Users/* | |
| do | |
| USER_UID=`basename "${USER_HOME}"` | |
| if [ ! "${USER_UID}" = "Shared" ] | |
| then | |
| if [ ! -d "${USER_HOME}"/Library/Preferences ] | |
| then | |
| mkdir -p "${USER_HOME}"/Library/Preferences | |
| chown "${USER_UID}" "${USER_HOME}"/Library | |
| chown "${USER_UID}" "${USER_HOME}"/Library/Preferences | |
| fi | |
| if [ ! -d "${USER_HOME}"/Library/Preferences/ByHost ] | |
| then | |
| mkdir -p "${USER_HOME}"/Library/Preferences/ByHost | |
| chown "${USER_UID}" "${USER_HOME}"/Library | |
| chown "${USER_UID}" "${USER_HOME}"/Library/Preferences | |
| chown "${USER_UID}" "${USER_HOME}"/Library/Preferences/ByHost | |
| fi | |
| if [ -d "${USER_HOME}"/Library/Preferences/ByHost ] | |
| then | |
| /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/.GlobalPreferences AppleShowScrollBars -string Always | |
| chown "${USER_UID}" "${USER_HOME}"/Library/Preferences/.GlobalPreferences.* | |
| fi | |
| fi | |
| done | |
| # Checks first to see if the Mac is running 10.7.0 or higher. | |
| # If so, the script checks the system default user template | |
| # for the presence of the Library/Preferences directory. | |
| # | |
| # If the directory is not found, it is created and then the | |
| # iCloud and Diagnostic pop-up settings are set to be disabled. | |
| if [[ ${osvers} -ge 7 ]]; then | |
| for USER_TEMPLATE in "/System/Library/User Template"/* | |
| do | |
| /usr/bin/defaults write "${USER_TEMPLATE}"/Library/Preferences/com.apple.SetupAssistant DidSeeCloudSetup -bool true | |
| /usr/bin/defaults write "${USER_TEMPLATE}"/Library/Preferences/com.apple.SetupAssistant GestureMovieSeen none | |
| /usr/bin/defaults write "${USER_TEMPLATE}"/Library/Preferences/com.apple.SetupAssistant LastSeenCloudProductVersion "${sw_vers}" | |
| /usr/bin/defaults write "${USER_TEMPLATE}"/Library/Preferences/com.apple.SetupAssistant LastSeenBuddyBuildVersion "${sw_build}" | |
| done | |
| # Checks first to see if the Mac is running 10.7.0 or higher. | |
| # If so, the script checks the existing user folders in /Users | |
| # for the presence of the Library/Preferences directory. | |
| # | |
| # If the directory is not found, it is created and then the | |
| # iCloud and Diagnostic pop-up settings are set to be disabled. | |
| for USER_HOME in /Users/* | |
| do | |
| USER_UID=`basename "${USER_HOME}"` | |
| if [ ! "${USER_UID}" = "Shared" ] | |
| then | |
| if [ ! -d "${USER_HOME}"/Library/Preferences ] | |
| then | |
| mkdir -p "${USER_HOME}"/Library/Preferences | |
| chown "${USER_UID}" "${USER_HOME}"/Library | |
| chown "${USER_UID}" "${USER_HOME}"/Library/Preferences | |
| fi | |
| if [ -d "${USER_HOME}"/Library/Preferences ] | |
| then | |
| /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeeCloudSetup -bool true | |
| /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant GestureMovieSeen none | |
| /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant LastSeenCloudProductVersion "${sw_vers}" | |
| /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant LastSeenBuddyBuildVersion "${sw_build}" | |
| chown "${USER_UID}" "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant.plist | |
| fi | |
| fi | |
| done | |
| fi | |
| # Set whether you want to send diagnostic info back to | |
| # Apple and/or third party app developers. If you want | |
| # to send diagonostic data to Apple, set the following | |
| # value for the SUBMIT_DIAGNOSTIC_DATA_TO_APPLE value: | |
| # Checks first to see if the Mac is running 10.10.0 or higher. | |
| # If so, the desired diagnostic submission settings are applied. | |
| if [[ ${osvers} -ge 10 ]]; then | |
| CRASHREPORTER_SUPPORT="/Library/Application Support/CrashReporter" | |
| if [ ! -d "${CRASHREPORTER_SUPPORT}" ]; then | |
| mkdir "${CRASHREPORTER_SUPPORT}" | |
| chmod 775 "${CRASHREPORTER_SUPPORT}" | |
| chown root:admin "${CRASHREPORTER_SUPPORT}" | |
| fi | |
| /usr/bin/defaults write "$CRASHREPORTER_SUPPORT"/DiagnosticMessagesHistory AutoSubmit -boolean ${SUBMIT_DIAGNOSTIC_DATA_TO_APPLE} | |
| /usr/bin/defaults write "$CRASHREPORTER_SUPPORT"/DiagnosticMessagesHistory AutoSubmitVersion -int ${VERSIONNUMBER} | |
| /usr/bin/defaults write "$CRASHREPORTER_SUPPORT"/DiagnosticMessagesHistory ThirdPartyDataSubmit -boolean ${SUBMIT_DIAGNOSTIC_DATA_TO_APP_DEVELOPERS} | |
| /usr/bin/defaults write "$CRASHREPORTER_SUPPORT"/DiagnosticMessagesHistory ThirdPartyDataSubmitVersion -int ${VERSIONNUMBER} | |
| /bin/chmod a+r "$CRASHREPORTER_SUPPORT"/DiagnosticMessagesHistory.plist | |
| /usr/sbin/chown root:admin "$CRASHREPORTER_SUPPORT"/DiagnosticMessagesHistory.plist | |
| fi | |
| # Force a screen saver password | |
| osascript -e 'tell application "System Events" to set require password to wake of security preferences to true' | |
| # Turn SSH on | |
| systemsetup -setremotelogin on | |
| # Turn off Gatekeeper | |
| spctl --master-disable | |
| # Disable Gatekeeper's auto-rearm. Otherwise Gatekeeper | |
| # will reactivate every 30 days. When it reactivates, it | |
| # will be be set to "Mac App Store and identified developers" | |
| /usr/bin/defaults write /Library/Preferences/com.apple.security GKAutoRearm -bool false | |
| # Set the RSA maximum key size to 32768 bits (32 kilobits) in | |
| # /Library/Preferences/com.apple.security.plist to provide | |
| # future-proofing against larger TLS certificate key sizes. | |
| # | |
| # For more information about this issue, please see the link below: | |
| # http://blog.shiz.me/post/67305143330/8192-bit-rsa-keys-in-os-x | |
| /usr/bin/defaults write /Library/Preferences/com.apple.security RSAMaxKeySize -int 32768 | |
| post_to_slack "$(hostname) - Setup OSX completed" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Set Crypt2 Settings | |
| /usr/bin/defaults write /Library/Preferences/com.grahamgilbert.crypt ServerURL "https://crypt2.xxx.com" | |
| /usr/bin/defaults write /Library/Preferences/com.grahamgilbert.crypt SkipUsers -array-add xxadmin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Enable Munki | |
| touch /Users/Shared/.com.googlecode.munki.checkandinstallatstartup |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Just gonna post to slack that I am ready! | |
| # | |
| # Functions | |
| function post_to_slack () { | |
| # format message as a code block ```${msg}``` | |
| SLACK_MESSAGE="\`\`\`$1\`\`\`" | |
| SLACK_URL=https://hooks.slack.com/services/zzz/yyy/zzz | |
| SLACK_ICON=':slack:' | |
| curl -X POST --data "payload={\"text\": \"${SLACK_ICON} ${SLACK_MESSAGE}\"}" ${SLACK_URL} | |
| } | |
| post_to_slack "$(hostname) - boot-once scripts complete" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment