Everything to bootstrap my Macbook Pro at work, including automation for software packages (Homebrew) and configuration settings.
- Current: Macbook Pro 14 inch, M1 Max, 32 GB RAM, 2021 M1 Silicon architecture.
- The previous setup for the 16 inch, 2019 model can be found at this commit. The setup is explained in-depth in dotfiles - Document and automate your Macbook setup.
The current ZSH theme is Powerlevel10k, detailed in this blog post.
Follow the instructions below to fully setup a Macbook Pro.
Install iterm2 manually from the website, drag it into the Applications folder, start it and add it to the deck.
- Download the Dark and White profiles from this repository
- Navigate into
Settings > Profile. - At the bottom, click on
Other Actionsand selectImport JSON profiles. Import the downloadedDark.jsonfile. - Mark
darkprofile and selectOther Actions > Set as default.
Powerlevel10k fonts for Oh-My-ZSH terminal:
- Download the font files from https://github.com/romkatv/powerlevel10k#manual-font-installation (backup in fonts/).
- Double-click to open them all to follow "Install Font".
Navigate into Settings > Security and Privacy > App Management and allow iTerm2 to modify apps. Otherwise you will see this warning on macOS Ventura 13.4.1.
Warning: Your terminal does not have App Management permissions, so Homebrew will delete and reinstall the app.
This may result in some configurations (like notification settings or location in the Dock/Launchpad) being lost.
To fix this, go to Settings > Security and Privacy > App Management and turn on the switch for your terminal.Install it on the command line first, it will ask for permission.
xcode-select --installsudo vim /private/etc/sudoers.d/mfriedrich
mfriedrich ALL=(ALL) NOPASSWD: ALLFrom the development guidelines: The Gitleaks Git hook is recommended for preventing credentials from being committed.
git clone https://gitlab.com/gitlab-com/gl-security/security-research/gitleaks-endpoint-installer.git "$HOME/.gitlab-gitleaks"
cd "$HOME/.gitlab-gitleaks"
./install_gitleaks.sh
./setup_hook.shUse Google drive and Chrome profile sync to migrate backup data.
Copy the following private secret files in your home directory:
- SSH and GPG Keys in
.ssh/and.gnupg/ - Settings in
.env,.zshrc/,.oh-my-zsh/
cd backup/
cp -r .ssh .gnupg .env .zshrc .oh-my-zsh $HOME/Note:
The
dotenvplugin is enabled in OhMyZSH which automatically reads the.envsettings from the user's home directory.
These steps contain all the remaining setup steps: Homebrew, macOS system settings, applications.
git clone https://gitlab.com/dnsmichi/dotfiles.git
cd dotfilesSync the files into the home directory.
./bootstrap.shApply macOS settings. Review the .macos file before applying.
./.macosInstall Homebrew and OhMyZSH.
./brew_once.shInstall tools and applications with Homebrew bundle.
brew bundleThis makes use of the Brewfile definitions.
These tools are managed outside of Homebrew, and require additional work and documentation.
- Google Chrome - tips handbook
- 1Password
- Zoom
- Claude Desktop - handbook
- Glean - handbook
- Raycast has automated updates enabled.
- Adobe Creative Cloud (Premiere Pro, etc.) - enterprise license
- Screen Studio (approved license) - handbook
- VS Code has automated updates enabled (extensions require newer versions).
- JetBrains IDE Toolbox (license required for IntelliJ IDEA, PyCharm, GoLand, RubyMine, CLion, RustRover, Rider, DataGrip, etc.).
- Arduino IDE: IDE for developing and provisioning Arduino hardware. The CLI is installed via Brewfile.
- Tonny: IDE for the Tufty 2040 badge and other microcontroller projects.
Download and install VS Code manually, due to fast upgrade cycles in the application and extension marketplace.
Configuration: vscode/settings.json (cmd shift p, search for settings json).
Initial setup:
cp vscode/settings.json ~/Library/Application\ Support/Code/User/Notable changes from the default configuration:
- Auto-save enabled:
"files.autoSave": "afterDelay", - Word-wrap enabled:
"editor.wordWrap": "on", - Change font family to
meslolgs nfto print ZSH icons in the VS Code terminal:"terminal.integrated.fontFamily": "meslolgs nf", - GitLab Workflow extension debug enabled:
"gitlab.debug": true,
Sync Light Theme:
- Switch to the profile
light cmd shift p> search forsettings json.- Copy to vscode/vscode/settings-white-for-talk-demos.json
Sync Dark Theme:
- Switch to the profile
default (dark) cmd shift p> search forsettings json.- Copy to vscode/vscode/settings.json
Run the following script to install VS Code extensions:
./vscode-extensions-install.shYou can regenerate the list of extensions using the following command:
code --list-extensions | xargs -L 1 echo code --install-extension > vscode-extensions-install.shManaged as casks in Brewfile.
- Firefox (in order to reproduce UX bugs)
- VLC
- Wireshark
- etc.
mise is installed with Homebrew and helps manage different programming languages and environments.
- GitLab Development Environment
- GitLab Editor Extensions: gitlab-lsp
- GitLab handbook - docsy theme
Global install:
mise use --global node@22 go@1Local install:
mise use node@22This step creates the .tool-versions in the repository which needs to be added to Git.
If .tool-versions exists in the Git repo, you can run the following to setup all dependencies:
mise installTroubleshooting: GDK guide.
For Macbook refreshments, enable the Profile sync functionality and mirror bookmarks, history, auto-completion, etc. This is essential for efficiency.
Extensions:
Open the extensions and record keyboard shortcut commands. I use the emoji search very extensively, and have recorded cmd + 2 as shortcut for faster access.
- Rancher Desktop (provides local Kubernetes, and
dockercompatible CLI) - manual download docker-compose,colima,lima,podmanvia Brewfile
CLI tools managed with Homebrew in Brewfile: Google Cloud, AWS, Hetzner Cloud, Civo Cloud, Azure.
Kubernetes clusters in the cloud can be managed using the GitLab Developer Relations Cloud Resources handbook.
For local container runtimes, I'm using Rancher Desktop, after evaluating other tools in 2022. More tips can be found in the GitLab handbook.
Lima and Colima are installed for local Linux VM demos and workshops, via Brewfile.
These are manual settings as they require user awareness.
Enable Encryption (required for GitLab team members). See here for detailed instructions.
1Password8 overrides the screenshot shortcut cmd+shift+4+space by default. Replace it with something else, or clear it in Settings > General > Keyboard Shortcuts.
Follow https://developer.1password.com/docs/cli/shell-plugins/aws/ to
- Install the 1Password CLI
- Connect 1Password CLI with the 1Password app
- Run
op signinandop plugin init aws
The required ZSH environment is sourced via .oh-my-zsh/custom/1password.zsh.
Settings > Keyboard > Keyboard Shortcuts:
- Disable all Spotlight options in preparation for enabling Raycast as default shortcut using
cmd + space.
Start Raycast from the Applications folder in Finder, and change the hotkey to Cmd+Space.
Ensure that Spotlight is disabled in the system preferences.
Open Finder and navigate into Settings > Sidebar to add
- User home (user name)
- System root (Macbook name)
https://handbook.gitlab.com/handbook/tools-and-tips/zoom/
Settings > General: Untick Ask me to confirm when I leave a meeting.
Settings > Audio: Tick Mute my mic when joining.
Settings > Keyboard Shortcuts: Mute/Unmute my audio: cmd 1.
Documentation for initial settings:
- Create a new profile in
Settings > ProfilenamedDarkColors > Color presets > Dark backgroundSession > Status bar enabledandConfigure Status Bar. Addgit state,CPU utilization,Memory utilization. ClickAuto-Rainbow.
- Mark
darkprofile and selectOther Actions > Set as default. - Export the Dark profile as JSON and upload into the iterm2 directory.
Note: This is persisted in the iterm2 profile already.
Navigate to iterm2 Settings > Profiles > Text > Font and search for Meslo to select the font. Save and restart iTerm2.
More insights can be found in these lists, thanks to them for their inspiration :)
Follow the one-line installation and use mise (requirement since 2025-04).
Alternatively, use GDK-in-a-box with Docker containers.
The CI/CD pipelines for GitLab docs use linting which can be installed locally to test problems faster.
yarn global add markdownlint-cli2
yarn global add markdownlint-cli
mise plugin add vale && mise install vale
The VS Code editor integration is managed through vscode-extensions-install.sh.
cd ~/dev/work/gitlab-org/gitlab
yarn install
./scripts/lint-doc.shInstall Golang to setup the development environment. Export the variables GITLAB_TOKEN and GITLAB_TEST_HOST to run all integration tests.
export GITLAB_TOKEN=xxx
# GitLab CLI dev tests
# https://gitlab.com/dnsmichi/test
export GITLAB_TEST_HOST=https://gitlab.com
make
make testTo interact with Duo Agent Platform: GitLab Duo CLI in the Dev Advocacy Handbook
Anything that runs in the infrastructure and needs to be automated.
See ansible/ for details.
Note: The Embedded DevSecOps environment Ansible playbooks are located in https://gitlab.com/gitlab-da/use-cases/embedded/embedded-devsecops/environments/dnsmichi-embedded-devsecops-environment
brew upgradecd ~/.oh-my-zsh
git pull
cd ~/.oh-my-zsh/custom/themes/powerlevel10k
git pullOn major version upgrades, binaries might be incompatible or need a local rebuild. You can enforce a reinstall by running the two commands below, the second command only reinstalls all application casks.
brew reinstall $(brew list)
brew reinstall $(brew list --cask)When Xcode and compilers break, re-install the command line tools.
sudo rm -rf /Library/Developer/CommandLineTools
sudo xcode-select --installxcrun: error: invalid active developer pathYou need to explicity agree to the terms of services for the developer tools.
xcode-select --installThe settings in .macos use macOS internal APIs on the command line. Sometimes the configuration settings change, for example with the Trackpad on macOs Ventura.
To debug and capture which settings are in effect, create a new Git repository somewhere, and persist the system settings output.
mkdir $HOME/dev/work/system-settings
cd $HOME/dev/work/system-settings
git init
defaults read > settings.txt
git add settings.txt
git commit -av -m "Initial settings"Then navigate into the Systems settings GUI, change parameters, export the system settings into the same file, and analyze the Git diff to figure out the correct parameter names and values.
defaults read > settings.txt
git diffExample with Trackpad and right-click:
"com.apple.AppleMultitouchTrackpad" = {
ActuateDetents = 1;
- Clicking = 0;
+ Clicking = 1;
DragLock = 0;
Dragging = 0;
FirstClickThreshold = 1;
ForceSuppressed = 0;
SecondClickThreshold = 1;
- TrackpadCornerSecondaryClick = 0;
+ TrackpadCornerSecondaryClick = 2;
TrackpadFiveFingerPinchGesture = 2;
TrackpadFourFingerHorizSwipeGesture = 2;
TrackpadFourFingerPinchGesture = 2;
@@ -463,7 +464,7 @@
TrackpadHorizScroll = 1;
TrackpadMomentumScroll = 1;
TrackpadPinch = 1;
- TrackpadRightClick = 1;
+ TrackpadRightClick = 0;
TrackpadRotate = 1;
TrackpadScroll = 1;
TrackpadThreeFingerDrag = 0;Requiring the current settings to be changed to https://gitlab.com/dnsmichi/dotfiles/-/commit/f16809989ba2d65fc73e1274356b6f2c6cfde1db in June 2023.
The magic keyboard with Touch ID may not work after the Macbook went to sleep.
- https://www.reddit.com/r/mac/comments/13hd4aa/magic_keyboard_with_touch_id_no_working_after/
- https://www.reddit.com/r/macmini/comments/12cw4mf/touch_id_issues_on_mac_mini_m2/
- https://support.apple.com/en-us/HT212225#:~:text=For%20Magic%20Keyboard%20with%20Touch,Restart%20your%20Mac
The main repository is hosted on GitLab.com, mirrored to GitHub.com: https://gitlab.com/dnsmichi/dotfiles