# Macbook Notes Just some notes from when fred got a new macbook. ## Prelims Make sure you have a rescue account on your old macbook. JAMF messed with my passwords. ## General steps Install chrome Install bitwarden Install iterm2 (will trigger install of xcode-development-tools) Install alfred Login to chrome Install updates Copy ssh ids, or generate new ones ### First Hurdle, installing brew (sorry, these are from memory so may be approximate) 0. Attempt to follow normal instructions to install brew via curl (not sure if this is necessary) 1. Reboot, and press command-R during boot to enter recovery mode. 2. Start 'disk utility' and mount the disk. 3. Run `chroot /Volumes/Mac\ HD /bin/bash` (name is approximate, I forget the volume name) 4. Run `chown -R user_n_name /usr/local` 5. Reboot 6. Follow normal instrutions to install brew via curl ### Misc Packages ``` brew install vim macvim # will fail brew unlink macvim brew install vim brew install thefuck brew install cowsay fortune eolcat brew install slack git clone git@github.xdr.accenturefederalcyber.com:mdr-engineering/infrastructure-notes.git git clone git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-live.git git clone git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git git clone git@github.xdr.accenturefederalcyber.com:mdr-engineering/msoc-infrastructure.git source .bashrc # pick up changes to path brew install warrensbox/tap/tfswitch tfswitch # Select 0.13.5 tfswitch # Select 0.11.14 brew install warrensbox/tap/tgswitch tgswitch # Install latest (0.28.24 at time of this writing) brew install awscli ``` ### Install saml2aws https://github.xdr.accenturefederalcyber.com/duane-waddle/saml2aws/releases - Uninstall the old version via `brew uninstall saml2aws` - Extract the tarball from the link above, and place the binary somewhere in your path - Run `xattr -d com.apple.quarantine saml2aws` on the binary or you'll get a warning that you can't run it. If PR https://github.com/Versent/saml2aws/pull/793 gets merged, we can revert to using brew. ### Configure saml2aws ``` vim ~/infrastructure-notes/AWS\ Notes.md # Search for 'saml2aws' # Create the ~/.saml2aws file as specified saml2aws login --idp-account=govcloud # Login via username/password, Approve via okta saml2aws login --idp-account=commercial # Login via username/password, Approve via okta ln -s ~/infrastructure-notes/files/config ~/.aws/config # Test aws --profile mdr-test-c2-gov s3 ls ``` ### Validate terraform/terragrunt ``` cd ~/xdr-terraform-live/test/aws-us-gov/mdr-test-c2/006-account-standards tfswitch terragrunt init # these two should make no changes terragrunt apply terragrunt-local apply ``` ### ScaleFT Install scaleft per instrutions in [ScaleFT Notes](ScaleFT%20Notes.md) ### Viscosity Download and install viscosity, add and test both vpns. ### Alfred If you want alfred, install it from the website and not the app store. ### Run OneDrive Get your AFS stuff back ### Update your git info ``` git config --global user.name "Fred Damstra [afs macbook]" git config --global user.email "frederick.t.damstra@accenturefederal.com" ``` ### Add the ssl certificate Run 'Keychain Access' Import files/mdr\ root\ ca.crt Set certificate as trusted ### Browser plugin aws-extend-switch-roles ( See AWS Notes.md ) ### local admin for your user with beyondtrust installed become root dscl . -append /Groups/admin GroupMembership duane.e.waddle undo dscl . -delete /Groups/admin GroupMembership duane.e.waddle ### Install zsh theme for improved cmd prompt in iTerm2 Install powerlevel10k to configure .zsh. This will add git branch to your cmd prompt. https://github.com/romkatv/powerlevel10k ### Use Caffeinate to keep screen from locking ( shhhh ) ``` tmux caffeinate -d Ctrl + b d ``` One liner: `tmux new-session -d -s caffeinate 'caffeinate -d'` ~/.zshrc ``` alias cafe='tmux new-session -d -s caffeinate "caffeinate -d"' alias nap='tmux kill-session -t caffeinate' ```