Preferences

My shell and programms settings

Map

💰 - Paid or trial app
🆓 - Free with conditions app
- Link to GitHub repo of app

Installation

Essentials

Open Terminal

Download this repo

git clone --depth=1 --shallow-submodules --recurse-submodules --remote-submodules https://github.com/REDNBLACK/preferences.git Preferences
echo "export DOTPREFSDIR=$(cd Preferences && pwd)" | sudo tee -a /etc/zshenv > /dev/null
exec zsh

Setup Homebrew [] & mas-cli & cask-upgrade

bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
brew analytics off
brew tap {homebrew/cask-versions,homebrew/bundle,buo/cask-upgrade}
brew install mas

# Symlink custom Formulaes, Casks and Patches
mkdir -p $HOMEBREW_REPOSITORY/Library/Taps/rednblack && ln -fs $DOTPREFSDIR/homebrew "$_/homebrew-tap"

Setup Git [] & Git LFS [] & GitHub

# Patch git formula, removing gettext and pcre2 dependencies and install
brew patch rednblack/tap git
brew install rednblack/tap/git --build-from-source

brew install git-lfs
ln -fs $DOTPREFSDIR/git ~/.config/git

# After generation of Personal Access Token (Classic)
security add-internet-password -l GitHub -s github.com -r htps -a %GitHub Account Name% -w %GitHub Account Token%

Setup Fira Code (+Nerd) & Meslo Nerd

brew install --cask homebrew/cask-fonts/font-{fira-code,fira-code-nerd-font,meslo-lg-nerd-font}

Setup zsh [] & zinit [] & PowerLevel10K & zsh-autosuggestions & zsh-fast-syntax-highlighting

brew install zsh # ⚠️ Command may be skipped in case of actual preinstalled zsh version
ln -fs $DOTPREFSDIR/zsh ~/.config/zsh
echo "export ZDOTDIR=$HOME/.config/zsh" | sudo tee -a /etc/zshenv > /dev/null
echo "export PATH=$(brew shellenv | sed -nE 's:^export PATH="([^"$]*).*".*$:\1:p'):/Library/Developer/CommandLineTools/usr/bin:\$PATH" | sudo tee -a /etc/zshenv > /dev/null

# Set as default shell ⚠️ Command may be skipped in case of actual preinstalled zsh version
which zsh | sudo tee -a /etc/shells > /dev/null
chsh -s $(which zsh)

# Set as default shell (alternative) ⚠️ Command may be skipped in case of actual preinstalled zsh version
sudo dscl . -create ~ UserShell $(which zsh)

Setup iTerm []

brew install --cask iterm2

# Variant 1
ln -fs $DOTPREFSDIR/iterm2/com.googlecode.iterm2.plist ~/Library/Preferences/com.googlecode.iterm2.plist

# Variant 2
defaults write com.googlecode.iterm2 LoadPrefsFromCustomFolder -bool YES
defaults write com.googlecode.iterm2 PrefsCustomFolder "$DOTPREFSDIR/iterm2"

# Set files association
internal set-file-assoc iTerm com.googlecode.iterm2 $DOTPREFSDIR/iterm2/file-assoc.list

Setup Tools

cat with rainbows!
```
brew install lolcat-rust
```

ls on steroids

# Patch eza formula, removing libgit2, libssh2, openssl@3 dependencies and install
brew patch rednblack/tap eza
brew install rednblack/tap/eza --build-from-source
brew smartremove eza && rm -rf "$(brew --prefix)"/etc/{openssl@3,ca-certificates}

grep modern alternative (depends on pcre2)
```
brew install ripgrep
```
man in TL;DR variant
```
brew install tealdeer
```
Set files association
```
brew install duti
```

Process JSON via CLI

# Patch jq formula, removing oniguruma dependencies and install
brew patch rednblack/tap jq
brew install rednblack/tap/jq --build-from-source

Correct errors in previous commands (depends on python)
```
brew install thefuck
```

Setup macOS
```
. $DOTPREFSDIR/macOS/conf.zsh
```

Security

Setup Yubikey Manager [] + Authenticator []

brew install --cask yubico-{yubikey-manager,authenticator}

# Add Manager CLI to Path
cat > ${HOMEBREW_PREFIX}/bin/ykman <<EOF
#!/bin/bash
export PYTHONHOME=""
exec '/Applications/$(brew info yubico-yubikey-manager --json=v2 | jq -r '.casks[].name | .[0]').app/Contents/MacOS/ykman' "\$@"
EOF
chmod +x ${HOMEBREW_PREFIX}/bin/ykman

[💰] Setup Strongbox []
```
mas install 1481853033
```

Setup GPG Suite []

brew install --cask gpg-suite-no-mail
defaults write org.gpgtools.updater SUEnableAutomaticChecks -bool NO
defaults write org.gpgtools.gpgkeychain DoNotShowUploadDialogAgain -bool YES
defaults write org.gpgtools.common UseKeychain -bool YES

# Enable Touch ID
ln -fs $DOTPREFSDIR/pgp/gpg-agent.conf ~/.config/pgp/gpg-agent.conf
pkill -9 -f pinentry-swift 2> /dev/null || true && swiftc $DOTPREFSDIR/pgp/pinentry-swift.swift -enable-bare-slash-regex -o $HOMEBREW_PREFIX/bin/pinentry-swift

# Secure SSH
ln -fs $DOTPREFSDIR/pgp/ssh.conf ~/.config/ssh/client_config
sudo sed -i '' -n -e '/^Include \/Users\/\*\*\/.*$/!p' -e '$a\'$'\n\\\n# Load Custom Config. DO NOT EDIT\\\nInclude /Users/**/.config/ssh/client_config' /etc/ssh/ssh_config
sudo sed -i '' -n -e '/^Include \/Users\/\*\*\/.*$/!p' -e '$a\'$'\n\\\n# Load Custom Config. DO NOT EDIT\\\nInclude /Users/**/.config/ssh/daemon_config' /etc/ssh/sshd_config
## > Variant 1: Disabled Password Auth, Key Only
ln -fs $DOTPREFSDIR/pgp/sshd-key.conf ~/.config/ssh/daemon_config
## > Variant 2: Auth via Password + 2FA
ln -fs $DOTPREFSDIR/pgp/sshd-otp.conf ~/.config/ssh/daemon_config
brew install --ignore-dependencies google-authenticator-libpam
google-authenticator -t -D -Cfq -w 17 -r 3 -R 30 -s ~/.config/ssh/google_authenticator
sudo sed -i '.old' -e '6s;^;auth       required       /usr/local/opt/google-authenticator-libpam/lib/security/pam_google_authenticator.so secret=/Users/${USER}/.config/ssh/google_authenticator\n;' /etc/pam.d/sshd

# Remove bloat
sudo rm -rf /Library/PreferencePanes/GPGPreferences.prefPane && sudo rm -f /Library/LaunchAgents/org.gpgtools.{updater,macgpg2.fix,macgpg2.updater,Libmacgpg.xpc}.plist

Setup secure DNS over HTTPS/TLS/QUIC

Popular DNS over HTTPS/TLS

Set var config to config name from repo (for example cloudflare-https)

curl -LSs -o 'DoH.mobileconfig' "https://raw.githubusercontent.com/paulmillr/encrypted-dns/master/profiles/${config}.mobileconfig" && \
open -a ProfileHelper DoH.mobileconfig && \
open "x-apple.systempreferences:com.apple.preferences.configurationprofiles" && \
rm DoH.mobileconfig

In the Profiles window press 'Install...'

[🆓] NextDNS []

Set vars id - to your configuration id, name - to device name and model - to one of values from here (for example Apple MacBookPro11,1)

curl -GLSs -o 'NextDNS.mobileconfig' 'https://api.nextdns.io/apple/profile' \
  -d "configuration=${id}" \
  --data-urlencode "device_name=${name}" \
  --data-urlencode "device_model=${model}" \
  -d "sign=${sign:-0}" \
  -d "trust_ca=${trust:-0}" \
  -d "bootstrap_ips=${bootstrap:-0}" \
  -d "prohibit_disablement=${supervised:-0}" && \
open -a ProfileHelper NextDNS.mobileconfig && \
open "x-apple.systempreferences:com.apple.preferences.configurationprofiles" && \
rm NextDNS.mobileconfig

In the Profiles window press 'Install...'

brew install nextdns/tap/nextdns

Setup Orbot []
```
mas install 1609461599
```

[🆓] Setup Lantern []

brew install --cask lantern
cp -f $DOTPREFSDIR/lantern/settings.yaml ~/Library/Application\ Support/Lantern/settings.yaml

Setup misc

# Enable sudo auth via Touch ID (⚠️ Must be done after every system update)
sudo sed -i '.old' -e '2s;^;auth       sufficient     pam_tid.so\n;' /etc/pam.d/sudo

# Allow applications downloaded from anywhere (⚠️ Must be done after every system update)
sudo spctl --master-disable

# Disable annoying root password request on every LaunchAgent launch (⚠️ Must be done after every system update)
security authorizationdb write com.apple.system-extensions.admin allow

# Disable library validation (⚠️ USE YOUR BRAIN, also must be done after every system update)
sudo defaults write /Library/Preferences/com.apple.security.libraryvalidation.plist DisableLibraryValidation -bool true

# Cleanup conflicting configs for bash/zsh (⚠️ Must be done after every system update)
sudo rm -f /etc/zshrc_Apple_Terminal /etc/zshrc /etc/zprofile /etc/bashrc_Apple_Terminal /etc/bashrc /etc/profile

Development

[🆓] Setup Sublime Text 4 []

brew install --cask sublime-text
ln -fs $DOTPREFSDIR/sublime-text/conf ~/Library/Application\ Support/Sublime\ Text/Packages/User

# Install license
cp -f "**Path to License.sublime_license file**" ~/Library/Application\ Support/Sublime\ Text/Local/License.sublime_license

# Set files association
internal set-file-assoc SublimeText com.sublimetext.4 $DOTPREFSDIR/sublime-text/file-assoc.list

[🆓] Setup JetBrains Toolbox []

brew install --cask jetbrains-toolbox
ln -fs $DOTPREFSDIR/jb-toolbox/conf.json ~/Library/Application\ Support/JetBrains/Toolbox/.settings.json
ln -fs $DOTPREFSDIR/jb-toolbox/storage.json ~/Library/Application\ Support/JetBrains/Toolbox/.storage.json

Next download IntelliJ IDEA Ultimate
Install plugins for IntelliJ IDEA
¯_(ツ)_/¯

Setup Docker [] & Helm []

brew install --cask docker
brew install helm

# After generation of Access Token
security add-internet-password -l Docker\ Hub -s docker.com -r htps -a %Docker Account Name% -w %Docker Account Token%

Setup Java Eclipse Temurin [] & GraalVM [] & JMC [] & sbt []

brew install --cask temurin{8,17} graalvm-jdk
brew install --cask openjdk-jmc
brew install sbt

# Switch JDK version to `8` or `17` or `graal`
jdk 17

Setup Python []

ln -fs /Library/Developer/CommandLineTools/usr/bin/python3 $HOMEBREW_PREFIX/bin/python
ln -fs /Library/Developer/CommandLineTools/usr/bin/pip3 $HOMEBREW_PREFIX/bin/pip

Setup Rust rustup []

curl -L https://sh.rustup.rs | bash -s -- --profile default --default-toolchain nightly -y --no-modify-path

Setup Node.js n [] & pnpm []

curl -L https://raw.githubusercontent.com/mklement0/n-install/stable/bin/n-install | bash -s -- -n -y lts
corepack enable npm pnpm

Setup RapidAPI & grpcurl & ngrok

brew install --cask rapidapi
brew install grpcurl
brew install --cask ngrok

Setup Postgres App []
```
brew install --cask postgres
```

Productivity

Setup Apple Configurator 2
```
mas install 1037126344
```

Setup Cheatsheet

brew install --cask cheatsheet
defaults import com.mediaatelier.CheatSheet $DOTPREFSDIR/cheatsheet/conf.plist

[💰] Setup BetterTouchTool

brew install --cask bettertouchtool
defaults import com.hegenberg.BetterTouchTool $DOTPREFSDIR/btt/conf.plist

# Install license
cp -f "**Path to license.bettertouchtool file**" ~/Library/Application\ Support/BetterTouchTool/bettertouchtool.bttlicense

Setup Touchbar Nyan Cat
```
brew install --cask touchbar-nyancat
```

System

[🆓] Setup Nimble Commander

brew install --cask nimble-commander
ln -fs $DOTPREFSDIR/nimble-commander/conf.json ~/Library/Application\ Support/Nimble\ Commander/Config/Config.json
defaults import info.filesmanager.Files $DOTPREFSDIR/nimble-commander/conf.plist

# Set as default file viewer
defaults write -g NSFileViewer -string info.filesmanager.Files
defaults write com.apple.LaunchServices/com.apple.launchservices.secure LSHandlers -array-add '{LSHandlerContentType="public.folder";LSHandlerRoleAll="info.filesmanager.Files";}'

# Install license
cp -f "**Path to License.nimblecommanderlicense file**" ~/Library/Application\ Support/Nimble\ Commander/registration.nimblecommanderlicense

Setup Keka []

brew install --cask keka
defaults import com.aone.keka $DOTPREFSDIR/keka/conf.plist

# Set file association (w/o using kekadefaultapp)
internal set-file-assoc Keka com.aone.keka $DOTPREFSDIR/keka/file-assoc.list

[💰] Setup iStat Menus []

brew install --cask istat-menus
defaults import com.bjango.istatmenus6.extras $DOTPREFSDIR/istat-menus/conf.plist

# Install license
defaults write com.bjango.istatmenus license6 -dict email '**License email**' serial '**License serial key**'

Setup OnyX
```
brew install --cask onyx
```
[💰] Setup DaisyDisk
```
brew install --cask daisydisk
```
Setup Wineskin
```
brew install --cask gcenx/wine/wineskin
```
[💰] Setup Apple Remote Desktop
```
mas install 409907375
```

Network

Setup Brave Browser
- ```
brew install --cask brave-browser
```
- Install plugins, theme and StartPage search engine
- Import uBlock Origin settings

Setup Transmission []

brew install --cask transmission
defaults import org.m0k.transmission $DOTPREFSDIR/transmission/conf.plist

[🆓] Setup Wi-Fi Explorer
```
brew install --cask wifi-explorer
```

Social

Setup Signal []
```
brew install --cask signal
```
Setup KTalk
```
brew install --cask ktalk
```

[💰] Setup Krisp

brew install --cask krisp

# Disable autostart
rm -f ~/Library/LaunchAgents/krisp.plist

[💰] Setup Proton Mail - Bridge Headless, with patched hostname resolve []
```
cd $DOTPREFSDIR/protonmail-bridge && ./install.zsh
```

Entertainment

[🆓] Setup Spotify []
```
brew install --cask spotify
```
[🆓] Setup MP3Tag
```
mas install 1532597159
```
Setup Subler & HandBrake [] & FFmpeg & MKVToolNix
```
brew install --cask video-toolbox
```

Setup MediaInfo

# Ugly but free
brew install --cask mediainfo

# For Native UI
mas install 510620098

Mobile

Setup Sideloadly
```
brew install --cask sideloadly
```

[💰] Setup WALTR PRO

brew install --cask waltr-pro
defaults import com.softorino.waltrpro $DOTPREFSDIR/waltr/conf.plist

# ~/Library/Application\ Support/WALTR\ PRO/.alticense && /Users/Shared/WALTR PRO/.alticense

REDNBLACK / preferences