default.config.yml

---
downloads: ~/.ansible-downloads/

# Whether or not to set no_log to hide output for included config.yml file.
config_no_log: true

### Homebrew ###
# See `geerlingguy.mac.homebrew` role documentation for usage instructions.
# https://github.com/geerlingguy/ansible-collection-mac/blob/master/roles/homebrew/README.md
configure_homebrew: true
homebrew_upgrade_all_packages: false
homebrew_installed_packages:

  ######
  ### NOTE: before uncommenting and installing any formula listed below,
  ### confirm if a Cask installation is available and should be used instead,
  ### e.g. `docker`, `nano`.
  ######

  ### Provisioning - Ansible installed with `pip` initially.
  - ansible  # Automate deployment, configuration, and upgrading

  ### Shells
  - bash  # Bourne-Again SHell, a UNIX command interpreter
  # - bash-completion  # Programmable completion for Bash 3.2
  - bash-completion@2  # Programmable completion for Bash 4.2+
  # - fish  # User-friendly command-line shell for UNIX-like operating systems
  - shellcheck  # Static analysis and lint tool, for (ba)sh scripts
  # - zsh-completions  # Additional completion definitions for zsh
  - tmux  # Terminal multiplexer
  # - tpm  # Plugin manager for tmux

  # GNU utils / updated version of OS X tools
  # - autoconf  # Automatic configure script builder
  # - binutils  # GNU binary tools for native development
  - coreutils  # GNU File, Shell, and Text utilities
  - findutils  # Collection of GNU find, xargs, and locate
  - gettext  # GNU internationalization (i18n) and localization (l10n) library
  - gmp  # GNU multiple precision arithmetic library
  - gnu-sed  # GNU implementation of the famous stream editor
  - gnupg  # GNU Pretty Good Privacy (PGP) packag
  - gpatch  # Apply a diff file to an original
  - grep  # GNU grep, egrep and fgrep
  - moreutils  # Collection of tools that nobody wrote when UNIX was young
  # - mcrypt  # Replacement for the old crypt package and crypt(1) command
  # - nano  # Free (GNU) replacement for the Pico text editor
  - screen  # Terminal multiplexer with VT100/ANSI terminal emulation

  ### Other tools
  # - grc  # Colorize logfiles and command output
  # - lsd  # Clone of ls with colorful output, file type icons, and more
  - tcl-tk  # Tool Command Language
  - tldr  # Simplified and community-driven man page
  - tree  # Display directories as trees (with optional color/HTML output)
  # - z  # Tracks most-used directories to make cd smarter
  # - zsh-history-substring-search  # Zsh port of Fish shell's history search

  ### Events and watchers
  # - entr  # Run arbitrary commands when files change
  - libevent  # Asynchronous event library
  # - watchman  # Watch files and take action when they change

  ### SSH
  # - openssh  # OpenBSD freely-licensed SSH connectivity tools
  - ssh-copy-id  # Add a public key to a remote machine's authorized_keys file

  ### Git
  - git  # Distributed revision control system
  - git-delta  # Syntax-highlighting pager for git and diff output
  - git-lfs  # Git extension for versioning large files
  - gh  # GitHub command-line tool
  - withgraphite/tap/graphite  # Allows you to manage your stacked changes and submit them for review on GitHub
  # - bfg  # Remove large files or passwords from Git history like git-filter-branch

  ### - Languages and version managers
  - elixir  # Functional metaprogramming aware language built on Erlang VM
  - go  # Open source programming language to build simple/reliable/efficient software
  - lua  # Powerful, lightweight programming language
  - php  # General-purpose scripting language
  - pipenv  # Python Development Workflow for Humans
  - pipx  # Execute binaries from Python packages in isolated environments
  - python  # Interpreted, interactive, object-oriented programming language
  - pyenv  # Python version management
  # - pyenv-virtualenv  # Pyenv plugin to manage virtualenv
  - ruby  # Powerful, clean, object-oriented scripting language
  - rbenv  # Ruby version manager
  - rust  # Safe, concurrent, practical language
  # - ruby-build  # Install various Ruby versions and implementations
  # - rbenv-default-gems  # Auto-installs gems for Ruby installs
  # - rbenv-gemset  # Adds basic gemset support to rbenv

  ### Package managers
  # - bazel  # Google's own build tool
  - bazelisk  # User-friendly launcher for Bazel
  - composer  # Dependency Manager for PHP
  # - node  # Platform built on V8 to build network applications
  # - nvm  # Manage multiple Node.js versions
  - mas  # Mac App Store command-line interface
  - yarn  # JavaScript package manager

  ### Web framework dev tools
  - arduino-cli  # Arduino command-line interface
  # - ddev/ddev/ddev  # DDEV
  - hashicorp/tap/terraform  # Terraform
  - snowflake-cli  # A CLI for Snowflake development
  - symfony-cli/tap/symfony-cli  # Symfony CLI helps Symfony developers manage projects, from local code to remote infrastructure

  ### AWS
  - awscli  # Official Amazon AWS command-line interface
  - cfn-lint  # Validate CloudFormation templates against the CloudFormation spec

  ### Sys Monitoring
  - glances  # Alternative to top/htop
  - ncdu  # NCurses Disk Usage
  # - pv  # Monitor data's progress through a pipe

  ### Compression
  # - bzip2  # Freely available high-quality data compressor
  # - p7zip  # 7-Zip (high compression file archiver) implementation
  # - pigz  # Parallel gzip
  # - zopfli  # New zlib (gzip, deflate) compatible compressor
  - xz  # General-purpose data compression with high compression ratio
  - zlib  # General-purpose lossless data-compression library

  ### Containers and orchestration
  # - docker  # Pack, ship and run any application as a lightweight container
  - colima  # Container runtimes on MacOS (and Linux) with minimal setup
  # - orbstack  # Replacement for Docker Desktop

  ### Network
  # - dns2tcp  # TCP over DNS tunnel
  # - dnsmasq  # Lightweight DNS forwarder and DHCP server
  # - gobuster  # Directory/file & DNS busting tool written in Go
  # - iperf  # Tool to measure maximum TCP and UDP bandwidth
  # - mitmproxy  # Intercept, modify, replay, save HTTP/S traffic
  # - mtr  # 'traceroute' and 'ping' in a single tool
  - nmap  # Port scanning utility for large networks
  # - tcpflow  # TCP/IP packet demultiplexer
  # - tcpreplay  # Replay saved tcpdump files at arbitrary speeds
  # - tcptrace  # Analyze tcpdump output
  # - ucspi-tcp  # Tools for building TCP client-server applications

  ### TLS and Certificates
  - certbot  # Tool to obtain certs from Let's Encrypt and autoenable HTTPS
  # - libressl  # Version of the SSL/TLS protocol forked from OpenSSL
  - mkcert  # Simple tool to make locally trusted development certificates
  - nss  # Libraries for security-enabled client and server applications
  - openssl  # Cryptography and SSL/TLS Toolkit

  ### Web server
  # - httpd  # Apache HTTP server
  # - goaccess  # Log analyzer and interactive viewer for the Apache Webserver
  # - jmeter  # Load testing and performance measurement application
  # - wrk  # HTTP benchmarking tool

  ### Database and caching
  # - memcached  # High performance, distributed memory object caching system
  # - mysql  # Open source relational database management system
  # - percona-toolkit  # Command-line tools for MySQL, MariaDB and system tasks
  # - redis  # Persistent key-value database, with built-in net interface
  # - sqlite  # Command-line interface for SQLite
  - sqlite3  # Command-line interface for SQLite

  ### Clients
  - curl  # Get a file from an HTTP, HTTPS or FTP server
  # - httpie  # User-friendly cURL replacement (command-line HTTP client)
  # - lynx  # Text-based web browser
  - wget  # Internet file retriever

  ### Search
  - ack  # Search tool like grep, but optimized for programmers
  # - fd  # Simple, fast and user-friendly alternative to find
  # - fzf  # Command-line fuzzy finder written in Go
  - pcre  # Perl compatible regular expressions library
  # - ripgrep  # Search tool like grep and The Silver Searcher

  ### Text and editors
  - bat  # Clone of cat(1) with syntax highlighting and Git integration
  # - doxygen  # Generate documentation for several programming languages
  # - graphviz  # Graph visualization software from AT&T and Bell Labs
  - readline  # Library for command-line editing
  - rename  # Perl-powered file rename script with many helpful built-ins
  - rlwrap  # Readline wrapper: adds readline support to tools that lack it
  - vim  # Vi 'workalike' with many additional features

  ### Diff
  - colordiff  # Color-highlighted diff(1) output
  - patchutils  # Small collection of programs that operate on patch files
  # - vbindiff  # Visual Binary Diff

  ### JSON
  - jq  # Lightweight and flexible command-line JSON processor
  - gron  # Make JSON greppable

  ### Markdown
  - glow  # Render markdown on the CLI

  ### YAML
  - yamllint  # Linter for YAML files

  ### Media and files
  # - binwalk  # Searches a binary image for embedded files and executable code
  # - exiftool  # Perl lib for reading and writing EXIF metadata
  # - ffmpeg  # Play, record, convert, and stream audio and video
  # - gifsicle  # GIF image/animation creator/editor
  # - gs  # Interpreter for PostScript and PDF
  - icoutils  # Create and extract MS Windows icons and cursors
  # - imagemagick  # Tools and libraries to manipulate images in many formats
  # - jpegoptim  # Utility to optimize JPEG files
  # - netpbm  # Image manipulation
  # - pngcheck  # Print info and check PNG, JNG, and MNG files
  # - pngcrush  # Optimizer for PNG files
  - youtube-dl  # Download YouTube videos from the command-line
  - yt-dlp  # Fork of youtube-dl with additional features and fixes

  ### Font tools
  # ### brew tap bramstein/webfonttools
  # - sfnt2woff  # Convert existing TrueType/OpenType fonts to WOFF format
  # - sfnt2woff-zopfli  # WOFF utilities with Zopfli compression
  # - woff2 # Utilities to create and convert Web Open Font File (WOFF) files

  ### CTF and research
  # - aircrack-ng  # Next-generation aircrack with lots of new features
  # - burp-suite  # Web security testing toolkit
  # - cifer  # Work on automating classical cipher cracking in C
  # - dex2jar  # Tools to work with Android .dex and Java .class files
  # - exploitdb  # Database of public exploits and corresponding vulnerable software
  # - fcrackzip  # Zip password cracker
  # - foremost  # Console program to recover files based on their headers and footers
  # - ghidra  # Software reverse engineering (SRE) suite of tools
  # - hashcat  # World's fastest and most advanced password recovery utility
  # - hashpump  # Tool to exploit hash length extension attack
  # - hydra  # Network logon cracker which supports many services
  # - john  # Featureful UNIX password cracker
  # - knock  # Port-knock server
  # - metasploit  # Penetration testing framework
  # - nikto  # Web server scanner
  # - owasp-zap  # Free and open source web app scanner
  # - samba  # SMB/CIFS file, print, and login server for UNIX
  # - socat  # SOcket CAT: netcat on steroids
  # - sqlmap  # Penetration testing for SQL injection and database servers
  # - xpdf  # PDF viewer

  ### Other
  - dockutil  # Tool for managing dock items

homebrew_uninstalled_packages: []

homebrew_taps:
  - homebrew/bundle
  - hashicorp/tap
  - 1password/tap
  - snowflakedb/snowflake-cli

homebrew_cask_accept_external_apps: true
homebrew_cask_appdir: /Applications
homebrew_cask_apps:
  ### Cask
  - 1password  # Password manager that keeps all passwords secure behind one password
  - 1password/tap/1password-cli  # Command-line interface for 1Password
  - adobe-creative-cloud  # Collection of apps and services for photography, design, video, web, and UX
  # - airfoil  # Sends audio from computer to outputs
  - arduino-ide  # Electronics prototyping platform
  - backblaze  # Data backup and storage service
  # - bbedit  # Text, code, and markup editor
  # - billings-pro  # Invoices, estimates, quotes and time-tracking
  - chromedriver  # Automated testing of webapps for Google Chrome
  # - cyberduck  # Server and cloud storage browser
  - discord  # Voice and text chat software
  - docker  # App to build and share containerized applications and microservice
  - doxie  # Companion app for scanner hardware
  - dropbox  # Client for the Dropbox cloud storage service
  - figma  # Collaborative team software
  - firefox  # Web browser
  - handbrake  # Open-source video transcoder available for Linux, Mac, and Windows
  - garmin-express  # Update maps and software, sync with Garmin Connect and register your device
  - google-chrome  # Web browser
  - iterm2  # Terminal emulator as alternative to Apple's Terminal app
  # - jetbrains-toolbox  # JetBrains Toolbox
  # - kaleidoscope  # Spot and merge differences in text and image files or folders
  # - keep-it  # Notebook, scrapbook and organiser tool
  - linear-linear  # App to manage software development and track bugs
  # - maestral  # Open-source Dropbox client
  # - nano  # Free (GNU) replacement for the Pico text editor
  - netnewswire  # Free and open-source RSS reader
  - notion  # App to write, plan, collaborate, and get organized
  - protonvpn  # VPN client focusing on security
  - raspberry-pi-imager  # Imaging utility to install operating systems to a microSD card
  # - raycast  # Control your tools with a few keystrokes
  - rectangle  # Move and resize windows using keyboard shortcuts or snap areas
  - slack  # Team communication and collaboration software
  - tableplus  # Native GUI tool for relational databases
  - textmate  # General-purpose text editor
  - trainerroad  # Cycling training system
  - tower  # Git client focusing on power and productivity
  # - vagrant  # Development environment
  # - virtualbox  # Virtualizer for x86 hardware
  - visual-studio-code  # Microsoft Visual Studio Code
  - vlc  # Multimedia player
  # - warp  # Rust-based terminal
  - wireshark  # Graphical network analyzer and capture tool

  ### Cask Fonts
  - font-courier-prime
  - font-fira-code
  - font-inter
  - font-jetbrains-mono

### Dotfiles ###
# See `geerlingguy.dotfiles` role documentation for usage instructions.
# https://github.com/geerlingguy/ansible-role-dotfiles/blob/master/README.md
configure_dotfiles: true
dotfiles_repo: https://github.com/greylabel/dotfiles
dotfiles_repo_version: main
dotfiles_repo_accept_hostkey: true
dotfiles_repo_local_destination: ~/Projects/greylabel/dotfiles
dotfiles_files:
  - .aliases
  - .bash_profile
  - .bash_prompt
  - .bashrc
  - .curlrc
  - .editorconfig
  - .exports
  - .functions
  - .gitattributes
  - .gitconfig
  - .gitignore
  - .gvimrc
  - .hushlogin
  - .inputrc
  - .macos
  - .screenrc
  - .tm_properties
  - .tmux.conf
  - .vimrc
  - .wgetrc


### Mac App Store ###
# See `geerlingguy.mac.mas` role documentation for usage instructions.
# https://github.com/geerlingguy/ansible-collection-mac/blob/master/roles/mas/README.md
mas_installed_apps:
  - {id: 1569813296, name: "1Password for Safari"}
  - {id: 288545208, name: "Instapaper"}
# - {id: 888422857, name: "Overcast"}  # Overcast is only available for M1 or later Macs
#  - {id: 1568924476, name: "Mela — Recipe Manager"}
#  - {id: 1529448980, name: "Reeder 5."}
#  - {id: id6447647340, name: "S3 Files"}
#  - {id: 497799835, name: "Xcode"}

### macOS Dock ###
# See `geerlingguy.mac.dock` role documentation for usage instructions.
# https://github.com/geerlingguy/ansible-collection-mac/blob/master/roles/dock/README.md
configure_dock: true
dockitems_remove:
  # System Applications
  - "App Store"
  - "Calendar"
  - "Contacts"
  - "FaceTime"
  - "Freeform"
  - "Home"
  - "Keynote"
  - "Launchpad"
  - "Mail"
  - "Maps"
  - "Messages"
  - "Music"
  - "News"
  - "Notes"
  - "Numbers"
  - "Pages"
  - "Podcasts"
  - "Photos"
  - "Reminders"
  - "Safari"
  - "Siri"
  - "System Settings"
  - "Terminal"
  - "TV"
  # User Applications
  - "1Password"
  - "Arduino IDE"
  - "Discord"
  - "Firefox"
  - "iTerm"
  - "NetNewsWire"
  - "Notion"
  - "Slack"
  - "TextMate"
  - "Tower"
  - "TrainerRoad"
  - "Visual Studio Code"
  - "VLC"
dockitems_persist:
  #  - name: "Finder"
  #    path: "/System/Library/CoreServices/Finder.app"
  #    pos: 0
  - name: "System Settings"
    path: "/System/Applications/System Settings.app"
    pos: 1
  - name: "iTerm"
    path: "/Applications/iTerm.app"
    pos: 2
  - name: "1Password"
    path: "/Applications/1Password.app"
    pos: 3
  - name: "Tower"
    path: "/Applications/Tower.app"
    pos: 4
  - name: "Arduino IDE"
    path: "/Applications/Arduino IDE.app"
    pos: 5
  - name: "TextMate"
    path: "/Applications/TextMate.app"
    pos: 6
  - name: "Visual Studio Code"
    path: "/Applications/Visual Studio Code.app"
    pos: 7
  - name: "Safari"
    path: "/System/Cryptexes/App/System/Applications/Safari.app"
    pos: 8
  - name: "Firefox"
    path: "/Applications/Firefox.app"
    pos: 9
  - name: "NetNewsWire"
    path: "/Applications/NetNewsWire.app"
    pos: 10
  - name: "Slack"
    path: "/Applications/Slack.app"
    pos: 11
  - name: "Discord"
    path: "/Applications/Discord.app"
    pos: 12
  - name: "Messages"
    path: "/System/Applications/Messages.app"
    pos: 13
  - name: "Photos"
    path: "/System/Applications/Photos.app"
    pos: 14
  - name: "Notion"
    path: "/Applications/Notion.app"
    pos: 15
  - name: "Music"
    path: "/System/Applications/Music.app"
    pos: 16
  - name: "VLC"
    path: "/Applications/VLC.app"
    pos: 17
  - name: "TrainerRoad"
    path: "/Applications/TrainerRoad.app"
    pos: 18
  - name: "Reminders"
    path: "/System/Applications/Reminders.app"
    pos: 19
  - name: "Home"
    path: "/System/Applications/Home.app"
    pos: 20

configure_osx: true
osx_script: "~/.macos --no-restart"


# Install packages from other package managers.
# Note: You are responsible for making sure the required package managers are
# installed, e.g. through homebrew.
composer_packages: []
# - name: drush
#   state: present # present/absent, default: present
#   version: "^8.1" # default: N/A
gem_packages: []
# - name: bundler
#   state: present # present/absent/latest, default: present
#   version: "~> 1.15.1" # default: N/A
npm_packages: []
# - name: webpack
#   state: present # present/absent/latest, default: present
#   version: "^2.6" # default: N/A
pip_packages: []
# - name: mkdocs
#   state: present # present/absent/latest, default: present
#   version: "0.16.3" # default: N/A

# Create home directories for code and websites, and prevent accidental deletion.
home_dirs_code:
  - Projects
  - Sites

# Git config — include from Vault encrypted file.
git_config_user_name: "{{ undef(hint='Include in config.yml using vault') }}"
git_config_user_email: "{{ undef(hint='Include in config.yml using vault') }}"
git_config_github_user: "{{ undef(hint='Include in config.yml using vault') }}"

# SSH key pair, commit signing, and config — include from Vault encrypted file.
ssh_allowed_signers_email: "{{ undef(hint='Include in config.yml using vault') }}"
ssh_private_key_passphrase: "{{ undef(hint='Include in config.yml using vault') }}"

# Glob pattern to ansible task files to run before all other tasks are started.
pre_provision_tasks:
  - tasks/pre-provision.yml
  - tasks/home-dirs-pre.yml
  - tasks/ssh-pre.yml
  - tasks/git-config-pre.yml

# Glob pattern to ansible task files to run after all other tasks are finished.
post_provision_tasks:
  - tasks/post-provision.yml
  # - tasks/ssh-post.yml  # needs refactoring