Playbooks
MacBook Setup
Fresh macOS setup — what to install, in what order, and why.
Updated 18 min ago
A clean-install checklist for getting a new MacBook from out-of-box to working environment. Designed to be run top-to-bottom on a freshly-erased machine.
1. System basics
- Sign in to Apple ID, iCloud Drive, Messages, FaceTime.
- System Settings → Trackpad → enable tap-to-click + three-finger drag.
- System Settings → Keyboard → swap Caps Lock to Control.
- Hostname:
scutil --set HostName <name>(matches LocalHostName + ComputerName).
2. Command line foundation
xcode-select --install # Xcode CLI tools (git, clang)
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"Then install the core tool layer:
brew install git gh jq ripgrep fd bat eza fzf zoxide tmux
brew install --cask iterm2 visual-studio-code rectangle3. Languages & runtimes
# Node.js via nvm
brew install nvm
mkdir ~/.nvm
nvm install --lts
# Python via uv (no system python needed)
brew install uv
uv python install 3.13
# Go (optional)
brew install go4. Shell config
- Install Starship or oh-my-zsh — pick one, not both.
- Symlink dotfiles from
~/dev/dotfiles/(or wherever they live). - Reload:
exec zsh.
5. SSH & Git identity
ssh-keygen -t ed25519 -C "you@example.com"
gh auth login # adds the key to GitHub
git config --global user.name "Your Name"
git config --global user.email "you@example.com"
git config --global pull.rebase true
git config --global init.defaultBranch main6. AWS / cloud
brew install awscli session-manager-plugin
aws configure sso # use SSO, not long-lived keys7. Apps via Cask
brew install --cask \
1password 1password-cli \
raycast \
arc \
slack \
zoom \
figma \
obsidian \
cleanshot8. Final tweaks
- Hide the Dock auto-show delay:
defaults write com.apple.dock autohide-delay -float 0 && killall Dock - Show hidden files in Finder:
defaults write com.apple.finder AppleShowAllFiles -bool true && killall Finder - Disable .DS_Store on network/USB volumes if you share with others.
9. Verify
git --version
node --version
uv --version
gh auth status
aws sts get-caller-identityIf all five return clean — the machine is ready.