geerlingguy / ansible-collection-mac Goto Github PK
View Code? Open in Web Editor NEWCollection of macOS automation tools for Ansible.
Home Page: https://galaxy.ansible.com/geerlingguy/mac
License: MIT License
Collection of macOS automation tools for Ansible.
Home Page: https://galaxy.ansible.com/geerlingguy/mac
License: MIT License
If I try to include custom taps, the role progresses until the package/formulae install that requires the custom tap, and then stalls with no warning or error. Maybe I'm not referencing the tapped formula correctly?
Trivial configuration:
# homebrew_install_path: /usr/local/homebrew
homebrew_installed_packages:
- autoconf
- automake
# appears to freeze during "automake" but it is the `msodbcsql17` formula that freezes;
# if I rerun, both `autoconf` and `automake` register as installed and it still stalls here
- msodbcsql17 # requires tap
homebrew_taps:
- homebrew/cask
- homebrew/cask-versions
- name: microsoft/mssql-release
url: 'https://github.com/Microsoft/homebrew-mssql-release'
I recently found out that Homebrew can be installed on Linux. I was wondering if the homebrew role would work on it.
When I try to install a list of packages with the homebrew role, I end up with a series of errors about file ownership of /usr/local/man/man5
.
Screengrab attached
edmy homebrew_vars.yaml
---
homebrew_install_path: /usr/local/homebrew
homebrew_installed_packages:
- autoconf
- automake
- bat
- coreutils
- curl
- docker
- exa
- gzip
- htop
- jq
- libtool
- libxslt
- libyaml
- npm
- pkg-config
- tmux
- unar
- unixodbc
- unzip
- vim
- wget
- xz
- yarn
- zlib
- zsh
homebrew_cask_appdir: /Applications
homebrew_cask_apps:
- appcleaner
- iterm2
- osxfuse
- oversight
- postman
- spotify
- visual-studio-code
- vlc
homebrew_taps:
- homebrew/cask
- homebrew/cask-versions
- name: microsoft/git
url: 'https://github.com/microsoft/homebrew-git'
my playbook
---
- hosts: localhost
vars_files:
- vars/homebrew_vars.yaml
tasks:
- name: homebrew
include_role:
name: geerlingguy.mac.homebrew
My ansible-playbook command
ansible-playbook playbook.yaml -i inventory -v
Hi there. It seems that your role geerlingguy.mac.homebrew
doesn't include the dependency on elliotweiser.osx-command-line-tools
, which was present in geerlingguy.homebrew
. Should it be added back?
Error: The following directories are not writable by your user:
/usr/local/etc/bash_completion.d /usr/local/lib/pkgconfig /usr/local/share/aclocal /usr/local/share/info /usr/local/share/man/man3 /usr/local/share/man/man8 /usr/local/var/homebrew/locks /usr/local/var/log You should change the ownership of these directories to your user. sudo chown -R $(whoami) /usr/local/etc/bash_completion.d /usr/local/lib/pkgconfig /usr/local/share/aclocal /usr/local/share/info /usr/local/share/man/man3 /usr/local/share/man/man8 /usr/local/var/homebrew/locks /usr/local/var/log And make sure that your user has write permission. chmod u+w /usr/local/etc/bash_completion.d /usr/local/lib/pkgconfig /usr/local/share/aclocal /usr/local/share/info /usr/local/share/man/man3 /usr/local/share/man/man8 /usr/local/var/homebrew/locks /usr/local/var/log
Does setting these folder permissions need to be added to the homebrew role? I am trying to configure homebrew on a large number of macs to be configured by a single admin user. Currently some of the macs have homebrew installed with the wrong user.
For installing cask apps, the role is still trying to use "brew cask" but it is no longer available, it should be changed to "brew install --cask"
I used the example playbook to install homebrew with packages but after installation it didn't find "brew" as a command cause nothing was there to set the environment.
Not only because I hate seeing Dock restart a zillion times every time I run this role, but also because it breaks the CI idempotence test:
TASK [geerlingguy.mac.dock : Ensure correct Dock order.] ***********************
changed: [localhost] => (item={'name': 'Safari', 'path': '/Applications/Safari.app/', 'pos': 1})
Should be able to parse out the current position with:
$ dockutil --find Safari
Safari was found in persistent-apps at slot 4 in /Users/jgeerling/Library/Preferences/com.apple.dock.plist
Hi there,
I'm running the mac-dev-setup playbook on a remote machine, and it's failing on the mas account
task, as follows…
TASK [geerlingguy.mac.mas : Get MAS account status] **************************************************************************************
task path: /Users/toby/.ansible/collections/ansible_collections/geerlingguy/mac/roles/mas/tasks/main.yml:5
fatal: [marvin]: FAILED! => changed=false
cmd: mas account
failed_when_result: true
msg: '[Errno 2] No such file or directory'
rc: 2
stderr: ''
stderr_lines: <omitted>
stdout: ''
stdout_lines: <omitted>
I can run mas
on the command line when logged in locally to the machine, without the full path, since /usr/local/bin
is in my $PATH
.
I've added a debug step to dump out the $PATH
when using ansible and it seems to be missing /usr/local/bin
for some reason…
TASK [geerlingguy.mac.mas : Debug mas cmd part 1] ****************************************************************************************
task path: /Users/toby/.ansible/collections/ansible_collections/geerlingguy/mac/roles/mas/tasks/main.yml:5
changed: [marvin] => changed=true
cmd:
- echo
- $PATH
delta: '0:00:00.002861'
end: '2021-06-25 20:38:35.642596'
rc: 0
start: '2021-06-25 20:38:35.639735'
stderr: ''
stderr_lines: <omitted>
stdout: /usr/bin:/bin:/usr/sbin:/sbin
stdout_lines: <omitted>
What's the best way to fix this? I can submit a PR, but where should I be adding /usr/local/bin
to the PATH? For all users (/etc/profile
) or to just the current users, perhaps?
First off, thank you so much for providing so many excellent ansible roles. It's made my job a lot easier.
I'm installing homebrew on an M1 Mac Mini using the geerlingguy.mac.homebrew
role. I'm seeing this error:
TASK [geerlingguy.mac.homebrew : Ensure configured taps are tapped.] *********************************************************
*******************************************************
failed: [opentrons-control-1] (item=homebrew/core) => {
"ansible_loop_var": "item",
"changed": false,
"item": "homebrew/core"
}
MSG:
added: 0, unchanged: 0, error: failed to tap: homebrew/core due to error: could not lock config file .git/config: Permission d
enied
error: cannot lock ref 'REBASE_HEAD': Unable to create '/opt/homebrew/Homebrew/.git/REBASE_HEAD.lock': Permission denied
==> Homebrew has enabled anonymous aggregate formula and cask analytics.
Read the analytics documentation (and how to opt-out) here:
https://docs.brew.sh/Analytics
No analytics have been recorded yet (nor will be during this `brew` run).
==> Homebrew is run entirely by unpaid volunteers. Please consider donating:
https://github.com/Homebrew/brew#donations
==> Tapping homebrew/core
fatal: could not create leading directories of '/opt/homebrew/Homebrew/Library/Taps/homebrew/homebrew-core': Permission denied
Error: Failure while executing; `git clone https://github.com/Homebrew/homebrew-core /opt/homebrew/Homebrew/Library/Taps/homeb
rew/homebrew-core --origin=origin --template=` exited with 128.
Error: Failure while executing; `/opt/homebrew/bin/brew tap homebrew/core` exited with 1.
==> Tapping homebrew/core
fatal: could not create leading directories of '/opt/homebrew/Homebrew/Library/Taps/homebrew/homebrew-core': Permission denied
Error: Failure while executing; `git clone https://github.com/Homebrew/homebrew-core /opt/homebrew/Homebrew/Library/Taps/homeb
rew/homebrew-core --origin=origin --template=` exited with 128.
While the homebrew_user
owns /opt/homebrew/Homebrew/
, all of the files in that directory are owned by root
.
On macOS Big Sur I currently can't seem to get mas to install apps. However, running mas install
directly produces the exact same error message so the error is most likely not in the Role, but in mas-cli
itself: I'm opening this ticket just for tracking purposes.
Redownload Unavailable with This Apple ID
This redownload is not available for this Apple ID either because it was bought by a different user or the item was refunded or cancelled.
Performing an ansible run on a single VM running 11.4 (Big Sur). This is a fresh VM, nothing else installed. Port forwarding has been configured.
The ansible files are simple as to just test the roles work as intended over the configured ssh connection.
---
- name: Golden image configuration
hosts: packer
vars:
homebrew_installed_packages:
- git
- openjdk@8
roles:
- geerlingguy.mac.homebrew
---
roles:
- name: elliotweiser.osx-command-line-tools
collections:
- name: geerlingguy.mac
[packer]
127.0.0.1 ansible_ssh_pass=***** ansible_user=***** ansible_port=10000
TASK [geerlingguy.mac.homebrew : Ensure Homebrew is installed.]
just craps out, and with -vvvv
I get the following traceback.
The full traceback is:
Traceback (most recent call last):
File "/Users/anka/.ansible/tmp/ansible-tmp-1633819721.422527-15747-48633493768772/AnsiballZ_git.py", line 100, in <module>
_ansiballz_main()
File "/Users/anka/.ansible/tmp/ansible-tmp-1633819721.422527-15747-48633493768772/AnsiballZ_git.py", line 92, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/Users/anka/.ansible/tmp/ansible-tmp-1633819721.422527-15747-48633493768772/AnsiballZ_git.py", line 41, in invoke_module
run_name='__main__', alter_sys=True)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 188, in run_module
fname, loader, pkg_name)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 82, in _run_module_code
mod_name, mod_fname, mod_loader, pkg_name)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/var/folders/f0/r0_px1z90y14c9r4ts7nt20m0000gn/T/ansible_git_payload_DkMYht/ansible_git_payload.zip/ansible/modules/git.py", line 1333, in <module>
File "/var/folders/f0/r0_px1z90y14c9r4ts7nt20m0000gn/T/ansible_git_payload_DkMYht/ansible_git_payload.zip/ansible/modules/git.py", line 1214, in main
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/distutils/version.py", line 296, in __cmp__
return cmp(self.version, other.version)
AttributeError: 'NoneType' object has no attribute 'version'
fatal: [127.0.0.1]: FAILED! => {
"changed": false,
"module_stderr": "Shared connection to 127.0.0.1 closed.\r\n",
"module_stdout": "Traceback (most recent call last):\r\n File \"/Users/anka/.ansible/tmp/ansible-tmp-1633819721.422527-15747-48633493768772/AnsiballZ_git.py\", line 100, in <module>\r\n _ansiballz_main()\r\n File \"/Users/anka/.ansible/tmp/ansible-tmp-1633819721.422527-15747-48633493768772/AnsiballZ_git.py\", line 92, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n File \"/Users/anka/.ansible/tmp/ansible-tmp-1633819721.422527-15747-48633493768772/AnsiballZ_git.py\", line 41, in invoke_module\r\n run_name='__main__', alter_sys=True)\r\n File \"/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py\", line 188, in run_module\r\n fname, loader, pkg_name)\r\n File \"/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py\", line 82, in _run_module_code\r\n mod_name, mod_fname, mod_loader, pkg_name)\r\n File \"/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py\", line 72, in _run_code\r\n exec code in run_globals\r\n File \"/var/folders/f0/r0_px1z90y14c9r4ts7nt20m0000gn/T/ansible_git_payload_DkMYht/ansible_git_payload.zip/ansible/modules/git.py\", line 1333, in <module>\r\n File \"/var/folders/f0/r0_px1z90y14c9r4ts7nt20m0000gn/T/ansible_git_payload_DkMYht/ansible_git_payload.zip/ansible/modules/git.py\", line 1214, in main\r\n File \"/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/distutils/version.py\", line 296, in __cmp__\r\n return cmp(self.version, other.version)\r\nAttributeError: 'NoneType' object has no attribute 'version'\r\n",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
Might be difficult to replicate this unless you have access to an environment running Anka. That is what I'm using to create the VM. Hopefully it's just a simple oversight on my end.
I am new to homebrew and just learned about the services feature, which handles the launchd stuff.
I would just install the packages with setting hombrew_installed_packages and put the rest in post tasks and handlers.
Do you have any ideas how to use this role with "brew services" in another way?
Regards
Markus
I recently found out, that when the SSHd on a macOS is configured that pubkey auth is being used instead of password auth the playbook keeps hanging when the "mas install" tasks are executed.
This seems to be an issue macOS handling the security context for SSH tunnels (somehow)...
What helped me was the solution suggested in that github issue answer (installing the reattach-to-user-namespace
brew and running mas
using that).
I've tested it locally vía manually installing that brew and copying the mas tasks into a local yml file (instead of using the rule - what messes up the order of role/task execution) - and that way it works.
Has anyone experienced the same issue?
Would be nice if the role supports that way (toggled by a mas-reattach-to-user-namespace
boolean config). What's your suggestion?
Hi,
the mas account
(see https://github.com/mas-cli/mas#%EF%B8%8F-known-issues) command is not supported on MacOS Monterey.
The mas
role fails at this task:
ansible-collection-mac/roles/mas/tasks/main.yml
Lines 5 to 10 in 3e17b39
I'm getting this error:
The task includes an option with an undefined variable. The error was: 'ansible_user_id' is undefined
The error appears to be in '<REDACTED>/.ansible/collections/ansible_collections/geerlingguy/mac/roles/homebrew/tasks/main.yml': line 2, column 3
- hosts: localhost connection: local gather_facts: false vars: homebrew_installed_packages: - nvm roles: - geerlingguy.mac.homebrew
Hello,
Your collection and your repo about how to setup a Mac is a real help for me.
I'm trying to set the Dock for all the users on my Mac used by the whole family. It seems the current dock role is designed to be used for an admin account (due to the task with Homebrew).
Is it possible to give instruction on how to use it for other users. Or can we work on an improvement to manage that in the future ?
Trying to update to the new role (iow: coming from geerlinguy.homebrew)
ERROR! couldn't resolve module/action 'homebrew_cask'. This often indicates a misspelling, missing collection, or incorrect module path.
The error appears to be in '~/.ansible/collections/ansible_collections/geerlingguy/mac/roles/homebrew/tasks/main.yml': line 119, column 7, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
# Cask.
- name: Ensure blacklisted cask applications are not installed.
^ here
roles include like so
roles:
- geerlingguy.mac.homebrew
- geerlingguy.mac.mas
- geerlingguy.mac.dock
and requirements
---
roles:
- name: elliotweiser.osx-command-line-tools
collections:
- name: geerlingguy.mac
While using this role I had my .zshrc updated and the path for homebrew has been removed. As I'm using arm64 it's installed into /opt/homebrew so /opt/homebrew/bin/ is not within the default PATH and thus brew cannot be used on the command line.
Shouldn't the arm64 path (/opt/homebrew/bin/) be checked if it's in the path of ZSH? And if not added to it?
If this should be the case I can work on it and create a PR.
When installing homebrew with geerlingguy.mac.homebrew
and trying to install packages directly afterwards using ansible.builtin.package
, this fails with the following error message:
The full traceback is:
NoneType: None
fatal: [127.0.0.1]: FAILED! => {
"changed": false,
"msg": "Could not find a module for unknown."
}
This is because ansible_pkg_mgr
is set to unknown
when first loading the playbook. This is then loaded in ansible.builtin.package
. After the installation, the facts are not recollected.
It looks like the mas
app no longer supports logging in (after I spent ages trying to debug getting the credential conditions in ansible to work! 😭)
Can you imagine a valid reason for these to be kept in the playbook now this is the case? If not, I can submit a PR to remove them.
I have noticed that if i am fat-fingered, and type in my complex password wrong, the playbook hangs on the task to check permissions on the homebrew dir. Maybe check if the password is correct and fail if not.
For instance:
https://stackoverflow.com/questions/50562707/can-ansible-check-if-password-is-correct-before-running-playbook
Hi,
I have a fresh install of Big Sur on a Mac Mini (M1) and I run this role remotely from an Ansible 2.9. Unfortunately it fails at [homebrew : Ensure configured taps are tapped]
.
TASK [homebrew : Ensure configured taps are tapped] ****************************************************************************************************************
failed: [loxodon] (item={u'url': u'https://github.com/Homebrew/homebrew-core.git', u'name': u'homebrew/core'}) => changed=false
ansible_loop_var: item
item:
name: homebrew/core
url: https://github.com/Homebrew/homebrew-core.git
msg: 'Failed to find required executable brew in paths: /usr/bin:/bin:/usr/sbin:/sbin'
failed: [loxodon] (item={u'url': u'https://github.com/Homebrew/homebrew-cask.git', u'name': u'homebrew/cask'}) => changed=false
ansible_loop_var: item
item:
name: homebrew/cask
url: https://github.com/Homebrew/homebrew-cask.git
msg: 'Failed to find required executable brew in paths: /usr/bin:/bin:/usr/sbin:/sbin'
I've added /opt/homebrew/bin
to my PATH in .zshrc
and .bash_profile
just in case
% echo 'export PATH="$PATH:/opt/homebrew/bin"' >> ~/.zshrc
% echo 'export PATH="$PATH:/opt/homebrew/bin"' >> ~/.bash_profile
Now my user's PATH looks like:
nico@loxodon ~ % echo $PATH
/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/opt/homebrew/bin
And root
's PATH is
loxodon:~ root# echo $PATH
/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin
Did I miss something?
Recently found your 101 series, I'm trying out your dock role. I have a problem where the dock tasks fail with errors like this
FAILED! => {"msg": "The conditional check '\"No such file or directory\" in dockitem_exists.stdout or \"command not found\" in dockitem_exists.stdout\n' failed. The error was: error while evaluating conditional (\"No such file or directory\" in dockitem_exists.stdout or \"command not found\" in dockitem_exists.stdout\n): 'dict object' has no attribute 'stdout'"}
The reason there is no stdout
is because the command dockutil
cannot be found. The reason for that is because the path exposed by the ssh server on macos does not include /usr/local/bin
which is where Homebrew installed dockutil. SSH also has by default PermitUserEnvironment
set to no
.
The SSH man page suggests the path it exposes is a compile-time option. You can see it like this
ssh [email protected] env
..
PATH=/usr/bin:/bin:/usr/sbin:/sbin
..
A fix that worked for me is to prefix dockutil
with the full path /usr/local/bin/dockutil
in all of the task files. However I am suprised you haven't hit this so suspect there is something I'm missing?
I've tried a couple of available macs here, one mojave and another catalina one. My Ansible client is running on Linux and is 2.10.4. The version of your collection is 1.4.0.
This may be something to be fixed upstream by homebrew, but it breaks the flow of the playbook so we may have to workaround around this issue.
failed: [127.0.0.1] (item=viscosity) => changed=false ansible_loop_var: item item: viscosity msg: |- Running
brew update --auto-update... ==> Auto-updated Homebrew! Updated 3 taps (homebrew/core, homebrew/cask and homebrew/services). ==> New Formulae ---------stuff------------ Error: It seems there is already an App at '/Applications/Viscosity.app'.
It would be handy to either
Managing a device with multiple user using the ansible dock role is complicated
due to the role not supporting the --allhomes or the dock-plist.
It would be great supporting either of the options.
A problem with that is that this would require the role potentially needing
to become root.
Getting the dock position would probably be a lot more complicated, too.
Maybe it would be easier just passing the plist location and a user potentially running/including
the role multiple times.
Thanks for all the hard work you put into all your roles!
The task "Ensure configured MAS apps are installed." cant get finished, its completely stuck. I saw this as an issue in the old mac.mas role but not a good solution. Any ideas?
Hello Jeff,
Thank you for all your work. I really enjoy your YouTube channel.
It would be nice if there was a variable you could set for the geerlingguy.mac.homebrew role to enable upgrading Casks greedily. This is supported by the community.general.homebrew_cask module. Basically it allows for applications that have auto-upgrade features to be forced to upgrade, ignoring their built in auto-upgrade. Thank you for considering this.
Just updated from the deprecated geerlingguy.homebrew
Ansible role and when trying to run my playbook, Ansible hangs at this step:
TASK [geerlingguy.mac.homebrew : Ensure Homebrew parent directory has correct permissions (MacOS >= 10.13).] ***********************************************************************************************
My Hombrew directory is at /usr/local/Homebrew
, so it's prefix (homebrew_prefix
) should be /usr/local
. I checked myself that the parent directory does have the correct ownership, but can't figure out why it hangs at that point, like if it was expecting some user input at that point.
My Ansible version is 2.12.1
.
As menstioned in https://github.com/mas-cli/mas/issues/164 the login does not work in modern OSX versions.
this results in very strange errors.
running mas install on the CLI if logged in, however, if you let the role install it errors out.
a solution may be to NOT try to log in in versions >10.13 and just try to login.
the problem with that is that you need to identify the os version.
when i run ansible -m setup on my mac it gives me this relevant information:
"ansible_os_family": "Darwin",
"ansible_osrevision": "199506",
"ansible_osversion": "21A559",
maybe the kernel version would be a clue
"ansible_kernel_version": "Darwin Kernel Version 21.1.0: Wed Oct 13 17:33:24 PDT 2021; root:xnu-8019.41.5~1/RELEASE_ARM64_T8101",
I may be able to help solve this, but i do not have the information to do so.
Thanks for the work on this repo (and on the book) @geerlingguy 👏🏼
I've just started using this to install a suite of software across our fleet of DC M1's using Homebrew. I can't see to find any way of pinning the software version installed.
I've tried a couple of ways and looked through the source code and can't find any references.
The command locally could be:
brew install node@16
I've tried:
homebrew_installed_packages:
- name: node@16
homebrew_installed_packages:
- name: node
version: 16
But neither work. Is this supported at all?
This will be a TODO until I have geerlingguy.homebrew
and geerlingguy.mas
fully incorporated into this collection, and have a release I'm happy with. At that point I'll close all issues in those repos, update their READMEs and project descriptions to mention this new collection, and archive them, and then mark them as deprecated on Ansible Galaxy itself.
First of all, thanks for making this role, it has worked incredibly well and has saved me so much time.
However, I encountered the following error while trying to install mactex-no-gui
:
failed: [192.168.64.50] (item=mactex-no-gui) => changed=false
ansible_loop_var: item
item: mactex-no-gui
msg: |-
==> Homebrew is run entirely by unpaid volunteers. Please consider donating:
https://github.com/Homebrew/brew#donations
==> Auto-updated Homebrew!
Updated 1 tap (homebrew/core).
Running `brew update --auto-update`...
You have 50 outdated formulae and 8 outdated casks installed.
You can upgrade them with brew upgrade
or list them with brew outdated.
Error: Failure while executing; `/usr/bin/sudo -A -E -- /usr/bin/env LOGNAME=******** USER=******** USERNAME=******** /usr/sbin/installer -pkg /opt/homebrew/Caskroom/mactex-no-gui/2022.0321/mactex-20220321.pkg -target / -applyChoiceChangesXML /private/tmp/choices20221109-5273-1o2wv0z.xml` exited with 1. Here's the output:
installer: Package name is MacTeX
installer: choices changes file '/private/tmp/choices20221109-5273-1o2wv0z.xml' applied
installer: Installing at base path /
installer: The install failed..
Not sure if this is a configuration / environment issue on my end or if there's an issue with the role.
Some guidance would be much appreciated!
It's still unclear to me, but this error seems to happen on ARM-based macOS
When using the homebrew role in a playbook as follows
roles:
- elliotweiser.osx-command-line-tools
- geerlingguy.mac.homebrew
you could get errors like Failed to find required executable brew in paths
TASK [homebrew : Ensure configured taps are tapped.] ***************************
failed: [default] (item=homebrew/core) => {"ansible_loop_var": "item", "changed": false, "item": "homebrew/core", "msg": "Failed to find required executable brew in paths: /opt/homebrew/Homebrew:/usr/bin:/bin:/usr/sbin:/sbin"}
failed: [default] (item=homebrew/cask) => {"ansible_loop_var": "item", "changed": false, "item": "homebrew/cask", "msg": "Failed to find required executable brew in paths: /opt/homebrew/Homebrew:/usr/bin:/bin:/usr/sbin:/sbin"}
failed: [default] (item=adoptopenjdk/openjdk) => {"ansible_loop_var": "item", "changed": false, "item": "adoptopenjdk/openjdk", "msg": "Failed to find required executable brew in paths: /opt/homebrew/Homebrew:/usr/bin:/bin:/usr/sbin:/sbin"}
tasks:
- name: Install HomeBrew
include_role:
name: geerlingguy.mac.homebrew
apply:
environment:
PATH: '{{homebrew_install_path}}/bin:{{ ansible_env.PATH }}'
Got a mac Mini with M1 chip and geerlingguy.mac.homebrew
role that works great on my Intel mac fails on my M1 mac.
Playbook called macos_workstation.yml
- name: macOS Workstation Playbook
hosts: all
vars:
ansible_python_interpreter: "/usr/bin/python3"
homebrew_installed_packages:
- git
homebrew_taps:
- homebrew/core
homebrew_cask_apps:
- powershell
roles:
- geerlingguy.mac.homebrew
- geerlingguy.mac.mas
Ansible run
$ ansible-playbook -i testing --limit="macmini" -K ../macos_workstation.yml
Error
TASK [geerlingguy.mac.homebrew : Install configured cask applications.] ********
failed: [macmini] (item=powershell) => {"ansible_loop_var": "item", "changed": false, "item": "powershell", "msg": "Failed to find required executable brew in paths: /usr/bin:/bin:/usr/sbin:/sbin"}
The defaults set
homebrew_prefix: "{{ (ansible_machine == 'arm64') | ternary('/opt/homebrew', '/usr/local') }}"
homebrew_install_path: "{{ homebrew_prefix }}/Homebrew"
homebrew_brew_bin_path: "{{ homebrew_prefix }}/bin"
Does the homebrew_cask
look into the homebrew_brew_bin_path
?
- name: Install configured cask applications.
homebrew_cask:
name: "{{ item.name | default(item) }}"
state: present
install_options: "{{ item.install_options | default('appdir=' + homebrew_cask_appdir) }}"
accept_external_apps: "{{ homebrew_cask_accept_external_apps }}"
sudo_password: "{{ ansible_become_password | default(omit) }}"
loop: "{{ homebrew_cask_apps }}"
notify:
- Clear homebrew cache
Seems like homebrew_cask
does not follow the homebrew_brew_bin_path
. Changed playbook, addd a pre-task
pre_tasks:
- debug:
msg: "{{ homebrew_brew_bin_path }}"
Ansible shows homebrew_brew_bin_path
correct.
TASK [debug] *******************************************************************
ok: [macmini.castle.real-time.com] => {
"msg": "/opt/homebrew/bin"
}
% file /opt/homebrew/bin/brew
/opt/homebrew/bin/brew: Bourne-Again shell script text executable, ASCII text
% /opt/homebrew/bin/brew --version
Homebrew 3.3.4
Homebrew/homebrew-core (git revision e2dbff3dad5; last commit 2021-11-16)
Do I need to apply a work-around like in #10 ?
% echo $SHELL
/bin/zsh
% sw_vers
ProductName: macOS
ProductVersion: 12.0.1
BuildVersion: 21A559
% python3 -V
Python 3.8.9
$ ansible --version
ansible 2.9.16.post0
I am getting an error when trying to use the homebrew role
My playbook.yml contains the following
---
- hosts: localhost
become: no
connection: local
vars_files:
- secrets.yml
vars:
homebrew_installed_packages:
- mysql
roles:
- elliotweiser.osx-command-line-tools
- geerlingguy.homebrew
Then I run the playbook I have the following error
TASK [geerlingguy.homebrew : Ensure configured homebrew packages are installed.] *******************************************************************************
failed: [localhost] (item=mysql) => {"ansible_loop_var": "item", "changed": false, "item": "mysql", "msg": "Error: The following directories are not writable by your user:\n/opt/homebrew\n\nYou should change the ownership of these directories to your user.\n sudo chown -R $(whoami) /opt/homebrew\n\nAnd make sure that your user has write permission.\n chmod u+w /opt/homebrew"}
I'd like to reopen geerlingguy/ansible-role-homebrew#146 here, as the issue still exists.
I have a Brewfile with multiple mas
apps in it. When I run the playbook over SSH, it fails:
TASK [geerlingguy.mac.homebrew : Install from Brewfile.] *******************************************************************************************************************************************************************************************************************************************************************
fatal: [ws547]: FAILED! => changed=true
cmd:
- /usr/local/bin/brew
- bundle
delta: '0:00:09.632515'
end: '2022-04-01 15:18:18.952991'
msg: non-zero return code
rc: 1
start: '2022-04-01 15:18:09.320476'
stderr: 'Error: Unable to install Affinity Designer app. mas installation failed.'
stderr_lines: <omitted>
stdout:
(Lot of Brewfile content)
stdout_lines: <omitted>
However, it works using ansible_connection=local
therefor I'm using this workaround now:
- name: Set controller_host fact
set_fact:
controller_host: "{{lookup('pipe','hostname')}}"
- name: Switch to local connection if this is the device
set_fact:
ansible_connection: local
when: ansible_hostname == controller_host
If you have recent applications turned on for the dock and the application is in your recent applications the application doesn't get added to the persistent applications on the dock.
To reproduce this error:
dockitems_persist:
- name: "Sublime Text"
path: "/Applications/Sublime Text.app/"
pos: 5
I'm successfully installing homebrew formulae and casks on a mac (with 12.1 Monterey); but certain casks hang after installing themselves into the remote /opt/brew/Caskroom
, but before being copied into /Applications
. Those same casks install properly via ssh (without ansible). These casks include: google-drive, expressvpn; I imagine there will be others. As an example:
- name: Install vpn
homebrew_cask:
name:
- expressvpn
state: present
This will hang ansible-galaxy. If I interrupt and check the system I see that /opt/brew/Caskroom/expressvpn
exists and contains the expected files and subdirectories, but /Applications/ExpressVPN
does not exist. If I ssh to the system and execute: brew install expressvpn
then it complains that the cask is already installed. If I execute brew reinstall expressvpn
(or brew uninstall expressvpn && brew reinstall expressvpn
) then it succeeds. I am not challenged for my password during the manual (ssh) install process. I can't figure out where to look for logs to diagnose the problem further; ansible-galaxy -vvv
just shows:
<zen> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="mike"' -o ConnectTimeout=10 -o ControlPath=/Users/mike/.ansible/cp/a545970042 -tt zen '/bin/sh -c '"'"'/Users/mike/.pyenv/shims/python3.9 /Users/mike/.ansible/tmp/ansible-tmp-1640213431.403431-98216-257073436789997/AnsiballZ_homebrew_cask.py && sleep 0'"'"''
Any ideas? For now I'm having to comment out the affected casks, but this is the only part of my entire mac setup that's not working at this point, and I must be doing something stupid.
I have set the homebrew_use_brewfile
variable to true in mac-dev-playbook, together with a Brewfile containing approx 85 items.
I've encountered the following problems:
cask "virtualbox"
to work in a macOS 10.13 vm), the playbook is aborted.mas
role to perform sign-in to the App Store, as this role is triggered after the homebrew
role in the playbook, the "Install from Brewfile" task is going to fail all the mas
instructions (due to lack of sign-in).I believe a simple fix can be devised to prevent aborting the playbook (using failed_when: false
for example).
To help the user of the homebrew
role to read the task progress, an easy but rather dirty fix is to add a debug
step following it printing both stdout and stderr.
For the last problem, reordering roles in mac-dev-playbook
seems to suffice.
But I kept being frustrated with this so I tried the approach of splitting up the Brewfile commands via ansible tasks and feeding them one by one to brew bundle --file=-
.
I made a new role (taking large inspiration from your collection!) base on this approach, which you can see here: https://github.com/lajarre/ansible-collection-macstuff/blob/master/roles/homebrew_brewfile/tasks/main.yml
It makes sense to me that there is a role separate from the homebrew
role and which handes brewfiles / brew bundle
. Indeed, Brewfile is a language (DSL) that, if well designed for handling homebrew installs, is already going beyond brew
itself as it contains mas
instructions as well.
But it could also make sense to include this in the homebrew
role itself.
What do you think of the aforementioned approach for splitting up tasks?
I'd be happy to contribute this back into your collection and to mac-dev-playbook
if this makes sense.
Copy from README.md of mas (https://github.com/mas-cli/mas#%EF%B8%8F-known-issues)
Over time, Apple has changed the APIs used by mas to manage App Store apps, limiting its capabilities. Please sign in or purchase apps using the App Store app instead. Subsequent redownloads can be performed with mas install.
⛔️ The signin command is not supported as of macOS 10.13 High Sierra. mas-cli/mas#164
⛔️ The purchase command is not supported as of macOS 10.15 Catalina. mas-cli/mas#289
⛔️ The account command is not supported as of macOS 12 Monterey. mas-cli/mas#417
The way I see it, the best way would be to either remove the first few checks, or simply set a requirement on OS-version. To remove them (or come up with a workaround) would be more stringent, as the behaviour would be constant for different OS-versions.
Log:
[...]
TASK [geerlingguy.mac.mas : Ensure unwanted MAS apps are uninstalled.] **********************************************************************************************************************************************************
failed: [127.0.0.1] (item={'id': 406056744, 'name': 'Evernote (7.14)'}) => changed=true
ansible_loop_var: item
cmd:
- mas
- uninstall
- '406056744'
delta: '0:00:00.022895'
end: '2022-02-12 12:55:54.149690'
item:
id: 406056744
name: Evernote (7.14)
msg: non-zero return code
rc: 1
start: '2022-02-12 12:55:54.126795'
stderr: |-
Warning: Apps installed from the Mac App Store require root permission to remove.
Error: Unable to move app to trash.
Error: Uninstall failed
stderr_lines: <omitted>
stdout: ''
stdout_lines: <omitted>
failed: [127.0.0.1] (item={'id': 406825478, 'name': 'Telephone (1.4)'}) => changed=true
ansible_loop_var: item
cmd:
- mas
- uninstall
- '406825478'
delta: '0:00:00.022060'
end: '2022-02-12 12:55:54.288822'
item:
id: 406825478
name: Telephone (1.4)
msg: non-zero return code
rc: 1
start: '2022-02-12 12:55:54.266762'
stderr: |-
Warning: Apps installed from the Mac App Store require root permission to remove.
Error: Unable to move app to trash.
Error: Uninstall failed
stderr_lines: <omitted>
stdout: ''
stdout_lines: <omitted>
[...]
Its due to an issue with mas itself, but I think it should be filed here as well.
Issue: mas-cli/mas#216
Being a PHP developer I mostly need a particular version of PHP and generally brew runs a version a head where any of my clients running.
generally I will install the php package but the also install the [email protected] and sometime [email protected]. What I would nive is that I can then specify in my playbook a task to unlink php and link [email protected]
After #43, we added a 7-second pause between dock item changes since the commands can sometimes fail with an error like "Move failed for 'App Name' in com.apple.dock.plist" since Ansible runs the command before the Dock has completed its restart. Annoyingly, it's something that would be better handled by dockutil not exiting until the operation is complete/confirmed... but it is what it is.
If we used retry
with like a 1 or 2 second backoff to the tasks that can fail (e.g. "Move dock item to the correct position"), it might go faster when you have a bunch of dock items to move.
Add a Dock role that manages the macOS Dock, migrating all the Dock-specific content from https://github.com/geerlingguy/mac-dev-playbook/
Related: geerlingguy/mac-dev-playbook#116
Hi there,
Dockutil < 3.0 uses python2 that has been removed from macOS.
Dockutil > 3.0 solves this by reimplementing in swift, but this results in a binary distribution format.
Brew will not accept prebuilt binaries as other than casks. This issue is described here:
kcrawford/dockutil#127
The workaround is given in the thread, tap your own recipe that installs binary instead.
To make this work with your ansible-collection it would be great to make the dockutil install optional - or - to allow a variable for a tap.
I'm using an M1 mac and the playbook works for cask applications, but it fails for homebrew packages:
TASK [geerlingguy.mac.homebrew : Ensure configured homebrew packages are installed] *****************************
failed: [localhost] (item=stow) => {"ansible_loop_var": "item", "changed": false, "item": "stow",
"msg": "Error: Cannot install in Homebrew on ARM processor in Intel default prefix (/usr/local)!\nPlease create a new installation in /opt/homebrew using one of the\n\"Alternative Installs\" from:\n https://docs.brew.sh/Installation\nYou can migrate your previously installed formula list with:\n brew bundle dump"}
One possible way to fix this issue is adding the path explicitly in "homebrew":
- name: Ensure configured homebrew packages are installed.
homebrew:
path: "{{ homebrew_brew_bin_path }}"
name: "{{ item.name | default(item) }}"
install_options: "{{ item.install_options | default(omit) }}"
state: "{{ item.state | default('present') }}"
Thanks, I've been using your Ansible roles for years!
The screen of my 16" M1 MacBook Pro flashes and reloads(?) the dock every time a change is made to the dock. This results in a race-condition, resulting in me having to run the dock
-module several times until all changes to the dock are made.
Suggestion:
Add a 1 second delay after each alteration to the dock, to give time for the reloading.
EDIT:
The role could perhaps run recursively until no changes are made.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.