initial, untested

.gitignore

@@ -0,0 +1 @@
+.DS_Store

Makefile

@@ -0,0 +1,38 @@
+# You need to run the following to let make work:
+#    sudo xcodebuild -license accept
+
+# install the following to /Applications before proceeding:
+#     * CreateUserPkg
+#     * AutoDMG.app
+#     * the OSX installer (Install macOS Sierra.app)
+#     * Xcode.app
+# to /Applications before proceeding.
+
+OSX := /Applications/Install macOS Sierra.app
+AUTODMG := /Applications/AutoDMG.app/Contents/MacOS/AutoDMG
+OUTPUT := $(shell date +%Y%m%d).osx.10.12.adminadmin.dmg
+
+default: $(OUTPUT)
+
+prepare:
+	sudo pmset -a sleep 180
+	sudo pmset -a displaysleep 180
+	$(AUTODMG) update
+
+$(OUTPUT): prepare custompkg/custom.pkg
+	-$(AUTODMG) \
+		--log-level 7 \
+		--logfile - \
+		build \
+		-n "root" \
+		-u -U \ -o /tmp/output.dmg \
+		"$(OSX)" \
+		/Applications/Xcode.app \
+		/Applications/AutoDMG.app \
+		/Applications/CreateUserPkg.app \
+		"$(OSX)" \
+		$(PWD)/pkgs/*.pkg \
+		cp /tmp/output.dmg $(PWD)/$@
+
+clean:
+	rm custompkg/custom.pkg

custompkg/Makefile

@@ -0,0 +1,10 @@
+custom.pkg:
+	pkgbuild \
+		--install-location / \
+		--root ./root/ \
+		--scripts ./scripts/ \
+		--identifier com.example.package.custom \
+		$@
+
+clean:
+	rm -f *.pkg

custompkg/root/usr/local/bin/workstation-setup

@@ -0,0 +1,188 @@
+#!/bin/bash
+
+# make xcode shut up and give us build tools
+sudo xcodebuild -license accept
+
+# enable fde
+sudo fdesetup enable
+
+# enable application firewall
+sudo defaults write /Library/Preferences/com.apple.alf globalstate -int 1
+sudo defaults write /Library/Preferences/com.apple.alf loggingenabled -bool true
+sudo defaults write /Library/Preferences/com.apple.alf stealthenabled -bool false
+
+# hush time machine
+sudo defaults write /Library/Preferences/com.apple.TimeMachine DoNotOfferNewDisksForBackup -bool true
+
+# update software
+sudo softwareupdate -i -a
+
+# enable all autoupdates
+sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate AutomaticCheckEnabled -bool TRUE
+sudo defaults write /Library/Preferences/com.apple.commerce AutoUpdate -bool TRUE
+sudo defaults write /Library/Preferences/com.apple.commerce AutoUpdateRestartRequired -bool TRUE
+
+# disable spotlight search spyware ugh thx
+defaults write com.apple.lookup.shared LookupSuggestionsDisabled -int 1
+defaults write com.apple.Safari UniversalSearchEnabled -int 0
+
+# show battery percentage
+defaults write com.apple.menuextra.battery ShowPercent -bool TRUE
+# FIXME CHECK
+# +    "com.apple.menuextra.battery" =     {
+# +        ShowPercent = YES;
+# +    };
+
+# ask for password after 5 seconds of screen saver
+defaults write com.apple.screensaver askForPassword -int 1
+defaults write com.apple.screensaver askForPasswordDelay -int 5
+
+# bottom right corner to lock screen
+defaults write com.apple.dock "wvous-br-corner" -int 5
+defaults write com.apple.dock "wvous-br-modifier" -int 0
+
+# New Finder windows use ~
+defaults write com.apple.finder NewWindowTarget -string "PfHm"
+
+# don't show mounted volumes on desktop
+defaults write com.apple.finder ShowExternalHardDrivesOnDesktop -int 0
+defaults write com.apple.finder ShowRemovableMediaOnDesktop -int 0
+
+# finder show all file extensions
+defaults write NSGlobalDomain AppleShowAllExtensions -bool true
+
+# set menubar clock to 24h with date and seconds
+defaults write com.apple.menuextra.clock DateFormat -string 'EEE MMM d  H:mm:ss'
+
+# set keyboard to be really fucking fast
+defaults write -g InitialKeyRepeat -int 15 # normal minimum is 15 (225 ms)
+defaults write -g KeyRepeat -int 1 # normal minimum is 2 (30 ms)
+
+# install three python modules systemwide, that's all
+# do the rest with pip install --user in homedir
+sudo easy_install pip
+sudo /usr/local/bin/pip install virtualenv
+sudo /usr/local/bin/pip install awscli
+
+# install homebrew under homedir
+if [[ ! -d ~/Library/Homebrew ]]; then
+	mkdir -p ~/Library/Homebrew
+	cd ~/Library/Homebrew
+	curl -fsSL https://github.com/Homebrew/brew/tarball/master | \
+		tar --strip-components 1 -xvf -
+fi
+
+# setup modular bashrc.d and profile.d
+if [[ ! -d ~/Library/bashrc.d ]]; then
+cat > ~/.bashrc <<'EOF'
+# do not edit this file. put files in the dir below.
+for FN in $HOME/Library/bashrc.d/*.sh ; do
+    source $FN
+done
+EOF
+mkdir -p ~/Library/bashrc.d
+touch ~/Library/bashrc.d/keep.sh
+fi
+
+if [[ ! -d ~/Library/profile.d ]]; then
+cat > ~/.profile <<'EOF'
+# do not edit this file. put files in the dir below.
+source ~/.bashrc
+for FN in $HOME/Library/profile.d/*.sh ; do
+    source $FN
+done
+EOF
+mkdir -p ~/Library/profile.d
+touch ~/Library/profile.d/keep.sh
+fi
+
+# install homebrew path
+if [[ ! -e ~/Library/profile.d/100homebrew.sh ]]; then
+    mkdir -p ~/Library/profile.d
+    echo 'export PATH+=":~/Library/Homebrew/bin"' > \
+        ~/Library/profile.d/100homebrew.sh
+fi
+
+# set homebrew path:
+source ~/.profile
+
+if [[ ! -d ~/Applications ]]; then
+    mkdir -p ~/Applications
+fi
+
+export HOMEBREW_CASK_OPTS="--appdir=~/Applications"
+brew tap caskroom/cask
+
+CASKS="
+	google-chrome
+	google-drive
+	slack
+"
+
+for CASK in $CASKS ; do
+    brew cask install $CASK
+done	
+
+# install homebrew packages
+
+HOMEBREW_PKGS="
+	autoconf
+	automake
+	bash-completion
+	bonnie++
+	byobu
+	cmake
+	coreutils
+	curl
+	daemontools
+	docker
+	docker-compose
+	docker-machine
+	duplicity
+	ffmpeg
+	fish
+	flac
+	geoip
+	ghc
+	gist
+	git
+	gnupg
+	gnupg2
+	go
+	gpg-agent
+	irssi
+	jq
+	keybase
+	lame
+	lame
+	mobile-shell
+	mtr
+	mutt
+	nmap
+	node
+	pbzip2
+	pinentry-mac
+	protobuf
+	pv
+	pwgen
+	python3
+	rsync
+	socat
+	sox
+	speedtest_cli
+	syncthing
+	tcptraceroute
+	terraform
+	tor
+	torsocks
+	unrar
+	unzip
+	watch
+	wget
+	whatmask
+"
+
+for PKG in $HOMEBREW_PKGS ; do
+    brew install $PKG
+done
+

custompkg/scripts/postinstall

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+# disable firstboot/oobe prompts
+touch "$3"/var/db/.AppleDiagnosticsSetupDone
+touch "$3"/var/db/.AppleSetupDone
+
+chmod a+rx "$3"/usr/local/bin/*