Every way to automate a Mac setup, ranked by mass of YAML you'll write

fullstackjam — Sun, 15 Feb 2026 06:55:08 +0000

I've set up more Macs than I care to admit. Personal machines, work laptops, loaners, that one time I rage-wiped my drive at 2am because I broke my Python environment beyond repair.

Every time it's the same thing. Open Terminal. Desert. No git, no node, no docker. Finder hiding file extensions. The Dock taking nine years to auto-hide. All your aliases, gone.

Two hours of brew install later you've got maybe half your tools back. A week later you realize you forgot jq. Two weeks later you realize every commit at your new job says "unknown" because you never set your git email.

I've tried every level of automation to fix this. Here's what I found.

Your setup is bigger than you think

I counted once. 83 things across 8 categories:

Package manager — Homebrew, always step zero
CLI tools (30+) — ripgrep, fd, fzf, bat, eza, lazygit, gh, jq, delta, zoxide...
GUI apps (15+) — VS Code, Warp, Raycast, Rectangle, OrbStack, Chrome, Arc...
Languages & runtimes — Node, Go, Python, Rust, plus pnpm/uv/cargo
Shell — Oh-My-Zsh, Starship, plugins, your .zshrc
Dotfiles — .gitconfig, .vimrc, .ssh/config
Git identity — the two lines everyone forgets every time
macOS preferences — defaults write commands for Dock speed, Finder, key repeat

If you think your setup is "just Homebrew and VS Code," you're undercounting by about 70%.

The Brewfile

Simplest option. Homebrew has it built in.

brew bundle dump --file=~/Brewfile   # export
brew bundle --file=~/Brewfile        # restore

I ran with one for about a year. Zero dependencies, easy to read, throw it in a repo and you're done.

Problem: it only handles packages. No shell config, no macOS preferences, no git identity. You're automating about 30% of the job and doing the rest by hand.

The shell script

Next step up. Write a bash script that does everything.

#!/bin/bash
set -euo pipefail
brew install ripgrep fd bat fzf node go lazygit gh
brew install --cask visual-studio-code warp raycast
defaults write NSGlobalDomain AppleShowAllExtensions -bool true
defaults write com.apple.dock autohide-delay -float 0
git config --global user.name "Your Name"
git config --global user.email "you@example.com"

Covers more ground. Also breaks more often. Mine died halfway through once because of a network hiccup and I had no idea what had actually installed. Run it twice and Oh-My-Zsh complains, git config overwrites everything, Homebrew spams "already installed" warnings.

Someone on Reddit responded to mine with their 200-line version. Which kinda proved the point — if you need 200 lines of bash to set up a laptop, bash might not be the right tool.

chezmoi

Dotfile manager. Templates your configs so one repo works across machines, encrypts secrets.

chezmoi init --apply your-github-username

I gave it two months. Spent more time learning its directory conventions than actually setting up my dotfiles. Worth it if you have five machines running different OSes. Overkill if you just want .zshrc on two Macs.

Doesn't install software. You still need a Brewfile on top.

nix-darwin

The nuclear option. Full declarative config for your entire Mac.

{ pkgs, ... }: {
  environment.systemPackages = with pkgs; [
    ripgrep fd bat fzf nodejs go
  ];
  homebrew.casks = [ "visual-studio-code" "warp" ];
  system.defaults.dock.autohide = true;
}

Look at that config. It's elegant. Same file → same system, every time, with rollback. The problem is getting there. Nix has its own language, its own package manager, its own way of thinking. I spent most of a weekend on the Nix discourse forums trying to figure out why my shell wasn't loading.

If you're already in the Nix ecosystem, this is the obvious choice. If not, budget 1-2 weeks before it starts paying off.

Ansible

Jeff Geerling's mac-dev-playbook is the popular option here. Idempotent, which is nice. But writing enterprise YAML to install VS Code on your personal laptop feels absurd. And when a playbook fails, the error messages read like server logs.

Good for 500 corporate laptops. Overkill for one developer.

How they actually compare

	Brewfile	Shell script	chezmoi	nix-darwin	Ansible
Packages	✅	✅	❌	✅	✅
GUI apps	✅	✅	❌	✅	✅
Shell config	❌	DIY	✅	✅	DIY
macOS prefs	❌	DIY	❌	✅	✅
Dotfiles	❌	DIY	✅	✅	DIY
Rollback	❌	❌	✅	✅	❌
Idempotent	✅	❌	✅	✅	✅
Learning curve	5 min	10 min	1 hour	1-2 weeks	2-3 hours
Coverage	~30%	~70%	~20%	~90%	~70%

No single tool covers everything. Most people end up combining two or three.
I got tired of that and built OpenBoot — handles packages, apps, shell, macOS prefs, and git config in one TUI. Biased obviously, but the comparison above shows where it fits.

The 2026 CLI toolkit

The tools that keep showing up in every setup I see:

ripgrep and fd — fast grep and find. I can't remember find's syntax anyway. fzf makes Ctrl+R actually usable. zoxide — type z blog and you're there from anywhere.

bat — cat with syntax highlighting, you won't go back. eza — ls with git status. jq — if you touch JSON. delta — readable git diffs in the terminal.

lazygit — I was stubborn about the command line until I had to interactive-rebase 30 commits. Haven't gone back.

The 2026 GUI picks

VS Code still wins on extensions. Cursor is the first editor that's actually pulling me away.

Warp for terminal. Raycast over Alfred — clipboard history alone. Rectangle for window management, free.

OrbStack replaced Docker Desktop and my fans went quiet. If you're still on Docker Desktop, just try it.

Newer stuff that stuck: Ghostty (stupid fast native terminal), Zed (for massive files), Ollama (local LLMs for plane rides), uv (Python finally has a sane package manager), Bun (replaced Node for throwaway scripts).

What's your setup? I'm curious how many people actually use nix-darwin day-to-day vs. just a Brewfile. And is anyone still using mackup or has everyone moved on?

Full version with more code examples and detailed walkthroughs: blog.fullstackjam.com/2026/mac-setup-automation-guide-2026

Forem: fullstackjam