setup-macos-vm.sh

#!/bin/sh
set -eu

# This script prepares a macOS virtual machine for SSH-Only access.
# it is based on https://github.com/sickcodes/osx-optimizer

# Safety check to prevent executing this script in the HOST machine
# instead the macOS virtual machine.
VM_USERNAME='<VM-USERNAME-HERE>'

# !! UNCOMENT FOR INSTALL XCode Command Line Tools, see instructions below !!
# XCODE_CMD_LINE_TOOLS='~/Command_Line_Tools_for_Xcode_26.2.dmg'

### How to install XCode command line tools ###
# 1. First you must have an account at developer.apple.com
# 2. download the .dmg from: https://developer.apple.com/download/all/?q=Command%20Line%20Tools
# 3. upload it to the VM using scp command:
#    scp /path/to/Command_Line_Tools_for_Xcode_xx.x.dmg <vm-user>@<vm-ip-address>:<vm-directory>
# 4. Uncoment and set XCODE_CMD_LINE_TOOLS to the chosen file location

# abort <ERROR_MSG>
# --------------
# Display ERROR_MSG then exit
eval 'abort ()
{
  set +e
  printf "%s\n" "$*" >&2
  exit 1
}' || { echo "shell doesn't support functions" >&2; exit 1; }

# Prevent locale nonsense from breaking basic text processing.
LC_ALL=C; export LC_ALL
LANGUAGE=C; export LANGUAGE
LANG=en_US.UTF-8; export LANG

# cannot execute as root user.
test "${EUID:-0}" -gt 0 || abort "this script should not be execute as root"

# check operating system
command -v 'uname' >/dev/null || abort 'command "uname" not found'
test x`uname -s` = 'xDarwin' || abort 'this script must run in a macos system'

# Check all required commands
for c in 'whoami' 'sudo' 'expr' 'uname' 'groups' 'mdutil' 'defaults'; do
  command -v "${c}" > /dev/null || abort "command '${c}' not found"
done
test -e /System/Applications/Utilities/Terminal.app || abort "'Terminal.app' not found"
test -d /usr/libexec || abort "'/usr/libexec' not found"

# logged user must be VM_USERNAME
u=`whoami` || abort "command 'whoami' failed $?"
test x`whoami` = "x${VM_USERNAME}" || \
abort "logged as '${u}', expected '${VM_USERNAME}'
make sure to run this script inside the virtual machine"
unset 'u'

# VM_USERNAME must be sudoer
g=`groups` || abort "command 'groups' failed $?"
expr " ${g} " ':' '^.*\( admin \).*$' > /dev/null 2>&1 || \
abort "logged user '${USER}' is not admin"
unset 'g'

##########################################
## Prepare macOS VM for SSH-only access ##
##########################################
set -x

# Skip the login screen
defaults write com.apple.loginwindow autoLoginUser -bool true

# Disable screen locking
defaults write com.apple.loginwindow DisableScreenLock -bool true

# Disable saving the application state on shutdown
defaults write com.apple.loginwindow TALLogoutSavesState -bool false

# massively increase virtualized macOS by disabling spotlight.
sudo mdutil -i off -a

# Disable heavy login screen wallpaper
sudo defaults write /Library/Preferences/com.apple.loginwindow DesktopPicture ""

# Reduce Motion & Transparency
defaults write com.apple.Accessibility DifferentiateWithoutColor -int 1
defaults write com.apple.Accessibility ReduceMotionEnabled -int 1
defaults write com.apple.universalaccess reduceMotion -int 1
defaults write com.apple.universalaccess reduceTransparency -int 1

# Enable osascript over SSH automatically without sshd-keygen warning and full disk access
defaults write com.apple.universalaccessAuthWarning /System/Applications/Utilities/Terminal.app -bool true
defaults write com.apple.universalaccessAuthWarning /usr/libexec -bool true
defaults write com.apple.universalaccessAuthWarning /usr/libexec/sshd-keygen-wrapper -bool true
defaults write com.apple.universalaccessAuthWarning com.apple.Messages -bool true
defaults write com.apple.universalaccessAuthWarning com.apple.Terminal -bool true

# Enable multi-sessions
sudo /usr/bin/defaults write .GlobalPreferences MultipleSessionsEnabled -bool TRUE
defaults write "Apple Global Domain" MultipleSessionsEnabled -bool true

###############################
### INSTALL DEVELOPER TOOLS ###
###############################

# exit if XCODE_CMD_LINE_TOOLS is undefined
test ${XCODE_CMD_LINE_TOOLS+y} || \
{ echo 'skipping xcode command line tools install. done!'; exit 0; }

if test -f "${XCODE_CMD_LINE_TOOLS}";
then printf '%s\n' "installing xcode command line tools from: '${XCODE_CMD_LINE_TOOLS}'"
else abort "command line tools image not found: '${XCODE_CMD_LINE_TOOLS}'"
fi

command -v bash || abort "command 'bash' not found"
command -v curl 2> /dev/null || abort "command 'curl' not found"
command -v hdiutil 2> /dev/null || abort "command 'hdiutil' not found"
command -v installer 2> /dev/null || abort "command 'installer' not found"

## 1. Command Line Tools for Xcode
hdiutil attach "${XCODE_CMD_LINE_TOOLS}" || \
abort "failed to attach '${XCODE_CMD_LINE_TOOLS}'"

sudo installer -package '/Volumes/Command Line Developer Tools/Command Line Tools.pkg' -target '/' || \
abort "failed to attach '${XCODE_CMD_LINE_TOOLS}'"

hdiutil detach '/Volumes/Command Line Developer Tools' || \
abort "failed to detach '/Volumes/Command Line Developer Tools'"

## 2. Homebrew
# Install homebrew: https://brew.sh/
bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"