Mac Deploy Stick is a macOS application to create the resources needed to automate the install of macOS and initial software packages. Recent Macs do not support NetBoot or booting to external drives for setup. Mac Deploy Stick solves this problem by providing a mechanism for initially installing macOS and software packages via the recovery partition.
Requirements for Installing macOS
Previous versions of macOS and Mac hardware supported block-based imaging to deploy macOS and associated configuration and hardware. Due to the number of Macs that did not have up-to-date firmware, Apple introduced software and firmware limitations that require macOS to be installed with an Apple-provided macOS installer. It also required an internet connection to check for firmware updates during the install process. The macOS installer has an optional feature to install packages after macOS has been installed.
Recent Macs cannot boot from external volumes unless that security setting is disabled in the Startup Security Utility when booted to the recovery partition. This adds additional time for setup and configuration and reduces security if that security feature is not re-enabled after booting from an external volume.
Why Mac Deploy Stick?
Mac Deploy Stick is based on the idea that you should be able to easily wipe and reinstall a Mac quickly and easily in an automated way. Apple provides the ability to reinstall macOS from the recovery partition, but the installer must be downloaded during the install process, and many manual steps must be taken in the installer screens. This is not difficult for an individual user, but for larger organizations or deployments, it can be cost prohibitive due to the time it takes for setup. Apple also provides the Deployment Enrollment Program (or DEP) for initial setup and enrollment in an MDM service, but that requires both an organization be enrolled in DEP and all Macs purchased and enrolled in DEP. Older machines can only be enrolled in DEP if they were purchased via the correct channel. Finally, even if a Mac is enrolled in DEP, if it needs to be reset and is not able to contact the MDM server, the OS must be manually reinstalled, which can be a labor-intensive process.
How Mac Deploy Stick Works
Mac Deploy Stick creates all the resources required to reinstall macOS and install software packages for enrolling in MDM. The resources are organized into workflows, which can be selected by the person setting up the Mac computers. The resources and workflows are saved to an external drive or to a disk image for copying to a web server. Once saved, the target Macs are booted to the recovery partition and a script is run from the disk image on the web server or directly from the external drive. To further automate the process, Mac Deploy Stick can flash an Arduino to turn it into a Mac Deploy Stick Automaton, which gives the keystrokes for automatically selecting the recovery partition and running the script.
Using the Automaton and the resources created by Mac Deploy Stick, a new Mac can be set up very quickly. The new Mac is unboxed and powered on with the option key held down. The external drive (optional if using a web server) and Automaton are plugged into a Mac and the Mac will then proceed to erase the internal volume, copy the OS installer and packages to the Mac, and then reboot into the installer. Once this first reboot happens, the Automaton and external volume can be disconnected. So in terms of time for technician interaction with the Mac, it takes just a few seconds to plug in the Automaton and the external drive, then hold the option to start the startup selector and then return a few minutes later to disconnect the Automaton and external volume. This can dramatically reduce setup time and result in large savings of time and labor costs.
This same process can be used for Macs that need to be re-setup either onsite or offsite.
The main interface of Mac Deploy Stick has a toolbar at top with various options, a large Select macOS Installer DMG in the middle, and a list of workflows near the bottom. The main window is used to perform the majority of options for organizing and creating the resources for deploying your Macs.
- Create Automaton: Using an Arduino Micro, Mac Deploy Stick can program it to automatically perform the keystrokes for setting up the Mac.
- Configure Automaton: This button is used to open a sheet for changing the default setting for the Automaton.
- Create Bootable Volume: This option opens a sheet for instructions on how to create a bootable external drive. This is not required for booting a Mac to the recovery partition, but is helpful for some older Macs.
- Select macOS Installer DMG: Pressing this button will prompt to select a disk image (DMG) with a standard macOS installer from Apple inside it. The macOS installer can be downloaded from Apple, and instructions for creating a disk image from the macOS installer can be found by clicking the (?) button.
- Workflows: A workflow is the steps that are done to erase the volume, install macOS, and specify which packages to install after installation. If a workflow is not active, it will not be exported when the resources are saved.
- Add, Remove and Edit Workflow Buttons: These buttons add, remove and edit the above workflows. Double-clicking on a workflow will also open the editing sheet.
- Save to DMG…: When pressed, this button will prompt for a name and location of a new disk image. The new disk image will then contain all the resources and workflows, and can be copied to a web server for deploying Macs.
- Save to Volume…: When pressed, this button will prompt for an external HFS+ volume. When the volume is selected, the resources and workflows will be copied to external volume for deployment. A script called “run” will also be created that is used to launch the workflow selector (Imagr).
When the workflow is created or edited, a sheet will be shown to edit the workflow.
- Workflow Name: A name for the workflow. This will be shown in the recovery partition when selecting a workflow.
- Workflow Description: A description for the workflow. This will be shown in the recovery partition when selecting a workflow.
- Package Folder: Specify a path to a folder with packages that will be installed when the workflow is run. The packages should be standard macOS package format, but it does not matter what the type of package it is (flat, bundle, etc). Mac Deploy Stick will convert them when the resources are copied.
- Erase and Install macOS: If this option is selected, the selected macOS partition will be erased and macOS installer will be used to install macOS. If this option is not selected, only the packages will be installed and the current OS will be left on the target volume. This is ideal if you have a new Mac that has the most up-to-date macOS on it and you just want to install the packages.
Running the Workflow
On the Mac that is to be set up, boot into the recovery partition by holding Command-R when starting up the Mac. Once the Mac is booted to the recovery partition, open the Terminal by selecting Terminal from the Utilities menu. Once the Terminal is open, start Imagr from an external volume, a file server, or a web server:
Plug in the external volume and enter the following command:
For instance, if the volume name is “MacDeployStick”, enter in:
If the resources were saved to a Disk Image, copy the disk image to the web server and located the URL to the disk image. To mount the disk image and open Imagr, enter command in this format:
hdiutil mount <URL to Disk Image>
hdiutil mount http://192.168.168.50/images/mds.dmg
If the disk image is hosted on a SMB file server, mount the file server and mount the image directly from the file server. The mount point must be created first, then the file server mounted, and the image then mounted in this format:
mount_smbfs smb://<username>@hostname/<sharedfolderpath> <mountpoint>
hdiutil mount <mountpoint> </path/to/disk/image.dmg>
/Volumes/<Disk Image Volume Name>/run
mount_smbfs smb://firstname.lastname@example.org/Shared /tmp/mnt
hdiutil mount /tmp/mnt/mds/MDSDiskImage.dmg
When Imagr starts, select the Target and Workflow and click Run Workflow.
The Create Automaton function programs an Arduino Micro to act as a keyboard when plugged into a USB port. The Automaton should be inserted at the boot selector screen. To enter the boot selector screen on a Mac, press the power button and immediately hold the option key down. The Mac will show bootable volumes. The Automaton should then be plugged into a USB port. The Automaton will issue a command-R keyboard command, which will boot the Mac into the recovery partition. The Automaton will then wait for 120 seconds and then issue commands to open the Terminal and launch the workflow selector (Imagr). The Create Automaton sheet has a couple of features:
- Buy Automaton: Clicking this link will open the default browser to Amazon for purchasing an Arduino Micro to use as an Automaton.
- Devices: When an Arduino Micro is plugged in and the programming button is pressed, the serial port that it is attached to will be shown in the pull-down menu.
- When a valid serial port is available, click Program and immediately press the programming button to begin flashing the Arduino Micro.
Once programming is complete, disconnect the Automaton. If left connected, it will begin pressing the keyboard strokes.
The Automaton will press the command-R keyboard command a few seconds after it has been plugged in. It will then wait for a defined startup delay before issuing the commands for opening the Terminal and running the specified command. These values can be adjusted using the Configure Arduino Automaton sheet.
- Version: This is the firmware version.
- Command: The command that will run in Terminal in the recovery partition. It should be adjusted to match the name of the external volume (replace MacDeployStick with the volume name). Depending on where the resources are located, the command will be different. See below for examples:
hdiutil mount http://imac.local/mds/MDSDiskImage.dmg && /Volumes/MacDeployStickResources/run
mkdir /tmp/mnt && mount_smbfs smb://email@example.com/Shared /tmp/mnt && hdiutil mount /tmp/mnt/mds/MDSDiskImage.dmg && /Volumes/MacDeployStickResources/run
- Startup Delay: The amount of seconds between pressing command-R and issuing the commands to open the Terminal to run the command.
Create Bootable Volume
The Create Bootable Volume sheet provides an easy way to create the command to install macOS on an external volume.
- Select macOS Installer App: Select this button to select a macOS Installer app downloaded from Apple.
- Select the volume to install macOS. NOTE: THIS VOLUME WILL BE ERASED AND FORMATTED AS HFS+
- Copy and paste the generated command into Terminal and press return. You will be prompted for the admin password.
- Close: Once finished, click the Close button.
Note that this function is not required to restore macOS and packages. This is normally done by booting to the recovery partition. However, in some cases it is convenient to have a bootable external volume.