Skip to main content
The macOS terminal is a first-class DevOps workstation — especially when you layer in Homebrew, a well-tuned Zsh config, and a handful of macOS-native commands that simply don’t exist on Linux. This page collects the patterns and one-liners that make day-to-day infrastructure work faster and less error-prone.

Homebrew Essentials

Homebrew is the de-facto package manager for macOS. Everything below assumes it is already installed; if not, bootstrap it with a single line.
1

Install Homebrew

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
The installer guides you through Xcode Command Line Tools if they are missing. On Apple Silicon, Homebrew lands in /opt/homebrew/ — remember to add it to your PATH (see PATH Management below).
2

Install packages

brew install <formula>          # CLI tool or library
brew install --cask <cask>      # GUI application (e.g. iTerm2, Docker Desktop)
3

Keep everything up to date

brew update
4

Diagnose problems

brew doctor
Run this any time something feels off — it checks for broken symlinks, outdated Xcode tools, conflicting PATH entries, and more, then suggests fixes.
Clean up old versions and cached downloads periodically to reclaim disk space:
brew cleanup --prune=7   # Remove versions older than 7 days

Oh My Zsh and Shell Customisation

macOS has shipped Zsh as the default shell since Catalina. Oh My Zsh turbo-charges it with plugin management, themes, and hundreds of community shortcuts.
1

Install Oh My Zsh

sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
2

Pick a theme

Open ~/.zshrc and set your preferred theme. A reliable, information-dense choice for DevOps work:
ZSH_THEME="agnoster"   # shows git branch + exit code in prompt
For a faster, no-font-dependency option:
ZSH_THEME="robbyrussell"
3

Enable useful plugins

plugins=(git z docker kubectl terraform aws brew macos)
Add this line (or edit the existing plugins=(...) block) in ~/.zshrc, then reload:
source ~/.zshrc
The z plugin tracks your most-visited directories and lets you jump to them with z <partial-name> instead of typing full paths. It pays for itself within the first hour.

macOS-Specific Terminal Commands

These commands either don’t exist on Linux or behave differently — they’re worth knowing because they integrate tightly with macOS internals.
open is the terminal equivalent of double-clicking in Finder.
open .                        # Open current directory in Finder
open ~/Downloads              # Open a folder
open -a "Visual Studio Code" .  # Open current dir in a specific app
open https://example.com      # Open URL in default browser
open -R ~/some/file.txt       # Reveal file in Finder (don't open it)
Pipe anything into the system clipboard or back out again — invaluable for sharing command output without mouse gymnastics.
cat ~/.ssh/id_ed25519.pub | pbcopy    # Copy SSH public key to clipboard
pbpaste > ~/Desktop/snippet.txt       # Dump clipboard contents to a file
echo "hello" | pbcopy && pbpaste      # Quick round-trip test
Useful for alerting you when a long-running script finishes without requiring you to watch the terminal.
terraform apply && say "Terraform apply complete" || say "Terraform failed"
sleep 3600 && say "One hour timer done"
Stops macOS from sleeping while a script runs. Pairs perfectly with large deploys or overnight syncs.
caffeinate -i make build           # Keep system awake for the duration
caffeinate -t 7200                 # Stay awake for exactly 2 hours
caffeinate -s ./backup-script.sh   # Prevent system sleep (not display sleep)
Control Wi-Fi, DNS, and proxies without touching System Settings — great for scripted environment switching.
networksetup -listallnetworkservices            # List interfaces
networksetup -getdnsservers Wi-Fi               # Show current DNS servers
networksetup -setdnsservers Wi-Fi 1.1.1.1 8.8.8.8  # Set custom DNS
networksetup -setairportpower en0 off           # Turn Wi-Fi off
networksetup -setairportpower en0 on            # Turn Wi-Fi on

diskutil list                        # List all disks and partitions
diskutil info /dev/disk0             # Detailed info on a disk
diskutil eraseDisk APFS MyDisk /dev/disk2   # Format a disk (DESTRUCTIVE)
diskutil unmountDisk /dev/disk2      # Unmount all volumes on a disk
diskutil eraseDisk is irreversible. Always double-check the device identifier with diskutil list before running destructive commands.
Every macOS app stores its settings in a plist database that defaults exposes as a CLI.
# Show hidden files in Finder
defaults write com.apple.finder AppleShowAllFiles true && killall Finder

# Disable the Gatekeeper quarantine warning (use carefully)
defaults write com.apple.LaunchServices LSQuarantine -bool false

# Speed up Dock animation
defaults write com.apple.dock autohide-delay -float 0 && killall Dock

# Show full path in Finder title bar
defaults write com.apple.finder _FXShowPosixPathInTitle -bool true && killall Finder

# Read a value back
defaults read com.apple.dock autohide-delay

SSH Key Management on macOS

macOS Keychain can store SSH key passphrases so you authenticate once per boot rather than per session.
1

Generate a new key

Ed25519 is the current recommended algorithm — smaller and faster than RSA.
ssh-keygen -t ed25519 -C "your@email.com" -f ~/.ssh/id_ed25519
For legacy servers that don’t support Ed25519:
ssh-keygen -t rsa -b 4096 -C "your@email.com" -f ~/.ssh/id_rsa
2

Add the key to the agent with Keychain

The --apple-use-keychain flag (macOS-only) stores the passphrase in Keychain so you’re only prompted once per machine restart.
ssh-add --apple-use-keychain ~/.ssh/id_ed25519
3

Persist across reboots via ~/.ssh/config

Add the following block so the agent reloads keys automatically on login:
Host *
  AddKeysToAgent yes
  UseKeychain yes
  IdentityFile ~/.ssh/id_ed25519
4

Copy the public key to a remote host

ssh-copy-id -i ~/.ssh/id_ed25519.pub user@remote-host
# or, if ssh-copy-id is unavailable:
cat ~/.ssh/id_ed25519.pub | pbcopy   # then paste into ~/.ssh/authorized_keys
5

List keys currently loaded in the agent

ssh-add -l
Use separate key pairs for different contexts — personal GitHub, work GitLab, cloud jump hosts — and route them with Host blocks in ~/.ssh/config. This limits blast radius if a key is ever compromised.

iTerm2 Tips

iTerm2 is the standard terminal emulator for macOS power users. A few features that pay dividends immediately:
FeatureHow to access
Split panes⌘ D (vertical) / ⌘ Shift D (horizontal)
Broadcast input to all panes⌘ Shift I — type once, run everywhere
Instant Replay⌘ Opt B — rewind terminal output by seconds
Tmux integrationtmux -CC — iTerm2 maps tmux sessions to native windows/tabs
Shell integrationiTerm2 → Install Shell Integration — adds imgcat, marks, and jump-to-prompt
ProfilesStore different color schemes + working dirs per project
brew install --cask iterm2

PATH Management

On Apple Silicon, Homebrew lives at /opt/homebrew/bin, not /usr/local/bin. Managing PATH cleanly avoids subtle version conflicts between system tools and Homebrew-installed ones.
Use ~/.zprofile for environment variables (runs at login) and ~/.zshrc for interactive settings like aliases and plugins (runs per shell session). Avoid duplicating PATH exports across both files.
~/.zprofile — canonical place for PATH on Apple Silicon
# Homebrew (Apple Silicon)
eval "$(/opt/homebrew/bin/brew shellenv)"

# Homebrew (Intel fallback)
# eval "$(/usr/local/bin/brew shellenv)"

# Language version managers
export PATH="$HOME/.rbenv/shims:$PATH"         # Ruby
export PATH="$HOME/.pyenv/shims:$PATH"         # Python
export PATH="$HOME/go/bin:$PATH"               # Go binaries
export PATH="$HOME/.cargo/bin:$PATH"           # Rust

# Local scripts — highest priority
export PATH="$HOME/.local/bin:$PATH"
Check the effective PATH without opening a new shell: 
echo $PATH | tr ':' '\n'   # One entry per line — much easier to read

DevOps Aliases

Drop these into ~/.zshrc (or a sourced ~/.zsh_aliases file). Reload with source ~/.zshrc.
~/.zshrc — DevOps alias block
# ── Navigation ────────────────────────────────────────────────────
alias ..='cd ..'
alias ...='cd ../..'
alias ll='ls -lAhF'
alias llt='ls -lAhFt'          # sort by modified time

# ── Git ───────────────────────────────────────────────────────────
alias gs='git status -sb'
alias gp='git push'
alias gl='git pull --rebase'
alias glog='git log --oneline --graph --decorate --all'
alias gdiff='git diff --stat'

# ── Docker ────────────────────────────────────────────────────────
alias dk='docker'
alias dkps='docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"'
alias dkclean='docker system prune -af --volumes'
alias dklogs='docker logs -f --tail 100'

# ── Kubernetes ────────────────────────────────────────────────────
alias k='kubectl'
alias kgp='kubectl get pods -o wide'
alias kgs='kubectl get svc'
alias kgn='kubectl get nodes -o wide'
alias kctx='kubectl config current-context'
alias kns='kubectl config set-context --current --namespace'

# ── Terraform ─────────────────────────────────────────────────────
alias tf='terraform'
alias tfi='terraform init -upgrade'
alias tfp='terraform plan -out=tfplan'
alias tfa='terraform apply tfplan'
alias tfd='terraform destroy'

# ── macOS utilities ───────────────────────────────────────────────
alias flushdns='sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder'
alias showfiles='defaults write com.apple.finder AppleShowAllFiles true && killall Finder'
alias hidefiles='defaults write com.apple.finder AppleShowAllFiles false && killall Finder'
alias myip='curl -s https://ifconfig.me'
alias localip="ipconfig getifaddr en0"
alias brewup='brew update && brew upgrade && brew cleanup'

macOS Tips

Installing specific macOS versions, flushing DNS, customising the Dock, Spotlight tricks, and screenshot shortcuts.

Linux Bash Scripting

Bash scripting patterns that work across macOS and Linux CI environments.

DevOps: Docker

Container workflows that build on the Docker aliases and CLI habits covered here.

DevOps: Kubernetes

Kubectl patterns and cluster management techniques for your daily Kubernetes work.
Last modified on June 9, 2026