Setting up a Mac mini as a “headless” server

 

Setup

These notes assume that you're starting with a pristine (factory default) Mac mini. The end result is a Mini that can remain in continuous unattended operation as a data server for long periods of time without attached keyboard, mouse, or monitor ("headless"). After a power outage, it will automatically reboot to the same operational state. A few of the steps given below reflect my own personal preferences; all aim for a streamlined and easy-to-maintain server.

Connect the Mini to a display and a wired keyboard and mouse.
The initial setup and testing is much easier without relying on Bluetooth. Use a wired keyboard and mouse.
Initial new user setup:
  • Choose language, country, keyboard language, network
  • Enable location services; sign in to iCloud (useful for Find My Mac)
  • Timezone — doesn't matter. You can set it to your local time now. (You can set it to UTC later, if you like.)
  • Choose a simple user id and name — one that keeps life simple if you have multiple servers on your LAN. (If you plan to install the RefTek utilities, I do not recommend creating a user named 'reftek'. See the notes below.)
  • Allow iCloud to use the location (useful for Find My Mac)
  • iCloud keychain — set up later; do not store files on iCloud Drive
  • Send diagnostics to Apple, crash data to developers

Once you're logged into your new account, continue on...

Trash the cruft.
Delete unneeded apps from the Applications folder. This will spare you endless unwanted update notifications from the the App Store. Among the expendable apps are: GarageBand, iMovie, KeyNote, Numbers, and Pages. (There are certain apps that, though unnecessary, the OS won't allow you to trash. For example, you can't trash the Chess app because it's "required by the OS". Go figure.) After moving them to the Trash be sure to empty the Trash.
Check for updates.
Launch AppStore and check for OS updates. If there are any, install them now. Updates are usually a couple of gigabytes, so this will take a while.
Clean up the Dock.
Get rid of all but the essential apps (e.g., keep System Preferences, Safari, App Store, Downloads). Additional essential apps (Terminal, Consoles etc.) can be added later.
Tweak the essential System Preferences.
  • Notifications > Turn on "Do not disturb": From 12:01 AM to 12:00 AM; "When the display is sleeping", "When mirroring…".
  • Energy Saver: Check "Prevent computer from sleeping automatically when the display is off", "Wake for network access", "Start up automatically after power failure", "Enable Power Nap". Uncheck "Put hard disks to sleep when possible". (This keeps the computer alert and responsive always.)
  • App Store : uncheck "Automatically check for updates". (Auto-update checks can interfere with certain other processes.)
  • Bluetooth : turn Bluetooth off.
  • Bluetooth > Advanced... : uncheck "Open Bluetooth Setup Assistant at startup if no keyboard …" and "Open Bluetooth Setup Assistant at startup if no mouse…". (Unchecking these allows the Mac to boot up with no keyboard or mouse attached.)
  • Sharing : name the computer; turn on Screen Sharing, File Sharing, Remote Login. Allow access only for administrators. Select the "File Sharing" service and add the root folder ("Macintosh HD") to the list of shared folders.
  • Users & Groups : Select "Login options" and select your user name from the "Automatic login" popup. (This will automatically log you in upon restart.)
Tweak your personal preferences.
  • System Prefs > Desktop & Screen Saver > Desktop : Choose a solid color
  • System Prefs > Desktop & Screen Saver > Screen saver : Message; check "show with clock"
  • System Prefs > Mouse : enable secondary button
  • System Prefs > Date & Time > Clock : check "Show date and time in menu bar"; "Digital"; "Display the time with seconds"; "Use a 24-hour clock"; "Show day of the week"; "Show date".
  • Make the ˜Library folder visible
  • Configure postfix (to allow your apps to send out email from your unattended Mac)
Set up SSH.
Set up ssh keys for remote server login. You'll also need to copy your public key over to (A) Bitbucket, in order to git clone the latest version of the Earthsound Radio scripts (see Bitbucket's instructions (quickie: copy the text from ~/.ssh/id_rsa.pub and paste it in your Bitbucket repo's Settings>Deployment Keys>Add Keys); and to (B) the web server that hosts earthsound.com (quickie: copy the text from ~/.ssh/id_rsa.pub, log in manually to your remote web server (via ssh, using username and password), and paste the text at the end of the file ~/.ssh/authorized_keys).
Try it.
Restart the Mini. If it works, try it again, but this time leave the keyboard and mouse disconnected during restart. If that works, try again by simply pulling out the power plug. Wait a few seconds, then plug it back in again. The Mac should restart as before. If all works as desired, try connecting to the Mac over your LAN using Screen Sharing (/System/Library/CoreServices/Applications/Screen Sharing.app). Once you get that working, you can disconnect the Mini from its monitor. It is now truly "headless".
Bells and Whistles
To make life on a networked Mac easier, consider installing these small but useful apps:
  • BwanaDik. Green dot in the menu bar = connected to Internet; red dot = nope.
  • IP in menubar. Shows your IP address and computer name in the menubar.
  • iStat Menus. Diagnostic info about your computer in the menubar. After installation: iStat Menus > uncheck "Automatically check for updates".

See also: Getting started with esound

Operation

Connecting to the Mac.
For convenient access to a server across the LAN, use Screen Sharing (/System/Library/CoreServices/Applications/Screen Sharing.app). If Screen Sharing is unable to connect to the server, use Screen Sharing to connect to another Mac on the LAN, then launch Screen Sharing on that Mac and try connect to the server from there.[1] If you still can't connect, launch a Terminal window and use ssh. For example to connect to the server named "athena":

% ssh user@athena.local

If that fails, try pinging the server:

% ping athena.local

If that fails, log into the router's web interface and verify that the server is connected to the network. If it isn't connected, then you'll need to gain physical access to the server to troubleshoot.

Use a Thunderbolt dock make a physical connection.
To control a headless Mac with a keyboard, mouse, and display, use a Thunderbolt dock (like this one by OWC). A single Thunderbolt cable is the only physical connection to the server you need.

Note

1.
Bonus points if you're bored: how long a chain of Screen Sharing'd Macs (A→B→C→...) can you create? And what happens if A→B→C→A? Hint: it's a hellish hall of router-bandwidth-sucking mirrors.