├── .devcontainer.json
├── .dockerignore
├── .github
├── ISSUE_TEMPLATE
│ ├── 1-issue.yml
│ ├── 2-feature.yml
│ ├── 3-bug.yml
│ ├── 4-question.yml
│ └── config.yml
├── dependabot.yml
├── logo.png
├── renovate.json
└── workflows
│ ├── build.yml
│ ├── check.yml
│ ├── hub.yml
│ └── test.yml
├── .gitignore
├── Dockerfile
├── assets
└── config.plist
├── compose.yml
├── kubernetes.yml
├── license.md
├── readme.md
└── src
├── boot.sh
├── entry.sh
└── install.sh
/.devcontainer.json:
--------------------------------------------------------------------------------
1 | {
2 | "name": "macos",
3 | "service": "macos",
4 | "forwardPorts": [8006],
5 | "dockerComposeFile": "compose.yml"
6 | }
7 |
--------------------------------------------------------------------------------
/.dockerignore:
--------------------------------------------------------------------------------
1 | .dockerignore
2 | .git
3 | .github
4 | .gitignore
5 | .gitlab-ci.yml
6 | .gitmodules
7 | Dockerfile
8 | Dockerfile.archive
9 | compose.yml
10 | compose.yaml
11 | docker-compose.yml
12 | docker-compose.yaml
13 | *.md
14 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/1-issue.yml:
--------------------------------------------------------------------------------
1 | name: "\U0001F6A8 Technical issue"
2 | description: When you're experiencing problems using the container
3 | body:
4 | - type: input
5 | id: os
6 | attributes:
7 | label: Operating system
8 | description: Your Linux distribution (can be shown by `lsb_release -a`).
9 | placeholder: e.g. Ubuntu 24.04
10 | validations:
11 | required: true
12 | - type: textarea
13 | id: summary
14 | attributes:
15 | label: Description
16 | description: A clear and concise description of your issue.
17 | validations:
18 | required: true
19 | - type: textarea
20 | id: compose
21 | attributes:
22 | label: Docker compose
23 | description: The compose file (or otherwise the `docker run` command used).
24 | render: yaml
25 | validations:
26 | required: true
27 | - type: textarea
28 | id: log
29 | attributes:
30 | label: Docker log
31 | description: The logfile of the container (as shown by `docker logs macos`).
32 | render: shell
33 | validations:
34 | required: true
35 | - type: textarea
36 | id: screenshot
37 | attributes:
38 | label: Screenshots (optional)
39 | description: Screenshots that might help to make the problem more clear.
40 | validations:
41 | required: false
42 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/2-feature.yml:
--------------------------------------------------------------------------------
1 | name: "\U0001F680 Feature request"
2 | description: Suggest an idea for improving the container
3 | title: "[Feature]: "
4 | labels: ["enhancement"]
5 | body:
6 | - type: textarea
7 | id: problem
8 | attributes:
9 | label: Is your proposal related to a problem?
10 | description: |
11 | Provide a clear and concise description of what the problem is.
12 | For example, "I'm always frustrated when..."
13 | validations:
14 | required: true
15 | - type: textarea
16 | id: solution
17 | attributes:
18 | label: Describe the solution you'd like.
19 | description: |
20 | Provide a clear and concise description of what you want to happen.
21 | validations:
22 | required: true
23 | - type: textarea
24 | id: alternatives
25 | attributes:
26 | label: Describe alternatives you've considered.
27 | description: |
28 | Let us know about other solutions you've tried or researched.
29 | validations:
30 | required: true
31 | - type: textarea
32 | id: context
33 | attributes:
34 | label: Additional context
35 | description: |
36 | Is there anything else you can add about the proposal?
37 | You might want to link to related issues here, if you haven't already.
38 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/3-bug.yml:
--------------------------------------------------------------------------------
1 | name: "\U0001F41E Bug report"
2 | description: Create a report to help us improve the container
3 | title: "[Bug]: "
4 | labels: ["bug"]
5 | body:
6 | - type: input
7 | id: os
8 | attributes:
9 | label: Operating system
10 | description: Your Linux distribution (can be shown by `lsb_release -a`).
11 | placeholder: e.g. Ubuntu 24.04
12 | validations:
13 | required: true
14 | - type: textarea
15 | id: summary
16 | attributes:
17 | label: Description
18 | description: Describe the expected behaviour, the actual behaviour, and the steps to reproduce.
19 | validations:
20 | required: true
21 | - type: textarea
22 | id: compose
23 | attributes:
24 | label: Docker compose
25 | description: The compose file (or otherwise the `docker run` command used).
26 | render: yaml
27 | validations:
28 | required: true
29 | - type: textarea
30 | id: log
31 | attributes:
32 | label: Docker log
33 | description: The logfile of the container (as shown by `docker logs macos`).
34 | render: shell
35 | validations:
36 | required: true
37 | - type: textarea
38 | id: screenshot
39 | attributes:
40 | label: Screenshots (optional)
41 | description: Screenshots that might help to make the problem more clear.
42 | validations:
43 | required: false
44 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/4-question.yml:
--------------------------------------------------------------------------------
1 | name: "\U00002753 General question"
2 | description: Questions about the container not related to an issue
3 | title: "[Question]: "
4 | labels: ["question"]
5 | body:
6 | - type: checkboxes
7 | attributes:
8 | label: Is your question not already answered in the FAQ?
9 | description: Please read the [FAQ](https://github.com/dockur/macos/blob/master/readme.md) carefully to avoid asking duplicate questions.
10 | options:
11 | - label: I made sure the question is not listed in the [FAQ](https://github.com/dockur/macos/blob/master/readme.md).
12 | required: true
13 | - type: checkboxes
14 | attributes:
15 | label: Is this a general question and not a technical issue?
16 | description: For questions related to issues you must use the [technical issue](https://github.com/dockur/macos/issues/new?assignees=&labels=&projects=&template=1-issue.yml) form instead. It contains all the right fields (system info, logfiles, etc.) we need in order to be able to help you.
17 | options:
18 | - label: I am sure my question is not about a technical issue.
19 | required: true
20 | - type: textarea
21 | id: question
22 | attributes:
23 | label: Question
24 | description: What's the question you have about the container?
25 | validations:
26 | required: true
27 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/config.yml:
--------------------------------------------------------------------------------
1 | blank_issues_enabled: false
2 |
--------------------------------------------------------------------------------
/.github/dependabot.yml:
--------------------------------------------------------------------------------
1 | version: 2
2 | updates:
3 | - package-ecosystem: docker
4 | directory: /
5 | schedule:
6 | interval: weekly
7 | - package-ecosystem: github-actions
8 | directory: /
9 | schedule:
10 | interval: weekly
11 |
--------------------------------------------------------------------------------
/.github/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dockur/macos/d93c75b97914f5c2d0ef3d6b7e1cebdf56a603db/.github/logo.png
--------------------------------------------------------------------------------
/.github/renovate.json:
--------------------------------------------------------------------------------
1 | {
2 | "$schema": "https://docs.renovatebot.com/renovate-schema.json",
3 | "extends": ["config:recommended", ":disableDependencyDashboard"]
4 | }
5 |
--------------------------------------------------------------------------------
/.github/workflows/build.yml:
--------------------------------------------------------------------------------
1 | name: Build
2 |
3 | on:
4 | workflow_dispatch:
5 | push:
6 | branches:
7 | - master
8 | paths-ignore:
9 | - '**/*.md'
10 | - '**/*.yml'
11 | - '.gitignore'
12 | - '.dockerignore'
13 | - '.github/**'
14 | - '.github/workflows/**'
15 |
16 | concurrency:
17 | group: build
18 | cancel-in-progress: false
19 |
20 | jobs:
21 | shellcheck:
22 | name: Test
23 | uses: ./.github/workflows/check.yml
24 | build:
25 | name: Build
26 | needs: shellcheck
27 | runs-on: ubuntu-latest
28 | permissions:
29 | actions: write
30 | packages: write
31 | contents: read
32 | steps:
33 | -
34 | name: Checkout
35 | uses: actions/checkout@v4
36 | with:
37 | fetch-depth: 0
38 | -
39 | name: Docker metadata
40 | id: meta
41 | uses: docker/metadata-action@v5
42 | with:
43 | context: git
44 | images: |
45 | ${{ secrets.DOCKERHUB_REPO }}
46 | ghcr.io/${{ github.repository }}
47 | tags: |
48 | type=raw,value=latest,priority=100
49 | type=raw,value=${{ vars.MAJOR }}.${{ vars.MINOR }}
50 | labels: |
51 | org.opencontainers.image.title=${{ vars.NAME }}
52 | env:
53 | DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest
54 | -
55 | name: Set up Docker Buildx
56 | uses: docker/setup-buildx-action@v3
57 | -
58 | name: Login into Docker Hub
59 | uses: docker/login-action@v3
60 | with:
61 | username: ${{ secrets.DOCKERHUB_USERNAME }}
62 | password: ${{ secrets.DOCKERHUB_TOKEN }}
63 | -
64 | name: Login to GitHub Container Registry
65 | uses: docker/login-action@v3
66 | with:
67 | registry: ghcr.io
68 | username: ${{ github.actor }}
69 | password: ${{ secrets.GITHUB_TOKEN }}
70 | -
71 | name: Build Docker image
72 | uses: docker/build-push-action@v6
73 | with:
74 | context: .
75 | push: true
76 | provenance: false
77 | platforms: linux/amd64
78 | tags: ${{ steps.meta.outputs.tags }}
79 | labels: ${{ steps.meta.outputs.labels }}
80 | annotations: ${{ steps.meta.outputs.annotations }}
81 | build-args: |
82 | VERSION_ARG=${{ steps.meta.outputs.version }}
83 | -
84 | name: Create a release
85 | uses: action-pack/github-release@v2
86 | with:
87 | tag: "v${{ steps.meta.outputs.version }}"
88 | title: "v${{ steps.meta.outputs.version }}"
89 | token: ${{ secrets.REPO_ACCESS_TOKEN }}
90 | -
91 | name: Increment version variable
92 | uses: action-pack/bump@v2
93 | with:
94 | token: ${{ secrets.REPO_ACCESS_TOKEN }}
95 | -
96 | name: Send mail
97 | uses: action-pack/send-mail@v1
98 | with:
99 | to: ${{secrets.MAILTO}}
100 | from: Github Actions <${{secrets.MAILTO}}>
101 | connection_url: ${{secrets.MAIL_CONNECTION}}
102 | subject: Build of ${{ github.event.repository.name }} v${{ steps.meta.outputs.version }} completed
103 | body: |
104 | The build job of ${{ github.event.repository.name }} v${{ steps.meta.outputs.version }} was completed successfully!
105 |
106 | See https://github.com/${{ github.repository }}/actions for more information.
107 |
--------------------------------------------------------------------------------
/.github/workflows/check.yml:
--------------------------------------------------------------------------------
1 | on: [workflow_call]
2 | name: "Check"
3 | permissions: {}
4 |
5 | jobs:
6 | shellcheck:
7 | name: shellcheck
8 | runs-on: ubuntu-latest
9 | steps:
10 | - uses: actions/checkout@v4
11 | - name: Run ShellCheck
12 | uses: ludeeus/action-shellcheck@master
13 | env:
14 | SHELLCHECK_OPTS: -x --source-path=src -e SC1091 -e SC2001 -e SC2002 -e SC2034 -e SC2064 -e SC2153 -e SC2317 -e SC2028
15 | - name: Lint Dockerfile
16 | uses: hadolint/hadolint-action@v3.1.0
17 | with:
18 | dockerfile: Dockerfile
19 | ignore: DL3008,DL3018,DL3020,DL3029,DL3059
20 | failure-threshold: warning
21 |
--------------------------------------------------------------------------------
/.github/workflows/hub.yml:
--------------------------------------------------------------------------------
1 | name: Update
2 | on:
3 | push:
4 | branches:
5 | - master
6 | paths:
7 | - readme.md
8 | - README.md
9 | - .github/workflows/hub.yml
10 |
11 | jobs:
12 | dockerHubDescription:
13 | runs-on: ubuntu-latest
14 | steps:
15 | - uses: actions/checkout@v4
16 | -
17 | name: Docker Hub Description
18 | uses: peter-evans/dockerhub-description@v4
19 | with:
20 | username: ${{ secrets.DOCKERHUB_USERNAME }}
21 | password: ${{ secrets.DOCKERHUB_TOKEN }}
22 | repository: ${{ secrets.DOCKERHUB_REPO }}
23 | short-description: ${{ github.event.repository.description }}
24 | readme-filepath: ./readme.md
25 |
--------------------------------------------------------------------------------
/.github/workflows/test.yml:
--------------------------------------------------------------------------------
1 | on:
2 | workflow_dispatch:
3 | pull_request:
4 | paths:
5 | - '**/*.sh'
6 | - '.github/workflows/test.yml'
7 | - '.github/workflows/check.yml'
8 | - 'Dockerfile'
9 |
10 | name: "Test"
11 | permissions: {}
12 |
13 | jobs:
14 | shellcheck:
15 | name: Test
16 | uses: ./.github/workflows/check.yml
17 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM --platform=$BUILDPLATFORM alpine:3.21 AS builder
2 |
3 | ARG VERSION_OPENCORE="1.0.4"
4 | ARG REPO_OPENCORE="https://github.com/acidanthera/OpenCorePkg"
5 | ADD $REPO_OPENCORE/releases/download/$VERSION_OPENCORE/OpenCore-$VERSION_OPENCORE-RELEASE.zip /tmp/opencore.zip
6 |
7 | RUN apk --update --no-cache add unzip && \
8 | unzip /tmp/opencore.zip -d /tmp/oc && \
9 | cp /tmp/oc/Utilities/macserial/macserial.linux /macserial && \
10 | rm -rf /tmp/* /var/tmp/* /var/cache/apk/*
11 |
12 | FROM scratch AS runner
13 | COPY --from=qemux/qemu:7.12 / /
14 |
15 | ARG VERSION_ARG="0.0"
16 | ARG VERSION_KVM_OPENCORE="v21"
17 | ARG VERSION_OSX_KVM="326053dd61f49375d5dfb28ee715d38b04b5cd8e"
18 | ARG REPO_OSX_KVM="https://raw.githubusercontent.com/kholia/OSX-KVM"
19 | ARG REPO_KVM_OPENCORE="https://github.com/thenickdude/KVM-Opencore"
20 |
21 | ARG DEBCONF_NOWARNINGS="yes"
22 | ARG DEBIAN_FRONTEND="noninteractive"
23 | ARG DEBCONF_NONINTERACTIVE_SEEN="true"
24 |
25 | RUN set -eu && \
26 | apt-get update && \
27 | apt-get --no-install-recommends -y install \
28 | xxd \
29 | fdisk \
30 | mtools && \
31 | apt-get clean && \
32 | echo "$VERSION_ARG" > /run/version && \
33 | rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
34 |
35 | COPY --chmod=755 ./src /run/
36 | COPY --chmod=755 ./assets /assets/
37 | COPY --chmod=755 --from=builder /macserial /usr/local/bin/
38 |
39 | ADD --chmod=644 \
40 | $REPO_OSX_KVM/$VERSION_OSX_KVM/OVMF_CODE.fd \
41 | $REPO_OSX_KVM/$VERSION_OSX_KVM/OVMF_VARS.fd \
42 | $REPO_OSX_KVM/$VERSION_OSX_KVM/OVMF_VARS-1024x768.fd \
43 | $REPO_OSX_KVM/$VERSION_OSX_KVM/OVMF_VARS-1920x1080.fd /usr/share/OVMF/
44 |
45 | ADD $REPO_KVM_OPENCORE/releases/download/$VERSION_KVM_OPENCORE/OpenCore-$VERSION_KVM_OPENCORE.iso.gz /opencore.iso.gz
46 |
47 | VOLUME /storage
48 | EXPOSE 5900 8006
49 |
50 | ENV VERSION="13"
51 | ENV RAM_SIZE="4G"
52 | ENV CPU_CORES="2"
53 | ENV DISK_SIZE="64G"
54 |
55 | ENTRYPOINT ["/usr/bin/tini", "-s", "/run/entry.sh"]
56 |
--------------------------------------------------------------------------------
/assets/config.plist:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | ACPI
6 |
7 | Add
8 |
9 |
10 | Comment
11 | My custom DSDT
12 | Enabled
13 |
14 | Path
15 | DSDT.aml
16 |
17 |
18 | Comment
19 | My custom SSDT
20 | Enabled
21 |
22 | Path
23 | SSDT-1.aml
24 |
25 |
26 | Comment
27 | Read the comment in dsl sample
28 | Enabled
29 |
30 | Path
31 | SSDT-ALS0.aml
32 |
33 |
34 | Comment
35 | Read the comment in dsl sample
36 | Enabled
37 |
38 | Path
39 | SSDT-AWAC-DISABLE.aml
40 |
41 |
42 | Comment
43 | Read the comment in dsl sample
44 | Enabled
45 |
46 | Path
47 | SSDT-BRG0.aml
48 |
49 |
50 | Comment
51 | Read the comment in dsl sample
52 | Enabled
53 |
54 | Path
55 | SSDT-EC-USBX.aml
56 |
57 |
58 | Comment
59 | Fake EC and USBX Power
60 | Enabled
61 |
62 | Path
63 | SSDT-EC.aml
64 |
65 |
66 | Comment
67 | Read the comment in dsl sample
68 | Enabled
69 |
70 | Path
71 | SSDT-EHCx-DISABLE.aml
72 |
73 |
74 | Comment
75 | Read the comment in dsl sample
76 | Enabled
77 |
78 | Path
79 | SSDT-IMEI.aml
80 |
81 |
82 | Comment
83 | CPU AGPM Plugin=1
84 | Enabled
85 |
86 | Path
87 | SSDT-PLUG.aml
88 |
89 |
90 | Comment
91 | Read the comment in dsl sample
92 | Enabled
93 |
94 | Path
95 | SSDT-PMC.aml
96 |
97 |
98 | Comment
99 | Read the comment in dsl sample
100 | Enabled
101 |
102 | Path
103 | SSDT-PNLF.aml
104 |
105 |
106 | Comment
107 | Read the comment in dsl sample
108 | Enabled
109 |
110 | Path
111 | SSDT-RTC0-RANGE.aml
112 |
113 |
114 | Comment
115 | Read the comment in dsl sample
116 | Enabled
117 |
118 | Path
119 | SSDT-RTC0.aml
120 |
121 |
122 | Comment
123 | Read the comment in dsl sample
124 | Enabled
125 |
126 | Path
127 | SSDT-SBUS-MCHC.aml
128 |
129 |
130 | Comment
131 | Read the comment in dsl sample
132 | Enabled
133 |
134 | Path
135 | SSDT-UNC.aml
136 |
137 |
138 | Comment
139 | add DTGP method
140 | Enabled
141 |
142 | Path
143 | SSDT-DTGP.aml
144 |
145 |
146 | Comment
147 | USB 2.0 Injection
148 | Enabled
149 |
150 | Path
151 | SSDT-EHCI.aml
152 |
153 |
154 | Delete
155 |
156 |
157 | All
158 |
159 | Comment
160 | Delete CpuPm
161 | Enabled
162 |
163 | OemTableId
164 | Q3B1UG0AAAA=
165 | TableLength
166 | 0
167 | TableSignature
168 | U1NEVA==
169 |
170 |
171 | All
172 |
173 | Comment
174 | Delete Cpu0Ist
175 | Enabled
176 |
177 | OemTableId
178 | Q3B1MElzdAA=
179 | TableLength
180 | 0
181 | TableSignature
182 | U1NEVA==
183 |
184 |
185 | Patch
186 |
187 |
188 | Base
189 |
190 | BaseSkip
191 | 0
192 | Comment
193 | Replace one byte sequence with another
194 | Count
195 | 0
196 | Enabled
197 |
198 | Find
199 | ESIzRA==
200 | Limit
201 | 0
202 | Mask
203 |
204 | OemTableId
205 |
206 | Replace
207 | RDMiEQ==
208 | ReplaceMask
209 |
210 | Skip
211 | 0
212 | TableLength
213 | 0
214 | TableSignature
215 |
216 |
217 |
218 | Base
219 | \_SB.PCI0.LPCB.HPET
220 | BaseSkip
221 | 0
222 | Comment
223 | HPET _CRS to XCRS
224 | Count
225 | 1
226 | Enabled
227 |
228 | Find
229 | X0NSUw==
230 | Limit
231 | 0
232 | Mask
233 |
234 | OemTableId
235 |
236 | Replace
237 | WENSUw==
238 | ReplaceMask
239 |
240 | Skip
241 | 0
242 | TableLength
243 | 0
244 | TableSignature
245 |
246 |
247 |
248 | Quirks
249 |
250 | FadtEnableReset
251 |
252 | NormalizeHeaders
253 |
254 | RebaseRegions
255 |
256 | ResetHwSig
257 |
258 | ResetLogoStatus
259 |
260 | SyncTableIds
261 |
262 |
263 |
264 | Booter
265 |
266 | MmioWhitelist
267 |
268 | Patch
269 |
270 | Quirks
271 |
272 | AllowRelocationBlock
273 |
274 | AvoidRuntimeDefrag
275 |
276 | DevirtualiseMmio
277 |
278 | DisableSingleUser
279 |
280 | DisableVariableWrite
281 |
282 | DiscardHibernateMap
283 |
284 | EnableSafeModeSlide
285 |
286 | EnableWriteUnprotector
287 |
288 | FixupAppleEfiImages
289 |
290 | ForceBooterSignature
291 |
292 | ForceExitBootServices
293 |
294 | ProtectMemoryRegions
295 |
296 | ProtectSecureBoot
297 |
298 | ProtectUefiServices
299 |
300 | ProvideCustomSlide
301 |
302 | ProvideMaxSlide
303 | 0
304 | RebuildAppleMemoryMap
305 |
306 | ResizeAppleGpuBars
307 | -1
308 | SetupVirtualMap
309 |
310 | SignalAppleOS
311 |
312 | SyncRuntimePermissions
313 |
314 |
315 |
316 | DeviceProperties
317 |
318 | Add
319 |
320 | PciRoot(0x1)/Pci(0x1F,0x0)
321 |
322 | compatible
323 | pci8086,2916
324 | device-id
325 |
326 | FikA
327 |
328 | name
329 | pci8086,2916
330 |
331 |
332 | Delete
333 |
334 |
335 | Kernel
336 |
337 | Add
338 |
339 |
340 | Arch
341 | Any
342 | BundlePath
343 | Lilu.kext
344 | Comment
345 | Patch engine
346 | Enabled
347 |
348 | ExecutablePath
349 | Contents/MacOS/Lilu
350 | MaxKernel
351 |
352 | MinKernel
353 | 8.0.0
354 | PlistPath
355 | Contents/Info.plist
356 |
357 |
358 | Arch
359 | Any
360 | BundlePath
361 | VirtualSMC.kext
362 | Comment
363 | SMC emulator
364 | Enabled
365 |
366 | ExecutablePath
367 | Contents/MacOS/VirtualSMC
368 | MaxKernel
369 |
370 | MinKernel
371 | 8.0.0
372 | PlistPath
373 | Contents/Info.plist
374 |
375 |
376 | Arch
377 | x86_64
378 | BundlePath
379 | WhateverGreen.kext
380 | Comment
381 | Video patches
382 | Enabled
383 |
384 | ExecutablePath
385 | Contents/MacOS/WhateverGreen
386 | MaxKernel
387 |
388 | MinKernel
389 | 10.0.0
390 | PlistPath
391 | Contents/Info.plist
392 |
393 |
394 | Arch
395 | Any
396 | BundlePath
397 | AppleALC.kext
398 | Comment
399 | Audio patches
400 | Enabled
401 |
402 | ExecutablePath
403 | Contents/MacOS/AppleALC
404 | MaxKernel
405 |
406 | MinKernel
407 | 8.0.0
408 | PlistPath
409 | Contents/Info.plist
410 |
411 |
412 | Arch
413 | x86_64
414 | BundlePath
415 | IntelMausi.kext
416 | Comment
417 | Intel Ethernet LAN
418 | Enabled
419 |
420 | ExecutablePath
421 | Contents/MacOS/IntelMausi
422 | MaxKernel
423 |
424 | MinKernel
425 | 13.0.0
426 | PlistPath
427 | Contents/Info.plist
428 |
429 |
430 | Arch
431 | x86_64
432 | BundlePath
433 | Legacy_USB3.kext
434 | Comment
435 | XHC ports configuration
436 | Enabled
437 |
438 | ExecutablePath
439 |
440 | MaxKernel
441 |
442 | MinKernel
443 | 15.0.0
444 | PlistPath
445 | Contents/Info.plist
446 |
447 |
448 | Arch
449 | x86_64
450 | BundlePath
451 | MCEReporterDisabler.kext
452 | Comment
453 | AppleMCEReporter disabler
454 | Enabled
455 |
456 | ExecutablePath
457 |
458 | MaxKernel
459 |
460 | MinKernel
461 | 19.0.0
462 | PlistPath
463 | Contents/Info.plist
464 |
465 |
466 | Arch
467 | x86_64
468 | BundlePath
469 | VoodooPS2Controller.kext
470 | Comment
471 |
472 | Enabled
473 |
474 | ExecutablePath
475 | Contents/MacOS/VoodooPS2Controller
476 | MaxKernel
477 |
478 | MinKernel
479 | 15.0.0
480 | PlistPath
481 | Contents/Info.plist
482 |
483 |
484 | Arch
485 | x86_64
486 | BundlePath
487 | VoodooPS2Controller.kext/Contents/PlugIns/VoodooPS2Keyboard.kext
488 | Comment
489 |
490 | Enabled
491 |
492 | ExecutablePath
493 | Contents/MacOS/VoodooPS2Keyboard
494 | MaxKernel
495 |
496 | MinKernel
497 | 15.0.0
498 | PlistPath
499 | Contents/Info.plist
500 |
501 |
502 | Arch
503 | x86_64
504 | BundlePath
505 | VoodooPS2Controller.kext/Contents/PlugIns/VoodooPS2Mouse.kext
506 | Comment
507 |
508 | Enabled
509 |
510 | ExecutablePath
511 | Contents/MacOS/VoodooPS2Mouse
512 | MaxKernel
513 |
514 | MinKernel
515 | 15.0.0
516 | PlistPath
517 | Contents/Info.plist
518 |
519 |
520 | Arch
521 | x86_64
522 | BundlePath
523 | VoodooPS2Controller.kext/Contents/PlugIns/VoodooPS2Trackpad.kext
524 | Comment
525 |
526 | Enabled
527 |
528 | ExecutablePath
529 | Contents/MacOS/VoodooPS2Trackpad
530 | MaxKernel
531 |
532 | MinKernel
533 | 15.0.0
534 | PlistPath
535 | Contents/Info.plist
536 |
537 |
538 | Arch
539 | x86_64
540 | BundlePath
541 | VoodooPS2Controller.kext/Contents/PlugIns/VoodooInput.kext
542 | Comment
543 |
544 | Enabled
545 |
546 | ExecutablePath
547 | Contents/MacOS/VoodooInput
548 | MaxKernel
549 |
550 | MinKernel
551 | 15.0.0
552 | PlistPath
553 | Contents/Info.plist
554 |
555 |
556 | Arch
557 | x86_64
558 | BundlePath
559 | USBPorts.kext
560 | Comment
561 |
562 | Enabled
563 |
564 | ExecutablePath
565 |
566 | MaxKernel
567 |
568 | MinKernel
569 |
570 | PlistPath
571 | Contents/Info.plist
572 |
573 |
574 | Arch
575 | x86_64
576 | BundlePath
577 | AGPMInjector.kext
578 | Comment
579 |
580 | Enabled
581 |
582 | ExecutablePath
583 |
584 | MaxKernel
585 |
586 | MinKernel
587 |
588 | PlistPath
589 | Contents/Info.plist
590 |
591 |
592 | Arch
593 | x86_64
594 | BundlePath
595 | BrcmFirmwareData.kext
596 | Comment
597 | Bluetooth firmware
598 | Enabled
599 |
600 | ExecutablePath
601 | Contents/MacOS/BrcmFirmwareData
602 | MaxKernel
603 |
604 | MinKernel
605 |
606 | PlistPath
607 | Contents/Info.plist
608 |
609 |
610 | Arch
611 | x86_64
612 | BundlePath
613 | BrcmNonPatchRAM2.kext
614 | Comment
615 | Bluetooth support for macOS 10.11-10.14
616 | Enabled
617 |
618 | ExecutablePath
619 | Contents/MacOS/BrcmNonPatchRAM2
620 | MaxKernel
621 | 18.99.99
622 | MinKernel
623 | 15.0.0
624 | PlistPath
625 | Contents/Info.plist
626 |
627 |
628 | Arch
629 | x86_64
630 | BundlePath
631 | BrcmPatchRAM2.kext
632 | Comment
633 | Bluetooth support for macOS 10.11-10.14
634 | Enabled
635 |
636 | ExecutablePath
637 | Contents/MacOS/BrcmPatchRAM2
638 | MaxKernel
639 | 18.99.99
640 | MinKernel
641 | 15.0.0
642 | PlistPath
643 | Contents/Info.plist
644 |
645 |
646 | Arch
647 | x86_64
648 | BundlePath
649 | BrcmPatchRAM3.kext
650 | Comment
651 | Bluetooth support for macOS 10.15-
652 | Enabled
653 |
654 | ExecutablePath
655 | Contents/MacOS/BrcmPatchRAM3
656 | MaxKernel
657 |
658 | MinKernel
659 | 19.0.0
660 | PlistPath
661 | Contents/Info.plist
662 |
663 |
664 | Arch
665 | x86_64
666 | BundlePath
667 | BrcmBluetoothInjector.kext
668 | Comment
669 | Bluetooth support for macOS 10.15-11
670 | Enabled
671 |
672 | ExecutablePath
673 |
674 | MaxKernel
675 | 20.99.99
676 | MinKernel
677 | 19.0.0
678 | PlistPath
679 | Contents/Info.plist
680 |
681 |
682 | Arch
683 | x86_64
684 | BundlePath
685 | BlueToolFixup.kext
686 | Comment
687 | Bluetooth support for macOS 12-
688 | Enabled
689 |
690 | ExecutablePath
691 | Contents/MacOS/BlueToolFixup
692 | MaxKernel
693 |
694 | MinKernel
695 | 21.0.0
696 | PlistPath
697 | Contents/Info.plist
698 |
699 |
700 | Arch
701 | x86_64
702 | BundlePath
703 | CryptexFixup.kext
704 | Comment
705 | Support for non-AVX2 CPUs in Ventura/Sonoma
706 | Enabled
707 |
708 | ExecutablePath
709 | Contents/MacOS/CryptexFixup
710 | MaxKernel
711 | 23.99.99
712 | MinKernel
713 | 22.1.0
714 | PlistPath
715 | Contents/Info.plist
716 |
717 |
718 | Block
719 |
720 |
721 | Arch
722 | Any
723 | Comment
724 |
725 | Enabled
726 |
727 | Identifier
728 | com.apple.driver.AppleTyMCEDriver
729 | MaxKernel
730 |
731 | MinKernel
732 |
733 | Strategy
734 | Disable
735 |
736 |
737 | Emulate
738 |
739 | Cpuid1Data
740 |
741 | VAYFAAAAAAAAAAAAAAAAAA==
742 |
743 | Cpuid1Mask
744 |
745 | ////AAAAAAAAAAAAAAAAAA==
746 |
747 | DummyPowerManagement
748 |
749 | MaxKernel
750 |
751 | MinKernel
752 |
753 |
754 | Force
755 |
756 |
757 | Arch
758 | Any
759 | BundlePath
760 | System/Library/Extensions/IONetworkingFamily.kext
761 | Comment
762 |
763 | Enabled
764 |
765 | ExecutablePath
766 | Contents/MacOS/IONetworkingFamily
767 | Identifier
768 | com.apple.iokit.IONetworkingFamily
769 | MaxKernel
770 | 13.99.99
771 | MinKernel
772 |
773 | PlistPath
774 | Contents/Info.plist
775 |
776 |
777 | Patch
778 |
779 |
780 | Arch
781 | x86_64
782 | Base
783 |
784 | Comment
785 | algrey - cpuid_set_cpufamily - force CPUFAMILY_INTEL_PENRYN
786 | Count
787 | 1
788 | Enabled
789 |
790 | Find
791 |
792 | MduAPQAAAAAGdQA=
793 |
794 | Identifier
795 | kernel
796 | Limit
797 | 0
798 | Mask
799 |
800 | /////wAAAP///wA=
801 |
802 | MaxKernel
803 | 20.3.99
804 | MinKernel
805 | 17.0.0
806 | Replace
807 |
808 | u7xP6njpXQAAAJA=
809 |
810 | ReplaceMask
811 |
812 |
813 | Skip
814 | 0
815 |
816 |
817 | Arch
818 | x86_64
819 | Base
820 |
821 | Comment
822 | algrey - thenickdude - cpuid_set_cpufamily - force CPUFAMILY_INTEL_PENRYN (Big Sur 11.3+, Monterey, Ventura, Sonoma)
823 | Count
824 | 1
825 | Enabled
826 |
827 | Find
828 |
829 | MdKzAYA9AAAAAAZ1
830 |
831 | Identifier
832 | kernel
833 | Limit
834 | 0
835 | Mask
836 |
837 | ////////AAAAAP//
838 |
839 | MaxKernel
840 | 23.99.99
841 | MinKernel
842 | 20.4.0
843 | Replace
844 |
845 | urxP6nizAJCQkJDr
846 |
847 | ReplaceMask
848 |
849 |
850 | Skip
851 | 0
852 |
853 |
854 | Arch
855 | x86_64
856 | Base
857 | _early_random
858 | Comment
859 | SurPlus v1 - PART 1 of 2 - Patch read_erandom (inlined in _early_random)
860 | Count
861 | 1
862 | Enabled
863 |
864 | Find
865 | AHQjSIs=
866 | Identifier
867 | kernel
868 | Limit
869 | 800
870 | Mask
871 |
872 | MaxKernel
873 | 21.1.0
874 | MinKernel
875 | 20.4.0
876 | Replace
877 | AOsjSIs=
878 | ReplaceMask
879 |
880 | Skip
881 | 0
882 |
883 |
884 | Arch
885 | x86_64
886 | Base
887 | _register_and_init_prng
888 | Comment
889 | SurPlus v1 - PART 2 of 2 - Patch register_and_init_prng
890 | Count
891 | 1
892 | Enabled
893 |
894 | Find
895 | ukgBAAAx9g==
896 | Identifier
897 | kernel
898 | Limit
899 | 256
900 | Mask
901 |
902 | MaxKernel
903 | 21.1.0
904 | MinKernel
905 | 20.4.0
906 | Replace
907 | ukgBAADrBQ==
908 | ReplaceMask
909 |
910 | Skip
911 | 0
912 |
913 |
914 | Arch
915 | x86_64
916 | Base
917 | _apfs_filevault_allowed
918 | Comment
919 | Force FileVault on Broken Seal (from OCLP project, for non-AVX2 Ventura/Sonoma)
920 | Count
921 | 0
922 | Enabled
923 |
924 | Find
925 |
926 | Identifier
927 | com.apple.filesystems.apfs
928 | Limit
929 | 0
930 | Mask
931 |
932 | MaxKernel
933 | 23.99.99
934 | MinKernel
935 | 22.1.0
936 | Replace
937 | uAEAAADD
938 | ReplaceMask
939 |
940 | Skip
941 | 0
942 |
943 |
944 | Quirks
945 |
946 | AppleCpuPmCfgLock
947 |
948 | AppleXcpmCfgLock
949 |
950 | AppleXcpmExtraMsrs
951 |
952 | AppleXcpmForceBoost
953 |
954 | CustomPciSerialDevice
955 |
956 | CustomSMBIOSGuid
957 |
958 | DisableIoMapper
959 |
960 | DisableIoMapperMapping
961 |
962 | DisableLinkeditJettison
963 |
964 | DisableRtcChecksum
965 |
966 | ExtendBTFeatureFlags
967 |
968 | ExternalDiskIcons
969 |
970 | ForceAquantiaEthernet
971 |
972 | ForceSecureBootScheme
973 |
974 | IncreasePciBarSize
975 |
976 | LapicKernelPanic
977 |
978 | LegacyCommpage
979 |
980 | PanicNoKextDump
981 |
982 | PowerTimeoutKernelPanic
983 |
984 | ProvideCurrentCpuInfo
985 |
986 | SetApfsTrimTimeout
987 | 0
988 | ThirdPartyDrives
989 |
990 | XhciPortLimit
991 |
992 |
993 | Scheme
994 |
995 | CustomKernel
996 |
997 | FuzzyMatch
998 |
999 | KernelArch
1000 | Auto
1001 | KernelCache
1002 | Auto
1003 |
1004 |
1005 | Misc
1006 |
1007 | BlessOverride
1008 |
1009 | Boot
1010 |
1011 | ConsoleAttributes
1012 | 0
1013 | HibernateMode
1014 | Auto
1015 | HibernateSkipsPicker
1016 |
1017 | HideAuxiliary
1018 |
1019 | InstanceIdentifier
1020 |
1021 | LauncherOption
1022 | Disabled
1023 | LauncherPath
1024 | Default
1025 | PickerAttributes
1026 | 17
1027 | PickerAudioAssist
1028 |
1029 | PickerMode
1030 | External
1031 | PickerVariant
1032 | Auto
1033 | PollAppleHotKeys
1034 |
1035 | ShowPicker
1036 |
1037 | TakeoffDelay
1038 | 0
1039 | Timeout
1040 | 0
1041 |
1042 | Debug
1043 |
1044 | AppleDebug
1045 |
1046 | ApplePanic
1047 |
1048 | DisableWatchDog
1049 |
1050 | DisplayDelay
1051 | 0
1052 | DisplayLevel
1053 | 2147483650
1054 | LogModules
1055 | *
1056 | SysReport
1057 |
1058 | Target
1059 | 3
1060 |
1061 | Entries
1062 |
1063 | Security
1064 |
1065 | AllowSetDefault
1066 |
1067 | ApECID
1068 | 0
1069 | AuthRestart
1070 |
1071 | BlacklistAppleUpdate
1072 |
1073 | DmgLoading
1074 | Signed
1075 | EnablePassword
1076 |
1077 | ExposeSensitiveData
1078 | 6
1079 | HaltLevel
1080 | 2147483648
1081 | PasswordHash
1082 |
1083 | PasswordSalt
1084 |
1085 | ScanPolicy
1086 | 18809603
1087 | SecureBootModel
1088 | Disabled
1089 | Vault
1090 | Optional
1091 |
1092 | Serial
1093 |
1094 | Init
1095 |
1096 | Override
1097 |
1098 |
1099 | Tools
1100 |
1101 |
1102 | Arguments
1103 |
1104 | Auxiliary
1105 |
1106 | Comment
1107 | Not signed for security reasons
1108 | Enabled
1109 |
1110 | Flavour
1111 | OpenShell:UEFIShell:Shell
1112 | FullNvramAccess
1113 |
1114 | Name
1115 | UEFI Shell
1116 | Path
1117 | Shell.efi
1118 | RealPath
1119 |
1120 | TextMode
1121 |
1122 |
1123 |
1124 | Arguments
1125 |
1126 | Auxiliary
1127 |
1128 | Comment
1129 | Memory testing utility
1130 | Enabled
1131 |
1132 | Flavour
1133 | MemTest
1134 | FullNvramAccess
1135 |
1136 | Name
1137 | memtest86
1138 | Path
1139 | memtest86/BOOTX64.efi
1140 | RealPath
1141 |
1142 | TextMode
1143 |
1144 |
1145 |
1146 | Arguments
1147 | Shutdown
1148 | Auxiliary
1149 |
1150 | Comment
1151 | Perform shutdown
1152 | Enabled
1153 |
1154 | Flavour
1155 | Auto
1156 | FullNvramAccess
1157 |
1158 | Name
1159 | Shutdown
1160 | Path
1161 | ResetSystem.efi
1162 | RealPath
1163 |
1164 | TextMode
1165 |
1166 |
1167 |
1168 |
1169 | NVRAM
1170 |
1171 | Add
1172 |
1173 | 4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14
1174 |
1175 | DefaultBackgroundColor
1176 | AAAAAA==
1177 |
1178 | 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102
1179 |
1180 | rtc-blacklist
1181 |
1182 |
1183 | 7C436110-AB2A-4BBB-A880-FE41995C9F82
1184 |
1185 | #INFO (prev-lang:kbd)
1186 | en:252 (ABC), set 656e3a323532
1187 | ForceDisplayRotationInEFI
1188 | 0
1189 | SystemAudioVolume
1190 | Rg==
1191 | boot-args
1192 | keepsyms=1
1193 | csr-active-config
1194 | Jg8=
1195 | prev-lang:kbd
1196 | ZW4tVVM6MA==
1197 | run-efi-updater
1198 | No
1199 |
1200 |
1201 | Delete
1202 |
1203 | 4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14
1204 |
1205 | DefaultBackgroundColor
1206 |
1207 | 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102
1208 |
1209 | rtc-blacklist
1210 |
1211 | 7C436110-AB2A-4BBB-A880-FE41995C9F82
1212 |
1213 | boot-args
1214 | ForceDisplayRotationInEFI
1215 |
1216 |
1217 | LegacyOverwrite
1218 |
1219 | LegacySchema
1220 |
1221 | 7C436110-AB2A-4BBB-A880-FE41995C9F82
1222 |
1223 | EFILoginHiDPI
1224 | EFIBluetoothDelay
1225 | LocationServicesEnabled
1226 | SystemAudioVolume
1227 | SystemAudioVolumeDB
1228 | SystemAudioVolumeSaved
1229 | bluetoothActiveControllerInfo
1230 | bluetoothInternalControllerInfo
1231 | flagstate
1232 | fmm-computer-name
1233 | fmm-mobileme-token-FMM
1234 | fmm-mobileme-token-FMM-BridgeHasAccount
1235 | nvda_drv
1236 | prev-lang:kbd
1237 | backlight-level
1238 | BootCampHD
1239 |
1240 | 8BE4DF61-93CA-11D2-AA0D-00E098032B8C
1241 |
1242 | Boot0080
1243 | Boot0081
1244 | Boot0082
1245 | BootNext
1246 | BootOrder
1247 |
1248 |
1249 | WriteFlash
1250 |
1251 |
1252 | PlatformInfo
1253 |
1254 | Automatic
1255 |
1256 | CustomMemory
1257 |
1258 | Generic
1259 |
1260 | AdviseFeatures
1261 |
1262 | MLB
1263 | C02717306J9JG361M
1264 | MaxBIOSVersion
1265 |
1266 | ProcessorType
1267 | 0
1268 | ROM
1269 | m7zhIYfl
1270 | SpoofVendor
1271 |
1272 | SystemMemoryStatus
1273 | Auto
1274 | SystemProductName
1275 | iMacPro1,1
1276 | SystemSerialNumber
1277 | C02TM2ZBHX87
1278 | SystemUUID
1279 | 007076A6-F2A2-4461-BBE5-BAD019F8025A
1280 |
1281 | UpdateDataHub
1282 |
1283 | UpdateNVRAM
1284 |
1285 | UpdateSMBIOS
1286 |
1287 | UpdateSMBIOSMode
1288 | Create
1289 | UseRawUuidEncoding
1290 |
1291 |
1292 | UEFI
1293 |
1294 | APFS
1295 |
1296 | EnableJumpstart
1297 |
1298 | GlobalConnect
1299 |
1300 | HideVerbose
1301 |
1302 | JumpstartHotPlug
1303 |
1304 | MinDate
1305 | -1
1306 | MinVersion
1307 | -1
1308 |
1309 | AppleInput
1310 |
1311 | AppleEvent
1312 | Builtin
1313 | CustomDelays
1314 |
1315 | GraphicsInputMirroring
1316 |
1317 | KeyInitialDelay
1318 | 50
1319 | KeySubsequentDelay
1320 | 5
1321 | PointerDwellClickTimeout
1322 | 0
1323 | PointerDwellDoubleClickTimeout
1324 | 0
1325 | PointerDwellRadius
1326 | 0
1327 | PointerPollMask
1328 | -1
1329 | PointerPollMax
1330 | 80
1331 | PointerPollMin
1332 | 10
1333 | PointerSpeedDiv
1334 | 1
1335 | PointerSpeedMul
1336 | 1
1337 |
1338 | Audio
1339 |
1340 | AudioCodec
1341 | 0
1342 | AudioDevice
1343 |
1344 | AudioOutMask
1345 | 1
1346 | AudioSupport
1347 |
1348 | DisconnectHda
1349 |
1350 | MaximumGain
1351 | -15
1352 | MinimumAssistGain
1353 | -30
1354 | MinimumAudibleGain
1355 | -55
1356 | PlayChime
1357 | Auto
1358 | ResetTrafficClass
1359 |
1360 | SetupDelay
1361 | 0
1362 |
1363 | ConnectDrivers
1364 |
1365 | Drivers
1366 |
1367 |
1368 | Arguments
1369 |
1370 | Comment
1371 |
1372 | Enabled
1373 |
1374 | LoadEarly
1375 |
1376 | Path
1377 | OpenVariableRuntimeDxe.efi
1378 |
1379 |
1380 | Arguments
1381 |
1382 | Comment
1383 |
1384 | Enabled
1385 |
1386 | LoadEarly
1387 |
1388 | Path
1389 | OpenRuntime.efi
1390 |
1391 |
1392 | Arguments
1393 |
1394 | Comment
1395 | HFS+ Driver
1396 | Enabled
1397 |
1398 | LoadEarly
1399 |
1400 | Path
1401 | OpenHfsPlus.efi
1402 |
1403 |
1404 | Arguments
1405 |
1406 | Comment
1407 |
1408 | Enabled
1409 |
1410 | LoadEarly
1411 |
1412 | Path
1413 | OpenCanopy.efi
1414 |
1415 |
1416 | Arguments
1417 |
1418 | Comment
1419 |
1420 | Enabled
1421 |
1422 | LoadEarly
1423 |
1424 | Path
1425 | AudioDxe.efi
1426 |
1427 |
1428 | Arguments
1429 |
1430 | Comment
1431 |
1432 | Enabled
1433 |
1434 | LoadEarly
1435 |
1436 | Path
1437 | OpenPartitionDxe.efi
1438 |
1439 |
1440 | Arguments
1441 |
1442 | Comment
1443 |
1444 | Enabled
1445 |
1446 | LoadEarly
1447 |
1448 | Path
1449 | OpenUsbKbDxe.efi
1450 |
1451 |
1452 | Arguments
1453 |
1454 | Comment
1455 |
1456 | Enabled
1457 |
1458 | LoadEarly
1459 |
1460 | Path
1461 | UsbMouseDxe.efi
1462 |
1463 |
1464 | Arguments
1465 |
1466 | Comment
1467 |
1468 | Enabled
1469 |
1470 | LoadEarly
1471 |
1472 | Path
1473 | Ps2KeyboardDxe.efi
1474 |
1475 |
1476 | Arguments
1477 |
1478 | Comment
1479 |
1480 | Enabled
1481 |
1482 | LoadEarly
1483 |
1484 | Path
1485 | Ps2MouseDxe.efi
1486 |
1487 |
1488 | Arguments
1489 |
1490 | Comment
1491 |
1492 | Enabled
1493 |
1494 | LoadEarly
1495 |
1496 | Path
1497 | HiiDatabase.efi
1498 |
1499 |
1500 | Arguments
1501 |
1502 | Comment
1503 |
1504 | Enabled
1505 |
1506 | LoadEarly
1507 |
1508 | Path
1509 | NvmExpressDxe.efi
1510 |
1511 |
1512 | Arguments
1513 |
1514 | Comment
1515 |
1516 | Enabled
1517 |
1518 | LoadEarly
1519 |
1520 | Path
1521 | XhciDxe.efi
1522 |
1523 |
1524 | Arguments
1525 |
1526 | Comment
1527 |
1528 | Enabled
1529 |
1530 | LoadEarly
1531 |
1532 | Path
1533 | ExFatDxe.efi
1534 |
1535 |
1536 | Arguments
1537 |
1538 | Comment
1539 |
1540 | Enabled
1541 |
1542 | LoadEarly
1543 |
1544 | Path
1545 | CrScreenshotDxe.efi
1546 |
1547 |
1548 | Arguments
1549 |
1550 | Comment
1551 |
1552 | Enabled
1553 |
1554 | LoadEarly
1555 |
1556 | Path
1557 | Ext4Dxe.efi
1558 |
1559 |
1560 | Arguments
1561 |
1562 | Comment
1563 |
1564 | Enabled
1565 |
1566 | LoadEarly
1567 |
1568 | Path
1569 | DpcDxe.efi
1570 |
1571 |
1572 | Arguments
1573 |
1574 | Comment
1575 |
1576 | Enabled
1577 |
1578 | LoadEarly
1579 |
1580 | Path
1581 | SnpDxe.efi
1582 |
1583 |
1584 | Arguments
1585 |
1586 | Comment
1587 |
1588 | Enabled
1589 |
1590 | LoadEarly
1591 |
1592 | Path
1593 | MnpDxe.efi
1594 |
1595 |
1596 | Arguments
1597 |
1598 | Comment
1599 |
1600 | Enabled
1601 |
1602 | LoadEarly
1603 |
1604 | Path
1605 | ArpDxe.efi
1606 |
1607 |
1608 | Arguments
1609 |
1610 | Comment
1611 |
1612 | Enabled
1613 |
1614 | LoadEarly
1615 |
1616 | Path
1617 | Dhcp4Dxe.efi
1618 |
1619 |
1620 | Arguments
1621 |
1622 | Comment
1623 |
1624 | Enabled
1625 |
1626 | LoadEarly
1627 |
1628 | Path
1629 | Ip4Dxe.efi
1630 |
1631 |
1632 | Arguments
1633 |
1634 | Comment
1635 |
1636 | Enabled
1637 |
1638 | LoadEarly
1639 |
1640 | Path
1641 | Udp4Dxe.efi
1642 |
1643 |
1644 | Arguments
1645 |
1646 | Comment
1647 |
1648 | Enabled
1649 |
1650 | LoadEarly
1651 |
1652 | Path
1653 | TcpDxe.efi
1654 |
1655 |
1656 | Arguments
1657 |
1658 | Comment
1659 |
1660 | Enabled
1661 |
1662 | LoadEarly
1663 |
1664 | Path
1665 | DnsDxe.efi
1666 |
1667 |
1668 | Arguments
1669 |
1670 | Comment
1671 |
1672 | Enabled
1673 |
1674 | LoadEarly
1675 |
1676 | Path
1677 | HttpDxe.efi
1678 |
1679 |
1680 | Arguments
1681 |
1682 | Comment
1683 |
1684 | Enabled
1685 |
1686 | LoadEarly
1687 |
1688 | Path
1689 | HttpUtilitiesDxe.efi
1690 |
1691 |
1692 | Arguments
1693 |
1694 | Comment
1695 |
1696 | Enabled
1697 |
1698 | LoadEarly
1699 |
1700 | Path
1701 | HttpBootDxe.efi
1702 |
1703 |
1704 | Arguments
1705 |
1706 | Comment
1707 |
1708 | Enabled
1709 |
1710 | LoadEarly
1711 |
1712 | Path
1713 | OpenLinuxBoot.efi
1714 |
1715 |
1716 | Arguments
1717 |
1718 | Comment
1719 |
1720 | Enabled
1721 |
1722 | LoadEarly
1723 |
1724 | Path
1725 | ResetNvramEntry.efi
1726 |
1727 |
1728 | Arguments
1729 |
1730 | Comment
1731 |
1732 | Enabled
1733 |
1734 | LoadEarly
1735 |
1736 | Path
1737 | ToggleSipEntry.efi
1738 |
1739 |
1740 | Arguments
1741 |
1742 | Comment
1743 |
1744 | Enabled
1745 |
1746 | LoadEarly
1747 |
1748 | Path
1749 | FirmwareSettingsEntry.efi
1750 |
1751 |
1752 | Input
1753 |
1754 | KeyFiltering
1755 |
1756 | KeyForgetThreshold
1757 | 5
1758 | KeySupport
1759 |
1760 | KeySupportMode
1761 | Auto
1762 | KeySwap
1763 |
1764 | PointerSupport
1765 |
1766 | PointerSupportMode
1767 | ASUS
1768 | TimerResolution
1769 | 50000
1770 |
1771 | Output
1772 |
1773 | ClearScreenOnModeSwitch
1774 |
1775 | ConsoleFont
1776 |
1777 | ConsoleMode
1778 |
1779 | DirectGopRendering
1780 |
1781 | ForceResolution
1782 |
1783 | GopBurstMode
1784 |
1785 | GopPassThrough
1786 | Disabled
1787 | IgnoreTextInGraphics
1788 |
1789 | InitialMode
1790 | Auto
1791 | ProvideConsoleGop
1792 |
1793 | ReconnectGraphicsOnConnect
1794 |
1795 | ReconnectOnResChange
1796 |
1797 | ReplaceTabWithSpace
1798 |
1799 | Resolution
1800 | 1920x1080@32
1801 | SanitiseClearScreen
1802 |
1803 | TextRenderer
1804 | BuiltinGraphics
1805 | UIScale
1806 | 0
1807 | UgaPassThrough
1808 |
1809 |
1810 | ProtocolOverrides
1811 |
1812 | AppleAudio
1813 |
1814 | AppleBootPolicy
1815 |
1816 | AppleDebugLog
1817 |
1818 | AppleEg2Info
1819 |
1820 | AppleFramebufferInfo
1821 |
1822 | AppleImageConversion
1823 |
1824 | AppleImg4Verification
1825 |
1826 | AppleKeyMap
1827 |
1828 | AppleRtcRam
1829 |
1830 | AppleSecureBoot
1831 |
1832 | AppleSmcIo
1833 |
1834 | AppleUserInterfaceTheme
1835 |
1836 | DataHub
1837 |
1838 | DeviceProperties
1839 |
1840 | FirmwareVolume
1841 |
1842 | HashServices
1843 |
1844 | OSInfo
1845 |
1846 | PciIo
1847 |
1848 | UnicodeCollation
1849 |
1850 |
1851 | Quirks
1852 |
1853 | ActivateHpetSupport
1854 |
1855 | DisableSecurityPolicy
1856 |
1857 | EnableVectorAcceleration
1858 |
1859 | EnableVmx
1860 |
1861 | ExitBootServicesDelay
1862 | 0
1863 | ForceOcWriteFlash
1864 |
1865 | ForgeUefiSupport
1866 |
1867 | IgnoreInvalidFlexRatio
1868 |
1869 | ReleaseUsbOwnership
1870 |
1871 | ReloadOptionRoms
1872 |
1873 | RequestBootVarRouting
1874 |
1875 | ResizeGpuBars
1876 | -1
1877 | ResizeUsePciRbIo
1878 |
1879 | ShimRetainProtocol
1880 |
1881 | TscSyncTimeout
1882 | 0
1883 | UnblockFsConnect
1884 |
1885 |
1886 | ReservedMemory
1887 |
1888 |
1889 |
1890 |
1891 |
--------------------------------------------------------------------------------
/compose.yml:
--------------------------------------------------------------------------------
1 | services:
2 | macos:
3 | image: dockurr/macos
4 | container_name: macos
5 | environment:
6 | VERSION: "13"
7 | devices:
8 | - /dev/kvm
9 | - /dev/net/tun
10 | cap_add:
11 | - NET_ADMIN
12 | ports:
13 | - 8006:8006
14 | - 5900:5900/tcp
15 | - 5900:5900/udp
16 | volumes:
17 | - ./macos:/storage
18 | restart: always
19 | stop_grace_period: 2m
20 |
--------------------------------------------------------------------------------
/kubernetes.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: PersistentVolumeClaim
4 | metadata:
5 | name: macos-pvc
6 | spec:
7 | accessModes:
8 | - ReadWriteOnce
9 | resources:
10 | requests:
11 | storage: 64Gi
12 | ---
13 | apiVersion: apps/v1
14 | kind: Deployment
15 | metadata:
16 | name: macos
17 | labels:
18 | name: macos
19 | spec:
20 | replicas: 1
21 | selector:
22 | matchLabels:
23 | app: macos
24 | template:
25 | metadata:
26 | labels:
27 | app: macos
28 | spec:
29 | containers:
30 | - name: macos
31 | image: dockurr/macos
32 | env:
33 | - name: VERSION
34 | value: "13"
35 | - name: DISK_SIZE
36 | value: "64G"
37 | ports:
38 | - containerPort: 8006
39 | name: http
40 | protocol: TCP
41 | - containerPort: 5900
42 | name: vnc
43 | protocol: TCP
44 | securityContext:
45 | capabilities:
46 | add:
47 | - NET_ADMIN
48 | privileged: true
49 | volumeMounts:
50 | - mountPath: /storage
51 | name: storage
52 | - mountPath: /dev/kvm
53 | name: dev-kvm
54 | - mountPath: /dev/net/tun
55 | name: dev-tun
56 | terminationGracePeriodSeconds: 120
57 | volumes:
58 | - name: storage
59 | persistentVolumeClaim:
60 | claimName: macos-pvc
61 | - hostPath:
62 | path: /dev/kvm
63 | name: dev-kvm
64 | - hostPath:
65 | path: /dev/net/tun
66 | type: CharDevice
67 | name: dev-tun
68 | ---
69 | apiVersion: v1
70 | kind: Service
71 | metadata:
72 | name: macos
73 | spec:
74 | internalTrafficPolicy: Cluster
75 | ports:
76 | - name: http
77 | port: 8006
78 | protocol: TCP
79 | targetPort: 8006
80 | - name: vnc
81 | port: 5900
82 | protocol: TCP
83 | targetPort: 5900
84 | selector:
85 | app: macos
86 | type: ClusterIP
87 |
--------------------------------------------------------------------------------
/license.md:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Permission is hereby granted, free of charge, to any person obtaining a copy
4 | of this software and associated documentation files (the "Software"), to deal
5 | in the Software without restriction, including without limitation the rights
6 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
7 | copies of the Software, and to permit persons to whom the Software is
8 | furnished to do so, subject to the following conditions:
9 |
10 | The above copyright notice and this permission notice shall be included in all
11 | copies or substantial portions of the Software.
12 |
13 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
14 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
16 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
17 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
18 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
19 | SOFTWARE.
20 |
--------------------------------------------------------------------------------
/readme.md:
--------------------------------------------------------------------------------
1 | OSX
2 |
3 |
4 |
6 |
7 | [![Build]][build_url]
8 | [![Version]][tag_url]
9 | [![Size]][tag_url]
10 | [![Package]][pkg_url]
11 | [![Pulls]][hub_url]
12 |
13 |
14 |
15 | OSX (macOS) inside a Docker container.
16 |
17 | ## Features ✨
18 |
19 | - KVM acceleration
20 | - Web-based viewer
21 | - Automatic download
22 |
23 | ## Usage 🐳
24 |
25 | ##### Via Docker Compose:
26 |
27 | ```yaml
28 | services:
29 | macos:
30 | image: dockurr/macos
31 | container_name: macos
32 | environment:
33 | VERSION: "13"
34 | devices:
35 | - /dev/kvm
36 | - /dev/net/tun
37 | cap_add:
38 | - NET_ADMIN
39 | ports:
40 | - 8006:8006
41 | - 5900:5900/tcp
42 | - 5900:5900/udp
43 | volumes:
44 | - ./macos:/storage
45 | restart: always
46 | stop_grace_period: 2m
47 | ```
48 |
49 | ##### Via Docker CLI:
50 |
51 | ```bash
52 | docker run -it --rm --name macos -p 8006:8006 --device=/dev/kvm --device=/dev/net/tun --cap-add NET_ADMIN -v "${PWD:-.}/macos:/storage" --stop-timeout 120 dockurr/macos
53 | ```
54 |
55 | ##### Via Kubernetes:
56 |
57 | ```shell
58 | kubectl apply -f https://raw.githubusercontent.com/dockur/macos/refs/heads/master/kubernetes.yml
59 | ```
60 |
61 | ##### Via Github Codespaces:
62 |
63 | [](https://codespaces.new/dockur/macos)
64 |
65 | ## FAQ 💬
66 |
67 | ### How do I use it?
68 |
69 | Very simple! These are the steps:
70 |
71 | - Start the container and connect to [port 8006](http://127.0.0.1:8006/) using your web browser.
72 |
73 | - Choose `Disk Utility` and then select the largest `Apple Inc. VirtIO Block Media` disk.
74 |
75 | - Click the `Erase` button to format the disk to APFS, and give it any name you like.
76 |
77 | - Close the current window and proceed the installation by clicking `Reinstall macOS`.
78 |
79 | - When prompted where you want to install it, select the disk you created previously.
80 |
81 | - After all files are copied, select your region, language, and account settings.
82 |
83 | Enjoy your brand new machine, and don't forget to star this repo!
84 |
85 | ### How do I select the version of macOS?
86 |
87 | By default, macOS 13 (Ventura) will be installed, but you can add the `VERSION` environment variable in order to specify an alternative:
88 |
89 | ```yaml
90 | environment:
91 | VERSION: "13"
92 | ```
93 |
94 | Select from the values below:
95 |
96 | | **Value** | **Version** | **Name** |
97 | |-------------|----------------|------------------|
98 | | `15` | macOS 15 | Sequoia |
99 | | `14` | macOS 14 | Sonoma |
100 | | `13` | macOS 13 | Ventura |
101 | | `12` | macOS 12 | Monterey |
102 | | `11` | macOS 11 | Big Sur |
103 |
104 | > [!NOTE]
105 | > Support for macOS 15 (Sequoia) is still in its infancy, as it does not allow you to sign in to your Apple Account yet.
106 |
107 | ### How do I change the storage location?
108 |
109 | To change the storage location, include the following bind mount in your compose file:
110 |
111 | ```yaml
112 | volumes:
113 | - ./macos:/storage
114 | ```
115 |
116 | Replace the example path `./macos` with the desired storage folder or named volume.
117 |
118 | ### How do I change the size of the disk?
119 |
120 | To expand the default size of 64 GB, add the `DISK_SIZE` setting to your compose file and set it to your preferred capacity:
121 |
122 | ```yaml
123 | environment:
124 | DISK_SIZE: "256G"
125 | ```
126 |
127 | > [!TIP]
128 | > This can also be used to resize the existing disk to a larger capacity without any data loss.
129 |
130 | ### How do I change the amount of CPU or RAM?
131 |
132 | By default, the container will be allowed to use a maximum of 2 CPU cores and 4 GB of RAM.
133 |
134 | If you want to adjust this, you can specify the desired amount using the following environment variables:
135 |
136 | ```yaml
137 | environment:
138 | RAM_SIZE: "8G"
139 | CPU_CORES: "4"
140 | ```
141 |
142 | ### How do I assign an individual IP address to the container?
143 |
144 | By default, the container uses bridge networking, which shares the IP address with the host.
145 |
146 | If you want to assign an individual IP address to the container, you can create a macvlan network as follows:
147 |
148 | ```bash
149 | docker network create -d macvlan \
150 | --subnet=192.168.0.0/24 \
151 | --gateway=192.168.0.1 \
152 | --ip-range=192.168.0.100/28 \
153 | -o parent=eth0 vlan
154 | ```
155 |
156 | Be sure to modify these values to match your local subnet.
157 |
158 | Once you have created the network, change your compose file to look as follows:
159 |
160 | ```yaml
161 | services:
162 | macos:
163 | container_name: macos
164 | ....
165 | networks:
166 | vlan:
167 | ipv4_address: 192.168.0.100
168 |
169 | networks:
170 | vlan:
171 | external: true
172 | ```
173 |
174 | An added benefit of this approach is that you won't have to perform any port mapping anymore, since all ports will be exposed by default.
175 |
176 | > [!IMPORTANT]
177 | > This IP address won't be accessible from the Docker host due to the design of macvlan, which doesn't permit communication between the two. If this is a concern, you need to create a [second macvlan](https://blog.oddbit.com/post/2018-03-12-using-docker-macvlan-networks/#host-access) as a workaround.
178 |
179 | ### How can macOS acquire an IP address from my router?
180 |
181 | After configuring the container for [macvlan](#how-do-i-assign-an-individual-ip-address-to-the-container), it is possible for macOS to become part of your home network by requesting an IP from your router, just like your other devices.
182 |
183 | To enable this mode, in which the container and macOS will have separate IP addresses, add the following lines to your compose file:
184 |
185 | ```yaml
186 | environment:
187 | DHCP: "Y"
188 | devices:
189 | - /dev/vhost-net
190 | device_cgroup_rules:
191 | - 'c *:* rwm'
192 | ```
193 |
194 | ### How do I pass-through a disk?
195 |
196 | It is possible to pass-through disk devices or partitions directly by adding them to your compose file in this way:
197 |
198 | ```yaml
199 | devices:
200 | - /dev/sdb:/disk1
201 | - /dev/sdc1:/disk2
202 | ```
203 |
204 | Use `/disk1` if you want it to become your main drive, and use `/disk2` and higher to add them as secondary drives.
205 |
206 | ### How do I pass-through a USB device?
207 |
208 | To pass-through a USB device, first lookup its vendor and product id via the `lsusb` command, then add them to your compose file like this:
209 |
210 | ```yaml
211 | environment:
212 | ARGUMENTS: "-device usb-host,vendorid=0x1234,productid=0x1234"
213 | devices:
214 | - /dev/bus/usb
215 | ```
216 |
217 | ### How do I share files with the host?
218 |
219 | To share files with the host, add the following volume to your compose file:
220 |
221 | ```yaml
222 | volumes:
223 | - ./example:/shared
224 | ```
225 |
226 | Then start macOS and execute the following command:
227 |
228 | ```shell
229 | sudo -S mount_9p shared
230 | ```
231 |
232 | In Finder’s menu bar, click on “Go – Computer” to access this shared folder, it will show the contents of `./example`.
233 |
234 | ### How do I verify if my system supports KVM?
235 |
236 | First check if your software is compatible using this chart:
237 |
238 | | **Product** | **Linux** | **Win11** | **Win10** | **macOS** |
239 | |---|---|---|---|---|
240 | | Docker CLI | ✅ | ✅ | ❌ | ❌ |
241 | | Docker Desktop | ❌ | ✅ | ❌ | ❌ |
242 | | Podman CLI | ✅ | ✅ | ❌ | ❌ |
243 | | Podman Desktop | ✅ | ✅ | ❌ | ❌ |
244 |
245 | After that you can run the following commands in Linux to check your system:
246 |
247 | ```bash
248 | sudo apt install cpu-checker
249 | sudo kvm-ok
250 | ```
251 |
252 | If you receive an error from `kvm-ok` indicating that KVM cannot be used, please check whether:
253 |
254 | - the virtualization extensions (`Intel VT-x` or `AMD SVM`) are enabled in your BIOS.
255 |
256 | - you enabled "nested virtualization" if you are running the container inside a virtual machine.
257 |
258 | - you are not using a cloud provider, as most of them do not allow nested virtualization for their VPS's.
259 |
260 | If you did not receive any error from `kvm-ok` but the container still complains about a missing KVM device, it could help to add `privileged: true` to your compose file (or `sudo` to your `docker` command) to rule out any permission issue.
261 |
262 | ### How do I run Windows in a container?
263 |
264 | You can use [dockur/windows](https://github.com/dockur/windows) for that. It shares many of the same features, and even has completely automatic installation.
265 |
266 | ### How do I run a Linux desktop in a container?
267 |
268 | You can use [qemus/qemu](https://github.com/qemus/qemu) in that case.
269 |
270 | ### Is this project legal?
271 |
272 | Yes, this project contains only open-source code and does not distribute any copyrighted material. Neither does it try to circumvent any copyright protection measures. So under all applicable laws, this project will be considered legal.
273 |
274 | However, by installing Apple's macOS, you must accept their end-user license agreement, which does not permit installation on non-official hardware. So only run this container on hardware sold by Apple, as any other use will be a violation of their terms and conditions.
275 |
276 | ## Acknowledgements 🙏
277 |
278 | Special thanks to [seitenca](https://github.com/seitenca), this project would not exist without her invaluable work.
279 |
280 | ## Stars 🌟
281 | [](https://starchart.cc/dockur/macos)
282 |
283 | ## Disclaimer ⚖️
284 |
285 | *Only run this container on Apple hardware, any other use is not permitted by their EULA. The product names, logos, brands, and other trademarks referred to within this project are the property of their respective trademark holders. This project is not affiliated, sponsored, or endorsed by Apple Inc.*
286 |
287 | [build_url]: https://github.com/dockur/macos/
288 | [hub_url]: https://hub.docker.com/r/dockurr/macos/
289 | [tag_url]: https://hub.docker.com/r/dockurr/macos/tags
290 | [pkg_url]: https://github.com/dockur/macos/pkgs/container/macos
291 |
292 | [Build]: https://github.com/dockur/macos/actions/workflows/build.yml/badge.svg
293 | [Size]: https://img.shields.io/docker/image-size/dockurr/macos/latest?color=066da5&label=size
294 | [Pulls]: https://img.shields.io/docker/pulls/dockurr/macos.svg?style=flat&label=pulls&logo=docker
295 | [Version]: https://img.shields.io/docker/v/dockurr/macos/latest?arch=amd64&sort=semver&color=066da5
296 | [Package]: https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fipitio.github.io%2Fbackage%2Fdockur%2Fmacos%2Fmacos.json&query=%24.downloads&logo=github&style=flat&color=066da5&label=pulls
297 |
--------------------------------------------------------------------------------
/src/boot.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | set -Eeuo pipefail
3 |
4 | # Docker environment variables
5 | : "${BOOT_MODE:="macos"}" # Boot mode
6 | : "${SECURE:="off"}" # Secure boot
7 |
8 | BOOT_DESC=""
9 | BOOT_OPTS=""
10 | OVMF="/usr/share/OVMF"
11 |
12 | case "${HEIGHT,,}" in
13 | "1080" )
14 | DEST="$PROCESS"
15 | ROM="OVMF_CODE.fd"
16 | VARS="OVMF_VARS-1920x1080.fd"
17 | ;;
18 | "768" )
19 | DEST="${PROCESS}_hd"
20 | ROM="OVMF_CODE.fd"
21 | VARS="OVMF_VARS-1024x768.fd"
22 | ;;
23 | *)
24 | ROM="OVMF_CODE.fd"
25 | VARS="OVMF_VARS.fd"
26 | DEST="${PROCESS}_${HEIGHT}"
27 | ;;
28 | esac
29 |
30 | BOOT_OPTS+=" -smbios type=2"
31 | BOOT_OPTS+=" -rtc base=utc,base=localtime"
32 | BOOT_OPTS+=" -global ICH9-LPC.disable_s3=1"
33 | BOOT_OPTS+=" -global ICH9-LPC.disable_s4=1"
34 | BOOT_OPTS+=" -global ICH9-LPC.acpi-pci-hotplug-with-bridge-support=off"
35 |
36 | osk=$(echo "bheuneqjbexolgurfrjbeqfthneqrqcyrnfrqbagfgrny(p)NccyrPbzchgreVap" | tr 'A-Za-z' 'N-ZA-Mn-za-m')
37 | BOOT_OPTS+=" -device isa-applesmc,osk=$osk"
38 |
39 | # OVMF
40 | DEST="$STORAGE/$DEST"
41 |
42 | if [ ! -s "$DEST.rom" ] || [ ! -f "$DEST.rom" ]; then
43 | [ ! -s "$OVMF/$ROM" ] || [ ! -f "$OVMF/$ROM" ] && error "UEFI boot file ($OVMF/$ROM) not found!" && exit 44
44 | cp "$OVMF/$ROM" "$DEST.rom"
45 | fi
46 |
47 | if [ ! -s "$DEST.vars" ] || [ ! -f "$DEST.vars" ]; then
48 | [ ! -s "$OVMF/$VARS" ] || [ ! -f "$OVMF/$VARS" ]&& error "UEFI vars file ($OVMF/$VARS) not found!" && exit 45
49 | cp "$OVMF/$VARS" "$DEST.vars"
50 | fi
51 |
52 | BOOT_OPTS+=" -drive if=pflash,format=raw,readonly=on,file=$DEST.rom"
53 | BOOT_OPTS+=" -drive if=pflash,format=raw,file=$DEST.vars"
54 |
55 | IMG="$STORAGE/boot.img"
56 |
57 | if [ ! -f "$IMG" ]; then
58 |
59 | FILE="OpenCore.img"
60 | IMG="/tmp/$FILE"
61 | rm -f "$IMG"
62 |
63 | # OpenCoreBoot
64 | ISO="/opencore.iso"
65 | OUT="/tmp/extract"
66 |
67 | rm -rf "$OUT"
68 | mkdir -p "$OUT"
69 |
70 | msg="Building boot image"
71 | info "$msg..." && html "$msg..."
72 |
73 | [ ! -f "$ISO" ] && gzip -dk "$ISO.gz"
74 |
75 | if [ ! -f "$ISO" ] || [ ! -s "$ISO" ]; then
76 | error "Could not find image file \"$ISO\"." && exit 10
77 | fi
78 |
79 | START=$(sfdisk -l "$ISO" | grep -i -m 1 "EFI System" | awk '{print $2}')
80 | mcopy -bspmQ -i "$ISO@@${START}S" ::EFI "$OUT"
81 |
82 | CFG="$OUT/EFI/OC/config.plist"
83 |
84 | PLIST="/assets/config.plist"
85 | [ -f "/config.plist" ] && PLIST="/config.plist"
86 |
87 | cp "$PLIST" "$CFG"
88 |
89 | ROM="${MAC//[^[:alnum:]]/}"
90 | ROM="${ROM,,}"
91 | BROM=$(echo "$ROM" | xxd -r -p | base64)
92 | RESOLUTION="${WIDTH}x${HEIGHT}@32"
93 |
94 | sed -r -i -e 's|m7zhIYfl|'"${BROM}"'|g' "$CFG"
95 | sed -r -i -e 's|iMacPro1,1|'"${MODEL}"'|g' "$CFG"
96 | sed -r -i -e 's|C02TM2ZBHX87|'"${SN}"'|g' "$CFG"
97 | sed -r -i -e 's|C02717306J9JG361M|'"${MLB}"'|g' "$CFG"
98 | sed -r -i -e 's|1920x1080@32|'"${RESOLUTION}"'|g' "$CFG"
99 | sed -r -i -e 's|007076A6-F2A2-4461-BBE5-BAD019F8025A|'"${UUID}"'|g' "$CFG"
100 |
101 | # Build image
102 |
103 | MB=256
104 | CLUSTER=4
105 | START=2048
106 | SECTOR=512
107 | FIRST_LBA=34
108 |
109 | SIZE=$(( MB*1024*1024 ))
110 | OFFSET=$(( START*SECTOR ))
111 | TOTAL=$(( SIZE-(FIRST_LBA*SECTOR) ))
112 | LAST_LBA=$(( TOTAL/SECTOR ))
113 | COUNT=$(( LAST_LBA-(START-1) ))
114 |
115 | if ! truncate -s "$SIZE" "$IMG"; then
116 | rm -f "$IMG"
117 | error "Could not allocate space to create image $IMG ." && exit 11
118 | fi
119 |
120 | PART="/tmp/partition.fdisk"
121 |
122 | { echo "label: gpt"
123 | echo "label-id: 1ACB1E00-3B8F-4B2A-86A4-D99ED21DCAEB"
124 | echo "device: $FILE"
125 | echo "unit: sectors"
126 | echo "first-lba: $FIRST_LBA"
127 | echo "last-lba: $LAST_LBA"
128 | echo "sector-size: $SECTOR"
129 | echo ""
130 | echo "${FILE}1 : start=$START, size=$COUNT, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=05157F6E-0AE8-4D1A-BEA5-AC172453D02C, name=\"primary\""
131 |
132 | } > "$PART"
133 |
134 | sfdisk -q "$IMG" < "$PART"
135 | echo "drive c: file=\"$IMG\" partition=0 offset=$OFFSET" > /etc/mtools.conf
136 |
137 | mformat -F -M "$SECTOR" -c "$CLUSTER" -T "$COUNT" -v "EFI" "C:"
138 | mcopy -bspmQ "$OUT/EFI" "C:"
139 |
140 | rm -rf "$OUT"
141 |
142 | info ""
143 | info "Model: $MODEL"
144 | info "Rom: $ROM"
145 | info "Serial: $SN"
146 | info "Board: $MLB"
147 | info ""
148 |
149 | fi
150 |
151 | BOOT_DRIVE_ID="OpenCore"
152 |
153 | DISK_OPTS+=" -device virtio-blk-pci,drive=${BOOT_DRIVE_ID},bus=pcie.0,addr=0x5,bootindex=$BOOT_INDEX"
154 | DISK_OPTS+=" -drive file=$IMG,id=$BOOT_DRIVE_ID,format=raw,cache=unsafe,readonly=on,if=none"
155 |
156 | CPU_VENDOR=$(lscpu | awk '/Vendor ID/{print $3}')
157 | DEFAULT_FLAGS="vendor=GenuineIntel,vmware-cpuid-freq=on,-pdpe1gb"
158 |
159 | if [[ "$CPU_VENDOR" != "GenuineIntel" ]] || [[ "${KVM:-}" == [Nn]* ]]; then
160 | [ -z "${CPU_MODEL:-}" ] && CPU_MODEL="Haswell-noTSX"
161 | DEFAULT_FLAGS+=",+pcid,+ssse3,+sse4.2,+popcnt,+avx,+avx2,+aes,+fma,+bmi1,+bmi2,+smep,+xsave,+xsavec,+xsaveopt,+xgetbv1,+movbe,+rdrand,check"
162 | fi
163 |
164 | if [ -z "${CPU_FLAGS:-}" ]; then
165 | CPU_FLAGS="$DEFAULT_FLAGS"
166 | else
167 | CPU_FLAGS="$DEFAULT_FLAGS,$CPU_FLAGS"
168 | fi
169 |
170 | SM_BIOS=""
171 | CLOCKSOURCE="tsc"
172 | [[ "${ARCH,,}" == "arm64" ]] && CLOCKSOURCE="arch_sys_counter"
173 | CLOCK="/sys/devices/system/clocksource/clocksource0/current_clocksource"
174 |
175 | if [ ! -f "$CLOCK" ]; then
176 | warn "file \"$CLOCK\" cannot not found?"
177 | else
178 | result=$(<"$CLOCK")
179 | result="${result//[![:print:]]/}"
180 | case "${result,,}" in
181 | "${CLOCKSOURCE,,}" ) ;;
182 | "kvm-clock" )
183 | if [[ "$CPU_VENDOR" != "GenuineIntel" ]] && [[ "${CPU_CORES,,}" == "2" ]]; then
184 | warn "Restricted processor to a single core because nested KVM virtualization was detected!"
185 | CPU_CORES="1"
186 | else
187 | warn "Nested KVM virtualization detected, this might cause issues running macOS!"
188 | fi ;;
189 | "hyperv_clocksource_tsc_page" ) info "Nested Hyper-V virtualization detected, this might cause issues running macOS!" ;;
190 | "hpet" ) warn "unsupported clock source detected: '$result'. Please set host clock source to '$CLOCKSOURCE', otherwise it will cause issues running macOS!" ;;
191 | *) warn "unexpected clock source detected: '$result'. Please set host clock source to '$CLOCKSOURCE', otherwise it will cause issues running macOS!" ;;
192 | esac
193 | fi
194 |
195 | case "$CPU_CORES" in
196 | "" | "0" | "3" ) CPU_CORES="2" ;;
197 | "5" ) CPU_CORES="4" ;;
198 | "9" ) CPU_CORES="8" ;;
199 | esac
200 |
201 | case "$CPU_CORES" in
202 | "1" | "2" | "4" | "8" ) SMP="$CPU_CORES,sockets=1,dies=1,cores=$CPU_CORES,threads=1" ;;
203 | "6" | "7" ) SMP="$CPU_CORES,sockets=3,dies=1,cores=2,threads=1" ;;
204 | "10" | "11" ) SMP="$CPU_CORES,sockets=5,dies=1,cores=2,threads=1" ;;
205 | "12" | "13" ) SMP="$CPU_CORES,sockets=3,dies=1,cores=4,threads=1" ;;
206 | "14" | "15" ) SMP="$CPU_CORES,sockets=7,dies=1,cores=2,threads=1" ;;
207 | "16" | "32" | "64" ) SMP="$CPU_CORES,sockets=1,dies=1,cores=$CPU_CORES,threads=1" ;;
208 | *)
209 | error "Invalid amount of CPU_CORES, value \"${CPU_CORES}\" is not a power of 2!" && exit 35
210 | ;;
211 | esac
212 |
213 | USB="nec-usb-xhci,id=xhci"
214 | USB+=" -device usb-kbd,bus=xhci.0"
215 | USB+=" -global nec-usb-xhci.msi=off"
216 |
217 | return 0
218 |
--------------------------------------------------------------------------------
/src/entry.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | set -Eeuo pipefail
3 |
4 | : "${APP:="macOS"}"
5 | : "${VGA:="vmware"}"
6 | : "${DISK_TYPE:="blk"}"
7 | : "${PLATFORM:="x64"}"
8 | : "${SUPPORT:="https://github.com/dockur/macos"}"
9 |
10 | cd /run
11 |
12 | . utils.sh # Load functions
13 | . reset.sh # Initialize system
14 | . install.sh # Get the OSX images
15 | . disk.sh # Initialize disks
16 | . display.sh # Initialize graphics
17 | . network.sh # Initialize network
18 | . boot.sh # Configure boot
19 | . proc.sh # Initialize processor
20 | . config.sh # Configure arguments
21 |
22 | trap - ERR
23 |
24 | version=$(qemu-system-x86_64 --version | head -n 1 | cut -d '(' -f 1 | awk '{ print $NF }')
25 | info "Booting ${APP}${BOOT_DESC} using QEMU v$version..."
26 |
27 | exec qemu-system-x86_64 ${ARGS:+ $ARGS}
28 |
--------------------------------------------------------------------------------
/src/install.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | set -Eeuo pipefail
3 |
4 | # Docker environment variables
5 |
6 | : "${SN:=""}" # Device serial
7 | : "${MLB:=""}" # Board serial
8 | : "${MAC:=""}" # MAC address
9 | : "${UUID:=""}" # Unique ID
10 | : "${WIDTH:="1920"}" # Horizontal
11 | : "${HEIGHT:="1080"}" # Vertical
12 | : "${VERSION:="13"}" # OSX Version
13 | : "${MODEL:="iMacPro1,1"}" # Device model
14 |
15 | BASE_IMG_ID="InstallMedia"
16 | BASE_IMG="$STORAGE/base.dmg"
17 | BASE_VERSION="$STORAGE/$PROCESS.version"
18 |
19 | function getRandom() {
20 | local length="${1}"
21 | local result=""
22 | local chars=("0" "1" "2" "3" "4" "5" "6" "7" "8" "9" "A" "B" "C" "D" "E" "F")
23 |
24 | for ((i=0; i&1 | tr ';' '\n' | awk -F'session=|;' '{print $2}' | grep 1)
50 | info=$(curl --disable -s -X POST -H "Host: osrecovery.apple.com" \
51 | -H "Connection: close" \
52 | -A "InternetRecovery/1.0" \
53 | -b "session=\"${appleSession}\"" \
54 | -H "Content-Type: text/plain" \
55 | -d $'cid='"$(getRandom 16)"$'\nsn='"${mlb}"$'\nbid='"${board}"$'\nk='"$(getRandom 64)"$'\nfg='"$(getRandom 64)"$'\nos='"${type}" \
56 | https://osrecovery.apple.com/InstallationPayload/RecoveryImage | tr ' ' '\n')
57 |
58 | downloadLink=$(echo "$info" | grep 'oscdn' | grep 'dmg')
59 | downloadSession=$(echo "$info" | grep 'expires' | grep 'dmg')
60 |
61 | if [ -z "$downloadLink" ] || [ -z "$downloadSession" ]; then
62 |
63 | local code="99"
64 | msg="Failed to connect to the Apple servers, reason:"
65 |
66 | curl --silent --max-time 10 --output /dev/null --fail -H "Host: osrecovery.apple.com" -H "Connection: close" -A "InternetRecovery/1.0" https://osrecovery.apple.com/ || {
67 | code="$?"
68 | }
69 |
70 | case "${code,,}" in
71 | "6" ) error "$msg could not resolve host!" ;;
72 | "7" ) error "$msg no internet connection available!" ;;
73 | "28" ) error "$msg connection timed out!" ;;
74 | "99" )
75 | [ -n "$info" ] && echo "$info" && echo
76 | error "$msg unknown error" ;;
77 | *) error "$msg $code" ;;
78 | esac
79 |
80 | return 1
81 | fi
82 |
83 | # Check if running with interactive TTY or redirected to docker log
84 | if [ -t 1 ]; then
85 | progress="--progress=bar:noscroll"
86 | else
87 | progress="--progress=dot:giga"
88 | fi
89 |
90 | rm -f "$dest"
91 | /run/progress.sh "$dest" "0" "$msg ([P])..." &
92 |
93 | { wget "$downloadLink" -O "$dest" -q --header "Host: oscdn.apple.com" --header "Connection: close" --header "User-Agent: InternetRecovery/1.0" --header "Cookie: AssetToken=${downloadSession}" --timeout=30 --no-http-keep-alive --show-progress "$progress"; rc=$?; } || :
94 |
95 | fKill "progress.sh"
96 |
97 | if (( rc == 0 )) && [ -f "$dest" ]; then
98 | total=$(stat -c%s "$dest")
99 | size=$(formatBytes "$total")
100 | if [ "$total" -lt 100000 ]; then
101 | error "Invalid recovery image, file is only $size ?" && return 1
102 | fi
103 | html "Download finished successfully..."
104 | return 0
105 | fi
106 |
107 | msg="Failed to download $downloadLink"
108 | (( rc == 3 )) && error "$msg , cannot write file (disk full?)" && return 1
109 | (( rc == 4 )) && error "$msg , network failure!" && return 1
110 | (( rc == 8 )) && error "$msg , server issued an error response!" && return 1
111 |
112 | error "$msg , reason: $rc"
113 | return 1
114 | }
115 |
116 | download() {
117 |
118 | local board
119 | local version="$1"
120 |
121 | case "${version,,}" in
122 | "sequoia" | "15"* )
123 | board="Mac-937A206F2EE63C01" ;;
124 | "sonoma" | "14"* )
125 | board="Mac-827FAC58A8FDFA22" ;;
126 | "ventura" | "13"* )
127 | board="Mac-4B682C642B45593E" ;;
128 | "monterey" | "12"* )
129 | board="Mac-B809C3757DA9BB8D" ;;
130 | "bigsur" | "big-sur" | "11"* )
131 | board="Mac-2BD1B31983FE1663" ;;
132 | "catalina" | "10"* )
133 | board="Mac-00BE6ED71E35EB86" ;;
134 | *)
135 | error "Unknown VERSION specified, value \"${version}\" is not recognized!"
136 | return 1 ;;
137 | esac
138 |
139 | if [ -f "/boot.dmg" ]; then
140 | cp "/boot.dmg" "$BASE_IMG"
141 | else
142 | local file="/BaseSystem.dmg"
143 | ! downloadImage "$file" "$board" "$version" && exit 60
144 | mv -f "$file" "$BASE_IMG"
145 | fi
146 |
147 | echo "$version" > "$BASE_VERSION"
148 | return 0
149 | }
150 |
151 | generateID() {
152 |
153 | local file="$STORAGE/$PROCESS.id"
154 |
155 | [ -n "$UUID" ] && return 0
156 | [ -s "$file" ] && UUID=$(<"$file")
157 | UUID="${UUID//[![:print:]]/}"
158 | [ -n "$UUID" ] && return 0
159 |
160 | UUID=$(cat /proc/sys/kernel/random/uuid 2> /dev/null || uuidgen --random)
161 | UUID="${UUID^^}"
162 | UUID="${UUID//[![:print:]]/}"
163 | echo "$UUID" > "$file"
164 |
165 | return 0
166 | }
167 |
168 | generateAddress() {
169 |
170 | local file="$STORAGE/$PROCESS.mac"
171 |
172 | [ -n "$MAC" ] && return 0
173 | [ -s "$file" ] && MAC=$(<"$file")
174 | MAC="${MAC//[![:print:]]/}"
175 | [ -n "$MAC" ] && return 0
176 |
177 | # Generate Apple MAC address based on Docker container ID in hostname
178 | MAC=$(echo "$HOST" | md5sum | sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/00:16:cb:\3:\4:\5/')
179 | MAC="${MAC^^}"
180 | echo "$MAC" > "$file"
181 |
182 | return 0
183 | }
184 |
185 | generateSerial() {
186 |
187 | local file="$STORAGE/$PROCESS.sn"
188 | local file2="$STORAGE/$PROCESS.mlb"
189 |
190 | [ -n "$SN" ] && [ -n "$MLB" ] && return 0
191 | [ -s "$file" ] && SN=$(<"$file")
192 | [ -s "$file2" ] && MLB=$(<"$file2")
193 | SN="${SN//[![:print:]]/}"
194 | MLB="${MLB//[![:print:]]/}"
195 | [ -n "$SN" ] && [ -n "$MLB" ] && return 0
196 |
197 | # Generate unique serial numbers for machine
198 | SN=$(/usr/local/bin/macserial --num 1 --model "${MODEL}" 2>/dev/null)
199 |
200 | SN="${SN##*$'\n'}"
201 | [[ "$SN" != *" | "* ]] && error "$SN" && return 1
202 |
203 | MLB=${SN#*|}
204 | MLB="${MLB#"${MLB%%[![:space:]]*}"}"
205 | SN="${SN%%|*}"
206 | SN="${SN%"${SN##*[![:space:]]}"}"
207 |
208 | echo "$SN" > "$file"
209 | echo "$MLB" > "$file2"
210 |
211 | return 0
212 | }
213 |
214 | if [ ! -f "$BASE_IMG" ] || [ ! -s "$BASE_IMG" ]; then
215 | ! download "$VERSION" && exit 34
216 | fi
217 |
218 | STORED_VERSION=""
219 | if [ -f "$BASE_VERSION" ]; then
220 | STORED_VERSION=$(<"$BASE_VERSION")
221 | STORED_VERSION="${STORED_VERSION//[![:print:]]/}"
222 | fi
223 |
224 | if [ "$VERSION" != "$STORED_VERSION" ]; then
225 | info "Different version detected, switching base image from \"$STORED_VERSION\" to \"$VERSION\""
226 | ! download "$VERSION" && exit 34
227 | fi
228 |
229 | if ! generateID; then
230 | error "Failed to generate UUID!" && exit 35
231 | fi
232 |
233 | if ! generateSerial; then
234 | error "Failed to generate serial number!" && exit 36
235 | fi
236 |
237 | if ! generateAddress; then
238 | error "Failed to generate MAC address!" && exit 37
239 | fi
240 |
241 | DISK_OPTS="-device virtio-blk-pci,drive=${BASE_IMG_ID},bus=pcie.0,addr=0x6"
242 | DISK_OPTS+=" -drive file=$BASE_IMG,id=$BASE_IMG_ID,format=dmg,cache=unsafe,readonly=on,if=none"
243 |
244 | return 0
245 |
--------------------------------------------------------------------------------