Skip to content

Instantly share code, notes, and snippets.

@bliotti

bliotti/debian13-macbookair-bootstrap.sh

Last active February 16, 2026 05:05
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save bliotti/9f986fbe8fcc2d571bf615ed2a3de7ab to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save bliotti/9f986fbe8fcc2d571bf615ed2a3de7ab to your computer and use it in GitHub Desktop.
Download ZIP
Debian 13 MacBookAir7,2 automated bootstrap
Raw
debian13-macbookair-bootstrap.sh
#!/usr/bin/env bash
# debian13-macbookair-bootstrap.sh
# Target: Debian 13 (trixie) on MacBookAir7,2
#
# What it does:
# - Updates/Upgrades
# - Installs NetworkManager, firmware, Broadcom STA (wl), GNOME, core tools
# - Enables tlp + thermald + ufw
# - Installs tailscale and brings it up (interactive)
# - Adds Flathub remote
#
# Usage:
# sudo bash debian13-macbookair-bootstrap.sh
#
# Notes:
# - This script does NOT edit /etc/apt/sources.list for you.
# - Tailscale "up" will require interaction/auth in most cases.
# - Broadcom driver: purges b43-fwcutter (if present), installs broadcom-sta-dkms, loads wl.
set -euo pipefail
if [[ "${EUID}" -ne 0 ]]; then
echo "Run as root: sudo bash $0"
exit 1
fi
log() { printf "\n==> %s\n" "$*"; }
export DEBIAN_FRONTEND=noninteractive
log "1) APT refresh + full upgrade"
apt update
apt -y full-upgrade
log "2) Core base packages"
apt install -y \
ca-certificates \
sudo \
curl wget \
gnupg \
lsb-release
log "3) NetworkManager"
apt install -y network-manager
systemctl enable --now NetworkManager
log "4) Build stack + headers (needed for dkms/Broadcom STA)"
apt install -y dkms build-essential linux-headers-$(uname -r) || true
apt install -y linux-headers-amd64
log "5) Firmware + microcode"
apt install -y \
firmware-linux firmware-linux-nonfree firmware-misc-nonfree \
intel-microcode
log "6) Broadcom WiFi (wl) - remove conflicts then install STA dkms"
# Safe if not installed
apt purge -y b43-fwcutter || true
apt install -y broadcom-sta-dkms
# Try to load module now (may require reboot if kernel/headers mismatch)
modprobe wl || true
log "7) GNOME Desktop + tweaks"
apt install -y task-gnome-desktop
apt install -y gnome-tweaks gnome-shell-extensions
log "8) Common tools"
apt install -y \
git htop neovim \
flatpak \
bmon \
xclip \
ufw \
ffmpeg gstreamer1.0-libav \
mesa-utils vulkan-tools \
fonts-inter fonts-noto fonts-noto-color-emoji \
tlp powertop thermald
log "9) Enable power services"
systemctl enable --now tlp
systemctl enable --now thermald
log "10) Firewall"
ufw --force enable
log "11) Flathub remote"
# flatpak may require user session for some operations; adding remote system-wide is fine
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo || true
log "12) Tailscale install"
if ! command -v tailscale >/dev/null 2>&1; then
# Official install script
curl -fsSL https://tailscale.com/install.sh | sh
fi
systemctl enable --now tailscaled
log "13) Tailscale up (interactive/auth may be required)"
# Use accept-routes + ssh per your history; remove flags if undesired.
tailscale up --ssh --accept-routes || true
log "14) Cleanup"
apt -y autoremove
log "15) Quick validation"
echo "--- WiFi module ---"
lsmod | grep -E '^wl\b' || echo "wl not loaded (reboot may be required)"
echo "--- NM status ---"
systemctl --no-pager --full status NetworkManager | sed -n '1,10p' || true
echo "--- GPU ---"
glxinfo | grep "OpenGL renderer" || true
echo "--- Vulkan ---"
vulkaninfo | grep driver || true
echo "--- Tailscale ---"
tailscale status || true
log "DONE"
echo "If wl did not load, reboot and re-check: lsmod | grep wl"
Raw
debian_13_macbookair_setup_reference.md

Debian 13 Rebuild Playbook

Target: MacBookAir7,2

This is the ordered recovery procedure to recreate the working system from a fresh Debian 13 install.

0. Base Assumption

Fresh Debian install completed. Booted to working shell.

1. Fix Repositories

Edit:

sudo nano /etc/apt/sources.list

Then:

sudo apt update

2. Temporary Network Recovery (if no connectivity)

Identify interface:

ip a

Bring it up:

sudo ip link set <iface> up
sudo dhclient <iface>

If DNS broken:

echo "nameserver 1.1.1.1" | sudo tee /etc/resolv.conf

If no default route:

sudo ip route add default via 192.168.0.1 dev <iface>

Verify:

ping -c 3 deb.debian.org

3. Install NetworkManager

sudo apt install network-manager
sudo systemctl enable NetworkManager
sudo systemctl start NetworkManager

Reboot recommended.

4. Install Kernel Headers (Required for WiFi)

sudo apt install -y dkms build-essential linux-headers-$(uname -r)
sudo apt install -y linux-headers-amd64

5. Resolve Broadcom WiFi

Remove conflicting open driver:

sudo apt purge b43-fwcutter

Install STA driver:

sudo apt install broadcom-sta-dkms
sudo modprobe wl

Verify:

dkms status
lsmod | grep wl
nmcli device wifi list

6. Firmware + Microcode

sudo apt install firmware-linux firmware-linux-nonfree firmware-misc-nonfree intel-microcode

Reboot.

7. Desktop

sudo apt install task-gnome-desktop
sudo systemctl restart gdm

Tweaks:

sudo apt install gnome-tweaks gnome-shell-extensions

8. Core Tooling

sudo apt install \
  git curl wget htop neovim \
  build-essential dkms \
  flatpak bmon xclip

9. Remote Access

SSH

sudo apt install openssh-server

Tailscale

curl -fsSL https://tailscale.com/install.sh | sh
sudo systemctl enable --now tailscaled
sudo tailscale up --ssh --accept-routes

10. Power Optimization

sudo apt install tlp powertop thermald
sudo systemctl enable tlp
sudo systemctl enable thermald

11. Graphics / Media

sudo apt install mesa-utils vulkan-tools
sudo apt install ffmpeg gstreamer1.0-libav

Verify:

glxinfo | grep "OpenGL renderer"
vulkaninfo | grep driver

12. Touchpad

sudo apt install xserver-xorg-input-libinput
sudo mkdir -p /etc/X11/xorg.conf.d
sudo nano /etc/X11/xorg.conf.d/30-touchpad.conf

13. Fonts

sudo apt install fonts-inter fonts-noto fonts-noto-color-emoji

14. Flatpak

flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo

15. Firewall

sudo apt install ufw
sudo ufw enable

16. Final Cleanup

sudo apt autoremove -y

17. Validation

WiFi

lsmod | grep wl
nmcli device wifi list

Network

ip addr
ip route
ping -c 3 deb.debian.org

GPU

glxinfo | grep "OpenGL renderer"
vulkaninfo | grep driver

Tailscale

tailscale status

Expected Final State

  • NetworkManager active
  • Broadcom WiFi via wl
  • GNOME running on Wayland
  • Intel microcode installed
  • Power optimized
  • SSH available
  • Tailscale connected
  • Firewall enabled
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment