Please excuse my ignorance as I’m sure (at least I hope) there is a very simple solution to this.
I run a mac mini in the background that is always powered on - a bit like a server. I use Hazel on it, have my Scan Snap connected and do time machine backups to an external drive connected to it.
If we have a power failure or the mac does a system restart (due to software update etc) the mac returns to the login screen and none of the applications like Hazel and Scan Snap Manager are available until logged in.
One workaround is to leave the mac logged in which seems a bit dodgy and requires manual intervention after a restart.
Are there any ways to run applications in the background before logging in?
Background: I run 2 Minis as servers, one at home and one co-located with MacStadium.
It’s possible to set MacOS to automatically log in but generally not recommended for security reasons - if your Mini is on a locked down home network then I’d consider it (my home Mini automatically logs in on reboot) but otherwise, I reboot so rarely that there’s no issue using Screens or VNC to quickly remote-in and log in manually. NB VNC is available pre-boot but generally that’s it, none of your ‘Login’ apps can start until you’ve logged in, by design.
So the MacOS Server.app is basically being deprecated by Apple and the most useful parts of it removed - it’s basically becoming just a front-end for device management.
It still runs as an app so as far as I can tell, you have the same issue - you’ll need to VNC in and log in.
Sorry not to have better news!
A quick addition to that:
If FileVault is enabled, then it is not even possible to open a VNC connection pre-login.
However, if you open Terminal and type
sudo fdesetup authrestart -1
before starting a software-update, your Mac will then do the initial login after rebooting. This is only active for one reboot, so you‘ll can always do it before starting the update process while still being protected during normal use.
I‘m not a 100% sure whether this will just allow pre-login VNC or if the other apps will start as well. I could test it in the next couple of days if needed.
And how can I (easily) replicate Hazel’s functionalities on Linux? Set up the rules with a GUI (which would be great because of X ssh) and have it run as a server process?
I’m afraid the simple answer to your question is that you can’t. (Almost) everything can be done on Linux, but not always as easily as with programs like Hazel.
That being said, I don’t think the tasks Hazel performs are tasks that belong on a server.
@Lars, I agree that a full suite of Hazel rules (in particular those running and filing into/within cloud storage) are well suited to being run on an always-connected device, whether that be a simple Mac Mini with internet connection, a hosted Mac Mini like I have with MacStadium, or an always on iMac, in many ways operating as a “server”!
Moving away from Hazel would open up more opportunities for server hardware but I quite agree, there is a great deal of ‘ease of use’ provided by using a Mac Mini and the familiar MacOS.
Have the same setup: headless Mac Mini in the basement with Hazel, provides a second physical copy of my iCloud storage, external drives as file server for Infuse (I moved away from Plex) and CCC backup. It also runs my Dropbox free account for the cases I need it (without “polluting” my MacBook Pro) and the Unifi console program to manage my wireless access points.
Security is important for me so all disks are FileVault encrypted and I use Screen Sharing to log in if need be (which is very infrequent).
Very happy with that setup.
Sure, if you’re talking about using your Mac to serve mission-critical web sites, then maybe don’t run Hazel on it… but for most people, running Hazel on a Mac mini “a bit like a server” is a perfectly reasonable use-case.
To get back to the OP’s question: Years ago I wrote up an article for TUAW about what I used to do in this situation where I wanted automatic login, but I also wanted at least some degree of security.
The solution at that time was to turn on automatic login, and then have a launchd script which would run on login, and send the Mac back to the login screen.
The practical effect was that all of your startup apps run on reboot, but you reduce the odds of someone coming along and just being able to log in to your Mac.
(Yes, if someone has physical access to your Mac, it’s possible they can access it by someone managing to interrupt the log-in-then-back-to-login-screen process, but in my testing it was actually not as easy to do as you’d imagine. Also, someone with physical access to your Mac is much more likely to just steal it and take it back to their home and then take out the hard drive and try to access it from another computer, so the only way to protect against that is FileVault, which, as others have said, will make rebooting even more difficult in this situation.)
If that’s something that there’s interest in, I can see about testing to see if it still works in current versions of OS X (well, High Sierra, since that’s what I’m running, due to Mojave’s new “security” features.)
Here is how I handle reboots and FIleVault on my mini server. I have the drive partitioned – a small system boot partition which isn’t encrypted. This allows me to log in remotely with VNC (“Screen Sharing”) and until then all the actual server functions (DNS, DHCP, VPN, VNC, …) do run. Then the second partition is encrypted. All external drives (I’ve got 14TB total) are encrypted as well. So I get the safety of encryption while still being able to log in remotely.
I don’t want to be pedantic. I just think that Hazel is a typical client application. I can’t see the advantage of running that app unattended. It can just as well run when you switch on your iMac or laptop. The only scenario where I can see any benefit of running it on a server like environment is when you have to process a constant stream of files.
Let’s try to not overcomplicate simple tasks.
There are many circumstances where having Hazel running on a single, centralized machine is quite useful. For instance, downloading a file or email attachment on iOS, putting it in Dropbox, and having Hazel act on it. Having Hazel file something on my home network when I’m on the road. Having one set of Hazel rules that do filing for multiple users with different devices. Etc.
Absolutely, I love being able to scan and drop files into a folder on iCloud Drive (i.e. via the Files app in iOS) and I know that Hazel will, on my Mac Mini [server/always-on-device-but-but-essentially-a-server], tag it and file it correctly for DevonThinkPro (soon to be retired in favour of something simpler).
I have run my share of servers in the form of Linux boxes providing various server type functionality, but presently I am using a 2014 Mac mini as a server. This simply means that it is providing services on my network. The nature of those services depends on your particular use case.
In my case, the Mini is a fileserver, which also functions as a “backup server” by having CCC store clones on it.
MacOS is not necessarily designed with server functionality in mind as opposed to being an end-user client OS, but it certainly can provide server functionality. Yes, it now lacks the convenient GUI application that Server.app once provided, but many Linux machines are configured via command line utilities and text editing of configuration files (as I did for many years) and that is no different than doing the same on MacOS. Yes, some things are much easier to set up, like file sharing protections on a Synology with its GUI interface, but once upon a time I did all that by hand editing smb.conf for samba under Linux.
I happen to find running Hazel on the Mini server to be extremely useful. I have many files that I scan that I do not need accessible on my daily use machine, an MBP. The Mini provides the storage for this data. I have a very convenient workflow in which I scan files to a Dispatch folder on the MBP. Hazel rules on the MBP decide whether a given file is moved to storage on the MBP, or into another folder sync’d to the Mini. The syncing process does its magic, and then Hazel on the mini takes over, moving the file to its target location. This is highly useful functionality for me, and I see no problem or issues with having an unattended Mini handling this background processing. There are other things the Mini handles via Hazel or via automation tasks run by KeyboardMaestro as well.
I think we all have varying use cases for our machines, and as long as the system works and is as secure and robust as the user wishes and the task requires, I don’t see any issues with it.
Certainly Hazel is not intended to operate without a user logged in; that is a design decision and obviously it could have been written or could be modified to work for all user accounts without someone logged in if the author so wished. Therein lies the limitation of the program, and if you want Hazel functionality without a user logged in, then I certainly agree that Hazel is the wrong tool for that job.
I have several computers (OSX, Windows and Linux). Having Hazel on a server, running on a shared file system, allows me to have my rules “everywhere”. If I only had a single laptop, then yes, I´d run it on it.
