Back to Posts

Installing Ubuntu On A Macmini8,1

August 16, 2025
5 min read
Jukelyn
AppleMac MiniUbuntu

The Apple 2018 Intel Mac Mini (A1993, macmini8,1)

This is one of the latest Apple models that I find to be reliable as a homelab server. I find myself often having to reference a few different places to fix some things or configure my servers how I like to so I have decided to just have my notes here

Things You Need

  • A1993 Mac Mini
  • A USB to flash Ubuntu iso onto
  • A seperate computer to set up the live usb
  • A ethernet connection (explained later)

The Setup

The Apple T2 chip is annoying and so to boot from and install Ubuntu, there are some steps that we need to take first. The most reliable method that I find is the following:

Clean Start and Reinstalling macOS

  1. Power on the Mac Mini and hold cmd+r (boots to recovery mode).
  2. Click on Disk Utility and then click on View then Show All Devices.
  3. On the internal SSD, click on the container and erase the entire thing and format it (anything option is fine, this isn't as important; I use APFS).
  4. Exit Disk Utility.
  5. Plug in the ethernet.
  6. Reinstall the OS that is available (it's likely macOS 10.15 Catalina).

Updating the OS

Once the OS is setup, I disconnect the ethernet and let the machine boot to the OOBE. At the networking screen, click "Other options" and select the option for no networking. Go through the setup and make a temporary user. Once you have a temporary user, make changes to things as you need. Plug in the ethernet or connect to wifi and update the machine to the latest available OS.

Final Preparations

We updated the OS in the previous part because most times the device will complain about a software update that will prevent you from booting from an external drive, even if you allow it. That being said, this is how you allow booting from an external drive.

  1. Reboot the machine and enter recovery mode again.
  2. Click on Utilities and then Startup Security Utility.
  3. Enter the password for the account we created previously.
  4. Change the options to No Security and Allow booting from external or removable media.
  5. Shutdown the machine.

Creating An Ubuntu Live Installer

There are many ways to create an Ubuntu live installer. The software I use to flash the iso to the drive is balenaEtcher, it's free and is available for many operating systems. Once you have the iso downloaded, plug in your flashdrive and use balenaEtcher to flash the iso onto it.

The Ubuntu iso can be found here, I don't use the GUI so I get the "Server" iso.

BalenaEtcher can be downloaded from here.

Installing Ubuntu

  1. Plug in the Ubuntu live installer.
  2. Boot the device and hold the option (alt) key.
  3. Boot from the live installer (should be orange drive icon named "EFI Boot").
  4. Go through the install like normal.

Getting The WiFi Interface's Firmware (optional)

For most installs, the wifi interface will not work out of the box. The necessary firmware is available from this repo. I downloaded the zip onto my machine and used sftp to transfer it onto the server like this:

1sftp <user>@<ip>
2<user>@<ip>'s password: <enter password here>
3sftp> put apple-bcm-firmware-14.0-1-any.pkg.tar.zst
4sftp> exit

And then on the server, unzip it.

1tar --use-compress-program=unzstd -xvf apple-bcm-firmware-14.0-1-any.pkg.tar.zst

Copy it over and reboot.

1sudo cp -r usr/lib/firmware/brcm /lib/firmware/
2sudo reboot

If you are ssh'd into the server, you will be disconnected at this point, that's fine. Once the machine is booted, you should now see the wifi interface in ip a or ip link show.

1ip link show
2
33: wlp3s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
4    link/ether 3c:22:fb:6f:2d:27 brd ff:ff:ff:ff:ff:ff

Now we just have to get it working. To do this we can edit the /etc/netplan/50-cloud-init.yaml file. This is mine:

1network:
2  version: 2
3  ethernets:
4    enp4s0:
5      addresses:
6        - 192.168.1.235/24 # Ethernet static IP
7      nameservers:
8        addresses:
9          - 192.168.1.46 # My DNS server
10
11  wifis:
12    wlp3s0:
13      addresses:
14        - 192.168.1.234/24 # Wifi static IP
15      routes:
16        - to: default
17          via: 192.168.1.254
18      nameservers:
19        addresses:
20          - 192.168.1.46 # My DNS server
21      access-points:
22        "MyWifiSSID":
23          password: "MyWifiPassword"

And then sudo netplan apply. Now do sudo apt install wpasupplicant and then:

1wpa_passphrase "YourSSID" "YourPassword" | sudo tee /etc/wpa_supplicant.conf
2sudo ip link set wlp3s0 up
3sudo wpa_supplicant -B -i wlp3s0 -c /etc/wpa_supplicant.conff

I have the IPs mapped in my router but if you don't, run sudo dhclient wlp3s0. I also like to have the network not stall the boot up so I run:

1sudo systemctl disable systemd-networkd-wait-online.service
2sudo systemctl mask systemd-networkd-wait-online.service

Setting up SSH

For obvious security implications and convenience, I like to set up ssh and disable password logins on all my servers. Even if I am not making my servers publically accessible, I still prefer to do this as it is good practice and not much effort.

Create an ssh key with a name. The ssh-keygen command defaults to the ed25519 algorithm, if you want to choose another, use the -t flag with any of the other options (read more in man ssh-keygen).

1ssh-keygen -f ~/.ssh/filename

Copy the key onto the server.

1ssh-copy-id -i ~/.ssh/filename user@ip

SSH into the server using the key you just set up.

1ssh -i ~/.ssh/filename user@ip

You should now be in the server using SSH. If not, add the -v flag to get more info and see what went wrong. Once you are in, we can now change the default ssh port by doing:

1sudo nano /etc/ssh/sshd_config

Uncomment the Port 22 option and change 22 to something else, for this guide, say 11111. Scroll down and change the following options as well:

1PubkeyAuthentication yes
2PasswordAuthentication no
3ChallengeResponseAuthentication no
4PermitEmptyPasswords no
5KbdInteractiveAuthentication no
6UsePAM yes

These are the options that I prefer, feel free to learn what they are and change them as you see fit. You might also have an overriding ssh config file in /etc/ssh/sshd_config.d/.

1ls /etc/ssh/sshd_config.d/

If you do, read the options and delete any files that you don't want. I had a /etc/ssh/sshd_config.d/50-cloud-init-config with PasswordAuthentication yes and so I deleted that as I don't want that and I set it in sshd_config. There are discussions about whether you should edit the sshd_config file directly versus making an overriding config file in the sshd_config.d directory. I could not care less and just edit the sshd_config file. Now that has been done, we just need to make sure the ssh service is enabled and restart the it.

1sudo systemctl status ssh # should see "Loaded: ... enabled; preset: ..."
2sudo systemctl enable ssh # run this if it is not enabled
3sudo systemctl restart ssh

Now log out of the system and ssh back in without specifying an ssh key (to verify password logins are disabled) using the new port that you have set.

1ssh -p 11111 user@ip
2user@ip: Permission denied (publickey).

Now log in with the key:

1ssh -p 11111 -i ~/.ssh/filename user@ip
2Welcome to ...

At this point you are done.

Back to Posts