Custom schema for munki

lawinski
New Contributor III

For everybody using Munki with Jamf here is a schema for it. It borrows heavily form the manifest made by the guys from the ProfileCreator Github.

It only misses references to their Github and version hints

{
    "$schema": "http://json-schema.org/schema#",
    "title": "Munki",
    "description": "Preference Domain: ManagedInstalls",


    "type": "object",
    "properties": {
        "SoftwareRepoURL": {
            "type": "string",
            "description": "Base URL for Munki repository.",
            "options": {
                "inputAttributes": {
                    "placeholder": "http://munki/repo"
                }
            }
        },
        "ClientIdentifier": {
            "type": "string",
            "description": "Identifier for Munki client. Usually is the same as a manifest name on the Munki server. If this is empty or undefined, Munki will attempt the following identifiers, in order: fully-qualified hostname, "short" hostname, serial number and finally, "site_default"."
        },
        "ManagedInstallDir": {
            "type": "string",
            "default": "/Library/Managed Installs",
            "description": "Folder where Munki keeps its data on the client.",
            "options": {
                "inputAttributes": {
                    "placeholder": "/Library/Managed Installs"
                }
            }
        },
        "LocalOnlyManifest": {
            "type": "string",
            "description": "Defines the name of your LocalOnlyManifest. Setting this activates the feature. Unsetting it means Munki will remove the file on the next run."
        },
        "SupressAutoInstall": {
            "type": "boolean",
            "description": "Munki will not automatically install or remove items."
        },
        "SupressLoginwindowInstall": {
            "type": "boolean",
            "description": "Munki will not install items while idle at the loginwindow except for those marked for unattended_install or unattended_uninstall."
        },
        "InstallAppleSoftwareUpdates": {
            "type": "boolean",
            "description": "Install updates from an Apple Software Update server, in addition to "regular" Munki updates."
        },
        "AppleSoftwareUpdatesOnly": {
            "type": "boolean",
            "description": "Only install updates from an Apple Software Update server. No Munki repository is needed or used."
        },
        "UnattendedAppleUpdates": {
            "type": "boolean",
            "description": "Updates that declare no "must-close" applications, or have one or more "must-close" applications, none of which is running, and do not require a logout or restart will be installed as part of a normal periodic background run without notifying the user."
        },
        "PerformAuthRestarts": {
            "type": "boolean",
            "description": "Munki will attempt to perform a filevault auth restart."
        },
        "RecoveryKeyFile": {
            "type": "string",
            "description": "Absolute path to a plist file containing filevault credentials in key/value format. Used to perform auth restarts."
        },
        "SupressUserNotifcation": {
            "type": "boolean",
            "description": "Managed Software Center will never notify the user of available updates."
        },
        "SupressStopButtonOnInstall": {
            "type": "boolean",
            "description": "Managed Software Center will hide the stop button while installing or removing software, preventing users from interrupting the install."
        },
        "InstallRequiresLogout": {
            "type": "boolean",
            "description": "Managed Software Center will require a logout for all installs or removals."
        },
        "ShowRemovalDetail": {
            "type": "boolean",
            "description": "Managed Software Center will display detail for scheduled removals."
        },
        "ShowOptionalInstallsForHigherOSVersions": {
            "type": "boolean",
            "description": "Managed Software Center.app will show optional installs and updates that apply to macOS versions higher than the currently installed version."
        },
        "DaysBetweenNotifications": {
            "type": "integer",
            "default": 1,
            "minimum": 0,
            "description": "Number of days between user notifications from Managed Software Center. Set to 0 to have Managed Software Center notify every time a background check runs if there are available updates."
        },
        "UseNotificationCenterDays": {
            "type": "integer",
            "default": 3,
            "minimum": 0,
            "description": "Number of days Notification Center notifications should be used before switching to launching Managed Software Center."
        },
        "PackageVerificationMode": {
            "type": "string",
            "description": "Controls how Munki verifies the integrity of downloaded packages. (none = No integrity check is performed, hash = Integrity check is performed if package info contains checksum information, hash_strict = Integrity check is performed, and fails if package info does not contain checksum information.)",
            "default": "none",
            "enum": [
                "none",
                "hash",
                "hash_strict"
            ]
        },
        "FollowHTTPRedirects": {
            "type": "string",
            "description": "Defines whether Munki will follow all, some or no redirects from the web server. (none = The default behaviour. No redirects are followed. https = Only redirects to URLs using HTTPS are followed. all = Redirects to both HTTP and HTTPS URLs are followed.)",
            "default": "none",
            "enum": [
                "none",
                "https",
                "all"
            ]
        },
        "AdditionalHttpHeaders":{
            "type": "array",
            "description": "This key provides the ability to specify custom HTTP headers to be sent with all curl() HTTP requests.",
            "items": {
                "type": "string",
                "title": "HTTPHeader",
                "options": {
                    "inputAttributes": {
                        "placeholder": "HTTPHeader"
                    }
                }
            }

        },
        "IgnoreSystemProxies": {
            "type": "boolean",
            "description": "HTTP and/or HTTPS proxies set system-wide will be ignored, connections will be made directly."
        },
        "PackageURL": {
            "type": "string",
            "description": "Base URL for Munki pkgs. Useful if your packages are served from a different server than your catalogs or manifests.",
            "options": {
                "inputAttributes": {
                    "placeholder": "<SoftwareRepoURL>/pkgs"
                }
            }
        },
        "CatalogURL": {
            "type": "string",
            "description": "Base URL for Munki catalogs. Useful if your catalogs are served from a different server than your packages or manifests.",
            "options": {
                "inputAttributes": {
                    "placeholder": "<SoftwareRepoURL>/catalogs"
                }
            }
        },
        "IconURL": {
            "type": "string",
            "description": "Base URL for product icons. Useful if your icons are served from a different server or different directory than the default.",
            "options": {
                "inputAttributes": {
                    "placeholder": "<SoftwareRepoURL>/icons"
                }
            }
        },
        "ClientResourceURL": {
            "type": "string",
            "description": "Base URL for custom client resources for Managed Software Center. Useful if your resources are served from a different server or different directory than the default.",
            "options": {
                "inputAttributes": {
                    "placeholder": "<SoftwareRepoURL>/client_resources"
                }
            }
        },
        "ClientResourcesFilename": {
            "type": "string",
            "description": "Specific filename to use when requesting custom client resources.",
            "options": {
                "inputAttributes": {
                    "placeholder": "site_default.zip"
                }
            }
        },
        "HelpURL": {
            "type": "string",
            "description": "URL to open/display when the user selects "Managed Software Center Help" from Managed Software Center's Help menu."
        },
        "LicenseInfoURL": {
            "type": "string",
            "description": "URL for Munki to query a webserver to determine if there are available seats for licensed software (or any software you wish to make available via optional_installs, yet control the number of deployed copies).",
            "options": {
                "inputAttributes": {
                    "placeholder": "http://sal.example.com/licenses/available/youreallyreallyreallyreallylongkey"
                }
            }
        },
        "SoftwareUpdateServerURL": {
            "type": "string",
            "description": "Catalog URL for Apple Software Updates. If undefined or empty, Munki will use the same catalog that the OS uses."
        },
        "UseClientCertificate": {
            "type": "boolean",
            "description": "Use an SSL client certificate when communicating with the Munki server. Requires an https:// URL for the Munki repo."
        },
        "UseClientCertificateCNAsClientIdentifier": {
            "type": "boolean",
            "description": "Use the CN of the client certificate as the Client Identifier. Used in combination with the UseClientCertificate key."
        },
        "ClientCertificatePath": {
            "type": "string",
            "description": "Absolute path to a client certificate. There are 3 defaults for this key. Concatenated cert/key PEM file accepted.",
            "options": {
                "inputAttributes": {
                    "placeholder": "/Library/Managed Installs/certs/[munki.pem|client.pem|cert.pem]"
                }
            }
        },
        "ClientKeyPath": {
            "type": "string",
            "description": "Absolute path to a client private key.",
            "options": {
                "inputAttributes": {
                    "placeholder": "/Library/Managed Installs/certs/[munki.key|client.key|cert.key]"
                }
            }
        },
        "ClientRepoCAPath": {
            "type": "string",
            "description": "Path to the directory that stores your CA certificate(s).",
            "options": {
                "inputAttributes": {
                    "placeholder": "/Library/Managed Installs/certs"
                }
            }
        },
        "SoftwareRepoCACertificate": {
            "type": "string",
            "description": "Absolute path to your CA Certificate.",
            "options": {
                "inputAttributes": {
                    "placeholder": "/Library/Managed Installs/certs/ca.pem"
                }
            }
        },
        "LogFile": {
            "type": "string",
            "default": "/Library/Managed Installs/Logs/ManagedSoftwareUpdate.log",
            "description": "Primary log is written to this file. Other logs are written into the same directory as this file.",
            "options": {
                "inputAttributes": {
                    "placeholder": "/Library/Managed Installs/Logs/ManagedSoftwareUpdate.log"
                }
            }
        },
        "LogToSyslog": {
            "type": "boolean",
            "description": "Log to syslog in addition to ManagedSoftwareUpdate.log."
        },
        "LoggingLevel": {
            "type": "integer",
            "default": 1,
            "minimum": 0,
            "maximum": 4,
            "description": "Higher values cause more detail to be written to the primary log."
        },
        "MSULogEnabled": {
            "type": "boolean",
            "description": "Log user actions in the GUI."
        },
        "MSUDebugLogEnabled": {
            "type": "boolean",
            "description": "Debug logging for Managed Software Center."
        },
        "AccessKey": {
            "type": "string",
            "description": "Munki has a feature which enables Mac administrators to use middleware to change munki's HTTP request. S3-Auth uses this feature to create the HTTP headers necessary to authenticate to S3.",
            "options": {
                "inputAttributes": {
                    "placeholder": "AKIAIX2QPWZ7EXAMPLE"
                }
            }
        },
        "Region": {
            "type": "string",
            "description": "Munki has a feature which enables Mac administrators to use middleware to change munki's HTTP request. S3-Auth uses this feature to create the HTTP headers necessary to authenticate to S3.",
            "options": {
                "inputAttributes": {
                    "placeholder": "ex us-west-2"
                }
            }
        },
        "SecretKey": {
            "type": "string",
            "description": "Munki has a feature which enables Mac administrators to use middleware to change munki's HTTP request. S3-Auth uses this feature to create the HTTP headers necessary to authenticate to S3.",
            "options": {
                "inputAttributes": {
                    "placeholder": "z5MFJCcEyYBmh2BxbrlZBWNJ4izEXAMPLE"
                }
            }
        }
    },
    "required":[
        "SoftwareRepoURL"
    ]
}
1 REPLY 1

mm2270
Legendary Contributor II

Nice work.
You may want to post about this on this other thread, that seemed to start the main discussion on custom application schemas. @mscottblake created a central github location where all custom schema repos can be linked out to. He can send you an invite to join the group to post yours there if you'd like.