- Jamf Nation Community
- Products
- Jamf Pro
- Custom schema for munki
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Custom schema for munki
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-26-2020 04:27 AM
For everybody using Munki with Jamf here is a schema for it. It borrows heavily form the manifest made by the guys from the ProfileCreator Github.
It only misses references to their Github and version hints
{
"$schema": "http://json-schema.org/schema#",
"title": "Munki",
"description": "Preference Domain: ManagedInstalls",
"type": "object",
"properties": {
"SoftwareRepoURL": {
"type": "string",
"description": "Base URL for Munki repository.",
"options": {
"inputAttributes": {
"placeholder": "http://munki/repo"
}
}
},
"ClientIdentifier": {
"type": "string",
"description": "Identifier for Munki client. Usually is the same as a manifest name on the Munki server. If this is empty or undefined, Munki will attempt the following identifiers, in order: fully-qualified hostname, "short" hostname, serial number and finally, "site_default"."
},
"ManagedInstallDir": {
"type": "string",
"default": "/Library/Managed Installs",
"description": "Folder where Munki keeps its data on the client.",
"options": {
"inputAttributes": {
"placeholder": "/Library/Managed Installs"
}
}
},
"LocalOnlyManifest": {
"type": "string",
"description": "Defines the name of your LocalOnlyManifest. Setting this activates the feature. Unsetting it means Munki will remove the file on the next run."
},
"SupressAutoInstall": {
"type": "boolean",
"description": "Munki will not automatically install or remove items."
},
"SupressLoginwindowInstall": {
"type": "boolean",
"description": "Munki will not install items while idle at the loginwindow except for those marked for unattended_install or unattended_uninstall."
},
"InstallAppleSoftwareUpdates": {
"type": "boolean",
"description": "Install updates from an Apple Software Update server, in addition to "regular" Munki updates."
},
"AppleSoftwareUpdatesOnly": {
"type": "boolean",
"description": "Only install updates from an Apple Software Update server. No Munki repository is needed or used."
},
"UnattendedAppleUpdates": {
"type": "boolean",
"description": "Updates that declare no "must-close" applications, or have one or more "must-close" applications, none of which is running, and do not require a logout or restart will be installed as part of a normal periodic background run without notifying the user."
},
"PerformAuthRestarts": {
"type": "boolean",
"description": "Munki will attempt to perform a filevault auth restart."
},
"RecoveryKeyFile": {
"type": "string",
"description": "Absolute path to a plist file containing filevault credentials in key/value format. Used to perform auth restarts."
},
"SupressUserNotifcation": {
"type": "boolean",
"description": "Managed Software Center will never notify the user of available updates."
},
"SupressStopButtonOnInstall": {
"type": "boolean",
"description": "Managed Software Center will hide the stop button while installing or removing software, preventing users from interrupting the install."
},
"InstallRequiresLogout": {
"type": "boolean",
"description": "Managed Software Center will require a logout for all installs or removals."
},
"ShowRemovalDetail": {
"type": "boolean",
"description": "Managed Software Center will display detail for scheduled removals."
},
"ShowOptionalInstallsForHigherOSVersions": {
"type": "boolean",
"description": "Managed Software Center.app will show optional installs and updates that apply to macOS versions higher than the currently installed version."
},
"DaysBetweenNotifications": {
"type": "integer",
"default": 1,
"minimum": 0,
"description": "Number of days between user notifications from Managed Software Center. Set to 0 to have Managed Software Center notify every time a background check runs if there are available updates."
},
"UseNotificationCenterDays": {
"type": "integer",
"default": 3,
"minimum": 0,
"description": "Number of days Notification Center notifications should be used before switching to launching Managed Software Center."
},
"PackageVerificationMode": {
"type": "string",
"description": "Controls how Munki verifies the integrity of downloaded packages. (none = No integrity check is performed, hash = Integrity check is performed if package info contains checksum information, hash_strict = Integrity check is performed, and fails if package info does not contain checksum information.)",
"default": "none",
"enum": [
"none",
"hash",
"hash_strict"
]
},
"FollowHTTPRedirects": {
"type": "string",
"description": "Defines whether Munki will follow all, some or no redirects from the web server. (none = The default behaviour. No redirects are followed. https = Only redirects to URLs using HTTPS are followed. all = Redirects to both HTTP and HTTPS URLs are followed.)",
"default": "none",
"enum": [
"none",
"https",
"all"
]
},
"AdditionalHttpHeaders":{
"type": "array",
"description": "This key provides the ability to specify custom HTTP headers to be sent with all curl() HTTP requests.",
"items": {
"type": "string",
"title": "HTTPHeader",
"options": {
"inputAttributes": {
"placeholder": "HTTPHeader"
}
}
}
},
"IgnoreSystemProxies": {
"type": "boolean",
"description": "HTTP and/or HTTPS proxies set system-wide will be ignored, connections will be made directly."
},
"PackageURL": {
"type": "string",
"description": "Base URL for Munki pkgs. Useful if your packages are served from a different server than your catalogs or manifests.",
"options": {
"inputAttributes": {
"placeholder": "<SoftwareRepoURL>/pkgs"
}
}
},
"CatalogURL": {
"type": "string",
"description": "Base URL for Munki catalogs. Useful if your catalogs are served from a different server than your packages or manifests.",
"options": {
"inputAttributes": {
"placeholder": "<SoftwareRepoURL>/catalogs"
}
}
},
"IconURL": {
"type": "string",
"description": "Base URL for product icons. Useful if your icons are served from a different server or different directory than the default.",
"options": {
"inputAttributes": {
"placeholder": "<SoftwareRepoURL>/icons"
}
}
},
"ClientResourceURL": {
"type": "string",
"description": "Base URL for custom client resources for Managed Software Center. Useful if your resources are served from a different server or different directory than the default.",
"options": {
"inputAttributes": {
"placeholder": "<SoftwareRepoURL>/client_resources"
}
}
},
"ClientResourcesFilename": {
"type": "string",
"description": "Specific filename to use when requesting custom client resources.",
"options": {
"inputAttributes": {
"placeholder": "site_default.zip"
}
}
},
"HelpURL": {
"type": "string",
"description": "URL to open/display when the user selects "Managed Software Center Help" from Managed Software Center's Help menu."
},
"LicenseInfoURL": {
"type": "string",
"description": "URL for Munki to query a webserver to determine if there are available seats for licensed software (or any software you wish to make available via optional_installs, yet control the number of deployed copies).",
"options": {
"inputAttributes": {
"placeholder": "http://sal.example.com/licenses/available/youreallyreallyreallyreallylongkey"
}
}
},
"SoftwareUpdateServerURL": {
"type": "string",
"description": "Catalog URL for Apple Software Updates. If undefined or empty, Munki will use the same catalog that the OS uses."
},
"UseClientCertificate": {
"type": "boolean",
"description": "Use an SSL client certificate when communicating with the Munki server. Requires an https:// URL for the Munki repo."
},
"UseClientCertificateCNAsClientIdentifier": {
"type": "boolean",
"description": "Use the CN of the client certificate as the Client Identifier. Used in combination with the UseClientCertificate key."
},
"ClientCertificatePath": {
"type": "string",
"description": "Absolute path to a client certificate. There are 3 defaults for this key. Concatenated cert/key PEM file accepted.",
"options": {
"inputAttributes": {
"placeholder": "/Library/Managed Installs/certs/[munki.pem|client.pem|cert.pem]"
}
}
},
"ClientKeyPath": {
"type": "string",
"description": "Absolute path to a client private key.",
"options": {
"inputAttributes": {
"placeholder": "/Library/Managed Installs/certs/[munki.key|client.key|cert.key]"
}
}
},
"ClientRepoCAPath": {
"type": "string",
"description": "Path to the directory that stores your CA certificate(s).",
"options": {
"inputAttributes": {
"placeholder": "/Library/Managed Installs/certs"
}
}
},
"SoftwareRepoCACertificate": {
"type": "string",
"description": "Absolute path to your CA Certificate.",
"options": {
"inputAttributes": {
"placeholder": "/Library/Managed Installs/certs/ca.pem"
}
}
},
"LogFile": {
"type": "string",
"default": "/Library/Managed Installs/Logs/ManagedSoftwareUpdate.log",
"description": "Primary log is written to this file. Other logs are written into the same directory as this file.",
"options": {
"inputAttributes": {
"placeholder": "/Library/Managed Installs/Logs/ManagedSoftwareUpdate.log"
}
}
},
"LogToSyslog": {
"type": "boolean",
"description": "Log to syslog in addition to ManagedSoftwareUpdate.log."
},
"LoggingLevel": {
"type": "integer",
"default": 1,
"minimum": 0,
"maximum": 4,
"description": "Higher values cause more detail to be written to the primary log."
},
"MSULogEnabled": {
"type": "boolean",
"description": "Log user actions in the GUI."
},
"MSUDebugLogEnabled": {
"type": "boolean",
"description": "Debug logging for Managed Software Center."
},
"AccessKey": {
"type": "string",
"description": "Munki has a feature which enables Mac administrators to use middleware to change munki's HTTP request. S3-Auth uses this feature to create the HTTP headers necessary to authenticate to S3.",
"options": {
"inputAttributes": {
"placeholder": "AKIAIX2QPWZ7EXAMPLE"
}
}
},
"Region": {
"type": "string",
"description": "Munki has a feature which enables Mac administrators to use middleware to change munki's HTTP request. S3-Auth uses this feature to create the HTTP headers necessary to authenticate to S3.",
"options": {
"inputAttributes": {
"placeholder": "ex us-west-2"
}
}
},
"SecretKey": {
"type": "string",
"description": "Munki has a feature which enables Mac administrators to use middleware to change munki's HTTP request. S3-Auth uses this feature to create the HTTP headers necessary to authenticate to S3.",
"options": {
"inputAttributes": {
"placeholder": "z5MFJCcEyYBmh2BxbrlZBWNJ4izEXAMPLE"
}
}
}
},
"required":[
"SoftwareRepoURL"
]
}
1 REPLY 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-26-2020 07:52 AM
Nice work.
You may want to post about this on this other thread, that seemed to start the main discussion on custom application schemas. @mscottblake created a central github location where all custom schema repos can be linked out to. He can send you an invite to join the group to post yours there if you'd like.
