Munki Replica Setup

From SD59 Resources
Jump to: navigation, search
  1. Install Node.js
    https://nodejs.org/en/download/
  2. Run npm update inside of replica app folder to download dependencies.
  3. Set up local DNS:
    CNAME replica.local.munki.sd59.bc.ca to the Munki replica server
    CNAME master.local.munki.sd59.bc.ca to mdm.sd59.bc.ca
    test; munki.sd59.bc.ca should resolve to your local Munki replica server
  4. Install server daemon
    /Volumes/UserHD/sd59_munki_replica is the default location
    in osx folder of replica app, move "ca.bc.sd59.webapp.munki.replica.daemon.plist" into /Library/LaunchDaemons update paths in file as necessary
    • ensure correct permissions (root:wheel, u=rw,go=r)
      chown root /Library/LaunchDaemons/ca.bc.sd59.webapp.munki.replica.daemon.plist
    • load/start the daemon with launchctl
      launchctl load /Library/LaunchDaemons/ca.bc.sd59.webapp.munki.replica.daemon.plist
      launchctl start ca.bc.sd59.webapp.munki.replica.daemon
    • install modules for node
      cd /Volumes/UserHD/sd59_munki_replica
      npm update
    • test; should be able to see content for http://localhost:3000/manifests/m-<serial>
  5. Configure OS X web server, install webapp for HTTPS sites, install sd59 wildcard certificate in osx folder of replica app, move "ca.bc.sd59.webapp.munki.replica.plist" into /Library/Server/Web/Config/apache2/webapps/
    update paths in file as necessary
    • ensure correct permissions (root:wheel, u=rw,go=r)
      sudo chown root /Library/Server/Web/Config/apache2/webapps/ca.bc.sd59.webapp.munki.replica.plist
    • go into settings for each site, and click enable checkbox for the replica webapp
    • test; should be able to see http(s)://<site>/repo/manifests/m-<serial>
  6. Set up passwordless SSH into the MDM server from the replica server. See http://www.linuxproblem.org/art_9.html for directions.
  7. Run sync.sh to import the Munki data into the cache. If it asks for a password, re-check step 6 to make sure it's set up correctly.
  8. Set up sync.sh on a cron job so cache data is updated regularly.
    0 4,18 * * * * * /Volumes/UserHD/sd59_munki_replica/sync.sh