├── .gitignore ├── LICENSE ├── README.md ├── activations ├── io.macadmins.activation.bash.json ├── io.macadmins.activation.diskmanagement.json ├── io.macadmins.activation.exampledaemon.json ├── io.macadmins.activation.exampleexecutable.json ├── io.macadmins.activation.management.ohai.json ├── io.macadmins.activation.myservice.json ├── io.macadmins.activation.pam.json ├── io.macadmins.activation.sshd.json ├── io.macadmins.activation.subs.json ├── io.macadmins.activation.sudo.json ├── io.macadmins.activation.swu.json ├── io.macadmins.activation.swu.settings.json ├── io.macadmins.activation.test.json └── io.macadmins.activation.zsh.json ├── assets ├── io.macadmins.asset.bash.json ├── io.macadmins.asset.exampledaemon.json ├── io.macadmins.asset.exampleexecutable.json ├── io.macadmins.asset.myservice.json ├── io.macadmins.asset.pam.json ├── io.macadmins.asset.sshd.json ├── io.macadmins.asset.sudo.json └── io.macadmins.asset.zsh.json ├── configurations ├── io.macadmins.config.bash.json ├── io.macadmins.config.diskmanagement.json ├── io.macadmins.config.exampledaemon.json ├── io.macadmins.config.exampleexecutable.json ├── io.macadmins.config.myservice.json ├── io.macadmins.config.pam.json ├── io.macadmins.config.sshd.json ├── io.macadmins.config.subs.json ├── io.macadmins.config.sudo.json ├── io.macadmins.config.swu.json ├── io.macadmins.config.swu.settings.json ├── io.macadmins.config.test.json └── io.macadmins.config.zsh.json ├── management ├── io.macadmins.management.ohai.json └── io.macadmins.management.props.json ├── sets ├── set.all.txt ├── set.default.txt └── set.template.txt └── zips ├── Makefile ├── README.md ├── bash └── etc │ └── profile ├── exampledaemon └── io.macadmins.exampledaemon.plist ├── exampleexecutable └── ddmctl ├── myservice └── myconfig ├── pam └── etc │ └── pam.d │ └── sudo_local ├── sshd └── etc │ └── ssh │ └── sshd_config ├── sudo └── etc │ └── sudoers └── zsh └── etc ├── zlogin ├── zlogout ├── zprofile ├── zshenv └── zshrc /.gitignore: -------------------------------------------------------------------------------- 1 | *.zip 2 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2023 macadmins 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ddm_examples 2 | Examples of DDM on macOS for use with kmfddm 3 | 4 | This repo contains a set of DDM declarations, including Configurations, Assets and Activations. 5 | 6 | Along with a [nanoMDM](https://github.com/micromdm/nanomdm) server, a [kmfddm](https://github.com/jessepeterson/kmfddm) server and [syncdir](https://github.com/jessepeterson/kmfddm/blob/main/tools/syncdir.py), one can test a good chunk of the new DDM server functionality that is landing in macOS 14.0, including Managed Software Updates. 7 | 8 | For more information about which declarations are supported on macOS 14.0, see Apple's [official repo for Device Management](https://github.com/apple/device-management/tree/seed_iOS-17-0_macOS-14-0/declarative) 9 | -------------------------------------------------------------------------------- /activations/io.macadmins.activation.bash.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.activation.bash", 3 | "Payload": { 4 | "StandardConfigurations": [ 5 | "io.macadmins.config.bash" 6 | ] 7 | }, 8 | "ServerToken": "", 9 | "Type": "com.apple.activation.simple" 10 | } 11 | -------------------------------------------------------------------------------- /activations/io.macadmins.activation.diskmanagement.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.activation.diskmanagement", 3 | "Payload": { 4 | "StandardConfigurations": [ 5 | "io.macadmins.config.diskmanagement" 6 | ] 7 | }, 8 | "ServerToken": "", 9 | "Type": "com.apple.activation.simple" 10 | } 11 | -------------------------------------------------------------------------------- /activations/io.macadmins.activation.exampledaemon.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.activation.exampledaemon", 3 | "Payload": { 4 | "StandardConfigurations": [ 5 | "io.macadmins.config.exampledaemon" 6 | ] 7 | }, 8 | "ServerToken": "", 9 | "Type": "com.apple.activation.simple" 10 | } 11 | -------------------------------------------------------------------------------- /activations/io.macadmins.activation.exampleexecutable.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.activation.exampleexecutable", 3 | "Payload": { 4 | "StandardConfigurations": [ 5 | "io.macadmins.config.exampleexecutable" 6 | ] 7 | }, 8 | "ServerToken": "", 9 | "Type": "com.apple.activation.simple" 10 | } 11 | -------------------------------------------------------------------------------- /activations/io.macadmins.activation.management.ohai.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.activation.management.ohai", 3 | "Payload": { 4 | "StandardConfigurations": [ 5 | "io.macadmins.management.ohai" 6 | ] 7 | }, 8 | "ServerToken": "", 9 | "Type": "com.apple.activation.simple" 10 | } 11 | -------------------------------------------------------------------------------- /activations/io.macadmins.activation.myservice.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.activation.myservice", 3 | "Payload": { 4 | "StandardConfigurations": [ 5 | "io.macadmins.config.myservice" 6 | ] 7 | }, 8 | "ServerToken": "", 9 | "Type": "com.apple.activation.simple" 10 | } 11 | -------------------------------------------------------------------------------- /activations/io.macadmins.activation.pam.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.activation.pam", 3 | "Payload": { 4 | "StandardConfigurations": [ 5 | "io.macadmins.config.pam" 6 | ] 7 | }, 8 | "ServerToken": "", 9 | "Type": "com.apple.activation.simple" 10 | } 11 | -------------------------------------------------------------------------------- /activations/io.macadmins.activation.sshd.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.activation.sshd", 3 | "Payload": { 4 | "StandardConfigurations": [ 5 | "io.macadmins.config.sshd" 6 | ] 7 | }, 8 | "ServerToken": "", 9 | "Type": "com.apple.activation.simple" 10 | } 11 | -------------------------------------------------------------------------------- /activations/io.macadmins.activation.subs.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.activation.simple", 3 | "Payload": { 4 | "StandardConfigurations": [ 5 | "io.macadmins.config.subs" 6 | ] 7 | }, 8 | "Identifier": "io.macadmins.activation.subs" 9 | } 10 | -------------------------------------------------------------------------------- /activations/io.macadmins.activation.sudo.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.activation.sudo", 3 | "Payload": { 4 | "StandardConfigurations": [ 5 | "io.macadmins.config.sudo" 6 | ] 7 | }, 8 | "ServerToken": "", 9 | "Type": "com.apple.activation.simple" 10 | } 11 | -------------------------------------------------------------------------------- /activations/io.macadmins.activation.swu.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.activation.swu", 3 | "Payload": { 4 | "StandardConfigurations": [ 5 | "io.macadmins.config.swu" 6 | ] 7 | }, 8 | "ServerToken": "", 9 | "Type": "com.apple.activation.simple" 10 | } 11 | -------------------------------------------------------------------------------- /activations/io.macadmins.activation.swu.settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.activation.swu.settings", 3 | "Payload": { 4 | "StandardConfigurations": [ 5 | "io.macadmins.config.swu.settings" 6 | ] 7 | }, 8 | "ServerToken": "", 9 | "Type": "com.apple.activation.simple" 10 | } 11 | -------------------------------------------------------------------------------- /activations/io.macadmins.activation.test.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.activation.simple", 3 | "Payload": { 4 | "StandardConfigurations": [ 5 | "io.macadmins.config.test" 6 | ], 7 | "Predicate": "@property(hello) == \"world\"" 8 | }, 9 | "Identifier": "io.macadmins.activation.test" 10 | } 11 | -------------------------------------------------------------------------------- /activations/io.macadmins.activation.zsh.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.activation.zsh", 3 | "Payload": { 4 | "StandardConfigurations": [ 5 | "io.macadmins.config.zsh" 6 | ] 7 | }, 8 | "ServerToken": "", 9 | "Type": "com.apple.activation.simple" 10 | } 11 | -------------------------------------------------------------------------------- /assets/io.macadmins.asset.bash.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.asset.bash", 3 | "Type": "com.apple.asset.data", 4 | "Payload": { 5 | "Reference": { 6 | "ContentType": "application/zip", 7 | "DataURL": "https://files.macadmins.io/bash-0.0.1.zip", 8 | "Hash-SHA-256": "e324ca3db42e5e75adcc2353f3a8d7ab2313075e461e4ba8fe446c4fd1fc629f" 9 | } 10 | }, 11 | "Authentication": { 12 | "Type": "None" 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /assets/io.macadmins.asset.exampledaemon.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.asset.exampledaemon", 3 | "Type": "com.apple.asset.data", 4 | "Payload": { 5 | "Reference": { 6 | "ContentType": "application/plist", 7 | "DataURL": "https://files.macadmins.io/io.macadmins.exampledaemon.plist", 8 | "Hash-SHA-256": "23b5ad7cd586dce311d0fe35a9032e5fd8de35bc8204fb14d33d878a7b0282c7" 9 | }, 10 | "Authentication": { 11 | "Type": "None" 12 | } 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /assets/io.macadmins.asset.exampleexecutable.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.asset.exampleexecutable", 3 | "Type": "com.apple.asset.data", 4 | "Payload": { 5 | "Reference": { 6 | "ContentType": "application/zip", 7 | "DataURL": "https://files.macadmins.io/exampleexecutable-0.0.1.zip", 8 | "Hash-SHA-256": "db4023e58224fb31e774837909f5d0ba4e54b80511b310905a3094a149a9d7a2" 9 | } 10 | }, 11 | "Authentication": { 12 | "Type": "None" 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /assets/io.macadmins.asset.myservice.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.asset.myservice", 3 | "Type": "com.apple.asset.data", 4 | "Payload": { 5 | "Reference": { 6 | "ContentType": "application/zip", 7 | "DataURL": "https://files.macadmins.io/myservice-0.0.1.zip", 8 | "Hash-SHA-256": "27e89351da8a326e94327b7b88917b1bf2b66c57bc6908c43407c95d6cc113a8" 9 | } 10 | }, 11 | "Authentication": { 12 | "Type": "None" 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /assets/io.macadmins.asset.pam.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.asset.pam", 3 | "Type": "com.apple.asset.data", 4 | "Payload": { 5 | "Reference": { 6 | "ContentType": "application/zip", 7 | "DataURL": "https://files.macadmins.io/pam-0.0.1.zip", 8 | "Hash-SHA-256": "90e7054f53977622c3334e5ff90d1d56dee2b58325bb81f95af5968650017d9b" 9 | } 10 | }, 11 | "Authentication": { 12 | "Type": "None" 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /assets/io.macadmins.asset.sshd.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.asset.sshd", 3 | "Type": "com.apple.asset.data", 4 | "Payload": { 5 | "Reference": { 6 | "ContentType": "application/zip", 7 | "DataURL": "https://files.macadmins.io/sshd-0.0.1.zip", 8 | "Hash-SHA-256": "708904b8ceb7fb26a7e10bc391e643d269ed13d91b6af3f2262f138ddf4f449c" 9 | } 10 | }, 11 | "Authentication": { 12 | "Type": "None" 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /assets/io.macadmins.asset.sudo.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.asset.sudo", 3 | "Type": "com.apple.asset.data", 4 | "Payload": { 5 | "Reference": { 6 | "ContentType": "application/zip", 7 | "DataURL": "https://files.macadmins.io/sudo-0.0.2.zip", 8 | "Hash-SHA-256": "967c8b4a9db1bf5c63576c006064fd02b7884a84a4ce6b0bf7af6527ebc65f1d" 9 | } 10 | }, 11 | "Authentication": { 12 | "Type": "None" 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /assets/io.macadmins.asset.zsh.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.asset.zsh", 3 | "Type": "com.apple.asset.data", 4 | "Payload": { 5 | "Reference": { 6 | "ContentType": "application/zip", 7 | "DataURL": "https://files.macadmins.io/zsh-0.0.3.zip", 8 | "Hash-SHA-256": "5ae05f6f3e0fa45e73512b716a52b13e5702ffbeeca5784d953257f3d4d696d4" 9 | } 10 | }, 11 | "Authentication": { 12 | "Type": "None" 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /configurations/io.macadmins.config.bash.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.configuration.services.configuration-files", 3 | "Identifier": "io.macadmins.config.bash", 4 | "Payload": { 5 | "ServiceType": "com.apple.bash", 6 | "DataAssetReference": "io.macadmins.asset.bash" 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /configurations/io.macadmins.config.diskmanagement.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.configuration.diskmanagement.settings", 3 | "Identifier": "io.macadmins.config.diskmanagement", 4 | "Payload": { 5 | "Restrictions": { 6 | "ExternalStorage": "Disallowed", 7 | "NetworkStorage": "Disallowed" 8 | } 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /configurations/io.macadmins.config.exampledaemon.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.configuration.services.background-tasks", 3 | "Identifier": "io.macadmins.config.exampledaemon", 4 | "Payload": { 5 | "TaskType": "io.macadmins.exampledaemon", 6 | "TaskDescription": "Example Daemon", 7 | "LaunchdConfigurations": [ 8 | { 9 | "FileAssetReference": "io.macadmins.asset.exampledaemon", 10 | "Context": "daemon" 11 | } 12 | ] 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /configurations/io.macadmins.config.exampleexecutable.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.configuration.services.background-tasks", 3 | "Identifier": "io.macadmins.config.exampleexecutable", 4 | "Payload": { 5 | "TaskDescription": "Example Executable", 6 | "TaskType": "io.macadmins.exampleexecutable", 7 | "ExecutableAssetReference": "io.macadmins.asset.exampleexecutable" 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /configurations/io.macadmins.config.myservice.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.configuration.services.configuration-files", 3 | "Identifier": "io.macadmins.config.myservice", 4 | "Payload": { 5 | "ServiceType": "io.macadmins.myservice", 6 | "DataAssetReference": "io.macadmins.asset.myservice" 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /configurations/io.macadmins.config.pam.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.configuration.services.configuration-files", 3 | "Identifier": "io.macadmins.config.pam", 4 | "Payload": { 5 | "ServiceType": "com.apple.pam", 6 | "DataAssetReference": "io.macadmins.asset.pam" 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /configurations/io.macadmins.config.sshd.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.configuration.services.configuration-files", 3 | "Identifier": "io.macadmins.config.sshd", 4 | "Payload": { 5 | "ServiceType": "com.apple.sshd", 6 | "DataAssetReference": "io.macadmins.asset.sshd" 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /configurations/io.macadmins.config.subs.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.configuration.management.status-subscriptions", 3 | "Payload": { 4 | "StatusItems": [ 5 | { 6 | "Name": "diskmanagement.filevault.enabled" 7 | }, 8 | { 9 | "Name": "services.background-task" 10 | }, 11 | { 12 | "Name": "softwareupdate.failure-reason" 13 | }, 14 | { 15 | "Name": "softwareupdate.install-reason" 16 | }, 17 | { 18 | "Name": "softwareupdate.install-state" 19 | }, 20 | { 21 | "Name": "softwareupdate.pending-version" 22 | } 23 | ] 24 | }, 25 | "Identifier": "io.macadmins.config.subs" 26 | } 27 | -------------------------------------------------------------------------------- /configurations/io.macadmins.config.sudo.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.configuration.services.configuration-files", 3 | "Identifier": "io.macadmins.config.sudo", 4 | "Payload": { 5 | "ServiceType": "com.apple.sudo", 6 | "DataAssetReference": "io.macadmins.asset.sudo" 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /configurations/io.macadmins.config.swu.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.configuration.softwareupdate.enforcement.specific", 3 | "Identifier": "io.macadmins.config.swu", 4 | "Payload": { 5 | "TargetOSVersion": "14.0", 6 | "TargetBuildVersion": "23A5286g", 7 | "TargetLocalDateTime": "2023-07-06T13:50:00", 8 | "DetailsURL": "https://www.apple.com" 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /configurations/io.macadmins.config.swu.settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.configuration.softwareupdate.settings", 3 | "Identifier": "io.macadmins.config.swu.settings", 4 | "Payload": { 5 | "AllowStandardUserOSUpdates": true, 6 | "AutomaticActions": { 7 | "Download": "AlwaysOn", 8 | "InstallOSUpdates": "AlwaysOn", 9 | "InstallSecurityUpdate": "AlwaysOn" 10 | }, 11 | "Beta": { 12 | "OfferPrograms": { 13 | "Descripion": "Seed Program", 14 | "Token": "TOKEN_GOES_HERE" 15 | }, 16 | "ProgramEnrollment": "Allowed", 17 | "RequireProgram": { 18 | "Descripion": "Seed Program", 19 | "Token": "TOKEN_GOES_HERE" 20 | } 21 | }, 22 | "Deferrals": { 23 | "CombinedPeriodInDays": 30, 24 | "MajorPeriodInDays": 90, 25 | "MinorPeriodInDays": 30, 26 | "SystemPeriodInDays": 30 27 | }, 28 | "Notifications": true, 29 | "RapidSecurityResponse": { 30 | "Enable": true, 31 | "EnableRollBack": true 32 | } 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /configurations/io.macadmins.config.test.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.configuration.management.test", 3 | "Payload": { 4 | "Echo": "KMFDDM" 5 | }, 6 | "Identifier": "io.macadmins.config.test" 7 | } 8 | -------------------------------------------------------------------------------- /configurations/io.macadmins.config.zsh.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.configuration.services.configuration-files", 3 | "Identifier": "io.macadmins.config.zsh", 4 | "Payload": { 5 | "ServiceType": "com.apple.zsh", 6 | "DataAssetReference": "io.macadmins.asset.zsh" 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /management/io.macadmins.management.ohai.json: -------------------------------------------------------------------------------- 1 | { 2 | "Identifier": "io.macadmins.management.ohai", 3 | "Payload": { 4 | "ohai": "mark" 5 | }, 6 | "Type": "com.apple.management.properties" 7 | } 8 | -------------------------------------------------------------------------------- /management/io.macadmins.management.props.json: -------------------------------------------------------------------------------- 1 | { 2 | "Type": "com.apple.management.properties", 3 | "Payload": { 4 | "hello": "world" 5 | }, 6 | "Identifier": "io.macadmins.management.props" 7 | } 8 | -------------------------------------------------------------------------------- /sets/set.all.txt: -------------------------------------------------------------------------------- 1 | # Activations 2 | io.macadmins.activation.bash 3 | io.macadmins.activation.myservice 4 | io.macadmins.activation.pam 5 | io.macadmins.activation.sshd 6 | io.macadmins.activation.subs 7 | io.macadmins.activation.sudo 8 | io.macadmins.activation.swu 9 | io.macadmins.activation.test 10 | io.macadmins.activation.zsh 11 | 12 | # Assets 13 | io.macadmins.asset.bash 14 | io.macadmins.asset.myservice 15 | io.macadmins.asset.pam 16 | io.macadmins.asset.sshd 17 | io.macadmins.asset.sudo 18 | io.macadmins.asset.zsh 19 | 20 | 21 | # Configs 22 | io.macadmins.config.bash 23 | io.macadmins.config.myservice 24 | io.macadmins.config.pam 25 | io.macadmins.config.sshd 26 | io.macadmins.config.subs 27 | io.macadmins.config.sudo 28 | io.macadmins.config.swu 29 | io.macadmins.config.test 30 | io.macadmins.config.zsh 31 | 32 | 33 | #Management 34 | io.macadmins.management.props 35 | -------------------------------------------------------------------------------- /sets/set.default.txt: -------------------------------------------------------------------------------- 1 | io.macadmins.activation.test 2 | io.macadmins.config.test 3 | io.macadmins.activation.subs 4 | io.macadmins.config.subs 5 | io.macadmins.management.props 6 | -------------------------------------------------------------------------------- /sets/set.template.txt: -------------------------------------------------------------------------------- 1 | ## Assets 2 | # Assets go here. They should be applied before anything else. 3 | # Examples: 4 | # io.macadmins.asset.zsh 5 | 6 | ## Configs 7 | # Configurations go here. They should be specified before the activiation references them 8 | # Examples: 9 | # io.macadmins.config.swu 10 | # io.macadmins.config.zsh 11 | 12 | ## Activations 13 | # Examples: 14 | # Add activations here. A config will not be applied unless there is an activation for it. Create this last 15 | # io.macadmins.activation.swu 16 | # io.macadmins.activation.zsh 17 | 18 | ## Management 19 | # Management items go here. They seem to be standalone-ish and work without an explicit activation 20 | # Examples: 21 | # io.macadmins.management.props 22 | -------------------------------------------------------------------------------- /zips/Makefile: -------------------------------------------------------------------------------- 1 | URL="https://files.macadmins.io" 2 | AUTH_TYPE="None" 3 | 4 | all: \ 5 | bash-0.0.1.zip \ 6 | exampledaemon-0.0.1.zip \ 7 | exampleexecutable-0.0.1.zip \ 8 | myservice-0.0.1.zip \ 9 | pam-0.0.1.zip \ 10 | sshd-0.0.1.zip \ 11 | sudo-0.0.1.zip \ 12 | zsh-0.0.1.zip 13 | 14 | # the individual targets for file-up-to-date checking 15 | bash-0.0.1.zip: $(shell find bash -type f) 16 | exampledaemon-0.0.1.zip: $(shell find exampledaemon -type f) 17 | exampleexecutable-0.0.1.zip: $(shell find exampledaemon -type f) 18 | myservice-0.0.1.zip: $(shell find myservice -type f) 19 | pam-0.0.1.zip: $(shell find pam -type f) 20 | sshd-0.0.1.zip: $(shell find sshd -type f) 21 | sudo-0.0.1.zip: $(shell find sudo -type f) 22 | zsh-0.0.1.zip: $(shell find zsh -type f) 23 | 24 | %-0.0.1.zip: % 25 | rm -f $@ 26 | cd $< && zip -r ../$@ . 27 | cat ../assets/io.macadmins.asset.$<.json > /tmp/decl.tmp.json 28 | jq --tab '.Payload.Reference."Hash-SHA-256" = "'$$(shasum -a 256 $@ | awk '{print $$1}')'" | .Payload.Reference.DataURL = "'$(URL)/$@'" | .Authentication.Type = "'$(AUTH_TYPE)\" /tmp/decl.tmp.json > /tmp/decl.tmp.upd.json 29 | cp /tmp/decl.tmp.upd.json ../assets/io.macadmins.asset.$<.json 30 | rm /tmp/decl.tmp.json /tmp/decl.tmp.upd.json 31 | 32 | clean: 33 | rm -f *.zip 34 | 35 | .PHONY: all clean 36 | -------------------------------------------------------------------------------- /zips/README.md: -------------------------------------------------------------------------------- 1 | To bundle a zip into an asset file for distribution, run `make`. This will 2 | 3 | * bundle the sub-directories into a `.zip` archive called e.g. `pam-0.0.1.zip` 4 | * SHA-256 this and update the asset declaration in `../assets` 5 | 6 | If you already have `.zip` files built you may need to `make clean` to regenerate them. -------------------------------------------------------------------------------- /zips/bash/etc/profile: -------------------------------------------------------------------------------- 1 | export TEST1=profile 2 | -------------------------------------------------------------------------------- /zips/exampledaemon/io.macadmins.exampledaemon.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Label 6 | io.macadmins.exampledaemon 7 | ProgramArguments 8 | 9 | /usr/bin/touch 10 | /tmp/ddmtest 11 | 12 | RunAtLoad 13 | 14 | StartInterval 15 | 60 16 | 17 | 18 | -------------------------------------------------------------------------------- /zips/exampleexecutable/ddmctl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/macadmins/ddm_examples/f2c23934b9ed5826b02c376eb3b50718b295b039/zips/exampleexecutable/ddmctl -------------------------------------------------------------------------------- /zips/myservice/myconfig: -------------------------------------------------------------------------------- 1 | # This is my config for my service 2 | wat=ok 3 | -------------------------------------------------------------------------------- /zips/pam/etc/pam.d/sudo_local: -------------------------------------------------------------------------------- 1 | # sudo_local: local config file which survives system update and is included for sudo 2 | auth sufficient pam_tid.so 3 | -------------------------------------------------------------------------------- /zips/sshd/etc/ssh/sshd_config: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/macadmins/ddm_examples/f2c23934b9ed5826b02c376eb3b50718b295b039/zips/sshd/etc/ssh/sshd_config -------------------------------------------------------------------------------- /zips/sudo/etc/sudoers: -------------------------------------------------------------------------------- 1 | %staff ALL = (ALL) ALL 2 | -------------------------------------------------------------------------------- /zips/zsh/etc/zlogin: -------------------------------------------------------------------------------- 1 | echo "Logging in" 2 | -------------------------------------------------------------------------------- /zips/zsh/etc/zlogout: -------------------------------------------------------------------------------- 1 | echo "Logging out" 2 | -------------------------------------------------------------------------------- /zips/zsh/etc/zprofile: -------------------------------------------------------------------------------- 1 | export TEST1=zprofile 2 | -------------------------------------------------------------------------------- /zips/zsh/etc/zshenv: -------------------------------------------------------------------------------- 1 | export TEST2=zshenv 2 | -------------------------------------------------------------------------------- /zips/zsh/etc/zshrc: -------------------------------------------------------------------------------- 1 | export TEST3=zshrc 2 | --------------------------------------------------------------------------------