puppet-crypt
This is a Puppet module to install and configure Crypt.
Configuration
---
classes:
- crypt
crypt::crypt_version: "3.0.0"
crypt::server_url: "http://crypt"
crypt::remove_plist: true
crypt::package_source: "puppet:///modules/bigfiles/crypt/my_special_crypt.pkg"
crypt::payload_organization: "Example Organization"
crypt::crypt_files:
- "/Library/Crypt/checkin"
- "/Library/Crypt/FoundationPlist.py"
- "/Library/LaunchDaemons/com.grahamgilbert.crypt.plist"
- "/Library/Security/SecurityAgentPlugins/Crypt.bundle/Contents/MacOS/Crypt"
crypt::wait_for_user: false
crypt::force_install: false
crypt::output_path: "/var/root/crypt_output.plist"
The path to the install package on your Puppet server. Defaults to puppet:///modules/bigfiles/crypt/-${munkitools_version}.pkg
, which means that the install package should be in the bigfiles
module, in files/crypt
, named to match the version.
By default this module will only manage Crypt on macOS devices that are either:
- Laptops
- Have Crypt managed by Munki
If you wish to install and configure it on all macOS devices, regardless of their state, set crypt::force_install
to true
.
There have been issues with installing and configuring Crypt's modifications to the Authorization database when there are no users configured on the system. To stop this happening, set crypt::wait_for_user
to true
(the default). Set this to false
only if you know the risks involved.
Pass a list of files to watch for that if missing, will trigger an installation of the Crypt package via crypt::crypt_files
. The defaults should be fine, unless the package has been modified.