Extremely Basic Setup of a Munki 2 Repository on Ubuntu

This is a pretty trivial task but one that I’ve had to do a couple times and managed to forget some steps along the way.
So here is a rundown of what is required to create a Munki 2 repository on Ubuntu using Apache and WebDav

First things first.

1. Install Ubuntu

2. Update and Upgrade: sudo apt-get update && sudo apt-get upgrade

3. Install Apache2 and the Apache2-utils: sudo apt-get install apache2 apache2-utils

4. Enable the Web Dav Module in Apache: a2enmod dav_fs

5. Configure the Munki Repo. I like to use: /var/www
First remove any content in /var/www

rm -rf /var/www/*

Create the Munki 2 folder structure:

   cd /var/www
   mkdir catalogs manifests pkgs pkgsinfo icons client_resources

6. Configure WebDAV by editing: /etc/apache2/mods-enabled/dav_fs.conf
Ensure it has the following content:

DAVLockDB ${APACHE_LOCK_DIR}/DAVLock
Alias /munki_repo /var/www
<Location /munki_repo>
    DAV On
    Options None
    <LimitExcept GET OPTIONS>
         Order allow,deny
         Allow from all
    </LimitExcept>
</Location>

7. Configure the default site by editing: /etc/apache2/sites-enabled/000-default.conf
Ensure it has the following content:

<VirtualHost *:80>
    DocumentRoot /var/www/
    
    Alias /catalogs/ /var/www/catalogs/
    Alias /manifests/ /var/www/manifests/
    Alias /pkgs/ /var/www/pkgs/
    Alias /icons/ /var/www/icons/
    Alias /client_resources/ /var/www/client_resources/

    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>
    
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

8. Restart Apache with: sudo apachectl restart

9. To test WebDAV try accessing the webdav share in the Finder using

http://yourmunkiserver/munki_repo

you should be able to access as guest

10. To test pkg downloads, ensure there is a pkg in the pkgs folder in your munki repo and then with a web browser try accessing

http://yourmunkiserver/pkgs/nameofpackage.pkg

it should download.

Additional Steps:
In order to prevent directory listing:
edit /etc/apache2/apache2.conf
find the section that looks like

<Directory />
Options Indexes FollowSymLinks
AllowOverride None
Require all denied
</Directory>

Now remove the word Indexes and restart apache

You should now not be able to browse the directory structure in a web browser

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s