Skip to content
/ B2-Middleware Public

Securely access a munki repo hosted on Backblaze B2

10 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sphen13/B2-Middleware

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
.gitignore
.gitignore
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
b2-root.pem
b2-root.pem
 
 
middleware_b2.py
middleware_b2.py
 
 
postinstall
postinstall
 
 

Repository files navigation

What is B2 Middleware?

B2 Middleware enables managed clients to securely access a munki repo from Backblaze's B2 Cloud Storage. B2 offers aggressive pricing for both storage and access.

B2 Middleware uses a private Application Key to get authorization for private B2 resources. Each request includes an expiration date after which the request is no longer valid.

Requirements

Configure a managed client to access the CloudFront munki repo.

  1. Install middleware_b2.py to /usr/local/munki/.

  2. Install b2-root.pem to /usr/local/munki/. This is required for munki embedded python3 compatibility

  3. Set the munki preference SoftwareRepoURL to the following format:

    https://b2/BUCKET_NAME/PATH

    This middleware looks specifically for a URL starting with https://b2 to be triggered. The first folder will be your bucket name. If you have your munki repo within a subfolder on this bucket please also provide that as well. The additional path is not needed if your repo is based at the root of your bucket.

  4. Set B2 Middleware preferences for your Account ID, Application Key, and the resource expiration timeout in seconds. If unset expiration will default to 30 minutes.

    sudo defaults write /Library/Preferences/ManagedInstalls B2AccountID -string "ACCOUNT_ID"
sudo defaults write /Library/Preferences/ManagedInstalls B2ApplicationKey -string "APPLICATION_KEY"
sudo defaults write /Library/Preferences/ManagedInstalls B2ValidDuration -int 3600

  5. Run munki and verify that B2 requests are being made.

    sudo managedsoftwareupdate --checkonly -vvv

Build a luggage package to install B2 Middleware

The included luggage makefile can be used to create an installer package for B2 Middleware.

  1. Replace the account_id and application_key on line 4+5 of the postinstall script with the appropriate values from Backblaze B2.
  2. make pkg and install.
  3. Set your SoftwareRepoURL to https://b2/BUCKET_NAME/PATH as stated in step 2 above.

Syncing a local repo with B2

One way you can sync your repo with B2 is with the commandline tool. For example:

b2 sync --excludeRegex '(.*\.DS_Store)|(.*\.git/.*)' --delete /path/to/munki/ https://b2/<B2_BUCKET_GOES_HERE>

About

Securely access a munki repo hosted on Backblaze B2

Topics

backblaze-b2 munki

Resources

Readme
Activity

Stars

10 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases 3

v1.2 Latest
Oct 10, 2018
+ 2 releases

Packages

No packages published

Languages