Let’s Encrypt Signed Certificate for Server App and Profile Manager

1. Instal Homebrew

ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
brew doctor
brew update
 
2. Instal Certbot

brew install certbot
 
3. Create Certificate

sudo certbot --apache -w /Library/Server/Web/Data/Sites/Default/ -d server.mydomain.com
 
4. Copy Certificate to Desktop

sudo cp -r /etc/letsencrypt/live/server.mydomain.com~/Desktop/certbot/
 
5. Import in server App (All files)
 
6. Test Auto-renewal

sudo certbot renew --dry-run
 
7. Profile Manager Setup
    Turn off Websites and Profile manager
    Go to Certificates and select the new certificate you imported from the drop down
    Turn on Websites and Profile manager (If you have been signed profiles, change that too in the Profile manager page)
 
7. Test
    Test, test, test

How to upgrade munkireport-php (2.x to 3.x) on MacOS (Server)

 
  1. Rename reports folder to reportsOLD
  2. Copy the updated files to the repo (rename to reports)
  3. Copy the config.php(root) & database(/app/db/)
  4. Upgrade server to PHP v7 
 
sudo curl -s https://php-osx.liip.ch/install.sh | bash -s 7.1 
   
    Edit /Library/Server/Web/Config/apache2/httpd_server_app.conf 
    Comment out the default php5 module 
 
#LoadModule php5_module libexec/apache2/libphp5.so 
    
    Add a path to include a custom import for PHP 7 
 
#Updated php module settings 
Include /private/etc/apache2/custom/php7-include.conf 
    
    Create a new directory for custom
 
sudo mkdir  /etc/apache2/custom
 
    Create the file /etc/apache2/custom/php7-include.conf with the contents 
 
LoadModule php7_module /usr/local/php5/libphp7.so      
<IfModule php7_module>     
        AddType application/x-httpd-php .php     
        AddType application/x-httpd-php-source .phps
    <IfModule dir_module>         
        DirectoryIndex index.html index.php     
    </IfModule> 
</IfModule> 
                
    Run
export PATH=/usr/local/php5/bin:$PATH
    (php -v to test)
 
    Restart the Server.app httpd process 
sudo launchctl stop com.apple.server.httpd
sudo launchctl start com.apple.server.httpd
           
        
  1. CD to reports
  1. Upgrade:
php composer.phar install –no-dev –no-suggest –optimize-autoloader
  1. The new URL will have /public at the end.
  2. Create a package to update the clients to look at the the new URL (/public) – Use Munki
or do it the correct way by following this : https://github.com/munkireport/munkireport-php/wiki/Server-setup#source-files

Auto setup the Adobe Update Server Setup Tool (AUSST)

Launch Terminal and type:

bash <(curl -Ls https://raw.githubusercontent.com/djquazzi/Scripts/master/ausstsetup.sh)

Munki tools System Preference Pane

Very simple way of viewing some client side details of an enrolled munki client

http://pathofleastresistance.co.za/downloads/Munki.prefPane.zip

Enjoy