mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-18 08:17:23 +00:00
update regarding modules, lint and expand puppet manifest.
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
This commit is contained in:
Thomas Sjögren
parent
c1f29d099a
commit
c9fb9f514d
@ -60,7 +60,7 @@ Download the onboarding package from Microsoft Defender Security Center:
|
|||||||
|
|
||||||
## Create a Puppet manifest
|
## Create a Puppet manifest
|
||||||
|
|
||||||
You need to create a Puppet manifest for deploying Microsoft Defender ATP for Linux to devices managed by a Puppet server. This example makes use of the *apt* module available from puppetlabs, and assumes that the apt module has been installed on your Puppet server.
|
You need to create a Puppet manifest for deploying Microsoft Defender ATP for Linux to devices managed by a Puppet server. This example makes use of the *apt* and *yumrepo* module available from puppetlabs, and assumes that the modules has been installed on your Puppet server.
|
||||||
|
|
||||||
Create the folders *install_mdatp/files* and *install_mdatp/manifests* under the modules folder of your Puppet installation. This is typically located in */etc/puppetlabs/code/environments/production/modules* on your Puppet server. Copy the mdatp_onboard.json file created above to the *install_mdatp/files* folder. Create an *init.pp* file that contains the deployment instructions:
|
Create the folders *install_mdatp/files* and *install_mdatp/manifests* under the modules folder of your Puppet installation. This is typically located in */etc/puppetlabs/code/environments/production/modules* on your Puppet server. Copy the mdatp_onboard.json file created above to the *install_mdatp/files* folder. Create an *init.pp* file that contains the deployment instructions:
|
||||||
|
|
||||||
@ -86,44 +86,63 @@ In order to preview new features and provide early feedback, it is recommended t
|
|||||||
|
|
||||||
Note your distribution and version and identify the closest entry for it under `https://packages.microsoft.com/config/`.
|
Note your distribution and version and identify the closest entry for it under `https://packages.microsoft.com/config/`.
|
||||||
|
|
||||||
In the below commands, replace *[distro]* and *[version]* with the information you've identified:
|
|
||||||
|
|
||||||
> [!NOTE]
|
|
||||||
> In case of Oracle EL and CentOS 8, replace *[distro]* with “rhel”.
|
|
||||||
|
|
||||||
```puppet
|
```puppet
|
||||||
class install_mdatp {
|
# Puppet manifest to install Microsoft Defender ATP.
|
||||||
|
# @param channel The release channel based on your environment, insider-fast or prod.
|
||||||
|
# @param distro The Linux distribution in lowercase. In case of RedHat, Oracle EL and CentOS 8, the distro variable should be 'rhel'.
|
||||||
|
# @param version The Linux distribution release number, e.g. 7.4.
|
||||||
|
|
||||||
if ($osfamily == 'Debian') {
|
class install_mdatp (
|
||||||
|
$channel = 'insiders-fast',
|
||||||
|
$distro = undef,
|
||||||
|
$version = undef
|
||||||
|
){
|
||||||
|
case $::osfamily {
|
||||||
|
'Debian' : {
|
||||||
apt::source { 'microsoftpackages' :
|
apt::source { 'microsoftpackages' :
|
||||||
location => 'https://packages.microsoft.com/[distro]/[version]/prod', # change the version and distro based on your OS
|
location => "https://packages.microsoft.com/${distro}/${version}/prod",
|
||||||
release => '[channel]',
|
release => $channel,
|
||||||
repos => 'main',
|
repos => 'main',
|
||||||
key => {
|
key => {
|
||||||
'id' => 'BC528686B50D79E339D3721CEB3E94ADBE1229CF',
|
'id' => 'BC528686B50D79E339D3721CEB3E94ADBE1229CF',
|
||||||
'server' => 'https://packages.microsoft.com/keys/microsoft.asc',
|
'server' => 'keyserver.ubuntu.com',
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
'RedHat' : {
|
||||||
yumrepo { 'microsoftpackages' :
|
yumrepo { 'microsoftpackages' :
|
||||||
baseurl => 'https://packages.microsoft.com/[distro]/[version]/[channel]', # change the version and distro based on your OS
|
baseurl => "https://packages.microsoft.com/${distro}/${version}/${channel}",
|
||||||
enabled => 1,
|
enabled => 1,
|
||||||
gpgcheck => 1,
|
gpgcheck => 1,
|
||||||
gpgkey => 'https://packages.microsoft.com/keys/microsoft.asc'
|
gpgkey => 'https://packages.microsoft.com/keys/microsoft.asc'
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
default : { fail("${::osfamily} is currently not supported.") }
|
||||||
|
}
|
||||||
|
|
||||||
|
case $::osfamily {
|
||||||
|
/(Debian|RedHat)/: {
|
||||||
|
file { ['/etc/opt', '/etc/opt/microsoft', '/etc/opt/microsoft/mdatp']:
|
||||||
|
ensure => directory,
|
||||||
|
owner => root,
|
||||||
|
group => root,
|
||||||
|
mode => '0755'
|
||||||
|
}
|
||||||
|
|
||||||
|
file { '/etc/opt/microsoft/mdatp/mdatp_onboard.json':
|
||||||
|
source => 'puppet:///modules/mdatp/mdatp_onboard.json',
|
||||||
|
owner => root,
|
||||||
|
group => root,
|
||||||
|
mode => '0600',
|
||||||
|
require => File['/etc/opt/microsoft/mdatp']
|
||||||
|
}
|
||||||
|
|
||||||
package { 'mdatp':
|
package { 'mdatp':
|
||||||
ensure => 'installed',
|
ensure => 'installed',
|
||||||
|
require => File['/etc/opt/microsoft/mdatp/mdatp_onboard.json']
|
||||||
}
|
}
|
||||||
|
|
||||||
file { ['/etc', '/etc/opt', '/etc/opt/microsoft', '/etc/opt/microsoft/mdatp']:
|
|
||||||
ensure => directory,
|
|
||||||
}
|
}
|
||||||
file { '/etc/opt/microsoft/mdatp/mdatp_onboard.json':
|
default : { fail("${::osfamily} is currently not supported.") }
|
||||||
mode => "0644",
|
|
||||||
source => 'puppet:///modules/install_mdatp/mdatp_onboard.json',
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user