added micromdm state

states/micromdm/config.sls

@@ -0,0 +1 @@
+---

states/micromdm/defaults.yaml

@@ -0,0 +1,23 @@
+---
+micromdm:
+  enabled: true
+  mirror: "https://github.com/micromdm/micromdm/releases/download"
+  install_dir: "/usr/local/apps"
+  release_dir: "/usr/local/apps/releases"
+  config_path: "/var/lib/micromdm/db"
+  filerepo: "/var/lib/micromdm/repo"
+  url: "https://mdm.acme.com"
+  tls: false
+  api_key: 1234
+  command_webhook_url: "https://mdm.acme.com"
+  version: "1.9.0"
+  os: linux
+  arch: amd64
+  uid: 902
+  gid: 902
+  user:
+    name: micromdm
+    uid: 902
+  group:
+    name: micromdm
+    gid: 902

states/micromdm/init.sls

@@ -0,0 +1,5 @@
+---
+include:
+  - .install
+  - .config
+  - .service

states/micromdm/install.sls

@@ -0,0 +1,55 @@
+---
+{%- from "micromdm/map.jinja" import micromdm with context %}
+micromdm-group:
+  group.present:
+    - name: micromdm
+    - gid: {{ micromdm.group.gid }}
+    - watch_in:
+      - service: micromdm-service
+
+micromdm-user:
+  user.present:
+    - name: micromdm
+    - uid: {{ micromdm.user.uid }}
+    - gid: {{ micromdm.group.gid }}
+    - allow_uid_change: true
+    - allow_gid_change: true
+    - home: /var/lib/micromdm
+    - watch_in:
+      - service: micromdm-service
+
+micromdm-archive-extract:
+  archive.extracted:
+    - name: {{ micromdm.release_dir }}/micromdm-{{ micromdm.version }}
+    - source: {{ micromdm.mirror }}/micromdm_v{{ micromdm.version }}.zip
+    - skip_verify: true
+    - enforce_toplevel: false
+    - if_missing: {{ micromdm.release_dir }}/micromdm-{{ micromdm.version }}/micromdm
+    - watch_in:
+      - service: micromdm-service
+
+micromdm-bin-symlink:
+  file.symlink:
+    - name: {{ micromdm.install_dir }}/micromdm
+    - target: {{ micromdm.release_dir }}/micromdm-{{ micromdm.version }}
+
+micromdm-data-dir:
+  file.directory:
+    - name: {{ micromdm.data_dir }}
+    - user: {{ micromdm.user.uid }}
+    - group: {{ micromdm.group.gid }}
+    - watch_in:
+    - service: micromdm-service
+
+{%- for bin in ['mdmctl'] %}
+micromdm-{{ bin }}-symlink:
+  file.symlink:
+    - name: /usr/local/sbin/{{ bin }}
+    - target: {{ micromdm.install_dir }}/micromdm/{{ bin }}
+{%- endfor %}
+
+micromdm-cleanup:
+  software.cleanup:
+    - name: micromdm
+    - path: {{ micromdm.release_dir }}
+    - version: "{{ micromdm.version }}"

states/micromdm/kernelmap.yaml

@@ -0,0 +1,3 @@
+---
+Linux:
+  os: "linux"

states/micromdm/map.jinja

@@ -0,0 +1,14 @@
+{%- import_yaml "micromdm/defaults.yaml" as default_settings -%}
+
+{%- import_yaml "micromdm/kernelmap.yaml" as kernelmap -%}
+{%- import_yaml "micromdm/osarchmap.yaml" as osarchmap -%}
+
+{%- set defaults = salt['grains.filter_by'](default_settings,
+      default='micromdm',
+        merge=salt['grains.filter_by'](osarchmap, grain='osarch',
+          merge=salt['grains.filter_by'](kernelmap, grain='kernel')
+        )
+      )
+-%}
+
+{%- set micromdm = salt['pillar.get']('micromdm', default=defaults, merge=True) -%}

states/micromdm/micromdm.service.j2

@@ -0,0 +1,18 @@
+{%- from "micromdm/map.jinja" import micromdm with context -%}
+## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}
+[Unit]
+Description=Mobile Device Management server
+Documentation=https://github.com/micromdm/micromdm
+After=network-online.target
+
+[Service]
+User={{ micromdm.user.name }}
+Group={{ micromdm.group.name }}
+LimitNOFILE=65536
+ExecStart={{ micromdm.install_dir }}/micromdm/micromdm serve --config-path={{ micromdm.config_path }} -server-url={{ micromdm.url }} -api-key={{ micromdm.api_key }} -filerepo={{ micromdm.filerepo }} -tls={{ micromdm.tls }} -command-webhook-url={{ micromdm.command_webhook_url }}
+KillMode=control-group
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
+Alias=micromdm.service

states/micromdm/osarchmap.yaml

@@ -0,0 +1,21 @@
+---
+amd64:
+  arch: "amd64"
+
+x86_64:
+  arch: "amd64"
+
+386:
+  arch: "386"
+
+arm64:
+  arch: "arm64"
+
+armv6l:
+  arch: "arm"
+
+armv7l:
+  arch: "arm"
+
+armhf:
+  arch: "arm"

states/micromdm/service.sls

@@ -0,0 +1,15 @@
+---
+{%- from "micromdm/map.jinja" import micromdm with context %}
+micromdm-service-file:
+  file.managed:
+    - name: /etc/systemd/system/micromdm.service
+    - source: salt://micromdm/micromdm.service.j2
+    - user: root
+    - group: root
+    - mode: 644
+    - template: jinja
+
+micromdm-service:
+  service.running:
+    - name: micromdm
+    - enable: true