AutoDMG / Outset / Munki bootstrap workflow

Update December, 2018: Because of the changes that came with Apple’s T2 chips, I wouldn’t recommend the below workflow any more. Instead, I’d recommend a DEP=>MDM=>Munki workflow instead.

I wanted to create a workflow that involved pretty much just imaging a new machine with a thin image and then having the image itself pull updates. Sounds simple, but I had to do quite a bit of experimenting to figure out the exact flow.

What to include with AutoDMG

Include in the AutoDMG-created image only CreateUserPkg (for one default user), Outset (for boot and login scripts), the latest Munki tools, and a special “.pkg” that puts some scripts in place to run at boot.

The special .pkg

In addition to distributing various payloads, it’s key that the special .pkg have a postinstall script that runs

sudo touch “$3″/var/db/.AppleSetupDone

This cannot be an Outset script. It has to be part of the AutoDMG-created never-booted image, because if you boot the previously-never-booted image without the .AppleSetupDone file in place, you’ll be prompted to do all the Mac setup stuff (e.g., create a user, select the time zone, connect to a wireless network manually) at first boot.

One of the payloads should be a script that goes into the /usr/local/outset/boot-every directory, because Outset won’t run boot-once scripts unless there’s a network connection by default—you can change the preferences .plist and deploy it, but I find it easier to just use a boot-every script. This script will do several things:

  • Check for a Munki preferences file. If the file exists, self-delete (otherwise the script will run at every boot).
  • Create Munki preferences.
  • Create the Munki bootstrap file.
  • Connect to a wireless network to pull in updates.
  • Reboot after waiting a minute (just to give a little time for the wireless connection to finish).***

*** In real-world testing, if you put in your script to wait one minute before shutting down, it may sometimes take more than one minute for the reboot to happen. In a recent test I did, it took about four minutes from first boot for the next reboot to happen. And then the reboot after that (the one that triggered the Munki bootstrap) took about 90 seconds.

After that, the Munki bootstrap file should take care of any subsequent reboots and updates until the machine is fully updated.


Posted

in

by

Comments

3 responses to “AutoDMG / Outset / Munki bootstrap workflow”

  1. […] Whether you decide to go with DeployStudio, Imagr, or even a local Thunderbolt ("bronze master"), you'll probably want to look into using AutoDMG to create that thin, never-booted Mac image. Here's an example workflow using AutoDMG and Munki: AutoDMG / Outset / Munki bootstrap workflow. […]

  2. Rick Davis Avatar
    Rick Davis

    Trying to follow these instructions to reconfigure a 10.11 lab of Mac Mini’s to 10.13. My plan is to create an installer with AutoDmg that includes a MacOS 10.13, a CreateUserPkg, Outset (although I have never used Outset, so have some reading to do) and MunkiTools. Are there sample scripts to use to create the scripts that will perform the suggested steps for the “special” .pkg?

    1. Alan Siu Avatar
      Alan Siu

      Rick, you can try creating a payload-free package: https://github.com/rtrouton/Payload-Free-Package-Creator

Leave a Reply

Your email address will not be published. Required fields are marked *