a1e5c500c0
<!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> **Related issue:** Resolves #37072 # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] If paths of existing endpoints are modified without backwards compatibility, checked the frontend/CLI for any necessary changes ## Testing - [x] Added/updated automated tests - [x] Where appropriate, [automated tests simulate multiple hosts and test for host isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing) (updates to one hosts's records do not affect another) - [x] QA'd all new/changed functionality manually |
||
|---|---|---|
| .. | ||
| client | ||
| cmd | ||
| docs | ||
| godep | ||
| http | ||
| log | ||
| parse | ||
| proxy | ||
| storage | ||
| sync | ||
| tokenpki | ||
| tools | ||
| LICENSE | ||
| README.md | ||
NanoDEP
The contents of this directory were copied (on February 2024) from https://github.com/fleetdm/nanomdm (the
apple-mdmbranch) which was forked from https://github.com/micromdm/nanodep.
NanoDEP is a set of tools and a Go library powering them for communicating with Apple's Device Enrollment Program (DEP) API servers.
Getting started & Documentation
-
Quickstart A guide to get NanoDEP up and running quickly.
-
Operations Guide A brief overview of the various tools and utilities for working with NanoDEP.
Tools and utilities
NanoDEP contains a few tools and utilities. At a high level:
- DEP configuration & reverse proxy server. The primary server component, called
depserveris used for configuring NanoDEP and talking with Apple's DEP servers. It hosts its own API for configuring MDM server instances used with Apple's servers (called DEP names) and also hosts a transparently authenticating reverse proxy for talking 'directly' to Apple's DEP API endpoints. - Device sync & assigner. The
depsyncertool handles the device fetch/sync cursor logic to continually retrieve the assigned devices from one or more Apple DEP MDM server instance(s). - Scripts, tools, and helpers.
- A set of tools and utilities for talking to the Apple DEP API services — mostly implemented as shell scripts that communicate to the
depserver. - A stand-alone
deptokenstool for locally working with certificate generation for DEP token decryption.
- A set of tools and utilities for talking to the Apple DEP API services — mostly implemented as shell scripts that communicate to the
See the Operations Guide for more details and usage documentation.
Go library
NanoDEP is also a Go library for accessing the Apple DEP APIs. There are two components to the Go library:
- The higher-level godep package implements Go methods and structures for talking to the individual DEP API endpoints.
- The lower-level client package implements primitives, helpers, and middleware for authenticating to the DEP API and managing sessions tokens.
See the Go Reference documentation (or the Go source itself, of course) for details on these packages.