Fixed configs. Currently working locally. (#25)

* Fixed configs. Currently working locally.

* Merging with recent changes.

* Comment out bootstrap package URL

* Comment our bootstrap package URL

---------

Co-authored-by: Noah Talerman <[email protected]>

Author: getvictor

default.yml

@@ -5,17 +5,19 @@
 controls: # Controls added to "No team"
   macos_settings:
     custom_settings:
-    - path: ../lib/macos-os-updates.ddm.json
-    - path: ../lib/macos-password.mobileconfig
+      - path: ./lib/macos-password.mobileconfig
+#     DDM support coming soon
+#     - path: ../lib/macos-os-updates.ddm.json
   windows_settings:
     custom_settings:
-    - path: ../lib/windows-screenlock.xml
+    - path: ./lib/windows-screenlock.xml
   scripts:
-  - path: ../lib/collect-fleetd-logs.sh
+    - path: ./lib/collect-fleetd-logs.sh
 queries:
-- path: ./lib/collect-fleetd-update-channel.queries.yml
+- path: ./lib/collect-fleetd-update-channels.queries.yml
 policies:
-agent_options: ./lib/agent-options.yml
+agent_options:
+  path: ./lib/agent-options.yml
 org_settings:
   server_settings:
     debug_host_ids:
@@ -51,4 +53,6 @@ org_settings:
     transparency_url: https://fleetdm.com/transparency
   host_expiry_settings: # Applies to all teams
     host_expiry_enabled: false
-  features: # Features added to all teams
+  features: # Features added to all teams
+  secrets: # These secrets are used to enroll hosts to the "All teams" team
+    - secret: "$FLEET_GLOBAL_ENROLL_SECRET"

lib/agent-options.yml

@@ -1,13 +1,13 @@
-command_line_flags: {}
+command_line_flags:
 config:
   decorators:
     load:
     - SELECT uuid AS host_uuid FROM system_info;
     - SELECT hostname AS hostname FROM system_info;
   options:
     disable_distributed: false
-    distributed_interval: 5
+    distributed_interval: 10
     distributed_plugin: tls
     distributed_tls_max_attempts: 3
     logger_tls_endpoint: /api/v1/osquery/log
-    pack_delimiter: /
+    pack_delimiter: /

lib/collect-failed-login-attempts.queryies.yml renamed to lib/collect-failed-login-attempts.queries.yml

@@ -3,4 +3,5 @@
   query: SELECT users.username, account_policy_data.failed_login_count, account_policy_data.failed_login_timestamp FROM users INNER JOIN account_policy_data using (uid) WHERE account_policy_data.failed_login_count > 0;
   interval: 300 # 5 minutes
   observer_can_run: false
-  automations_enabled: false
+  automations_enabled: false
+  platform: darwin,linux,windows

lib/collect-fleetd-update-channels.queries.yml

@@ -4,3 +4,4 @@
   interval: 300 # 5 minutes
   observer_can_run: true
   automations_enabled: false
+  platform: darwin,linux,windows

teams/workstations-canary.yml

@@ -11,22 +11,22 @@ controls:
     deadline: "2023-08-11"
     minimum_version: "13.5"
   windows_updates:
-    deadline: "5"
-    grace_period: "2"
+    deadline_days: 5
+    grace_period_days: 2
   macos_settings:
     custom_settings:
-    - path: ../lib/macos-os-updates.ddm.json
+    # - path: ../lib/macos-os-updates.ddm.json (DDM coming soon)
     - path: ../lib/macos-password.mobileconfig
   windows_settings:
     custom_settings:
     - path: ../lib/windows-screenlock.xml
   macos_setup:
-      bootstrap_package: https://github.com/organinzation/repository/bootstrap-package.pkg
+      # bootstrap_package: https://github.com/organinzation/repository/bootstrap-package.pkg (Example URL)
       enable_end_user_authentication: true
       macos_setup_assistant: ../lib/automatic-enrollment.dep.json
   scripts:
   - path: ../lib/remove-zoom-artifacts.script.sh
-  - path: ../lib/reset-timezone.sh
+  - path: ../lib/set-timezone.script.sh
 queries: 
 - path: ../lib/collect-usb-devices.queries.yml
 - path: ../lib/collect-failed-login-attempts.queries.yml
@@ -36,12 +36,11 @@ queries:
   interval: 300
   observer_can_run: true
   automations_enabled: false
-policies: 
-- path: ../lib/macos-device-health.policies.yml
-- path: ../lib/windows-device-health.policies.yml
-- path: ../lib/windows-device-health.policies.yml
-agent_options: ./lib/agent-options.yml
+policies:
+  - path: ../lib/macos-device-health.policies.yml
+  - path: ../lib/windows-device-health.policies.yml
+agent_options:
+  path: ../lib/agent-options.yml
 team_settings:
-  webhook_settings:
   secrets:
-  - secret: $FLEET_WORKSTATIONS_CANARY_ENROLL_SECRET
+  - secret: "$FLEET_WORKSTATIONS_CANARY_ENROLL_SECRET"

teams/workstations.yml

@@ -11,36 +11,30 @@ controls:
     deadline: "2023-08-11"
     minimum_version: "13.5"
   windows_updates:
-    deadline: "5"
-    grace_period: "2"
+    deadline_days: 5
+    grace_period_days: 2
   macos_settings:
     custom_settings:
-    - path: ../lib/macos-os-updates.ddm.json
+    # - path: ../lib/macos-os-updates.ddm.json (DDM coming soon)
     - path: ../lib/macos-password.mobileconfig
   windows_settings:
     custom_settings:
     - path: ../lib/windows-screenlock.xml
   macos_setup:
-      bootstrap_package: https://github.com/organinzation/repository/bootstrap-package.pkg
+      # bootstrap_package: https://github.com/organinzation/repository/bootstrap-package.pkg (example URL)
       enable_end_user_authentication: true
       macos_setup_assistant: ../lib/automatic-enrollment.dep.json
   scripts:
   - path: ../lib/remove-zoom-artifacts.script.sh
-  - path: ../lib/reset-timezone.sh
+  - path: ../lib/set-timezone.script.sh
 queries: 
 - path: ../lib/collect-usb-devices.queries.yml
 - path: ../lib/collect-failed-login-attempts.queries.yml
-policies: 
-- path: ../lib/macos-device-health.policies.yml
-- path: ../lib/windows-device-health.policies.yml
-- path: ../lib/windows-device-health.policies.yml
-agent_options: ./lib/agent-options.yml
+policies:
+  - path: ../lib/macos-device-health.policies.yml
+  - path: ../lib/windows-device-health.policies.yml
+agent_options:
+  path: ../lib/agent-options.yml
 team_settings:
-  webhook_settings:
-    failing_policies_webhook:
-        enable_failing_policies_webhook: true
-        destination_url: https://example.tines.com/webhook
-        policy_ids: [1, 2, 3, 4, 5,6 ,7, 8, 9]
   secrets:
-  - secret: $FLEET_WORKSTATIONS_ENROLL_SECRET
-      
+  - secret: "$FLEET_WORKSTATIONS_ENROLL_SECRET"