package packaging
import "text/template"
// Best reference I could find:
// http://s.sudre.free.fr/Stuff/Ivanhoe/FLAT.html
var macosPackageInfoTemplate = template.Must(template.New("").Option("missingkey=error").Parse(
`
`))
// Reference:
// https://developer.apple.com/library/archive/documentation/DeveloperTools/Reference/DistributionDefinitionRef/Chapters/Distribution_XML_Ref.html
var macosDistributionTemplate = template.Must(template.New("").Option("missingkey=error").Parse(
`
Fleet osquery
#base.pkg
`))
var macosPostinstallTemplate = template.Must(template.New("").Option("missingkey=error").Parse(
`#!/bin/bash
ln -sf /var/lib/orbit/bin/orbit/macos/{{.OrbitChannel}}/orbit /var/lib/orbit/bin/orbit/orbit
ln -sf /var/lib/orbit/bin/orbit/orbit /usr/local/bin/orbit
{{ if .StartService -}}
launchctl unload /Library/LaunchDaemons/com.fleetdm.orbit.plist
launchctl load -w /Library/LaunchDaemons/com.fleetdm.orbit.plist
{{- end }}
`))
// TODO set Nice?
//
//Note it's important not to start the orbit binary in
// `/usr/local/bin/orbit` because this is a path that users usually have write
// access to, and running that binary with launchd can become a privilege
// escalation vector.
var macosLaunchdTemplate = template.Must(template.New("").Option("missingkey=error").Parse(
`
Label
com.fleetdm.orbit
ProgramArguments
/var/lib/orbit/bin/orbit/orbit
StandardOutPath
/var/log/orbit/orbit.stdout.log
StandardErrorPath
/var/log/orbit/orbit.stderr.log
EnvironmentVariables
ORBIT_UPDATE_URL{{ .UpdateURL }}
ORBIT_ORBIT_CHANNEL{{ .OrbitChannel }}
ORBIT_OSQUERYD_CHANNEL{{ .OsquerydChannel }}
{{ if .Insecure }}ORBIT_INSECUREtrue{{ end }}
{{ if .FleetURL }}ORBIT_FLEET_URL{{ .FleetURL }}{{ end }}
{{ if .FleetCertificate }}ORBIT_FLEET_CERTIFICATE/var/lib/orbit/fleet.pem{{ end }}
{{ if .EnrollSecret }}ORBIT_ENROLL_SECRET_PATH/var/lib/orbit/secret.txt{{ end }}
{{ if .Debug }}ORBIT_DEBUGtrue{{ end }}
KeepAlive
RunAtLoad
ThrottleInterval
10
`))