Up until now Movember has been pretty light hearted - I’m guessing this is why a lot of you haven’t donated yet. Time for some numbers. Testicular cancer is the most common cancer in young men, with nearly 700,000 people getting it each year. There is a 50% chance that I will get testicular cancer again. If my cancer does come back, there is 5-10% chance it will kill me. ...

When I released Imagr back in 2015, it was a different time. We didn’t have T2 Macs, NetBoot was still around and DEP was just something most of us scoffed at using. In 2019, things have changed. MDM is no longer optional. DEP is the only automated method to deploy modern macOS devices. The NetBoot ship has well and truly sailed. No devices have been “imaged” in my organization for around two years. ...

The links to all of the code used in my talk at MacAD.UK are below. Movember Movember on Facebook London Apple Admins @ Jigsaw 24 grahamgilbert/macaduck19-supershell grahamgilbert/macaduck19-powerfulpython grahamgilbert/macaduck19-autopkg_overrides grahamgilbert/macaduck19-munki_repo

MacAD.UK is just a few weeks away, and I’m rather excited about the whole thing. I will be speaking on the second day about Practical CI/CD workflows for Mac Admins - a topic that I’ve wanted to speak about for quite some time. And of course I am hoping we will all be able to go for the now traditional curry one evening (I’m sure we can all agree, curry is the height of British cuisine).

Earlier this year I was diagnosed with testicular cancer. I’m one of the lucky ones, I caught it early, was fortunate enough to have excellent treatment and am now in remission. Testicular cancer is the most common form of cancer in men under 40 years old - chances are either you will get it or you will know someone who will. This year, I’m raising money for Movember. I’ve already raised an amazing amount mostly due to the generosity of the Apple admin community. I’ve had to raise my target several times until I went big and set it at $10,000. I blasted though that before November even started, so thank you to everyone who donated! ...

terraform-munki-repo is a Terraform module that will set up a production ready Munki repo for you. More specifically it will create: An s3 bucket to store your Munki repo An s3 bucket to store your logs A CloudFront Distribution so your clients will pull from an AWS endpoint near them A Lambda@Edge function that will set up basic authentication Why? A Munki repo is a basic web server. But you still need to worry about setting up one or more servers, patching those servers, scaling them around the world if you have clients in more than one country. Amazon Web Services has crazy high levels of up time - more than we could ever manage ourselves. CloudFront powers some of the world’s busiest websites without breaking a sweat, so it can handle your Munki repo without any trouble. So it makes sense to offload the running of these services so we can get on with our day. ...

Over time, you may notice your Sal install getting slower and slower - this will happen faster the more devices you have checking in. You may even see rediciulous amounts of disk space being used - maybe even 1Gb per hour. This can all be solved by tweaking some simple matinenance settings on your Postgres server. Background Before we crack on with how to stop this from happening, it will be useful to know how Postgres handles deleted data. ...

It’s been three long months since I gave a talk with Brett, my lovely coworker at MacAd.UK, so it’s time to give some talks on the side of the pond which I currently reside. Firstly I will be at MacDevOps:YVR on June 7th - 8th, where I will be joined by fellow beer snob Wes Whetstone where we will be talking about Crypt and probably talking about beer in the bar afterwards. ...

Web browsers are critical to pretty much any organization. For many people, the browser is everything, right down to their email client. Since the browser is probably the most used piece of software, and users are putting all kinds of private information into it, it’s vital browsers are kept patched. Fortunately our default browser is Google Chrome, and Chrome is really good at keeping itself updated. Unfortunately it completely sucks at letting the user know that there is an update to install. I mean really, we’re just going to leave it at three tiny lines changing from grey to orange? ...

Thanks to those who came to our talk yesterday (if you did come, I don’t blame you, the other talk was much better). If you feel so inclined, here are the slides.