blob: a0ae85f5283b4a412ad679032372aa7bb95fea35 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
#version=DEVEL
# System authorization information
auth --enableshadow --passalgo=sha512
# Use CDROM installation media
cdrom
# Use graphical install (graphical is enforce by vnc requested at kernel args)
#text
graphical
# Run the Setup Agent on first boot
firstboot --enable
ignoredisk --only-use=@SYSDISKS@
# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'
# System language
lang en_US.UTF-8
# Network information (device=link signifies first device link active)
network --device=@ETHDEV@ --bootproto=dhcp --noipv6 --onboot=on --activate
#This still doesn't work
#@SKIP_IP@network --device=@ETHDEV@:1 --bootproto=static --ip=@IP@ --netmask=@NETMASK@ --noipv6 --onboot=on --activate
network --hostname=@FQDN@
# Partition clearing information
clearpart --all --drives=@SYSDISKS@
zerombr
# System bootloader configuration
bootloader --location=mbr --driveorder=@SYSDISKS@ --boot-drive=@BOOTDISK@ --append=" crashkernel=auto @APPEND_SOL@"
#autopart --type=lvm
#reqpart --add-boot
@STORAGE_CONFIG@
logvol / --vgname=sysvg --size=@SIZE@ --name=lv_root --fstype=ext4
@SKIP_HOME@logvol /home --vgname=sysvg --size=@HOME_SIZE@ --name=lv_home --fstype=ext4 --grow
# Root password (KaaS)
#rootpw --iscrypted $6$ihAbktYN$T36KRAmi8ccjNrE5Y0gEl11Rb/dl3GjemejAJyHVzrAL51/st7aMZ0dqnMIkhubX/gUcPe5LdTlJODC9D/60h0
# Root passowrd (IPE)
rootpw --iscrypted $6$ioKrEQSxzYypx2HZ$jiynrl6knbmhbL066k.HjmxcwvQwBsT53LPlp2fRdkg2E1E7Gy4gwxaZ0m86rbD6q4dTaWdYfKhDVSij6N1Y7.
# System services
services --enabled="chronyd"
# System timezone
timezone Europe/Berlin --isUtc --ntpservers=@TIME@
user --groups=wheel --name=csa --gecos="Suren A. Chilingaryan"
# SELinux configuration
@SKIP_SECURITY@selinux --disabled
# Do not configure the X Window System
@SKIP_MINIMAL@skipx
install
poweroff
%packages
@CENTOS@@^minimal
@core
chrony
curl
# Python2 required for ansible (and is not installed on Fedora)
python
@FEDORA@python-dnf
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
%pre --log=/var/log/ks01.log
# Stop all md devices
for name in /dev/md?*; do
dev=$(basename $name)
echo "Stopping $dev"
mdadm --manage -S $name
done
ls -la /dev/sd*
ls -la /dev/md*
# Remove md superblocks
if [ -b /dev/@DISK1@ ]; then
for name in /dev/@DISK1@?*; do
echo "Removing md superblock on $name"
mdadm --misc --zero-superblock $name
dd if=/dev/zero of=$name bs=512 seek=$(( $(blockdev --getsz $name) - 1024 )) count=1024
done
fi
if [ -b /dev/@DISK2@ ]; then
for name in /dev/@DISK2@?*; do
echo "Removing md superblock on $name"
mdadm --misc --zero-superblock $name
dd if=/dev/zero of=$name bs=512 seek=$(( $(blockdev --getsz $name) - 1024 )) count=1024
done
fi
%end
%post --log=/var/log/ks02.log
yum install -y unzip
mkdir /root/.ssh
chmod 0700 /root/.ssh
curl http://ufo.kit.edu/ands/kickstart/authorized_keys -o /root/.ssh/authorized_keys
chmod 0600 /root/.ssh/authorized_keys
mkdir /home/csa/.ssh
chmod 0700 /home/csa/.ssh
curl http://ufo.kit.edu/ands/kickstart/authorized_keys.csa -o /home/csa/.ssh/authorized_keys
chown -R csa:user /home/csa/.ssh
chmod 0600 /home/csa/.ssh/authorized_keys
#Doesn't work either
#con=$(nmcli d show eno1 | grep CONNECTION | cut -d ':' -f 2- | sed -E -e 's/^[[:space:]]+//' | grep '^[[:alpha:]]')
#@SKIP_IP@nmcli connection modify "$con" +ipv4.address @IP@/@CIDR@
cat <<EOF >>/etc/sysconfig/network-scripts/ifcfg-@ETHDEV@
IPADDR=@IP@
PREFIX=@CIDR@
#IPADDR1=
#PREFEX1=
EOF
%end
|