blob: 475755b6350d096ce0b95389812cd8163d046631 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
#version=DEVEL
@DISTRIB_BASE_CONFIG@
@NODE_BASE_CONFIG@
@ND_BASE_CONFIG@
# System authorization information
auth --enableshadow --passalgo=sha512
# Use graphical install (graphical is enforce by vnc requested at kernel args)
#text
graphical
# Run the Setup Agent on first boot
firstboot --enable
ignoredisk --only-use=@SYSDISKS@
# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'
# System language
lang en_US.UTF-8
# Network information (device=link signifies first device link active)
network --device=@ETHDEV@ --bootproto=dhcp --noipv6 --onboot=on --activate
#This still doesn't work
#@SKIP_IP@network --device=@ETHDEV@:1 --bootproto=static --ip=@IP@ --netmask=@NETMASK@ --noipv6 --onboot=on --activate
network --hostname=@FQDN@
# Partition clearing information
clearpart --all --initlabel --drives=@SYSDISKS@
zerombr
# System bootloader configuration
bootloader --location=mbr --driveorder=@SYSDISKS@ --boot-drive=@BOOTDISK@ --append=" crashkernel=auto @APPEND_SOL@"
#autopart --type=lvm
#reqpart --add-boot
# rpm & iso are supported here
@SKIP_DRIVERDISK@driverdisk --source=http://ufo.kit.edu/ands/kickstart/@DISTRIBUTION@/drivers/@DRIVERDISK@
@STORAGE_CONFIG@
logvol / --vgname=sysvg --size=@SIZE@ --name=lv_root --fstype=ext4
@SKIP_HOME@logvol /home --vgname=sysvg --size=@HOME_SIZE@ --name=lv_home --fstype=ext4 --grow
# Root password (KaaS)
#rootpw --iscrypted $6$ihAbktYN$T36KRAmi8ccjNrE5Y0gEl11Rb/dl3GjemejAJyHVzrAL51/st7aMZ0dqnMIkhubX/gUcPe5LdTlJODC9D/60h0
# Root passowrd (IPE)
rootpw --iscrypted $6$ioKrEQSxzYypx2HZ$jiynrl6knbmhbL066k.HjmxcwvQwBsT53LPlp2fRdkg2E1E7Gy4gwxaZ0m86rbD6q4dTaWdYfKhDVSij6N1Y7.
# System services
services --enabled="chronyd"
# System timezone
timezone Europe/Berlin --isUtc --ntpservers=@TIME@
user --groups=wheel --name=csa --gecos="Suren A. Chilingaryan"
# SELinux configuration
@SKIP_SECURITY@selinux --disabled
# Do not configure the X Window System
@SKIP_MINIMAL@skipx
install
poweroff
%packages
@CENTOS7@@^minimal
@core
@DISTRIB_PACKAGE_CONFIG@
@NODE_PACKAGE_CONFIG@
@ND_PACKAGE_CONFIG@
chrony
curl
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
%pre --log=/var/log/ks01.log
# Stop all md devices
for name in /dev/md?*; do
dev=$(basename $name)
echo "Stopping $dev"
mdadm --manage -S $name
done
ls -la /dev/sd*
ls -la /dev/md*
# Remove md superblocks
if [ -b /dev/@DISK1@ ]; then
for name in /dev/@DISK1@?*; do
echo "Removing md superblock on $name"
mdadm --misc --zero-superblock $name
dd if=/dev/zero of=$name bs=4096 count=1024
dd if=/dev/zero of=$name bs=4096 seek=$(( $(blockdev --getsz $name) - 1024 )) count=1024
done
dd if=/dev/zero of=/dev/@DISK1@ bs=4096 count=1024
#parted /dev/@DISK1@ --script -- mklabel gpt
fi
if [ -b /dev/@DISK2@ ]; then
for name in /dev/@DISK2@?*; do
echo "Removing md superblock on $name"
mdadm --misc --zero-superblock $name
dd if=/dev/zero of=$name bs=4096 count=1024
dd if=/dev/zero of=$name bs=4096 seek=$(( $(blockdev --getsz $name) - 1024 )) count=1024
done
dd if=/dev/zero of=/dev/@DISK2@ bs=4096 count=1024
#parted /dev/@DISK2@ --script -- mklabel gpt
fi
@DISTRIB_PRE_CONFIG@
@NODE_PRE_CONFIG@
@ND_PRE_CONFIG@
%end
%post --log=/var/log/ks02.log
yum install -y unzip
@CENTOS8@alternatives --set python /usr/bin/python3
mkdir /root/.ssh
chmod 0700 /root/.ssh
curl http://ufo.kit.edu/ands/kickstart/authorized_keys -o /root/.ssh/authorized_keys
chmod 0600 /root/.ssh/authorized_keys
mkdir /home/csa/.ssh
chmod 0700 /home/csa/.ssh
curl http://ufo.kit.edu/ands/kickstart/authorized_keys.csa -o /home/csa/.ssh/authorized_keys
chown -R csa:user /home/csa/.ssh
chmod 0600 /home/csa/.ssh/authorized_keys
#Doesn't work either
#con=$(nmcli d show eno1 | grep CONNECTION | cut -d ':' -f 2- | sed -E -e 's/^[[:space:]]+//' | grep '^[[:alpha:]]')
#@SKIP_IP@nmcli connection modify "$con" +ipv4.address @IP@/@CIDR@
cat <<EOF >>/etc/sysconfig/network-scripts/ifcfg-@ETHDEV@
IPADDR=@IP@
PREFIX=@CIDR@
#IPADDR1=
#PREFEX1=
EOF
@DISTRIB_POST_CONFIG@
@NODE_POST_CONFIG@
@ND_POST_CONFIG@
%end
|