diff options
Diffstat (limited to 'ipe.ks')
-rw-r--r-- | ipe.ks | 138 |
1 files changed, 138 insertions, 0 deletions
@@ -0,0 +1,138 @@ +#version=DEVEL + +# System authorization information +auth --enableshadow --passalgo=sha512 + +# Use CDROM installation media +cdrom + +# Use graphical install (graphical is enforce by vnc requested at kernel args) +#text +graphical + +# Run the Setup Agent on first boot +firstboot --enable +ignoredisk --only-use=@SYSDISKS@ +# Keyboard layouts +keyboard --vckeymap=us --xlayouts='us' +# System language +lang en_US.UTF-8 + +# Network information (device=link signifies first device link active) +network --device=@ETHDEV@ --bootproto=dhcp --noipv6 --onboot=on --activate +#This still doesn't work +#@SKIP_IP@network --device=@ETHDEV@:1 --bootproto=static --ip=@IP@ --netmask=@NETMASK@ --noipv6 --onboot=on --activate +network --hostname=@FQDN@ + + +# Partition clearing information +clearpart --all --drives=@SYSDISKS@ +zerombr + +# System bootloader configuration +bootloader --location=mbr --driveorder=@SYSDISKS@ --boot-drive=@BOOTDISK@ --append=" crashkernel=auto @APPEND_SOL@" + +#autopart --type=lvm +#reqpart --add-boot + +@STORAGE_CONFIG@ + +logvol / --vgname=sysvg --size=@SIZE@ --name=lv_root --fstype=ext4 +@SKIP_HOME@logvol /home --vgname=sysvg --size=@HOME_SIZE@ --name=lv_home --fstype=ext4 --grow + + +# Root password (new) +rootpw --iscrypted $6$ihAbktYN$T36KRAmi8ccjNrE5Y0gEl11Rb/dl3GjemejAJyHVzrAL51/st7aMZ0dqnMIkhubX/gUcPe5LdTlJODC9D/60h0 +# Root passowrd (old) +#rootpw --iscrypted $6$ioKrEQSxzYypx2HZ$jiynrl6knbmhbL066k.HjmxcwvQwBsT53LPlp2fRdkg2E1E7Gy4gwxaZ0m86rbD6q4dTaWdYfKhDVSij6N1Y7. + +# System services +services --enabled="chronyd" +# System timezone +timezone Europe/Berlin --isUtc --ntpservers=@TIME@ +user --groups=wheel --name=csa --gecos="Suren A. Chilingaryan" + +# SELinux configuration +@SKIP_SECURITY@selinux --disabled + +# Do not configure the X Window System +@SKIP_MINIMAL@skipx + +install +poweroff + + +%packages +@CENTOS@@^minimal +@core +chrony +curl + +# Python2 required for ansible (and is not installed on Fedora) +python +@FEDORA@python-dnf +%end + +%anaconda +pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty +pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok +pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty +%end + + +%pre --log=/var/log/ks01.log + +# Stop all md devices +for name in /dev/md?*; do + dev=$(basename $name) + echo "Stopping $dev" + mdadm --manage -S $name +done + +ls -la /dev/sd* +ls -la /dev/md* + +# Remove md superblocks +if [ -b /dev/@DISK1@ ]; then + for name in /dev/@DISK1@?*; do + echo "Removing md superblock on $name" + mdadm --misc --zero-superblock $name + dd if=/dev/zero of=$name bs=512 seek=$(( $(blockdev --getsz $name) - 1024 )) count=1024 + done +fi +if [ -b /dev/@DISK2@ ]; then + for name in /dev/@DISK2@?*; do + echo "Removing md superblock on $name" + mdadm --misc --zero-superblock $name + dd if=/dev/zero of=$name bs=512 seek=$(( $(blockdev --getsz $name) - 1024 )) count=1024 + done +fi + +%end + +%post --log=/var/log/ks02.log +yum install -y unzip + +mkdir /root/.ssh +chmod 0700 /root/.ssh +curl http://ufo.kit.edu/ands/kickstart/authorized_keys -o /root/.ssh/authorized_keys +chmod 0600 /root/.ssh/authorized_keys + +mkdir /home/csa/.ssh +chmod 0700 /home/csa/.ssh +curl http://ufo.kit.edu/ands/kickstart/authorized_keys.csa -o /home/csa/.ssh/authorized_keys +chown -R csa:user /home/csa/.ssh +chmod 0600 /home/csa/.ssh/authorized_keys + +#Doesn't work either +#con=$(nmcli d show eno1 | grep CONNECTION | cut -d ':' -f 2- | sed -E -e 's/^[[:space:]]+//' | grep '^[[:alpha:]]') +#@SKIP_IP@nmcli connection modify "$con" +ipv4.address @IP@/@CIDR@ + +cat <<EOF >>/etc/sysconfig/network-scripts/ifcfg-@ETHDEV@ +IPADDR=@IP@ +PREFIX=@CIDR@ +#IPADDR1= +#PREFEX1= +EOF + +%end |