diff --git a/el8.ks b/el8.ks new file mode 100644 index 0000000..e8c3deb --- /dev/null +++ b/el8.ks @@ -0,0 +1,121 @@ +auth --enableshadow --passalgo=sha512 +url --url="http://mirror.centos.org/centos/8/os/x86_64" +cmdline +skipx +timezone Europe/Paris --isUtc +keyboard --vckeymap=fr-oss --xlayouts='fr (oss)' +lang fr_FR.UTF-8 +services --enabled ntpd +firewall --enabled --service ssh +network --bootproto=dhcp --activate --noipv6 +rootpw --iscrypted $6$6OYBD0R8xuGsqAUl$KVHVrjCM6VmLR13TW0exHAl4toKHxQTd9zwbuYzR/t79heCMrAcVmtBmw0wCcNu5zoz1y3LzwdIZjNedRlz7Y/ +zerombr +bootloader --location mbr --append 'ipv6.disable=1' +# Enable fws and epel +# FWS not available yet +# repo --name=fws --baseurl=http://repo.firewall-services.com/centos/7 +repo --name=epel --mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-8&arch=x86_64 + +%include /tmp/ks.partitions + +user --name=ansible --shell /bin/bash --gecos="Ansible Account" + +reboot + +%packages --nobase --ignoremissing +epel-release +crontabs +dhclient +irqbalance +ntp +openssh-server +passwd +prelink +rootfiles +selinux-policy-targeted +tmpwatch +yum +mailx +net-tools +openssh-clients +rsync +screen +sudo +sysstat +vim +strace +pbzip2 +xz +pxz +iftop +wget +tcpdump +pciutils +nc +lsof +htop +-iprutil +-kernel-tools +-kexec-tools +-microcode_ctl +-parted +-NetworkManager +-NetworkManager-tui +-*-firmware +-b43-openfwwf + +%end + +# Disable kdump +%addon com_redhat_kdump --disable --reserve-mb='auto' + +%end + +################################################ +# Detect hard drives before starting the install +################################################ +%pre --log /tmp/pre.log + +# ensure file exists +touch /tmp/ks.partitions + +# Select first drive +main_drive=$(list-harddrives | awk '$2>=8704 {print $1; nextfile}') +ignore=$(echo $(list-harddrives | awk '$1!="'$main_drive'" {print $1}') | sed -e 's| |,|g') +[ ! -z "$ignore" ] && echo "ignoredisk --drives $ignore" >> /tmp/ks.partitions +cat << _EOF >> /tmp/ks.partitions +clearpart --all --initlabel --drives $main_drive +part /boot --fstype xfs --size 1024 --ondrive $main_drive +part swap --fstype swap --size 512 +part / --fstype xfs --size 7168 --grow +_EOF + +%end + +################################################ +# Copy logs in the chroot +################################################ +%post --nochroot +cp /tmp/pre.log /mnt/sysimage/root/pre.log +%end + +################################################ +# Post-install processes +################################################ +%post --log /root/post.log + +# Initial SSH keys +mkdir /home/ansible/.ssh +cat << _EOF >> /home/ansible/.ssh/authorized_keys +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCj9d6jDy0m7xtqGfR0ywyXnq0lRfqqP0TzBhvCI4rcrJaDSLyA5/mnme0TLfy6YsOUZq2bl/9ZMr4mq4Yw23CGDDha4XR2SUWuKzzkCvvGvDwy0qXUhwsT2tafknCPFDv91bAL5DvWae/Bv/jwhVc/116ICYJOBnxljkD2M6xbnJE92uCkgzSvthuWwBZsT5Oh/ofxHWhpcRISZeWZ70l1/U6jr7nJeBDX8p+uLKpBb+VNywtTmgnFbrS1HSc9MWkWNV7GrrZgXS5DumdKm5uX7IkSKsPNWtKHdC4M7OskqIjK9Fdp1mvI2fOaeJ4/20u45ojaltKy+4Xu7XxqZR3/FCugrlBujyXPRQZQUiYBAqjaWL6KRNxXEBNB8Om2n8+rRv4jKZ6VVbXi+8yJ5Iqp8HWlUNAUfOzBT3O5cV1UUAEke5INJnmiuojsHk9MhWoqwQ71FmcvYTpAAPtT+SdmF2nK1jrC7Nea4ODdFksN799zg4Kfyb8Vuv/F+nL/5wKwmwI5B5NmoCtrt4ZY8PMn/J/tT4cjkSjhQZjbN4KcCFSjf5vKPE70/iUQWB3C9dqz0+bmqx0Q+zTMHkEGHIgVE/jl02CvoXPnCoEd8rVG08Koqh4TDLnr6trEHueKE3FCXK1b3pIjpbzQ6Ytg4Pq4NkbMMOQAlYN0AR7i+rvngQ== ansible@firewall-services.com +_EOF +chmod 700 /home/ansible/.ssh +chown -R ansible:ansible /home/ansible/.ssh + +# Sudo access for ansible +cat << _EOF > /etc/sudoers.d/ansible +Defaults:ansible !requiretty +ansible ALL=(ALL) NOPASSWD: ALL +_EOF + +%end