|
|
|
|
|
|
|
install
|
|
url --url http://mirror.centos.org/centos/7.2.1511/os/x86_64
|
|
lang en_US.UTF-8
|
|
selinux --enforcing
|
|
keyboard us
|
|
skipx
|
|
|
|
network --bootproto static --ip=10.10.4.94 --netmask=255.255.255.0 --gateway=10.10.4.1 --nameserver=10.10.4.3 --hostname mac525400d1a2d4.tech --device=52:54:00:d1:a2:d4
|
|
rootpw --iscrypted $5$RiRMrhU+$0KSjAegZ9yg0SqOVl5TumsuiiSiPfUPrTHQoLeuCQJ1
|
|
firewall --service=ssh
|
|
authconfig --useshadow --passalgo=SHA256 --kickstart
|
|
timezone --utc Europe/Warsaw
|
|
services --disabled gpm,sendmail,cups,pcmcia,isdn,rawdevices,hpoj,bluetooth,openibd,avahi-daemon,avahi-dnsconfd,hidd,hplip,pcscd
|
|
|
|
|
|
repo --name="EPEL" --mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=x86_64
|
|
|
|
bootloader --location=mbr --append="nofb quiet splash=quiet"
|
|
|
|
%include /tmp/diskpart.cfg
|
|
|
|
text
|
|
reboot
|
|
|
|
%packages
|
|
yum
|
|
dhclient
|
|
ntp
|
|
wget
|
|
@Core
|
|
redhat-lsb-core
|
|
epel-release
|
|
puppet
|
|
%end
|
|
%pre
|
|
|
|
#Dynamic
|
|
disks=($(awk '{if ($NF ~ "^(v|s|h)d|cciss" && $NF !~ "((s|h)d|c.d.)[a-z][0-9]$") print $4}' /proc/partitions))
|
|
cat <<EOF > /tmp/diskpart.cfg
|
|
zerombr
|
|
clearpart --all --initlabel
|
|
part /boot --ondisk=${disks[0]} --fstype=ext4 --size 300 --asprimary
|
|
part pv.01 --ondisk=${disks[0]} --size=8120 --grow
|
|
volgroup vg00 pv.01
|
|
logvol / --fstype=ext4 --name=root --vgname=vg00 --size=5120
|
|
logvol /var --fstype=ext4 --name=var --vgname=vg00 --percent=20
|
|
logvol /home --fstype=ext4 --name=home --vgname=vg00 --grow --size=5120
|
|
EOF
|
|
|
|
%end
|
|
%post --nochroot
|
|
exec < /dev/tty3 > /dev/tty3
|
|
#changing to VT 3 so that we can see whats going on....
|
|
/usr/bin/chvt 3
|
|
(
|
|
cp -va /etc/resolv.conf /mnt/sysimage/etc/resolv.conf
|
|
/usr/bin/chvt 1
|
|
) 2>&1 | tee /mnt/sysimage/root/install.postnochroot.log
|
|
%end
|
|
%post
|
|
logger "Starting anaconda mac525400d1a2d4.tech postinstall"
|
|
exec < /dev/tty3 > /dev/tty3
|
|
#changing to VT 3 so that we can see whats going on....
|
|
/usr/bin/chvt 3
|
|
(
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# eth0 interface
|
|
real=`ip -o link | grep 52:54:00:d1:a2:d4 | awk '{print $2;}' | sed s/:$//`
|
|
|
|
# ifcfg files are ignored by NM if their name contains colons so we convert colons to underscore
|
|
sanitized_real=$real
|
|
|
|
cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$sanitized_real
|
|
BOOTPROTO="none"
|
|
IPADDR="10.10.4.94"
|
|
NETMASK="255.255.255.0"
|
|
GATEWAY="10.10.4.1"
|
|
DEVICE=$real
|
|
HWADDR="52:54:00:d1:a2:d4"
|
|
ONBOOT=yes
|
|
PEERDNS=yes
|
|
PEERROUTES=yes
|
|
DNS1=10.10.4.3
|
|
EOF
|
|
|
|
|
|
|
|
|
|
#update local time
|
|
echo "updating system time"
|
|
/usr/sbin/ntpdate -sub 0.fedora.pool.ntp.org
|
|
/usr/sbin/hwclock --systohc
|
|
|
|
|
|
|
|
# update all the base packages from the updates repository
|
|
if [ -f /usr/bin/dnf ]; then
|
|
dnf -y update
|
|
else
|
|
yum -t -y update
|
|
fi
|
|
|
|
|
|
# SSH keys setup snippet for Remote Execution plugin
|
|
#
|
|
# Parameters:
|
|
#
|
|
# remote_execution_ssh_keys: public keys to be put in ~/.ssh/authorized_keys
|
|
#
|
|
# remote_execution_ssh_user: user for which remote_execution_ssh_keys will be
|
|
# authorized
|
|
#
|
|
# This template sets up SSH keys in any host so that as long as your public
|
|
# SSH key is in remote_execution_ssh_keys, you can SSH into a host. This only
|
|
# works in combination with Remote Execution plugin.
|
|
|
|
# A personal recomendation: create a global parameter remote_execution_ssh_keys
|
|
# and put your keys there, so that you can access any newly provisioned host
|
|
# without having to set up the parameter on every host or host group.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if [ -f /usr/bin/dnf ]; then
|
|
dnf -y install puppet
|
|
else
|
|
yum -t -y install puppet
|
|
fi
|
|
|
|
cat > /etc/puppet/puppet.conf << EOF
|
|
|
|
|
|
[main]
|
|
vardir = /var/lib/puppet
|
|
logdir = /var/log/puppet
|
|
rundir = /var/run/puppet
|
|
ssldir = \$vardir/ssl
|
|
|
|
[agent]
|
|
pluginsync = true
|
|
report = true
|
|
ignoreschedules = true
|
|
ca_server = foreman.iq.local
|
|
certname = mac525400d1a2d4.tech
|
|
environment = production
|
|
server = foreman.iq.local
|
|
|
|
EOF
|
|
|
|
puppet_unit=puppet
|
|
/usr/bin/systemctl list-unit-files | grep -q puppetagent && puppet_unit=puppetagent
|
|
/usr/bin/systemctl enable ${puppet_unit}
|
|
/sbin/chkconfig --level 345 puppet on
|
|
|
|
# export a custom fact called 'is_installer' to allow detection of the installer environment in Puppet modules
|
|
export FACTER_is_installer=true
|
|
# passing a non-existent tag like "no_such_tag" to the puppet agent only initializes the node
|
|
/usr/bin/puppet agent --config /etc/puppet/puppet.conf --onetime --tags no_such_tag --server foreman.iq.local --no-daemonize
|
|
|
|
|
|
|
|
sync
|
|
|
|
# Inform the build system that we are done.
|
|
echo "Informing Foreman that we are built"
|
|
wget -q -O /dev/null --no-check-certificate http://foreman.iq.local/unattended/built?token=e7ca9552-6846-48bd-a9c8-633af9e71526
|
|
) 2>&1 | tee /root/install.post.log
|
|
exit 0
|
|
|
|
%end
|
