#version=RHEL8 # Use graphical install text services --disabled=rdma-ndd %packages @^server-product-environment kexec-tools %end # Keyboard layouts keyboard --xlayouts='se' # System language lang en_US --addsupport=sv_SE.UTF-8 # Use network installation url --url="http://aughra.uppmax.uu.se/repos/mirror/frozen-rocky8/rocky/8/BaseOS/x86_64/os/" # System timezone timezone Europe/Stockholm --isUtc --ntpservers=89.44.250.115,89.44.250.116 eula --agreed logging --host=172.18.37.109 reboot zerombr clearpart --all --initlabel --drives=sda,sdb bootloader --location=mbr --boot-drive=sda # Disk partitioning information part biosboot.a --fstype=biosboot --size=1 --ondisk=sda part biosboot.b --fstype=biosboot --size=1 --ondisk=sdb part raid.sda1 --asprimary --fstype="raid" --ondisk=sda --size=880000 part raid.sdb1 --asprimary --fstype="raid" --ondisk=sdb --size=880000 part raid.sda2 --asprimary --fstype="raid" --ondisk=sda --size=1 --grow part raid.sdb2 --asprimary --fstype="raid" --ondisk=sdb --size=1 --grow raid swap --device=swap --fstype="swap" --level=RAID1 raid.sda2 raid.sdb2 raid / --device=root --fstype="xfs" --level=RAID1 raid.sda1 raid.sdb1 # Root password rootpw --plaintext uppmaxroot firewall --disabled %addon com_redhat_kdump --enable --reserve-mb='auto' %end %pre %end %anaconda pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty %end %post --logfile=/root/post_install.log sed -i "s/^PasswordAuthentication.*/PasswordAuthentication no/" /etc/ssh/sshd_config echo "Match Address 172.18.84.2,172.18.84.3,172.18.37.100,172.18.37.67" >>/etc/ssh/sshd_config echo "PasswordAuthentication yes" >>/etc/ssh/sshd_config mkdir /etc/uppmax.repos.d echo reposdir=/etc/uppmax.repos.d >>/etc/yum.conf cat < /etc/uppmax.repos.d/Rocky-8.repo [baseos] name=Rocky Linux 8 BaseOS baseurl=http://aughra.uppmax.uu.se/repos/mirror/frozen-rocky8/rocky/8/BaseOS/x86_64/os/ gpgcheck=1 enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial [appstream] name=Rocky Linux 8 AppStream baseurl=http://aughra.uppmax.uu.se/repos/mirror/frozen-rocky8/rocky/8/AppStream/x86_64/os/ gpgcheck=1 enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial [extras] name=Rocky Linux 8 Extras baseurl=http://aughra.uppmax.uu.se/repos/mirror/frozen-rocky8/rocky/8/extras/x86_64/os/ gpgcheck=1 enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial [PowerTools] name=Rocky Linux 8 PowerTools baseurl=http://aughra.uppmax.uu.se/repos/mirror/frozen-rocky8/rocky/8/PowerTools/x86_64/os/ gpgcheck=1 enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial [uppmax] name=UPPMAX rpms gpgcheck=0 baseurl=http://aughra.uppmax.uu.se/repos/uppmax/frozen-rocky8/uppmax-el8/RPMS enabled=1 exclude=hiera,facter,puppet [epel] name=Extra Packages for Enterprise Linux 8 baseurl=http://aughra.uppmax.uu.se/repos/mirror/frozen-rocky8/centos8/epel enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8 EOF cat < /etc/resolv.conf_uppmax options timeout:1 options rotate options attempts:5 nameserver 172.18.37.34 nameserver 172.18.37.37 search uppmax.uu.se EOF rm /etc/resolv.conf ln -s /etc/resolv.conf_uppmax /etc/resolv.conf echo $hostname >/etc/hostname echo '*.* @@172.18.37.109:514' >>/etc/rsyslog.conf systemctl restart rsyslog # Install and configure puppet $SNIPPET('uppmax/setup_puppetlabs') echo "PUPPET_EXTRA_OPTS=--environment=virt" >> /etc/sysconfig/puppet cat < /etc/systemd/system/firstrun.service [Unit] Description=Initial setup ConditionPathExists=!/etc/initial_puppet_done [Service] Type=oneshot ExecStart=/usr/local/sbin/firstrun.sh # Should be nice with working network-online.target... but not worth it # without network manager and half broken network... #After=network-online.target #Wants=network-online.target [Install] WantedBy=multi-user.target EOF cat </usr/local/sbin/firstrun.sh #!/bin/bash logger initial_puppet_ping # Util network and resolver works (almost blabla-wait-online.service) while true; do ping -c1 televinken &> /dev/null && break; done logger initial_puppet_start # three runs seems to be enough to fix bad puppet code # To be safe... we make it four puppet agent -tv --environment=virt puppet agent -tv --environment=virt puppet agent -tv --environment=virt puppet agent -tv --environment=virt touch /etc/initial_puppet_done logger initial_puppet_done yum update -y systemctl enable puppet --now systemctl disable firstrun.service mount -av logger initial_setup_done echo "initial_setup_done" >/dev/ttyS0 2>/dev/null echo "initial_setup_done" >/dev/ttyS1 2>/dev/null EOF chmod +x /usr/local/sbin/firstrun.sh systemctl enable firstrun.service #always netboot enable. bootdev controlled, but keep ks curl "http://172.18.37.100/cblr/svc/op/ks/system/$name" -o /root/cobbler.ks %end