# Use text install text %pre #(ls -d /dev/md/* |xargs -n1 mdadm --stop) || true #wipefs -af /dev/sdb || true #wipefs -af /dev/sdc || true #partprobe || true setup_partition_compute_irhom() { vgreduce --removemissing --force vg_local vgremove -y vg_local &> /dev/null cat < $SETUP_PARTITION_FILE # ignoredisk --only-use=sda bootloader --location=mbr --boot-drive=/dev/disk/by-path/pci-0000:00:1f.2-ata-1 zerombr # clearpart --all --initlabel --drives=sda clearpart --all --initlabel part /biosboot --fstype="biosboot" --ondisk=/dev/disk/by-path/pci-0000:00:1f.2-ata-1 --size=1 --asprimary part /boot --fstype="ext4" --ondisk=/dev/disk/by-path/pci-0000:00:1f.2-ata-1 --size=2048 --asprimary part swap --fstype="swap" --ondisk=/dev/disk/by-path/pci-0000:00:1f.2-ata-1 --size=8192 part / --fstype="ext4" --ondisk=/dev/disk/by-path/pci-0000:00:1f.2-ata-1 --size=1 --asprimary --grow part pv.11 --size=1 --grow --ondisk=/dev/disk/by-path/pci-0000:00:1f.2-ata-2 part pv.12 --size=1 --grow --ondisk=/dev/disk/by-path/pci-0000:00:1f.2-ata-3 EOF } setup_partition_compute_rockham() { vgreduce --removemissing --force vg_local vgremove -y vg_local &> /dev/null cat < $SETUP_PARTITION_FILE ignoredisk --only-use=sda bootloader --location=mbr --boot-drive=sda zerombr clearpart --all --initlabel --drives=sda part /biosboot --fstype="biosboot" --ondisk=sda --size=1 --asprimary part /boot --fstype="ext4" --ondisk=sda --size=2048 --asprimary part swap --fstype="swap" --ondisk=sda --size=8192 part / --fstype="ext4" --ondisk=sda --size=32768 --asprimary part /scratch --fstype=ext4 --size=1 --grow EOF } SETUP_PARTITION_FILE=/tmp/setup_partition.cfg case $(dmidecode -s 'system-product-name') in 'SYS-2028TP-HTFR') setup_partition_compute_irhom ;; 'XH620 V3') setup_partition_compute_rockham ;; *) echo "Unknown hardware!" ;; esac %end %addon com_redhat_kdump --disable %end # Keyboard layouts keyboard --xlayouts='se','us' # System language lang en_US.UTF-8 # Use network installation url --url="http://repo1.uppmax.uu.se/repos/mirror/snapshots/freeze.20240508/rocky/9.3/BaseOS/x86_64/os" logging --host=syslog.uppmax.uu.se eula --agreed reboot --kexec %packages @^minimal-environment tar unzip %end # Run the Setup Agent on first boot firstboot --disable # Include partitioning information %include /tmp/setup_partition.cfg timesource --ntp-server=nat1.uppmax.uu.se timesource --ntp-server=nat2.uppmax.uu.se # System timezone timezone Europe/Stockholm --utc # Root password rootpw --iscrypted $6$AlquGAvEfjmjtjzq$KD8rrNq9B7cruUIsBReWhGCPisPQH./rTC2hKNvR.zCn2TZkLl4r7Qd1/7qlGbNbi09qzqSqJ/rzQ7RSctADn. %post # Do this directly so no packages sneaks in from the outside mkdir /etc/uppmax.repos.d echo "reposdir=/etc/uppmax.repos.d" >> /etc/dnf/dnf.conf #temp #echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf # Some stuff just works better with a fully installed system -- nmcli for example cat < /etc/systemd/system/firstrun.service [Unit] Description=Initial setup ConditionPathExists=!/etc/initial_setup_done [Service] Type=oneshot ExecStart=/usr/local/sbin/firstrun.sh # Should be nice with working network-online.target... but not worth it # without network manager and half broken network... #After=network-online.target #Wants=network-online.target [Install] WantedBy=multi-user.target EOF cat </usr/local/sbin/firstrun.sh #!/bin/bash logger initial_puppet_ping echo "First run in action. Not ready yet" >/dev/ttyS0 echo "First run in action. Not ready yet" >/dev/ttyS1 # Util network and resolver works (almost blabla-wait-online.service) while true; do ping -c1 puppet &> /dev/null && break; done logger initial_nmcli # setup static network with nmcli (ip from the dhcp-connection) ethinterface=\$(ip -4 -br a|grep -v ^lo|cut -d ' ' -f1) ipaddress=\$(ip -4 -br a s \$ethinterface|tr -s ' '|cut -d ' ' -f3) nmcli c m \$ethinterface ipv4.addresses \$ipaddress nmcli c m \$ethinterface ipv4.gateway 172.18.8.1 nmcli c m \$ethinterface ipv4.dns "172.18.37.34 172.18.37.37" nmcli c m \$ethinterface ipv4.dns-search uppmax.uu.se nmcli c m \$ethinterface ipv4.dns-options "rotate timeout:1 attempts:5" nmcli c m \$ethinterface ipv4.method manual nmcli c m \$ethinterface ipv6.method disabled nmcli con up \$ethinterface lastpart=\$(echo \$ipaddress|cut -d '.' -f3-4|cut -d/ -f1) ibinterface=\$(ip -br l|grep ^ib|grep ' UP '|cut -d ' ' -f1) nmcli c m \$ibinterface ipv4.addresses 10.0.\$lastpart/16 nmcli c m \$ibinterface ipv4.method manual nmcli c m \$ibinterface autoconnect yes nmcli c m \$ibinterface ipv6.method disabled nmcli con up \$ibinterface systemctl restart NetworkManager hostnamectl set-hostname \$(hostnamectl --transient) #setenforce 0 #sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux # as kernel options logger initial_puppet_install rpm -Uvh http://repo1.uppmax.uu.se/repos/mirror/live/rsync.puppet.com/yum/puppet7/el/9/x86_64/puppet-agent-7.31.0-1.el9.x86_64.rpm /opt/puppetlabs/bin/puppet agent -tv --ssldir /var/lib/puppetlabs/puppet/ssl --vardir /var/lib/puppetlabs/puppet/cache logger initial_puppet_done update-crypto-policies --set DEFAULT:SHA1 systemctl disable firstrun.service systemctl disable firewalld.service dnf -y --enablerepo=uppmax-live install emacs-nox nmap fping lldpd strace nfs-utils python3-psutil sssd-ldap ipmitool freeipmi iotop iperf3 wget sysstat hdparm htop nethogs hdparm lvm2 bind-utils dmidecode dnf -y update authselect select --force sssd vgcreate scratchvg /dev/disk/by-path/pci-0000:00:1f.2-ata-2-part1 /dev/disk/by-path/pci-0000:00:1f.2-ata-3-part1 lvcreate -l 100%FREE --stripes 2 --stripesize 4096 --name scratchlv scratchvg mkfs.ext4 -b 4096 -E stride=128,stripe-width=128 /dev/scratchvg/scratchlv mkdir /scratch touch /etc/initial_setup_done logger initial_setup_done reboot EOF chmod +x /usr/local/sbin/firstrun.sh systemctl enable firstrun.service %end