# Generated by Anaconda 34.25.4.9 # Generated by pykickstart v3.32 #version=RHEL9 # Use graphical install graphical %addon com_redhat_kdump --enable --reserve-mb='auto' %end # Keyboard layouts keyboard --xlayouts='se','us' # System language lang en_US.UTF-8 # Use network installation url --url="http://repo1.uppmax.uu.se/repos/mirror/live/rocky/9.4/BaseOS/x86_64/os" reboot %packages @^minimal-environment @console-internet @headless-management @legacy-unix @rpm-development-tools @security-tools @smart-card @standard @system-tools %end # Run the Setup Agent on first boot firstboot --disable # Generated using Blivet version 3.6.0 ignoredisk --only-use=sda autopart # Partition clearing information clearpart --all --initlabel timesource --ntp-server=nat1.uppmax.uu.se timesource --ntp-server=nat2.uppmax.uu.se # System timezone timezone Europe/Stockholm --utc # Root password rootpw --iscrypted $6$AlquGAvEfjmjtjzq$KD8rrNq9B7cruUIsBReWhGCPisPQH./rTC2hKNvR.zCn2TZkLl4r7Qd1/7qlGbNbi09qzqSqJ/rzQ7RSctADn. %post # Do this directly so no packages sneaks in from the outside mkdir /etc/uppmax.repos.d echo "reposdir=/etc/uppmax.repos.d" >> /etc/dnf/dnf.conf # Some stuff just works better with a fully installed system -- nmcli for example cat < /etc/systemd/system/firstrun.service [Unit] Description=Initial setup ConditionPathExists=!/etc/initial_setup_done [Service] Type=oneshot ExecStart=/usr/local/sbin/firstrun.sh # Should be nice with working network-online.target... but not worth it # without network manager and half broken network... #After=network-online.target #Wants=network-online.target [Install] WantedBy=multi-user.target EOF cat </usr/local/sbin/firstrun.sh #!/bin/bash logger initial_puppet_ping # Util network and resolver works (almost blabla-wait-online.service) while true; do ping -c1 puppet &> /dev/null && break; done logger initial_puppet_install rpm -Uvh http://repo1.uppmax.uu.se/repos/mirror/live/rsync.puppet.com/yum/puppet7/el/9/x86_64/puppet-agent-7.31.0-1.el9.x86_64.rpm /opt/puppetlabs/bin/puppet agent -tv --ssldir /var/lib/puppetlabs/puppet/ssl --vardir /var/lib/puppetlabs/puppet/cache logger initial_puppet_done update-crypto-policies --set DEFAULT:SHA1 systemctl disable firstrun.service dnf -y group install "Xfce" "base-x" dnf -y remove gnome-desktop3 dnf -y --enablerepo=uppmax-live install lightdm emacs-nox thinlinc-client zoom nmap fping echo "[Seat:*]" > /etc/lightdm/lightdm.conf.d/autologin.conf echo "autologin-user=thinuser" >>/etc/lightdm/lightdm.conf.d/autologin.conf echo "user-session=xfce" >> /etc/lightdm/lightdm.conf.d/autologin.conf echo "autologin-user-timeout=5" >> /etc/lightdm/lightdm.conf.d/autologin.conf cp /opt/thinlinc/etc/tlclient.conf /opt/thinlinc/etc/tlclient.conf_org sed -i 's/AUTHENTICATION_METHOD=password/AUTHENTICATION_METHOD=scpublickey/' /opt/thinlinc/etc/tlclient.conf sed -i 's/SMARTCARD_SUBJECT_AS_NAME=0/SMARTCARD_SUBJECT_AS_NAME=1/' /opt/thinlinc/etc/tlclient.conf sed -i 's/UPDATE_ENABLED=1/UPDATE_ENABLED=0/' /opt/thinlinc/etc/tlclient.conf sed -i 's/FULL_SCREEN_MODE=0/FULL_SCREEN_MODE=1/' /opt/thinlinc/etc/tlclient.conf sed -i 's/SERVER_NAME=/SERVER_NAME=tl5/' /opt/thinlinc/etc/tlclient.conf systemctl enable lightdm --now adduser thinuser passwd -d thinuser systemctl set-default graphical.target mkdir /home/thinuser/Desktop chown thinuser.thinuser /home/thinuser/Desktop ln -s /usr/share/applications/thinlinc-client.desktop /home/thinuser/Desktop/ dnf -y update touch /etc/initial_setup_done logger initial_setup_done reboot EOF chmod +x /usr/local/sbin/firstrun.sh systemctl enable firstrun.service %end