Last active
October 20, 2021 21:12
-
-
Save ndejay/b5a7837e7d6808b3f7981e7fd8c320aa to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# https://localhost:8787/unattended/provision?spoof=192.168.14.56 | |
# This kickstart file was rendered from the Foreman provisioning template "Kickstart default". | |
url --url ftp://hyd-foreman01.local.lan/pub/Rocky-8.4-x86_64-dvd1/ | |
lang en_US.UTF-8 | |
selinux --enforcing | |
keyboard us | |
skipx | |
network --device=10:25:90:7e:e0:2e --hostname hyd-rstudio0403.local.lan --noipv6 --bootproto static --ip=192.168.14.56 --netmask=255.255.255.0 --gateway=192.168.14.1 --mtu=1500 --nameserver=192.168.14.54 | |
rootpw --iscrypted $6$j7YvpkbcUHilpzGc$39bpudvhyrxX7STYmEJ0aMSgHPCJ1eCU0se2Xe9YOa3ZJo1CS6lcKJ/i5A2CEBtnmFGcsGogcJN7taR/IMQYL. | |
firewall --service=ssh | |
authselect --useshadow --passalgo=sha512 --kickstart | |
timezone --utc UTC | |
services --disabled gpm,sendmail,cups,pcmcia,isdn,rawdevices,hpoj,bluetooth,openibd,avahi-daemon,avahi-dnsconfd,hidd,hplip,pcscd | |
bootloader --location=mbr --append="nofb quiet splash=quiet" | |
zerombr | |
clearpart --all --initlabel | |
part /boot --fstype="xfs" --ondisk=sda --size=1024 | |
part pv.01 --fstype="lvmpv" --ondisk=sda --size=1024 --grow | |
volgroup vg_sda --pesize=4096 pv.01 | |
logvol swap --fstype="swap" --size=16384 --name=lv_swap --vgname=vg_sda | |
logvol / --fstype="xfs" --size=20480 --name=lv_root --vgname=vg_sda | |
logvol /localscratch --fstype="xfs" --size=10240 --name=lv_localscratch --vgname=vg_sda --grow | |
text | |
reboot | |
%packages | |
yum | |
dhclient | |
chrony | |
-ntp | |
wget | |
@Core | |
%end | |
%post --nochroot --log=/mnt/sysimage/root/install.postnochroot.log | |
/usr/bin/chvt 3 | |
echo "Changed to TTY3 for post installation..." | |
%end | |
%post --log=/root/install.post.log | |
logger "Starting anaconda hyd-rstudio0403.local.lan postinstall" | |
# interface | |
real=`grep -l 10:25:90:7e:e0:2e /sys/class/net/*/{bonding_slave/perm_hwaddr,address} 2>/dev/null | awk -F '/' '// {print $5}' | head -1` | |
sanitized_real=`echo $real | sed s/:/_/` | |
cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$sanitized_real | |
BOOTPROTO="none" | |
IPADDR="192.168.14.56" | |
NETMASK="255.255.255.0" | |
GATEWAY="192.168.14.1" | |
DOMAIN="local.lan" | |
DEVICE=$real | |
HWADDR="00:25:90:7e:e0:2e" | |
ONBOOT=yes | |
PEERDNS=yes | |
PEERROUTES=yes | |
DEFROUTE=yes | |
DNS1="192.168.14.54" | |
MTU=1500 | |
EOF | |
echo "Updating system time" | |
systemctl enable --now chronyd | |
/usr/bin/chronyc -a makestep | |
/usr/sbin/hwclock --systohc | |
echo "##############################################################" | |
echo "################# SUBSCRIPTION MANAGER #######################" | |
echo "##############################################################" | |
echo | |
echo "Starting the subscription-manager registration process" | |
if [ -f /usr/bin/dnf ]; then | |
dnf -y install subscription-manager | |
else | |
yum -t -y install subscription-manager | |
fi | |
rpm -Uvh http://hyd-foreman01.local.lan/pub/katello-ca-consumer-latest.noarch.rpm | |
subscription-manager register --name="hyd-rstudio0403.local.lan" --org='hyd' --activationkey='Rocky Linux 8 Stable Key' | |
if [ -f /usr/bin/dnf ]; then | |
PACKAGE_MAN="dnf -y" | |
else | |
PACKAGE_MAN="yum -t -y" | |
fi | |
$PACKAGE_MAN install katello-host-tools | |
# update all the base packages from the updates repository | |
if [ -f /usr/bin/dnf ]; then | |
dnf -y update | |
else | |
yum -t -y update | |
fi | |
# SSH keys setup snippet for Remote Execution plugin | |
# | |
# Parameters: | |
# | |
# remote_execution_ssh_keys: public keys to be put in ~/.ssh/authorized_keys | |
# | |
# remote_execution_ssh_user: user for which remote_execution_ssh_keys will be | |
# authorized | |
# | |
# remote_execution_create_user: create user if it not already existing | |
# | |
# remote_execution_effective_user_method: method to switch from ssh user to | |
# effective user | |
# | |
# This template sets up SSH keys in any host so that as long as your public | |
# SSH key is in remote_execution_ssh_keys, you can SSH into a host. This | |
# works in combination with Remote Execution plugin by querying smart proxies | |
# to build an array. | |
# | |
# To use this snippet without the plugin provide the SSH keys as host parameter | |
# remote_execution_ssh_keys. It expects the same format like the authorized_keys | |
# file. | |
if [ -f /usr/bin/dnf ]; then | |
dnf -y install puppet-agent | |
else | |
yum -t -y install puppet-agent | |
fi | |
cat > /etc/puppetlabs/puppet/puppet.conf << EOF | |
[main] | |
[agent] | |
pluginsync = true | |
report = true | |
ca_server = hyd-foreman01.local.lan | |
certname = hyd-rstudio0403.local.lan | |
server = hyd-foreman01.local.lan | |
environment = production | |
EOF | |
puppet_unit=puppet | |
/usr/bin/systemctl list-unit-files | grep -q puppetagent && puppet_unit=puppetagent | |
/usr/bin/systemctl enable ${puppet_unit} | |
# export a custom fact called 'is_installer' to allow detection of the installer environment in Puppet modules | |
export FACTER_is_installer=true | |
# passing a non-existent tag like "no_such_tag" to the puppet agent only initializes the node | |
/opt/puppetlabs/bin/puppet agent --config /etc/puppetlabs/puppet/puppet.conf --onetime --tags no_such_tag --server hyd-foreman01.local.lan --no-daemonize | |
touch /tmp/foreman_built | |
%end | |
# copy %pre log files into chroot | |
%post --nochroot | |
cp -vf /tmp/*.pre.*.log /mnt/sysimage/root/ | |
%end | |
%post --log=/root/install.post.custom.log | |
# Custom post snippet generated by "Kickstart default custom post" | |
%end | |
%post --erroronfail | |
if test -f /tmp/foreman_built; then | |
echo "calling home: build is done!" | |
if [ -x /usr/bin/curl ]; then | |
/usr/bin/curl -o /dev/null --noproxy \* -H 'Content-Type: text/plain' --data @/root/install.post.log --silent 'http://hyd-foreman01.local.lan/unattended/built' | |
elif [ -x /usr/bin/wget ]; then | |
/usr/bin/wget -q -O /dev/null --no-proxy --method POST --header 'Content-Type: text/plain' --body-file=/root/install.post.log 'http://hyd-foreman01.local.lan/unattended/built' | |
else | |
wget -q -O /dev/null --header 'Content-Type: text/plain' 'http://hyd-foreman01.local.lan/unattended/built' | |
fi | |
else | |
echo "calling home: build failed!" | |
if [ -x /usr/bin/curl ]; then | |
/usr/bin/curl -o /dev/null --noproxy \* -H 'Content-Type: text/plain' --data @/root/install.post.log --silent 'http://hyd-foreman01.local.lan/unattended/failed' | |
elif [ -x /usr/bin/wget ]; then | |
/usr/bin/wget -q -O /dev/null --no-proxy --method POST --header 'Content-Type: text/plain' --body-file=/root/install.post.log 'http://hyd-foreman01.local.lan/unattended/failed' | |
else | |
wget -q -O /dev/null --header 'Content-Type: text/plain' 'http://hyd-foreman01.local.lan/unattended/failed' | |
fi | |
fi | |
echo "Changing back to TTY1..." | |
/usr/bin/chvt 1 | |
sync | |
%end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment