Skip to content

Instantly share code, notes, and snippets.

@rremilian

rremilian/rocky.ks.cfg

Last active April 16, 2025 09:23
Show Gist options
  • Save rremilian/7e330ffc92872d1f7b411b935f25611a to your computer and use it in GitHub Desktop.
Save rremilian/7e330ffc92872d1f7b411b935f25611a to your computer and use it in GitHub Desktop.
Download ZIP
Kickstart configuration
Raw
rocky.ks.cfg
#version=Rocky Linux 9
#documentation: https://docs.fedoraproject.org/en-US/fedora/f36/install-guide/appendixes/Kickstart_Syntax_Reference/
# PRE-INSTALLATION SCRIPT
%pre --interpreter=/usr/bin/bash --log=/root/anaconda-ks-pre.log
%end
# INSTALL USING TEXT MODE
text
# KEYBOARDS, LANGUAGES, TIMEZONE
keyboard --vckeymap=us --xlayouts=us
lang en_US.UTF-8
timezone Europe/Bucharest
# NETWORK, SELINUX, FIREWALL
network --hostname='rocky-gi.example.lan'
network --device=virbr0 --bootproto=dhcp --onboot=on --noipv6 --activate
selinux --enforcing
firewall --enabled --ssh
# DISKS, PARTITIONS, VOLUME GROUPS, LOGICAL VOLUMES
ignoredisk --only-use=vda
zerombr
clearpart --all --initlabel --disklabel=gpt
bootloader --location=mbr --boot-drive=vda
autopart --type=lvm
# INSTALLATION SOURCE, EXTRA REPOSITOROIES, PACKAGE GROUPS, PACKAGES
url --mirrorlist="http://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=BaseOS-$releasever"
repo --mirrorlist="http://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=AppStream-$releasever" --name=AppStream --cost=0
repo --mirrorlist="http://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=extras-$releasever" --name=Extras --cost=0
# Extras repository is needed to install `epel-release` package.
# Remove `@guest-agents` group if this is not a VM.
%packages --retries=5 --timeout=20 --inst-langs=en
@^minimal-environment
@guest-agents
sudo
qemu-guest-agent
epel-release
openssh-server
vim
gcc
gcc-c++
cloud-init
%end
# GROUPS, USERS, ENABLE SSH, FINISH INSTALL
rootpw --lock
# Create user 'myuser' and group 'mygroup' (with GID 3000), make it myuser's primary group, and add myuser to administrative 'wheel' group.
user --name=gold --password='strong_strong_password' --plaintext --groups='wheel' --gid=1000
services --enabled='sshd.service'
reboot --eject
# ENABLE EMERGENCY KERNEL DUMPS FOR DEBUGGING
%addon com_redhat_kdump --reserve-mb=auto --enable
%end
# POST-INSTALLATION SCRIPT
%post --interpreter=/usr/bin/bash --log=/root/anaconda-ks-post.log --erroronfail
# Allow user gold to use sudo without entering a password.
echo "gold ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/gold
# Enable CodeReady Builder repo (requires `epel-release` package).
/usr/bin/dnf config-manager --set-enabled crb
%end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment