install url --url lang pl_PL selinux --enforcing keyboard us skipx network --bootproto static --ip= --netmask= --gateway= --nameserver= --hostname --device=52:54:00:d1:a2:d4 rootpw --iscrypted $5$RiRMrhU+$0KSjAegZ9yg0SqOVl5TumsuiiSiPfUPrTHQoLeuCQJ1 firewall --service=ssh authconfig --useshadow --passalgo=SHA256 --kickstart timezone --utc Europe/Warsaw services --disabled gpm,sendmail,cups,pcmcia,isdn,rawdevices,hpoj,bluetooth,openibd,avahi-daemon,avahi-dnsconfd,hidd,hplip,pcscd repo --name="EPEL" --mirrorlist= bootloader --location=mbr --append="nofb quiet splash=quiet" %include /tmp/diskpart.cfg text reboot %packages yum dhclient ntp wget @Core redhat-lsb-core epel-release puppet %end %pre #Dynamic disks=($(awk '{if ($NF ~ "^(v|s|h)d|cciss" && $NF !~ "((s|h)d|c.d.)[a-z][0-9]$") print $4}' /proc/partitions)) cat < /tmp/diskpart.cfg zerombr clearpart --all --initlabel part /boot --ondisk=${disks[0]} --fstype=ext4 --size 300 --asprimary part pv.01 --ondisk=${disks[0]} --size=8120 --grow volgroup vg00 pv.01 logvol / --fstype=ext4 --name=root --vgname=vg00 --size=20480 logvol /var --fstype=ext4 --name=var --vgname=vg00 --percent=20 logvol /home --fstype=ext4 --name=home --vgname=vg00 --grow --size=5120 EOF %end %post --nochroot exec < /dev/tty3 > /dev/tty3 #changing to VT 3 so that we can see whats going on.... /usr/bin/chvt 3 ( cp -va /etc/resolv.conf /mnt/sysimage/etc/resolv.conf /usr/bin/chvt 1 ) 2>&1 | tee /mnt/sysimage/root/install.postnochroot.log %end %post logger "Starting anaconda postinstall" exec < /dev/tty3 > /dev/tty3 #changing to VT 3 so that we can see whats going on.... /usr/bin/chvt 3 ( # eth0 interface real=`ip -o link | grep 52:54:00:d1:a2:d4 | awk '{print $2;}' | sed s/:$//` # ifcfg files are ignored by NM if their name contains colons so we convert colons to underscore sanitized_real=$real cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$sanitized_real BOOTPROTO="none" IPADDR="" NETMASK="" GATEWAY="" DEVICE=$real HWADDR="52:54:00:d1:a2:d4" ONBOOT=yes PEERDNS=yes PEERROUTES=yes DNS1= EOF #update local time echo "updating system time" /usr/sbin/ntpdate -sub /usr/sbin/hwclock --systohc # update all the base packages from the updates repository if [ -f /usr/bin/dnf ]; then dnf -y update else yum -t -y update fi # SSH keys setup snippet for Remote Execution plugin # # Parameters: # # remote_execution_ssh_keys: public keys to be put in ~/.ssh/authorized_keys # # remote_execution_ssh_user: user for which remote_execution_ssh_keys will be # authorized # # This template sets up SSH keys in any host so that as long as your public # SSH key is in remote_execution_ssh_keys, you can SSH into a host. This only # works in combination with Remote Execution plugin. # A personal recomendation: create a global parameter remote_execution_ssh_keys # and put your keys there, so that you can access any newly provisioned host # without having to set up the parameter on every host or host group. if [ -f /usr/bin/dnf ]; then dnf -y install puppet else yum -t -y install puppet fi cat > /etc/puppet/puppet.conf << EOF [main] vardir = /var/lib/puppet logdir = /var/log/puppet rundir = /var/run/puppet ssldir = \$vardir/ssl [agent] pluginsync = true report = true ignoreschedules = true ca_server = certname = environment = production server = EOF puppet_unit=puppet /usr/bin/systemctl list-unit-files | grep -q puppetagent && puppet_unit=puppetagent /usr/bin/systemctl enable ${puppet_unit} /sbin/chkconfig --level 345 puppet on # export a custom fact called 'is_installer' to allow detection of the installer environment in Puppet modules export FACTER_is_installer=true # passing a non-existent tag like "no_such_tag" to the puppet agent only initializes the node /usr/bin/puppet agent --config /etc/puppet/puppet.conf --onetime --tags no_such_tag --server --no-daemonize sync # Inform the build system that we are done. echo "Informing Foreman that we are built" wget -q -O /dev/null --no-check-certificate ) 2>&1 | tee /root/ exit 0 %end