-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathsat63-ks.cfg
88 lines (80 loc) · 3.27 KB
/
sat63-ks.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
# version=DEVEL
# System authorization information
auth --enableshadow --passalgo=sha512
# Use CDROM installation media
cdrom
# Use text install
text
# Firewall configuration
firewall --enabled
# Keyboard layouts
keyboard --vckeymap=de --xlayouts='de'
# System language
lang en_US.UTF-8
# Network information
network --bootproto=static --device=eth0 --ip=188.138.111.111 --netmask=255.255.255.255 --gateway=85.25.208.173 --nameserver=85.25.159.110 --noipv6 --activate --interfacename=wan
network --bootproto=static --device=eth1 --ip=172.24.200.3 --netmask=255.255.255.0 --nodefroute --noipv6 --onboot=yes --interfacename=sat
network --bootproto=dhcp --device=eth2 --nodefroute --noipv6 --onboot=yes --interfacename=lan
network --hostname=pu-sat.lunetix.org
# Root password
# python -c 'import crypt; print(crypt.crypt("My Password", "$6$_My_PieceOfGrain"))'
rootpw --iscrypted $6$_My_PieceOfGrain$t.LcYtKxv3GrqNyiUOoE8d.SovHvq75z58Q23DRsZJ9qneueKzHSiI05yh3xo.vRlQolA9B27/GDiwABgftug1
# SELinux configuration
selinux --enforcing
# System services
services --enabled="chronyd"
# Do not configure the X Window System
skipx
# System timezone
timezone Europe/Berlin --isUtc --ntpservers=0.rhel.pool.ntp.org,1.rhel.pool.ntp.org,2.rhel.pool.ntp.org
# Disk Partitioning
# Ignore all Disks except sda
ignoredisk --only-use=sda
# Partition clearing information
clearpart --none --initlabel
# Clear the Master Boot Record
zerombr
# System bootloader configuration
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
# Partition clearing information
clearpart --all --initlabel --drives=sda
# Partitioning
part /boot --fstype="xfs" --ondisk=sda --size=1024
part pv.01 --fstype="lvmpv" --ondisk=sda --size=102400
part pv.02 --fstype="lvmpv" --ondisk=sda --size=409600
volgroup vg_sys pv.01
logvol / --fstype="xfs" --percent=100 --name=root --vgname=vg_sys
volgroup vg_openshift pv.02
# Preinstallation Scripts
%pre --logfile /root/ks-pre.log
%end
# Postinstallation Scripts
%post --logfile /root/ks-post.log
set -x
subscription-manager register --org=1234567 --activationkey=sat63-31132c12-100d-4f4e-9a0a-24f41b107449
subscription-manager repos --disable="*"
subscription-manager repos \
--enable=rhel-7-server-rpms \
--enable=rhel-server-rhscl-7-rpms \
--enable=rhel-7-server-optional-rpms \
--enable=rhel-7-server-satellite-6.3-rpms \
--enable=rhel-7-server-satellite-6.3-puppet4-rpms
yum -y install vim wget git net-tools bind-utils bridge-utils bash-completion kexec-tools sos psacct
yum -y update
mkdir -m0700 /root/.ssh/
cat <<EOF >/root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyQ+Ro5u/qzoh2/aPW496ndiM2I3iQGqmwBtqd4Ik9nGIkX7MmQAhzPnkgWYGfx8WJ6GaGBGsY9yDbbDpKYLSqw5MqEqM/8NPlkKA3ejVUpVgmoSOMqevMN/SdFZ3aZ8QMiMtCeyrxOyfHNlY4Idnl/aYogTbP49A5OD1Wa1OAzYZlNXkTtkcTC7tMECyYl2OVOnkVU43ayPP+KfuRmTYxCdd0oLuQebjb04+0cIit8wnDhSprILfkpCfwudYfKymXrKEkMVCI15HFv9JEgP4FZ0hjl2NmokdMvs7ADPTxvzK3VN7KCBaS3JxvJSl4AQhZ1w7zu4NFKvCVcv+AqpS5Q== [email protected]
EOF
chmod 0600 /root/.ssh/authorized_keys
restorecon -R /root/.ssh/
yum -y install rng-tools
systemctl enable --now rngd
firewall-cmd --permanent --add-service='RH-Satellite-6' --add-service='dns' --add-service='dhcp' --add-service='tftp' --add-service='http' --add-service='https'
%end
# Packages
%packages
@^minimal
@core
chrony
kexec-tools
%end