centos-7.4 ks

1 files changed, 56 insertions, 0 deletions

diff --git a/http/centos-7.4/anaconda-ks.cfg b/http/centos-7.4/anaconda-ks.cfg
new file mode 100644
index 0000000..2b85890
--- /dev/null
+++ b/http/centos-7.4/anaconda-ks.cfg
@@ -0,0 +1,56 @@
+install
+text
+reboot
+lang en_US.UTF-8
+keyboard --vckeymap=de-nodeadkeys --xlayouts='de (nodeadkeys)'
+timezone Europe/Berlin --isUtc --nontp
+auth --enableshadow --passalgo=sha512
+clearpart --none --initlabel
+bootloader --location=mbr --boot-drive=sda
+part biosboot --fstype="biosboot" --ondisk=sda --size=1
+part / --fstype="xfs" --ondisk=sda --grow --label=SLX_SYS
+
+%packages
+@^minimal
+@core
+kexec-tools
+%end
+
+# small python script to extract the password from the kernel command line
+# expects the password given as: rootpw=<password>
+%pre --interpreter=/usr/bin/python
+import shlex, crypt
+arg = 'rootpw='
+with open('/proc/cmdline', 'r') as f:
+  kcl = f.read().split()
+# extract the password
+passwords = [x[len(arg):] for x in kcl if x.startswith(arg)]
+if len(passwords) == 1:
+  kclpass = passwords[0]
+# TODO sane fallbacks. This should work most of the time though :)
+# generate SHA512 hash
+hash = crypt.crypt(kclpass, crypt.mksalt(crypt.METHOD_SHA512))
+with open('/tmp/setup-root-pass', 'w') as f:
+  f.write('rootpw --iscrypted ' + hash)
+%end
+# include the created password file
+%include /tmp/setup-root-pass
+
+%post --erroronfail
+yum -y update
+yum -y install epel-release
+yum -y install ansible
+yum -y install systemd-networkd systemd-resolved
+# allow root login for ansible
+sed 's,^[[:blank:]]*#*PermitRootLogin.*,PermitRootLogin yes,g' /etc/ssh/sshd_config
+
+sed -i 's,^SELINUX=,SELINUX=permissive,' /etc/sysconfig/selinux
+
+ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
+cat > /etc/sysconfig/network-scripts/ifcfg-eth0 <<EOF
+DEVICE="eth0"
+BOOTPROTO="dhcp"
+ONBOOT="yes"
+TYPE="Ethernet"
+EOF
+%end