diff options
author | Jonathan Bauer | 2022-03-25 15:47:33 +0100 |
---|---|---|
committer | Jonathan Bauer | 2022-03-25 15:47:33 +0100 |
commit | f65626b1ff08d6dd6eb278f9ba5ebec9b819250b (patch) | |
tree | be4175a5a0e493120058fef4ff1c9d118d28cf01 /http | |
parent | include ssh-rsa as key algo for ansible (diff) | |
download | packer-templates-f65626b1ff08d6dd6eb278f9ba5ebec9b819250b.tar.gz packer-templates-f65626b1ff08d6dd6eb278f9ba5ebec9b819250b.tar.xz packer-templates-f65626b1ff08d6dd6eb278f9ba5ebec9b819250b.zip |
initial rocky8 support
based on the Manuel (Messner)'s work
Diffstat (limited to 'http')
l--------- | http/rocky-8 | 1 | ||||
-rw-r--r-- | http/rocky/anaconda-ks.cfg | 107 |
2 files changed, 108 insertions, 0 deletions
diff --git a/http/rocky-8 b/http/rocky-8 new file mode 120000 index 0000000..c8dbb8c --- /dev/null +++ b/http/rocky-8 @@ -0,0 +1 @@ +rocky
\ No newline at end of file diff --git a/http/rocky/anaconda-ks.cfg b/http/rocky/anaconda-ks.cfg new file mode 100644 index 0000000..6a8b152 --- /dev/null +++ b/http/rocky/anaconda-ks.cfg @@ -0,0 +1,107 @@ +# install +# text +# reboot +# # url --mirrorlist="https://mirrors.rockylinux.org/metalink?repo=rocky-$releasever&arch=$basearch" +# # url --url="https://ftp.gwdg.de/pub/linux/rocky/$releasever/Minimal/$basearch/os/" +# lang en_US.UTF-8 +# keyboard --vckeymap=us --xlayouts='us' +# timezone Europe/Berlin --isUtc --nontp +# auth --enableshadow --passalgo=sha512 +# clearpart --none --initlabel +# bootloader --location=mbr --boot-drive=sda +# part biosboot --fstype="biosboot" --ondisk=sda --size=1 +# part / --fstype="ext4" --ondisk=sda --grow --label=SLX_SYS + + +# url --mirrorlist="https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=$basearch" +clearpart --none --initlabel +bootloader --location=mbr --boot-drive=sda +part biosboot --fstype=biosboot --ondisk=sda --size=1 +part / --fstype=xfs --asprimary --ondisk=sda --grow --label=SLX_SYS +lang en_US.UTF-8 +keyboard --vckeymap=us --xlayouts='us' +timezone Europe/Berlin --isUtc --nontp +text +reboot + + +%packages +@minimal-environment +@core +curl +kexec-tools +openssh +strace +tmux +%end + +%pre --interpreter=/usr/bin/perl +use strict; +use warnings; +use feature 'say'; + +open(my $fp, '<', '/proc/cmdline') or die $!; +chomp(my $line = scalar <$fp>); +close($fp); + +my @tokens = map {/^rootpw=(.*)/ ? $1 : () } + split / /, $line; + +exit if @tokens < 1; + +my $pw = crypt($tokens[0], "\$6\$1U9v8hxj6xmYNJBA\$"); + +open($fp, '>', '/tmp/setup-root-pass') or die $!; +say $fp "rootpw --iscrypted $pw"; +close($fp); +%end + +# small python script to extract the password from the kernel command line +# expects the password given as: rootpw=<password> +# %pre --interpreter=/usr/bin/python +# import shlex, crypt +# arg = 'rootpw=' +# with open('/proc/cmdline', 'r') as f: +# kcl = f.read().split() +# # extract the password +# passwords = [x[len(arg):] for x in kcl if x.startswith(arg)] +# if len(passwords) == 1: +# kclpass = passwords[0] +# # TODO sane fallbacks. This should work most of the time though :) +# # generate SHA512 hash +# hash = crypt.crypt(kclpass, crypt.mksalt(crypt.METHOD_SHA512)) +# with open('/tmp/setup-root-pass', 'w') as f: +# f.write('rootpw --iscrypted ' + hash) +# %end +# include the created password file +%include /tmp/setup-root-pass + +%post --erroronfail +set -x +# rpm --import 'https://www.elrepo.org/RPM-GPG-KEY-elrepo.org' +# yum -y install 'http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm' +# yum-config-manager --enable elrepo-kernel +# yum -y makecache +# yum -y install kernel-ml kernel-ml-devel kernel-ml-headers +# sed -i 's,^GRUB_DEFAULT=.*$,GRUB_DEFAULT=0,' /etc/default/grub +# grub2-mkconfig -o /boot/grub2/grub.cfg +# dnf -y install epel-release +# +dnf -y install epel-release +dnf -y update +dnf -y install ansible atop git htop iftop jq mutt nmap nmap-ncat systemd-networkd tcpdump vim wget +systemctl enable sshd +alternatives --set python /usr/bin/python3 + +# allow root login for ansible +sed -i 's,^[[:blank:]]*#*PermitRootLogin.*,PermitRootLogin yes,g' /etc/ssh/sshd_config + +ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules +cat > /etc/sysconfig/network-scripts/ifcfg-eth0 <<EOF +DEVICE="eth0" +BOOTPROTO="dhcp" +ONBOOT="yes" +TYPE="Ethernet" +EOF +set +x +%end |