# install # text # reboot # # url --mirrorlist="https://mirrors.rockylinux.org/metalink?repo=rocky-$releasever&arch=$basearch" # # url --url="https://ftp.gwdg.de/pub/linux/rocky/$releasever/Minimal/$basearch/os/" # lang en_US.UTF-8 # keyboard --vckeymap=us --xlayouts='us' # timezone Europe/Berlin --isUtc --nontp # auth --enableshadow --passalgo=sha512 # clearpart --none --initlabel # bootloader --location=mbr --boot-drive=sda # part biosboot --fstype="biosboot" --ondisk=sda --size=1 # part / --fstype="ext4" --ondisk=sda --grow --label=SLX_SYS # url --mirrorlist="https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=$basearch" clearpart --none --initlabel bootloader --location=mbr --boot-drive=sda part biosboot --fstype=biosboot --ondisk=sda --size=1 part / --fstype=xfs --asprimary --ondisk=sda --grow --label=SLX_SYS lang en_US.UTF-8 keyboard --vckeymap=us --xlayouts='us' timezone Europe/Berlin --isUtc --nontp text reboot %packages @core %end %pre --interpreter=/usr/bin/perl use strict; use warnings; use feature 'say'; open(my $fp, '<', '/proc/cmdline') or die $!; chomp(my $line = scalar <$fp>); close($fp); my @tokens = map {/^rootpw=(.*)/ ? $1 : () } split / /, $line; exit if @tokens < 1; my $pw = crypt($tokens[0], "\$6\$1U9v8hxj6xmYNJBA\$"); open($fp, '>', '/tmp/setup-root-pass') or die $!; say $fp "rootpw --iscrypted $pw"; close($fp); %end # small python script to extract the password from the kernel command line # expects the password given as: rootpw= # %pre --interpreter=/usr/bin/python # import shlex, crypt # arg = 'rootpw=' # with open('/proc/cmdline', 'r') as f: # kcl = f.read().split() # # extract the password # passwords = [x[len(arg):] for x in kcl if x.startswith(arg)] # if len(passwords) == 1: # kclpass = passwords[0] # # TODO sane fallbacks. This should work most of the time though :) # # generate SHA512 hash # hash = crypt.crypt(kclpass, crypt.mksalt(crypt.METHOD_SHA512)) # with open('/tmp/setup-root-pass', 'w') as f: # f.write('rootpw --iscrypted ' + hash) # %end # include the created password file %include /tmp/setup-root-pass %post --erroronfail set -x parted -s /dev/sda -- name 2 SLX_SYS # rpm --import 'https://www.elrepo.org/RPM-GPG-KEY-elrepo.org' # yum -y install 'http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm' # yum-config-manager --enable elrepo-kernel # yum -y makecache # yum -y install kernel-ml kernel-ml-devel kernel-ml-headers # sed -i 's,^GRUB_DEFAULT=.*$,GRUB_DEFAULT=0,' /etc/default/grub # grub2-mkconfig -o /boot/grub2/grub.cfg # dnf -y install epel-release # dnf -y install epel-release dnf -y update dnf -y install curl git python3 vim wget #dnf -y install atop git htop iftop jq mutt nmap nmap-ncat systemd-networkd tcpdump vim wget dnf clean all #systemctl enable sshd #alternatives --set python /usr/bin/python3 # allow root login for ansible sed -i 's,^[[:blank:]]*#*PermitRootLogin.*,PermitRootLogin yes,g' /etc/ssh/sshd_config ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules cat > /etc/sysconfig/network-scripts/ifcfg-eth0 <