|
<%#
|
|
kind: provision
|
|
name: Kickstart RHEL default
|
|
oses:
|
|
- RedHat
|
|
%>
|
|
<%#
|
|
This template accepts the following parameters:
|
|
- lang: string (default="en_US.UTF-8")
|
|
- selinux: string (default="enforcing")
|
|
- keyboard: string (default="us")
|
|
- time-zone: string (default="UTC")
|
|
- http-proxy: string (default="")
|
|
- http-proxy-port: string (default="")
|
|
- force-puppet: boolean (default=false)
|
|
- enable-puppetlabs-repo: boolean (default=false)
|
|
- enable-puppetlabs-pc1-repo: boolean (default=false)
|
|
- salt_master: string (default=undef)
|
|
- ntp-server: string (default="0.fedora.pool.ntp.org")
|
|
- bootloader-append: string (default="nofb quiet splash=quiet")
|
|
- disable-firewall: boolean (default=false)
|
|
%>
|
|
<%
|
|
os_major = @host.operatingsystem.major.to_i
|
|
realm_compatible = os_major >= 7 ? true : false
|
|
# safemode renderer does not support unary negation
|
|
pm_set = @host.puppetmaster.empty? ? false : true
|
|
proxy_uri = @host.params['http-proxy'] ? "http://#{@host.params['http-proxy']}:#{@host.params['http-proxy-port']}" : nil
|
|
proxy_string = proxy_uri ? " --proxy=#{proxy_uri}" : ''
|
|
puppet_enabled = pm_set || @host.param_true?('force-puppet')
|
|
salt_enabled = @host.params['salt_master'] ? true : false
|
|
chef_enabled = @host.respond_to?(:chef_proxy) && @host.chef_proxy
|
|
section_end = os_major <= 5 ? '' : '%end'
|
|
%>
|
|
install
|
|
<%= @mediapath %><%= proxy_string %>
|
|
lang <%= @host.params['lang'] || 'en_US.UTF-8' %>
|
|
selinux --<%= @host.params['selinux'] || 'enforcing' %>
|
|
keyboard <%= @host.params['keyboard'] || 'us' %>
|
|
skipx
|
|
|
|
<% subnet = @host.subnet -%>
|
|
<% if subnet.respond_to?(:dhcp_boot_mode?) -%>
|
|
<% dhcp = subnet.dhcp_boot_mode? && !@static -%>
|
|
<% else -%>
|
|
<% dhcp = !@static -%>
|
|
<% end -%>
|
|
network --bootproto <%= dhcp ? 'dhcp' : "static --ip=#{@host.ip} --netmask=#{subnet.mask} --gateway=#{subnet.gateway} --nameserver=#{[subnet.dns_primary, subnet.dns_secondary].select(&:present?).join(',')}" %> --hostname <%= @host %><%= os_major >= 6 ? " --device=#{@host.mac}" : '' -%>
|
|
|
|
rootpw --iscrypted <%= root_pass %>
|
|
<% if @host.param_true?('disable-firewall') -%>
|
|
firewall --disable
|
|
<% else -%>
|
|
firewall --<%= os_major >= 6 ? 'service=' : '' %>ssh
|
|
<% end -%>
|
|
authconfig --useshadow --passalgo=sha256 --kickstart
|
|
timezone --utc <%= @host.params['time-zone'] || 'UTC' %>
|
|
<% if os_major > 4 -%>
|
|
services --disabled gpm,sendmail,cups,pcmcia,isdn,rawdevices,hpoj,bluetooth,openibd,avahi-daemon,avahi-dnsconfd,hidd,hplip,pcscd
|
|
<% end -%>
|
|
|
|
<% if realm_compatible && @host.info['parameters']['realm'] && @host.realm && @host.realm.realm_type == 'Active Directory' -%>
|
|
# One-time password will be requested at install time. Otherwise, $HOST[OTP] is used as a placeholder value.
|
|
realm join --one-time-password='<%= @host.otp || "$HOST[OTP]" %>' <%= @host.realm %>
|
|
<% end -%>
|
|
|
|
<% if os_major > 4 -%>
|
|
repo --name="EPEL" --mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-<%= @host.operatingsystem.major %>&arch=<%= @host.architecture %><%= proxy_string %>
|
|
<% if puppet_enabled -%>
|
|
<% if @host.param_true?('enable-puppetlabs-repo') -%>
|
|
repo --name=puppetlabs-products --baseurl=http://yum.puppetlabs.com/el/<%= @host.operatingsystem.major %>/products/<%= @host.architecture %><%= proxy_string %>
|
|
repo --name=puppetlabs-deps --baseurl=http://yum.puppetlabs.com/el/<%= @host.operatingsystem.major %>/dependencies/<%= @host.architecture %><%= proxy_string %>
|
|
<% end -%>
|
|
<% if @host.param_true?('enable-puppetlabs-pc1-repo') -%>
|
|
repo --name=puppetlabs-pc1 --baseurl=http://yum.puppetlabs.com/el/<%= @host.operatingsystem.major %>/PC1/<%= @host.architecture %><%= proxy_string %>
|
|
<% end -%>
|
|
<% end -%>
|
|
<% end -%>
|
|
|
|
bootloader --location=mbr --append="<%= @host.params['bootloader-append'] || 'nofb quiet splash=quiet' %>" <%= grub_pass %>
|
|
<% if os_major == 5 -%>
|
|
key --skip
|
|
<% end -%>
|
|
|
|
<% if @dynamic -%>
|
|
%include /tmp/diskpart.cfg
|
|
<% else -%>
|
|
<%= @host.diskLayout %>
|
|
<% end -%>
|
|
|
|
text
|
|
reboot
|
|
|
|
%packages
|
|
yum
|
|
dhclient
|
|
ntp
|
|
wget
|
|
@Core
|
|
<% if os_major >= 6 -%>
|
|
redhat-lsb-core
|
|
<% end -%>
|
|
<% if os_major > 4 -%>
|
|
epel-release
|
|
<% end -%>
|
|
<% if puppet_enabled -%>
|
|
<% if @host.param_true?('enable-puppetlabs-repo') -%>
|
|
puppetlabs-release
|
|
<% end -%>
|
|
<% if @host.param_true?('enable-puppetlabs-pc1-repo') -%>
|
|
puppetlabs-release-pc1
|
|
<% end -%>
|
|
<% end -%>
|
|
<% if salt_enabled %>
|
|
salt-minion
|
|
<% end -%>
|
|
<%= section_end -%>
|
|
|
|
<% if @dynamic -%>
|
|
%pre
|
|
<%= @host.diskLayout %>
|
|
<%= section_end -%>
|
|
<% end -%>
|
|
|
|
%post --nochroot
|
|
exec < /dev/tty3 > /dev/tty3
|
|
#changing to VT 3 so that we can see whats going on....
|
|
/usr/bin/chvt 3
|
|
(
|
|
cp -va /etc/resolv.conf /mnt/sysimage/etc/resolv.conf
|
|
/usr/bin/chvt 1
|
|
) 2>&1 | tee /mnt/sysimage/root/install.postnochroot.log
|
|
<%= section_end -%>
|
|
|
|
%post
|
|
logger "Starting anaconda <%= @host %> postinstall"
|
|
exec < /dev/tty3 > /dev/tty3
|
|
#changing to VT 3 so that we can see whats going on....
|
|
/usr/bin/chvt 3
|
|
(
|
|
<% if subnet.respond_to?(:dhcp_boot_mode?) -%>
|
|
<%= snippet 'kickstart_networking_setup' %>
|
|
<% end -%>
|
|
|
|
#update local time
|
|
echo "updating system time"
|
|
/usr/sbin/ntpdate -sub <%= @host.params['ntp-server'] || '0.fedora.pool.ntp.org' %>
|
|
/usr/sbin/hwclock --systohc
|
|
|
|
<%= snippet 'redhat_register' %>
|
|
|
|
<% if @host.info['parameters']['realm'] && @host.realm && @host.realm.realm_type == 'FreeIPA' -%>
|
|
<%= snippet 'freeipa_register' %>
|
|
<% end -%>
|
|
|
|
<% if proxy_uri -%>
|
|
# Yum proxy
|
|
echo 'proxy = <%= proxy_uri %>' >> /etc/yum.conf
|
|
<% end -%>
|
|
|
|
# update all the base packages from the updates repository
|
|
yum -t -y update
|
|
|
|
<%= snippet('remote_execution_ssh_keys') %>
|
|
|
|
<% if chef_enabled %>
|
|
<%= snippet 'chef_client' %>
|
|
<% end -%>
|
|
|
|
<% if puppet_enabled %>
|
|
<%= snippet 'puppet_setup' %>
|
|
<% end -%>
|
|
|
|
<% if salt_enabled %>
|
|
<%= snippet 'saltstack_setup' %>
|
|
<% end -%>
|
|
|
|
sync
|
|
|
|
# Inform the build system that we are done.
|
|
echo "Informing Foreman that we are built"
|
|
wget -q -O /dev/null --no-check-certificate <%= foreman_url('built') %>
|
|
) 2>&1 | tee /root/install.post.log
|
|
exit 0
|
|
|
|
<%= section_end -%>
|