|
<%#
|
|
kind: provision
|
|
name: AutoYaST SLES default
|
|
model: ProvisioningTemplate
|
|
oses:
|
|
- SLES
|
|
description: |
|
|
Provisioning template for the SLES AutoYaST installer.
|
|
-%>
|
|
<%
|
|
os_major = @host.operatingsystem.major.to_i
|
|
os_minor = @host.operatingsystem.minor.to_i
|
|
# safemode renderer does not support unary negation
|
|
aio_enabled = host_param_true?('enable-puppetlabs-puppet5-repo') || host_param_true?('enable-puppet5')
|
|
puppet_enabled = !host_param_true?('skip-puppet-setup') && (host_puppet_server.present? || host_param_true?('force-puppet'))
|
|
salt_enabled = host_param('salt_master') ? true : false
|
|
sles_minor_string = (os_minor == 0) ? '' : "_SP#{os_minor}"
|
|
spacewalk_enabled = host_param('spacewalk_host') ? true : false
|
|
|
|
primary_interface_identifier = @host.primary_interface.identifier.blank? ? 'eth0' : @host.primary_interface.identifier
|
|
primary_interface_subnet = @host.primary_interface.subnet
|
|
-%>
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE profile>
|
|
<profile xmlns="http://www.suse.com/1.0/yast2ns" xmlns:config="http://www.suse.com/1.0/configns">
|
|
<general>
|
|
<mode>
|
|
<confirm config:type="boolean">false</confirm>
|
|
<final_reboot config:type="boolean">true</final_reboot>
|
|
</mode>
|
|
</general>
|
|
<networking>
|
|
<dns>
|
|
<hostname><%= @host.name %></hostname>
|
|
<% unless primary_interface_subnet.dhcp_boot_mode? -%>
|
|
<dhcp_hostname config:type="boolean">false</dhcp_hostname>
|
|
<% if os_major < 12 -%>
|
|
<dhcp_resolv config:type="boolean">false</dhcp_resolv>
|
|
<% end -%>
|
|
<% if @host.domain -%>
|
|
<domain><%= @host.domain -%></domain>
|
|
<% end -%>
|
|
<% unless primary_interface_subnet.dns_servers.empty? -%>
|
|
<nameservers config:type="list">
|
|
<% primary_interface_subnet.dns_servers.each do |nameserver| -%>
|
|
<nameserver><%= nameserver %></nameserver>
|
|
<% end -%>
|
|
</nameservers>
|
|
<% end -%>
|
|
<% else -%>
|
|
<resolv_conf_policy>auto</resolv_conf_policy>
|
|
<% end -%>
|
|
<% if @host.domain -%>
|
|
<searchlist config:type="list">
|
|
<search><%= @host.domain %></search>
|
|
</searchlist>
|
|
<% end -%>
|
|
</dns>
|
|
<interfaces config:type="list">
|
|
<%
|
|
@host.managed_interfaces.each do |interface|
|
|
next if !interface.managed? || interface.subnet.nil? || interface.ip.nil?
|
|
dhcp = interface.subnet.dhcp_boot_mode?
|
|
-%>
|
|
<% if dhcp -%>
|
|
<interface>
|
|
<bootproto>dhcp</bootproto>
|
|
<% if os_major >= 15 and os_minor >= 5 -%>
|
|
<name><%= interface.primary ? primary_interface_identifier : interface.identifier -%></name>
|
|
<% else -%>
|
|
<device><%= interface.primary ? primary_interface_identifier : interface.identifier -%></device>
|
|
<usercontrol>no</usercontrol>
|
|
<% end -%>
|
|
<startmode>auto</startmode>
|
|
</interface>
|
|
<% else -%>
|
|
<interface>
|
|
<bootproto>static</bootproto>
|
|
<% if os_major >= 15 and os_minor >= 5 -%>
|
|
<name><%= interface.primary ? primary_interface_identifier : interface.identifier -%></name>
|
|
<ipaddr><%= interface.ip -%>/<%= interface.subnet.cidr -%></ipaddr>
|
|
<% else -%>
|
|
<device><%= interface.primary ? primary_interface_identifier : interface.identifier -%></device>
|
|
<ipaddr><%= interface.ip -%></ipaddr>
|
|
<netmask><%= interface.subnet.mask -%></netmask>
|
|
<usercontrol>no</usercontrol>
|
|
<% end -%>
|
|
<startmode>auto</startmode>
|
|
</interface>
|
|
<% end -%>
|
|
<% end -%>
|
|
</interfaces>
|
|
<% unless primary_interface_subnet.dhcp_boot_mode? -%>
|
|
<routing>
|
|
<routes config:type="list">
|
|
<route>
|
|
<destination>default</destination>
|
|
<device><%= primary_interface_identifier -%></device>
|
|
<gateway><%= primary_interface_subnet.gateway -%></gateway>
|
|
<netmask><%= primary_interface_subnet.mask -%></netmask>
|
|
</route>
|
|
</routes>
|
|
</routing>
|
|
<% end -%>
|
|
</networking>
|
|
<% if os_major >= 15 -%>
|
|
<ntp-client>
|
|
<ntp_policy>auto</ntp_policy>
|
|
<ntp_servers config:type="list">
|
|
<ntp_server>
|
|
<address><%= host_param('ntp-server') || '0.opensuse.pool.ntp.org' %></address>
|
|
<iburst config:type="boolean">false</iburst>
|
|
<offline config:type="boolean">true</offline>
|
|
</ntp_server>
|
|
</ntp_servers>
|
|
<ntp_sync>15</ntp_sync>
|
|
</ntp-client>
|
|
<% else -%>
|
|
<ntp-client>
|
|
<configure_dhcp config:type="boolean">false</configure_dhcp>
|
|
<peers config:type="list">
|
|
<peer>
|
|
<address><%= host_param('ntp-server') || '0.opensuse.pool.ntp.org' %></address>
|
|
<initial_sync config:type="boolean">true</initial_sync>
|
|
<options></options>
|
|
<type>server</type>
|
|
</peer>
|
|
</peers>
|
|
<start_at_boot config:type="boolean">true</start_at_boot>
|
|
<start_in_chroot config:type="boolean">true</start_in_chroot>
|
|
</ntp-client>
|
|
<% end -%>
|
|
<% if ! @dynamic -%>
|
|
<%= @host.diskLayout %>
|
|
<% end -%>
|
|
<% if os_major >= 15 -%>
|
|
<services-manager>
|
|
<default_target>multi-user</default_target>
|
|
<services>
|
|
<enable config:type="list">
|
|
<service>sshd</service>
|
|
</enable>
|
|
</services>
|
|
</services-manager>
|
|
<% else -%>
|
|
<runlevel>
|
|
<default>3</default>
|
|
<services config:type="list">
|
|
<service>
|
|
<service_name>sshd</service_name>
|
|
<service_status>enable</service_status>
|
|
</service>
|
|
</services>
|
|
</runlevel>
|
|
<% end -%>
|
|
<software>
|
|
<% if os_major >= 15 -%>
|
|
<products config:type="list">
|
|
<product>SLES</product>
|
|
</products>
|
|
<patterns config:type="list">
|
|
<pattern>enhanced_base</pattern>
|
|
</patterns>
|
|
<% else -%>
|
|
<patterns config:type="list">
|
|
<pattern>Minimal</pattern>
|
|
</patterns>
|
|
<% end -%>
|
|
<packages config:type="list">
|
|
<package>lsb-release</package>
|
|
<package>openssh</package>
|
|
<% if puppet_enabled -%>
|
|
<% if aio_enabled -%>
|
|
<package>puppet-agent</package>
|
|
<% else -%>
|
|
<package>rubygem-puppet</package>
|
|
<% end -%>
|
|
<% end -%>
|
|
<% if spacewalk_enabled -%>
|
|
<package>rhn-setup</package>
|
|
<% end -%>
|
|
<% if host_param('additional-packages').present? -%>
|
|
<%= host_param('additional-packages').split(" ").collect{|x| "<package>#{x}</package>" }.join("\n") %>
|
|
<% end -%>
|
|
</packages>
|
|
</software>
|
|
<users config:type="list">
|
|
<user>
|
|
<username>root</username>
|
|
<encrypted config:type="boolean">true</encrypted>
|
|
<fullname>root</fullname>
|
|
<gid>0</gid>
|
|
<home>/root</home>
|
|
<shell>/bin/bash</shell>
|
|
<uid>0</uid>
|
|
<user_password><%= root_pass %></user_password>
|
|
</user>
|
|
</users>
|
|
<scripts>
|
|
<% if @dynamic -%>
|
|
<pre-scripts config:type="list">
|
|
<script>
|
|
<debug config:type="boolean">true</debug>
|
|
<filename>pre_disklayout</filename>
|
|
<interpreter>shell</interpreter>
|
|
<source><![CDATA[
|
|
<%= @host.diskLayout %>
|
|
]]>
|
|
</source>
|
|
</script>
|
|
</pre-scripts>
|
|
<% end -%>
|
|
<chroot-scripts config:type="list">
|
|
<script>
|
|
<filename>cp-resolv.sh</filename>
|
|
<chrooted config:type="boolean">false</chrooted>
|
|
<interpreter>shell</interpreter>
|
|
<notification>Copying resolv.conf into chroot ...</notification>
|
|
<source><![CDATA[
|
|
cp /etc/resolv.conf /mnt/etc
|
|
]]>
|
|
</source>
|
|
</script>
|
|
<script>
|
|
<filename>foreman.sh</filename>
|
|
<chrooted config:type="boolean">true</chrooted>
|
|
<interpreter>shell</interpreter>
|
|
<notification>Setting up Puppet / Foreman ...</notification>
|
|
<source><![CDATA[
|
|
/bin/hostname <%= @host.name %>
|
|
|
|
<%= snippet_if_exists(template_name + " custom pre") -%>
|
|
|
|
<%= snippet('remote_execution_ssh_keys') %>
|
|
|
|
<%= snippet "blacklist_kernel_modules" %>
|
|
|
|
<% if spacewalk_enabled -%>
|
|
<%= snippet 'redhat_register' %>
|
|
<% end -%>
|
|
|
|
<% if puppet_enabled -%>
|
|
<%= snippet 'puppet_setup' %>
|
|
<% end -%>
|
|
|
|
<% if salt_enabled %>
|
|
<%= snippet 'saltstack_setup' %>
|
|
<% end -%>
|
|
|
|
<%= snippet_if_exists(template_name + " custom post") -%>
|
|
|
|
<%= snippet 'eject_cdrom' -%>
|
|
<%= snippet 'built' -%>
|
|
|
|
rm /etc/resolv.conf
|
|
]]>
|
|
</source>
|
|
</script>
|
|
</chroot-scripts>
|
|
</scripts>
|
|
<% if os_major >= 15 -%>
|
|
<firewall>
|
|
<enable_firewall config:type="boolean">true</enable_firewall>
|
|
<log_denied_packets>off</log_denied_packets>
|
|
<default_zone>public</default_zone>
|
|
<zones config:type="list">
|
|
<zone>
|
|
<name>public</name>
|
|
<services config:type="list">
|
|
<service>ssh</service>
|
|
<service>dhcpv6-client</service>
|
|
</services>
|
|
</zone>
|
|
</zones>
|
|
</firewall>
|
|
<% end -%>
|
|
<keyboard>
|
|
<keymap>english-us</keymap>
|
|
</keyboard>
|
|
<timezone>
|
|
<hwclock>UTC</hwclock>
|
|
<timezone><%= host_param('time-zone') || 'Etc/UTC' %></timezone>
|
|
</timezone>
|
|
<add-on>
|
|
<add_on_products config:type="list">
|
|
<% if os_major >= 15 && host_param('sle-module-basesystem-url') -%>
|
|
<listentry>
|
|
<media_url><%= host_param('sle-module-basesystem-url') %></media_url>
|
|
<product_dir>/Module-Basesystem</product_dir>
|
|
<product>sle-module-basesystem</product>
|
|
</listentry>
|
|
<% if os_minor >= 1 && os_minor < 4 && host_param('sle-module-basesystem-url') -%>
|
|
<listentry>
|
|
<media_url><%= host_param('sle-module-basesystem-url') %></media_url>
|
|
<product_dir>/Module-Python2</product_dir>
|
|
<product>sle-module-python2</product>
|
|
</listentry>
|
|
<% end -%>
|
|
<% end -%>
|
|
<% if puppet_enabled -%>
|
|
<% if host_param_true?('enable-official-puppet8-repo') || host_param_true?('enable-official-puppet7-repo') || host_param_true?('enable-puppetlabs-puppet6-repo') || host_param_true?('enable-puppetlabs-puppet5-repo') -%>
|
|
<%
|
|
puppet_repo_url_base = 'http://yum.puppet.com'
|
|
if host_param_true?('enable-official-puppet8-repo')
|
|
puppet_repo_url = "#{puppet_repo_url_base}/puppet7/sles/#{os_major}/#{@host.architecture}/"
|
|
elsif host_param_true?('enable-official-puppet7-repo')
|
|
puppet_repo_url = "#{puppet_repo_url_base}/puppet7/sles/#{os_major}/#{@host.architecture}/"
|
|
elsif host_param_true?('enable-puppetlabs-puppet6-repo')
|
|
puppet_repo_url = "#{puppet_repo_url_base}/puppet6/sles/#{os_major}/#{@host.architecture}/"
|
|
elsif host_param_true?('enable-puppetlabs-puppet5-repo')
|
|
puppet_repo_url = "#{puppet_repo_url_base}/puppet5/sles/#{os_major}/#{@host.architecture}/"
|
|
end
|
|
%>
|
|
<listentry>
|
|
<media_url><![CDATA[<%= puppet_repo_url %>]]></media_url>
|
|
<name>puppet</name>
|
|
<product>puppet</product>
|
|
<product_dir>/</product_dir>
|
|
<signature-handling>
|
|
<accept_non_trusted_gpg_key>
|
|
<all config:type="boolean">false</all>
|
|
<keys config:type="list">
|
|
<keyid>7F438280EF8D349F</keyid>
|
|
</keys>
|
|
</accept_non_trusted_gpg_key>
|
|
<import_gpg_key>
|
|
<all config:type="boolean">false</all>
|
|
<keys config:type="list">
|
|
<keyid>7F438280EF8D349F</keyid>
|
|
</keys>
|
|
</import_gpg_key>
|
|
</signature-handling>
|
|
</listentry>
|
|
<% else -%>
|
|
<listentry>
|
|
<media_url><![CDATA[http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_<%= os_major %><%= sles_minor_string %>/]]></media_url>
|
|
<name>systemsmanagement_puppet</name>
|
|
<product>systemsmanagement_puppet</product>
|
|
<product_dir>/</product_dir>
|
|
<signature-handling>
|
|
<accept_non_trusted_gpg_key>
|
|
<all config:type="boolean">false</all>
|
|
<keys config:type="list">
|
|
<keyid>2ABFA143A0E46E11</keyid>
|
|
</keys>
|
|
</accept_non_trusted_gpg_key>
|
|
<import_gpg_key>
|
|
<all config:type="boolean">false</all>
|
|
<keys config:type="list">
|
|
<keyid>2ABFA143A0E46E11</keyid>
|
|
</keys>
|
|
</import_gpg_key>
|
|
</signature-handling>
|
|
</listentry>
|
|
<% if os_major < 12 -%>
|
|
<listentry>
|
|
<media_url><![CDATA[http://download.opensuse.org/repositories/devel:languages:ruby:backports/SLE_<%= os_major %><%= sles_minor_string %>/]]></media_url>
|
|
<name>devel_languages_ruby_backports</name>
|
|
<product>devel_languages_ruby_backports</product>
|
|
<product_dir>/</product_dir>
|
|
<signature-handling>
|
|
<accept_non_trusted_gpg_key>
|
|
<all config:type="boolean">false</all>
|
|
<keys config:type="list">
|
|
<keyid>9AF0C9A20E9AF123</keyid>
|
|
</keys>
|
|
</accept_non_trusted_gpg_key>
|
|
<import_gpg_key>
|
|
<all config:type="boolean">false</all>
|
|
<keys config:type="list">
|
|
<keyid>9AF0C9A20E9AF123</keyid>
|
|
</keys>
|
|
</import_gpg_key>
|
|
</signature-handling>
|
|
</listentry>
|
|
<listentry>
|
|
<!-- you have to update the next line with the actual URL of your SDK -->
|
|
<media_url>http://<your_server_here>/iso/suse/SDK/<%= os_major %>.<%= os_minor %>/<%= @host.architecture %>/</media_url>
|
|
<product>SuSE-Linux-SDK</product>
|
|
<product_dir>/</product_dir>
|
|
<name>SuSE-Linux-SDK</name>
|
|
</listentry>
|
|
<% end -%>
|
|
<% end -%>
|
|
<% end -%>
|
|
<% if salt_enabled -%>
|
|
<listentry>
|
|
<media_url><![CDATA[http://download.opensuse.org/repositories/devel:languages:python/SLE_<%= os_major %><%= sles_minor_string %>/]]></media_url>
|
|
<name>devel_languages_python</name>
|
|
<product>devel_languages_python</product>
|
|
<product_dir>/</product_dir>
|
|
<signature-handling>
|
|
<accept_non_trusted_gpg_key>
|
|
<all config:type="boolean">false</all>
|
|
<keys config:type="list">
|
|
<keyid>27163A4EEDF0D733</keyid>
|
|
</keys>
|
|
</accept_non_trusted_gpg_key>
|
|
<import_gpg_key>
|
|
<all config:type="boolean">false</all>
|
|
<keys config:type="list">
|
|
<keyid>27163A4EEDF0D733</keyid>
|
|
</keys>
|
|
</import_gpg_key>
|
|
</signature-handling>
|
|
</listentry>
|
|
<% end -%>
|
|
<% if spacewalk_enabled -%>
|
|
<listentry>
|
|
<media_url><![CDATA[http://download.opensuse.org/repositories/systemsmanagement:/spacewalk/SLE_<%= os_major %><%= sles_minor_string %>/]]></media_url>
|
|
<name>systemsmanagement_spacewalk</name>
|
|
<product>systemsmanagement_spacewalk</product>
|
|
<product_dir>/</product_dir>
|
|
<signature-handling>
|
|
<accept_non_trusted_gpg_key>
|
|
<all config:type="boolean">false</all>
|
|
<keys config:type="list">
|
|
<keyid>2ABFA143A0E46E11</keyid>
|
|
</keys>
|
|
</accept_non_trusted_gpg_key>
|
|
<import_gpg_key>
|
|
<all config:type="boolean">false</all>
|
|
<keys config:type="list">
|
|
<keyid>2ABFA143A0E46E11</keyid>
|
|
</keys>
|
|
</import_gpg_key>
|
|
</signature-handling>
|
|
</listentry>
|
|
<% end -%>
|
|
</add_on_products>
|
|
</add-on>
|
|
</profile>
|