# This kickstart file was rendered from the Foreman provisioning template "Kickstart default". url --url http://foreman.lbhr.htm.lan/pulp/content/HTM/Beheer/COV_Rocky8-Base/custom/Rocky8/Rocky8-BaseOS/ # renamed from "http://foreman.lbhr.htm.lan/pulp/content/HTM/Beheer/COV_Rocky8-Base/custom/Rocky8/Rocky8-AppStream/" for Rocky Anaconda to work repo --name AppStream --baseurl http://foreman.lbhr.htm.lan/pulp/content/HTM/Beheer/COV_Rocky8-Base/custom/Rocky8/Rocky8-AppStream/ repo --name Rocky8-BaseOS --baseurl http://foreman.lbhr.htm.lan/pulp/content/HTM/Beheer/COV_Rocky8-Base/custom/Rocky8/Rocky8-BaseOS/ lang en_US.UTF-8 selinux --enforcing keyboard us skipx network --device=82:f1:8e:1b:6f:66 --hostname client.lbhr.htm.lan --noipv6 --bootproto dhcp --mtu=1500 --nameserver=192.168.255.1 rootpw --iscrypted $6$xxxxxxxxxxxxxxx firewall --service=ssh authselect --useshadow --passalgo=sha512 --kickstart timezone --utc UTC services --disabled gpm,sendmail,cups,pcmcia,isdn,rawdevices,hpoj,bluetooth,openibd,avahi-daemon,avahi-dnsconfd,hidd,hplip,pcscd bootloader --location=mbr --append="nofb quiet splash=quiet" zerombr clearpart --all --initlabel ignoredisk --only-use=sda autopart --nohome text reboot %packages subscription-manager yum dhclient chrony -ntp wget @Core redhat-lsb-core %end %post --nochroot --log=/mnt/sysimage/root/install.postnochroot.log /usr/bin/chvt 3 echo "Changed to TTY3 for post installation..." %end %post --log=/root/install.post.log logger "Starting anaconda client.lbhr.htm.lan postinstall" # eth0 interface real=`grep -l 82:f1:8e:1b:6f:66 /sys/class/net/*/{bonding_slave/perm_hwaddr,address} 2>/dev/null | awk -F '/' '// {print $5}' | head -1` sanitized_real=`echo $real | sed s/:/_/` cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$sanitized_real BOOTPROTO="dhcp" DOMAIN="lbhr.htm.lan" DEVICE=$real HWADDR="82:f1:8e:1b:6f:66" ONBOOT=yes PEERDNS=yes PEERROUTES=yes DEFROUTE=yes MTU=1500 EOF echo "Updating system time" systemctl enable --now chronyd /usr/bin/chronyc -a makestep /usr/sbin/hwclock --systohc echo "##############################################################" echo "################# SUBSCRIPTION MANAGER #######################" echo "##############################################################" echo echo "Starting the subscription-manager registration process" if [ -f /usr/bin/dnf ]; then dnf -y install subscription-manager else yum -t -y install subscription-manager fi rpm -Uvh http://foreman.lbhr.htm.lan/pub/katello-ca-consumer-latest.noarch.rpm subscription-manager register --name="client.lbhr.htm.lan" --org='HTM' --activationkey='Rocky8-Base-Beheer' if [ -f /usr/bin/dnf ]; then PACKAGE_MAN="dnf -y" else PACKAGE_MAN="yum -t -y" fi $PACKAGE_MAN install katello-host-tools # update all the base packages from the updates repository if [ -f /usr/bin/dnf ]; then dnf -y update else yum -t -y update fi # SSH keys setup snippet for Remote Execution plugin # # Parameters: # # remote_execution_ssh_keys: public keys to be put in ~/.ssh/authorized_keys # # remote_execution_ssh_user: user for which remote_execution_ssh_keys will be # authorized # # remote_execution_create_user: create user if it not already existing # # remote_execution_effective_user_method: method to switch from ssh user to # effective user # # This template sets up SSH keys in any host so that as long as your public # SSH key is in remote_execution_ssh_keys, you can SSH into a host. This # works in combination with Remote Execution plugin by querying smart proxies # to build an array. # # To use this snippet without the plugin provide the SSH keys as host parameter # remote_execution_ssh_keys. It expects the same format like the authorized_keys # file. user_exists=false getent passwd ansible >/dev/null 2>&1 && user_exists=true if ! $user_exists; then useradd -m ansible && user_exists=true fi if $user_exists; then mkdir -p ~ansible/.ssh cat << EOF >> ~ansible/.ssh/authorized_keys ssh-ed25519 xxxxxxxxxx EOF chmod 0700 ~ansible/.ssh chmod 0600 ~ansible/.ssh/authorized_keys chown -R ansible: ~ansible/.ssh # Restore SELinux context with restorecon, if it's available: command -v restorecon && restorecon -RvF ~ansible/.ssh || true echo "ansible ALL = (root) NOPASSWD : ALL Defaults:ansible !requiretty" > /etc/sudoers.d/ansible else echo 'The remote_execution_ssh_user does not exist and remote_execution_create_user is not set to true. remote_execution_ssh_keys snippet will not install keys' fi touch /tmp/foreman_built %end # copy %pre log files into chroot %post --nochroot cp -vf /tmp/*.pre.*.log /mnt/sysimage/root/ %end %post --log=/root/install.post.custom.log # Custom post snippet generated by "Kickstart default custom post" %end %post --erroronfail if test -f /tmp/foreman_built; then echo "calling home: build is done!" if [ -x /usr/bin/curl ]; then /usr/bin/curl -o /dev/null --noproxy \* -H 'Content-Type: text/plain' --data @/root/install.post.log --silent 'http://foreman.lbhr.htm.lan:8000/unattended/built?token=c103ffe2-a6d4-484f-b189-6235b74d0339' elif [ -x /usr/bin/wget ]; then /usr/bin/wget -q -O /dev/null --no-proxy --method POST --header 'Content-Type: text/plain' --body-file=/root/install.post.log 'http://foreman.lbhr.htm.lan:8000/unattended/built?token=c103ffe2-a6d4-484f-b189-6235b74d0339' else wget -q -O /dev/null --header 'Content-Type: text/plain' 'http://foreman.lbhr.htm.lan:8000/unattended/built?token=c103ffe2-a6d4-484f-b189-6235b74d0339' fi else echo "calling home: build failed!" if [ -x /usr/bin/curl ]; then /usr/bin/curl -o /dev/null --noproxy \* -H 'Content-Type: text/plain' --data @/root/install.post.log --silent 'http://foreman.lbhr.htm.lan:8000/unattended/failed?token=c103ffe2-a6d4-484f-b189-6235b74d0339' elif [ -x /usr/bin/wget ]; then /usr/bin/wget -q -O /dev/null --no-proxy --method POST --header 'Content-Type: text/plain' --body-file=/root/install.post.log 'http://foreman.lbhr.htm.lan:8000/unattended/failed?token=c103ffe2-a6d4-484f-b189-6235b74d0339' else wget -q -O /dev/null --header 'Content-Type: text/plain' 'http://foreman.lbhr.htm.lan:8000/unattended/failed?token=c103ffe2-a6d4-484f-b189-6235b74d0339' fi fi echo "Changing back to TTY1..." /usr/bin/chvt 1 sync %end