nicolas
/
pxe-lab
mirror of https://github.com/nmasse-itix/pxe-lab.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
My PXE Lab
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5 Commits
1 Branch
0 Tags
33 KiB
 
Branch: main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
pxe-lab/pxe-setup/auto-ks.cfg

127 lines
2.7 KiB
Raw Permalink Blame History

##
## Environment setup
##
# CentOS Stream mirror URL
url --url=http://ftp.pasteur.fr/mirrors/CentOS/8-stream/BaseOS/x86_64/os/
# Install mode: text (interactive installs) or cmdline (unattended installs)
# cmdline
text
# Hash password with SHA-512
authselect --enableshadow --passalgo=sha512
# French keyboard layout
keyboard --vckeymap=fr --xlayouts='fr'
# English i18n
lang en_US.UTF-8
# Accept the EULA
eula --agreed
# Which action to perform after install: poweroff or reboot
poweroff
##
## network configuration
##
# Configure the first network device
network --bootproto=dhcp --device=enp1s0 --noipv6 --activate
# Set the hostname
network --hostname=localhost.localdomain
# Timezone is GMT
timezone Etc/GMT --utc
##
## partitioning
##
# Install on /dev/vda
ignoredisk --only-use=vda
# Install Grub in the MBR of /dev/vda
bootloader --location=mbr --boot-drive=vda
# Clear the target disk
zerombr
# Remove existing partitions
clearpart --all --initlabel
# Automatically create partitions required by hardware platform
reqpart
# Create the root partition
part / --fstype xfs --size=1 --grow --asprimary --label=root
##
## User Accounts
##
# Generate encrypted password with "openssl passwd -6"
rootpw --lock
user --groups=wheel --name=nicolas --iscrypted --password=$6$XUTB20jVVXIqh78k$L1A9Lft5JlbOtNbeDP.fOZ5giLl09LfJGGCon5uwtsIhPJoNkj4SIk08Rb6vSowOps2ik5tlUwT2ZOZ6jjr7.0 --gecos="Nicolas MASSE"
# Inject the SSH key of nicolas
sshkey --username nicolas "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPR1tt58X0+vbvsCR12gMAqr+g7vjt1Fx/qqz9EiboIs nicolas@localhost.localdomain"
##
## SELinux and Firewalld
##
selinux --enforcing
firewall --enabled --ssh
##
## Software Packages
##
%packages --ignoremissing
@core
@^minimal
net-tools
hdparm
iptraf
iotop
vim-enhanced
tmux
rsync
tree
unzip
tar
tcpdump
telnet
strace
bind-utils
%end
##
## Install scripts
##
%post --interpreter=/bin/bash
# Enable KVM virsh console access
systemctl enable serial-getty@ttyS0.service
systemctl start serial-getty@ttyS0.service
# Help identify when logged in as root
echo "PS1='\[\033[01;31m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]# '" >> /root/.bashrc
# Regular users get a different prompt
echo "PS1='\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '" >> /etc/skel/.bashrc
echo "PS1='\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '" >> /home/nicolas/.bashrc
# Disable password authentication over SSH
sed -i.post-install -e "s/PasswordAuthentication yes/PasswordAuthentication no/" /etc/ssh/sshd_config
service sshd restart
# Do not ask password for sudo
sed -i.post-install -e "s/^%wheel\tALL=(ALL)\tALL/%wheel ALL=(ALL) NOPASSWD: ALL/" /etc/sudoers
%end