lourenco/mgmt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
ee7ad7cbbe4e064a3b5bbcd9e24af9dfd02e7308
mgmt/lang/core/embedded/provisioner/files/kickstart.ks.tmpl
James Shubin ee7ad7cbbe lang: core: embedded: provisioner: Skip ignore if no drives available 
Small bug for certain setups.
2025-06-12 18:11:14 -04:00

203 lines
4.5 KiB
Cheetah
Raw Blame History

{{ if .comment -}}
#
# {{ .comment }}
#
{{- end }}
#
# readme
#
# All of this is based on reading docs, experimentation, and the kickstarts repo
# at: https://pagure.io/fedora-kickstarts which I am not an expert at reading.
# If you have recommendations for improvements, please let us know! Thanks.
#
# flavour: {{ .flavour }}
# part: {{ .part }}
# bios: {{ .bios }}
#
# system
#
text # text based install (not graphical)
{{ if .lang -}}
{{- $length_minus1 := math_minus1 (len .lang | printf "%d" | golang_strconv_atoi ) -}}
lang {{ index .lang 0 }}
{{- if gt (len .lang) 1 }} --addsupport=
{{- range $i, $x := .lang -}}
{{ if eq $i 0 }}{{ continue }}{{ end }}
{{- $x -}}
{{- if lt $i $length_minus1 -}},{{- end -}}
{{- end -}}
{{- end -}}
{{- end }}
keyboard us
{{ if .timezone -}}
# System timezone
timezone {{ .timezone }} --isUtc
{{- if .ntp_servers }} --ntpservers={{ golang_strings_join .ntp_servers "," }}{{ end -}}
{{- end }}
#
# security
#
{{ if .password -}}
# password can be encrypted with:
# python3 -c 'import crypt; print(crypt.crypt("password", crypt.mksalt(crypt.METHOD_SHA512)))'
# or
# openssl passwd -6 -salt <YOUR_SALT> (salt can be omitted to generate one)
rootpw --iscrypted --allow-ssh {{ .password }}
{{ else }}
rootpw --iscrypted --lock
{{- end }}
selinux --enforcing
services --enabled=sshd,NetworkManager,chronyd
{{ if .sshkeys -}}
# TODO: sort in a deterministic order
{{ range $user, $pubkey := .sshkeys -}}
sshkey --username {{ $user }} "{{ $pubkey }}"
{{- end -}}
{{- end }}
#
# networking
#
# --device=link
# specifies the first interface with its link in the up state
# --activate
# any matching devices beyond the first will also be activated
#
network --bootproto=dhcp --device=link --activate{{ if .hostname }} --hostname={{ .hostname }}{{ end }}
firewall --enabled --service=mdns
#
# partitioning
#
# TODO: add more magic partitioning schemes
%pre --interpreter=/bin/bash
# detect all USB disks using udevadm (we want to ignore ipxe disks for example)
usb_disks=$(for dev in /sys/block/sd*; do
devname=$(basename "$dev")
if udevadm info --query=property --name=/dev/$devname | grep -q '^ID_BUS=usb'; then
echo -n "$devname"
fi
done | paste -sd, -)
# Output the ignoredisk directive to a temporary file.
if [ "${usb_disks}" != "" ]; then
echo "ignoredisk --drives=${usb_disks}" > /tmp/ignoredisk.ks
fi
%end
%include /tmp/ignoredisk.ks
zerombr
clearpart --all --initlabel --disklabel={{ if .bios }}msdos{{ else }}gpt{{ end }}
{{ if eq .part "btrfs" -}}
autopart --type=btrfs --noswap
{{- else if eq .part "plain" -}}
autopart --type=plain
{{- else -}}
autopart --type=plain
{{- end }}
#
# repositories
#
{{ if .url -}}
url --url="{{ .url }}"
{{- end }}
{{ if .repos -}}
# TODO: sort in a deterministic order
{{- range $name, $baseurl := .repos }}
repo --name="{{ $name }}" --baseurl="{{ $baseurl }}"
{{- end }}
{{- end }}
#
# packages
#
%packages --timeout 60 --retries 3 # handle spurious failures
@core
@standard
@hardware-support
{{ if eq .flavour "Workstation" -}}
# Packages for Workstation:
-initial-setup
-initial-setup-gui
gnome-initial-setup
#anaconda-webui
@base-x
@fonts
@input-methods
@multimedia
@printing
-@guest-desktop-agents
glibc-all-langpacks
-@dial-up
-@input-methods
-@standard
# Install workstation-product-environment to resolve RhBug:1891500
@^workstation-product-environment
# Exclude unwanted packages from @anaconda-tools group
-gfs2-utils
-reiserfs-utils
{{- else if eq .flavour "Server" -}}
# Packages for Server:
fedora-release-server
# install the default groups for the server environment since installing the environment is not working
@server-product
@headless-management
@networkmanager-submodules
@container-management
@domain-client
@guest-agents
@server-hardware-support
-initial-setup-gui
-generic-release*
{{- end }}
# User packages:
{{ range $i, $x := .packages -}}
{{ $x }}
{{ end -}}
%end
#
# misc
#
bootloader --timeout=1
# make sure that initial-setup runs and lets us do all the configuration bits
firstboot --reconfig
#
# flavour
#
{{ if eq .flavour "Workstation" -}}
%post
# Explicitly set graphical.target as default as this is how initial-setup detects which version to run
systemctl set-default graphical.target
%end
{{ else if eq .flavour "Server" -}}
%post
# setup systemd to boot to the right runlevel
echo -n "Setting default runlevel to multiuser text mode"
systemctl set-default multi-user.target
echo .
%end
{{ end -}}
#
# post
#
%post --log /root/post_ks.log --erroronfail
{{ range $i, $x := .post -}}
{{ $x }}
{{ end -}}
%end
#
# reboot after installation
#
reboot
Reference in New Issue View Git Blame Copy Permalink