``` <%# kind: provision name: Kickstart RHEL default oses: - RedHat 4 - RedHat 5 - RedHat 6 - RedHat 7 %> <%# This template accepts the following parameters: - lang: string (default="en_US.UTF-8") - keyboard: string (default="us") - time-zone: string (default="UTC") - http-proxy: string (default="") - http-proxy-port: string (default="") - force-puppet: boolean (default=false) - enable-puppetlabs-repo: boolean (default=false) - salt_master: string (default=undef) - ntp-server: string (default="0.fedora.pool.ntp.org") %> <% os_major = @host.operatingsystem.major.to_i # safemode renderer does not support unary negation pm_set = @host.puppetmaster.empty? ? false : true proxy_string = @host.params['http-proxy'] ? " --proxy=http://#{@host.params['http-proxy']}:#{@host.params['http-proxy-port']}" : '' puppet_enabled = pm_set || @host.params['force-puppet'] && @host.params['force-puppet'] == 'true' salt_enabled = @host.params['salt_master'] ? true : false section_end = os_major <= 5 ? '' : '%end' %> install <%= @mediapath %><%= proxy_string %> lang <%= @host.params['lang'] || 'en_US.UTF-8' %> selinux --enforcing keyboard <%= @host.params['keyboard'] || 'us' %> skipx <% subnet = @host.subnet -%> <% if subnet.respond_to?(:dhcp_boot_mode?) -%> <% dhcp = subnet.dhcp_boot_mode? && !@static -%> <% else -%> <% dhcp = !@static -%> <% end -%> network --bootproto <%= dhcp ? 'dhcp' : "static --ip=#{@host.ip} --netmask=#{subnet.mask} --gateway=#{subnet.gateway} --nameserver=#{[subnet.dns_primary, subnet.dns_secondary].select(&:present?).join(',')}" %> --device=<%= @host.mac -%> --hostname <%= @host %> rootpw --iscrypted <%= root_pass %> firewall --<%= os_major >= 6 ? 'service=' : '' %>ssh authconfig --useshadow --passalgo=sha256 --kickstart timezone <%= @host.params['time-zone'] ||'UTC' %> <% if os_major >= 7 && @host.info['parameters']['realm'] && @host.otp && @host.realm && @host.realm.realm_type == 'Active Directory' -%> realm join --one-time-password=<%= @host.otp %> <%= @host.realm %> <% end -%> <% if os_major > 4 -%> services --disabled gpm,sendmail,cups,pcmcia,isdn,rawdevices,hpoj,bluetooth,openibd,avahi-daemon,avahi-dnsconfd,hidd,hplip,pcscd #repo --name="EPEL" --mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-<%= @host.operatingsystem.major %>&arch=<%= @host.architecture %><%= proxy_string %> <% if puppet_enabled && @host.params['enable-puppetlabs-repo'] && @host.params['enable-puppetlabs-repo'] == 'true' -%> repo --name=puppetlabs-products --baseurl=http://yum.puppetlabs.com/el/<%= @host.operatingsystem.major %>/products/<%= @host.architecture %><%= proxy_string %> repo --name=puppetlabs-deps --baseurl=http://yum.puppetlabs.com/el/<%= @host.operatingsystem.major %>/dependencies/<%= @host.architecture %><%= proxy_string %> <% end -%> <% end -%> bootloader --extlinux --location=mbr --append="nofb quiet splash=quiet" <%= grub_pass %> #bootloader --location=mbr --append="nofb quiet splash=quiet" <%= grub_pass %> <% if os_major == 5 -%> key --skip <% end -%> <% if @dynamic -%> %include /tmp/diskpart.cfg <% else -%> <%= @host.diskLayout %> <% end -%> text reboot %packages yum dhclient ntp wget @Core <% if os_major >= 6 -%> redhat-lsb-core <% end -%> #epel-release <% if puppet_enabled && @host.params['enable-puppetlabs-repo'] && @host.params['enable-puppetlabs-repo'] == 'true' -%> puppetlabs-release <% end -%> <% if salt_enabled %> salt-minion <% end -%> <%= section_end -%> <% if @dynamic -%> %pre <%= @host.diskLayout %> <%= section_end -%> <% end -%> %post --nochroot exec < /dev/tty3 > /dev/tty3 #changing to VT 3 so that we can see whats going on.... /usr/bin/chvt 3 ( cp -va /etc/resolv.conf /mnt/sysimage/etc/resolv.conf /usr/bin/chvt 1 ) 2>&1 | tee /mnt/sysimage/root/install.postnochroot.log <%= section_end -%> %post logger "Starting anaconda <%= @host %> postinstall" exec < /dev/tty3 > /dev/tty3 #changing to VT 3 so that we can see whats going on.... /usr/bin/chvt 3 ( <% if subnet.respond_to?(:dhcp_boot_mode?) -%> <%= snippet 'kickstart_networking_setup' %> # Perform certain actions on interfaces based on the script #wget http://10.13.37.1/pub/scripts/moc_netconf.sh #cp moc_netconf.sh /etc/init.d/moc_netconf #chmod 755 /etc/init.d/moc_netconf #chkconfig --add moc_netconf #chmod +x moc_netconf.sh #./moc_netconf.sh start <% end -%> #update local time echo "updating system time" /usr/sbin/ntpdate -sub <%= @host.params['ntp-server'] || '0.fedora.pool.ntp.org' %> /usr/sbin/hwclock --systohc <%= snippet 'redhat_register' %> <% if @host.info['parameters']['realm'] && @host.otp && @host.realm && @host.realm.realm_type == 'FreeIPA' -%> <%= snippet 'freeipa_register' %> <% end -%> # update all the base packages from the updates repository yum -t -y -e 0 update <% if puppet_enabled %> # and add the puppet package yum -t -y -e 0 install puppet echo "Configuring puppet" cat > /etc/puppet/puppet.conf << EOF <%= snippet 'puppet.conf' %> EOF # Setup puppet to run on system reboot /sbin/chkconfig --level 345 puppet on /usr/bin/puppet agent --config /etc/puppet/puppet.conf -o --tags no_such_tag <%= @host.puppetmaster.blank? ? '' : "--server #{@host.puppetmaster}" %> --no-daemonize <% end -%> <% if salt_enabled %> cat > /etc/salt/minion << EOF <%= snippet 'saltstack_minion' %> EOF # Setup salt-minion to run on system reboot /sbin/chkconfig --level 345 salt-minion on # Running salt-call to trigger key signing salt-call --no-color --grains >/dev/null <% end -%> sync # Inform the build system that we are done. echo "Informing Foreman that we are built" wget -q -O /dev/null --no-check-certificate <%= foreman_url %> ) 2>&1 | tee /root/install.post.log exit 0 <%= section_end -%> ```