#platform=x86, AMD64, or Intel EM64T firewall --disabled selinux --disabled # Install OS instead of upgrade install reboot #interactive #text firstboot --enable url --url="http://172.23.102.27/centos75/" #url --url="http://172.23.102.27/terem-pak-2015/terem/" # The --nodefroute is applied in %post. network --device=enp16s0f1 --bootproto=dhcp --onboot=on #--nodefroute network --device=enp16s0f0 --onboot=off # No bridges yet in case Terem sets the network up. network --device=enp16s0f0.357 --bootproto=dhcp --onboot=on logging --level=info repo --name=CentOS --baseurl="http://172.23.102.27/centos75/" services --enabled ssh #services --disabled NetworkManager #services --disabled NetworkManager-wait-online skipx #vnc # Root password rootpw --iscrypted $6$6KN65zy8nBlKkTaY$4CKD.yYtXVxxHP9Ph2ng4TtySbnNB81WjqeIrFyGvrqJM.eTgJFX4icFBrRhJ.zeDa8eBbgwR7lRu2i8ng2UJ0 auth --useshadow --passalgo=sha512 # System authorization information keyboard us timezone Europe/Moscow lang en_US # System bootloader configuration #bootloader --location=mbr --driveorder=sdj --append="noapic crashkernel=auto rhgb quiet" #utopart --type=lvm %pre #pre section #----- partitioning logic below-------------- SCSI_DEVICE=$(ls 2>/dev/null /dev/disk/by-path/*-scsi-* | grep -vi usb | head -1) ROOTDRIVE=$(readlink -f "$SCSI_DEVICE") echo "ROOTDRIVE=$ROOTDRIVE" if [ -d /sys/firmware/efi/ ]; then BOOTPARTITION="part /boot/efi --fstype=efi --ondisk=$ROOTDRIVE --size=256" BOOTLOADER='bootloader --append="console=tty12"' else BOOTPARTITION="part biosboot --fstype=biosboot --ondisk=$ROOTDRIVE --size=2" BOOTLOADER='bootloader --append="console=tty12" --location=mbr' BOOTLOADER="$BOOTLOADER --driveorder=$ROOTDRIVE" fi cat << EOF > /tmp/partitioning-include ignoredisk --only-use=$ROOTDRIVE zerombr clearpart --all --drives=$ROOTDRIVE --initlabel $BOOTLOADER $BOOTPARTITION part swap --fstype="swap" --ondisk=$ROOTDRIVE --size=5120 part / --asprimary --fstype="ext4" --ondisk=$ROOTDRIVE --size=40960 part /var --fstype="ext4" --grow --ondisk=$ROOTDRIVE --size=1 EOF %end %include /tmp/partitioning-include #for test #clearpart --all --drives=sda --initlabel #part / --asprimary --fstype="ext4" --ondisk=sda --size=25000 #part /usr --fstype="ext4" --ondisk=sda --size=25000 #part swap --fstype="swap" --ondisk=sda --size=5000 #part /home --fstype="ext4" --grow --ondisk=sda --size=1 #for real machine # Disk partitioning information (maybe add --onbiosdisk) #part / --asprimary --fstype="ext4" --size=25000 #part /usr --fstype="ext4" --size=25000 #part swap --fstype="swap" --size=5000 #part /home --fstype="ext4" --grow --size=1 %packages @base @compat-libraries @console-internet @hardware-monitoring @infiniband @large-systems @network-file-system-client @network-tools @performance @security-tools ## these 3 do not exist as of CentOS 7.5 #@storage-client-fcoe #@storage-client-iscsi #@storage-client-multipath %end %post # SSH Keys mkdir -m700 -p /root/.ssh cat </root/.ssh/authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVVks3/kuNEa+f0e5duUNlRkzWJC54MBnb2GYij+MI8MVxmYrYl5V+eo62IiNPbRULCOCfL91Vzpn3dHXzXeMdBluQk6jX5WGXKrpfODZwEcrotp9UkMgNXstkqw3XID50hhKYgeQh3p3PY/0LrGFJan9L7FvJ2hGAz/3ugy72/wOP0fyPy501TZZIdzburpeAC6oCddqaVNLN75oEs3A22HVoE5nqKSyDdSEq7d0vY0Ps93csNegFCjKyO+styyFzJvj38R7y6xJk++sMVRL0UKociCVQ5zCU+wFL6pu6B62ofif5sSlLXyJn3c8mFfVw8ufnm87lwYN05LVMowpd ovirt-engine ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+uzdGAxbkfrtHTfmy/kDFvh/V4Wkx4elb/4qPzhB6gaPwwFAf+EAbwp7KkVERM2EEfPKCkgBEZdHdC9Pe0XpsGNFQVX0o+VGPHTJOu72gR5UbfY6aUkDnhKTAMgvLf5Q9JjPUqXj9JGycCPYK2eiep6BCLc+8/8nnuzRV0ZcO6KIHrmdAu+eS5R0osqhiQm+KDmOAOE4wULv37F1US/AQGclg0N+35d8FLHfBPS/MAU+zr+3RNl64U7tN7DnutvY1VNO0Oxvcq/NrHS4EStYq3d2ZdIdspsx4dA3wm60Advm6+caeFRvqB87ZKuGmNEV9iqI2+VNiRWN3OGn7p5tT terem-engine ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUVWppaSvDjFtfIg5olAQb44H5NCPWMj+DqM/Ov84lVKX8NQJj0itoS15IccGEYpLNMamUvLtHgyNBfaBQfSZVNxY003HK71mbTovJIP2+OFV6s68fNITcFxVHplxD7w/aYKuZT9+WteW+187gG2l+5fmoIzR5NM6HBe9i9z+7sXvIHPa+vP++rNrhAqJoLhpXKt7zxIVdo/gZ+yebz5YB5lULQmSr5+g/qf6defXSGSTvaK87Fd0Nw0WpDzNoNq1W2MQf4GHWHqUa//kK7oUlrtH/7YHftqH6DCQXuIvtdm1AmTUupS3nX1Ppukmg2manZwfDbMdy2+mU43oFs8eH tiger@hort ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDyEd3/00RDq8ER9NoC2q7xqxjTq4dY3g14BUD3NEuMJ8Cx3LmrFGhijAhfkBvZvn/ZnUHxqAsQQRzzyvMXgffWKnZC7p/14o9pMyadLEqptelHt+xloKsmzlQzDOqOtPS3ltmkSKdHrui3o/uLMD6USbDEkm9yTo3UeX4SlYbAB0Qmqgcq+8v2p3FeTfb00JubfPAXXyeQQ3efe0Vsul4JrvTaoSOajWMlvoCKxW+IiD51xIRDOXq+tno+jvRoqvPCKgTnqPjVTtC3ZZRvAaltYuZiEKY3Kju1OZqZtUJdb1IVxTf5KLPBsEKYrwIhzHW+GKISI4Uo7YndeHOyuYkJGr/3dX12/1HDZC75vupn3mcrHuVGsdSJWucjX/bjKhnD95RQzLPKRLjkP0GNPT/CkhQuao14dhvX22vo235dLjs6ZYW7ThrgUf7iukMGpfwKIEYGlSBUYJlveesUBWFIMG0D5Bb/zpQZPe5V4K7UABSYO7VToXSfoJ8apLEaKGzK7+ywHMmN4emlIzzCzlJ130VnYrLaEsbsSuJZpkX+wCqEOBsrorFuKVLC/X694+60b76hv31fH93Okp7TZlIm72z3HQKHnVWk56O57tRizIL/EEKFFtVXaBHCQjQWOhoCHj9RdKcMU/riz89HRUk3YWiF5dwTmMFWkx2dyNkiIQ== ar@cello EOKEYS chmod 0600 /root/.ssh/authorized_keys # NM Connections cat <>/etc/NetworkManager/system-connections/vlan357.nmconnection [connection] id=VLAN 357 uuid=d8d56125-2492-485c-9cb0-aa9839e3061d type=vlan interface-name=enp16s0f0.357 metered=2 permissions= autoconnect=true timestamp=1509229236 [vlan] flags=1 id=357 #parent=30570805-b489-4f90-a317-ea11cbbdcd1f parent=enp16s0f0 [ipv4] method=auto [ipv6] method=auto never-default=true EOConn chmod 0600 /etc/NetworkManager/system-connections/vlan357.nmconnection mkdir -p /etc/systemd/system/serial-getty@ttyS1.service.d cat >/etc/systemd/system/serial-getty@ttyS1.service.d/override.conf <>/etc/sysconfig/network-scripts/ifcfg-enp16s0f1 sed -i /DEFROUTE/s/yes/no/ /etc/sysconfig/network-scripts/ifcfg-enp16s0f1 %end