#platform=x86, AMD64, or Intel EM64T
firewall --disabled
selinux --disabled
# Install OS instead of upgrade
install
reboot
#interactive
#text
firstboot --enable
url --url="http://172.23.102.27/centos75/"
#url --url="http://172.23.102.27/terem-pak-2015/terem/"

# The --nodefroute is applied in %post.
network  --device=enp16s0f1              --bootproto=dhcp --onboot=on #--nodefroute
network  --device=enp16s0f0                               --onboot=off
# No bridges yet in case Terem sets the network up.
network  --device=enp16s0f0.357          --bootproto=dhcp --onboot=on

logging --level=info
repo --name=CentOS     --baseurl="http://172.23.102.27/centos75/"
services --enabled ssh
#services --disabled NetworkManager
#services --disabled NetworkManager-wait-online
skipx
#vnc
# Root password
rootpw  --iscrypted $6$6KN65zy8nBlKkTaY$4CKD.yYtXVxxHP9Ph2ng4TtySbnNB81WjqeIrFyGvrqJM.eTgJFX4icFBrRhJ.zeDa8eBbgwR7lRu2i8ng2UJ0
auth  --useshadow  --passalgo=sha512
# System authorization information
keyboard us
timezone  Europe/Moscow
lang en_US
# System bootloader configuration

#bootloader --location=mbr --driveorder=sdj --append="noapic crashkernel=auto rhgb quiet"
#utopart --type=lvm

%pre
#pre section
#----- partitioning logic below--------------

SCSI_DEVICE=$(ls 2>/dev/null /dev/disk/by-path/*-scsi-* | grep -vi usb | head -1)

ROOTDRIVE=$(readlink -f "$SCSI_DEVICE")
echo "ROOTDRIVE=$ROOTDRIVE"

if [ -d /sys/firmware/efi/ ]; then
	BOOTPARTITION="part /boot/efi --fstype=efi --ondisk=$ROOTDRIVE --size=256"
	BOOTLOADER='bootloader --append="console=tty12"'
else
	BOOTPARTITION="part biosboot --fstype=biosboot --ondisk=$ROOTDRIVE --size=2"
	BOOTLOADER='bootloader --append="console=tty12" --location=mbr'
	BOOTLOADER="$BOOTLOADER --driveorder=$ROOTDRIVE"
fi

cat << EOF > /tmp/partitioning-include
ignoredisk --only-use=$ROOTDRIVE
zerombr
clearpart --all --drives=$ROOTDRIVE --initlabel
$BOOTLOADER
$BOOTPARTITION
part swap --fstype="swap"          --ondisk=$ROOTDRIVE --size=5120
part / --asprimary --fstype="ext4" --ondisk=$ROOTDRIVE --size=40960
part /var --fstype="ext4" --grow   --ondisk=$ROOTDRIVE --size=1
EOF
%end

%include /tmp/partitioning-include
#for test
#clearpart --all --drives=sda --initlabel
#part / --asprimary --fstype="ext4" --ondisk=sda --size=25000
#part /usr --fstype="ext4"          --ondisk=sda --size=25000
#part swap --fstype="swap"          --ondisk=sda --size=5000
#part /home --fstype="ext4" --grow  --ondisk=sda --size=1

#for real machine
# Disk partitioning information (maybe add --onbiosdisk)
#part / --asprimary --fstype="ext4" --size=25000
#part /usr --fstype="ext4"          --size=25000
#part swap --fstype="swap"          --size=5000
#part /home --fstype="ext4" --grow  --size=1

%packages 
@base
@compat-libraries
@console-internet
@hardware-monitoring
@infiniband
@large-systems
@network-file-system-client
@network-tools
@performance
@security-tools
## these 3 do not exist as of CentOS 7.5
#@storage-client-fcoe
#@storage-client-iscsi
#@storage-client-multipath

%end

%post
# SSH Keys
mkdir -m700 -p /root/.ssh
cat <<EOKEYS >/root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVVks3/kuNEa+f0e5duUNlRkzWJC54MBnb2GYij+MI8MVxmYrYl5V+eo62IiNPbRULCOCfL91Vzpn3dHXzXeMdBluQk6jX5WGXKrpfODZwEcrotp9UkMgNXstkqw3XID50hhKYgeQh3p3PY/0LrGFJan9L7FvJ2hGAz/3ugy72/wOP0fyPy501TZZIdzburpeAC6oCddqaVNLN75oEs3A22HVoE5nqKSyDdSEq7d0vY0Ps93csNegFCjKyO+styyFzJvj38R7y6xJk++sMVRL0UKociCVQ5zCU+wFL6pu6B62ofif5sSlLXyJn3c8mFfVw8ufnm87lwYN05LVMowpd ovirt-engine
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+uzdGAxbkfrtHTfmy/kDFvh/V4Wkx4elb/4qPzhB6gaPwwFAf+EAbwp7KkVERM2EEfPKCkgBEZdHdC9Pe0XpsGNFQVX0o+VGPHTJOu72gR5UbfY6aUkDnhKTAMgvLf5Q9JjPUqXj9JGycCPYK2eiep6BCLc+8/8nnuzRV0ZcO6KIHrmdAu+eS5R0osqhiQm+KDmOAOE4wULv37F1US/AQGclg0N+35d8FLHfBPS/MAU+zr+3RNl64U7tN7DnutvY1VNO0Oxvcq/NrHS4EStYq3d2ZdIdspsx4dA3wm60Advm6+caeFRvqB87ZKuGmNEV9iqI2+VNiRWN3OGn7p5tT terem-engine
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUVWppaSvDjFtfIg5olAQb44H5NCPWMj+DqM/Ov84lVKX8NQJj0itoS15IccGEYpLNMamUvLtHgyNBfaBQfSZVNxY003HK71mbTovJIP2+OFV6s68fNITcFxVHplxD7w/aYKuZT9+WteW+187gG2l+5fmoIzR5NM6HBe9i9z+7sXvIHPa+vP++rNrhAqJoLhpXKt7zxIVdo/gZ+yebz5YB5lULQmSr5+g/qf6defXSGSTvaK87Fd0Nw0WpDzNoNq1W2MQf4GHWHqUa//kK7oUlrtH/7YHftqH6DCQXuIvtdm1AmTUupS3nX1Ppukmg2manZwfDbMdy2+mU43oFs8eH tiger@hort
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDyEd3/00RDq8ER9NoC2q7xqxjTq4dY3g14BUD3NEuMJ8Cx3LmrFGhijAhfkBvZvn/ZnUHxqAsQQRzzyvMXgffWKnZC7p/14o9pMyadLEqptelHt+xloKsmzlQzDOqOtPS3ltmkSKdHrui3o/uLMD6USbDEkm9yTo3UeX4SlYbAB0Qmqgcq+8v2p3FeTfb00JubfPAXXyeQQ3efe0Vsul4JrvTaoSOajWMlvoCKxW+IiD51xIRDOXq+tno+jvRoqvPCKgTnqPjVTtC3ZZRvAaltYuZiEKY3Kju1OZqZtUJdb1IVxTf5KLPBsEKYrwIhzHW+GKISI4Uo7YndeHOyuYkJGr/3dX12/1HDZC75vupn3mcrHuVGsdSJWucjX/bjKhnD95RQzLPKRLjkP0GNPT/CkhQuao14dhvX22vo235dLjs6ZYW7ThrgUf7iukMGpfwKIEYGlSBUYJlveesUBWFIMG0D5Bb/zpQZPe5V4K7UABSYO7VToXSfoJ8apLEaKGzK7+ywHMmN4emlIzzCzlJ130VnYrLaEsbsSuJZpkX+wCqEOBsrorFuKVLC/X694+60b76hv31fH93Okp7TZlIm72z3HQKHnVWk56O57tRizIL/EEKFFtVXaBHCQjQWOhoCHj9RdKcMU/riz89HRUk3YWiF5dwTmMFWkx2dyNkiIQ== ar@cello
EOKEYS
chmod 0600 /root/.ssh/authorized_keys

# NM Connections
cat <<EOConn >>/etc/NetworkManager/system-connections/vlan357.nmconnection
[connection]
id=VLAN 357
uuid=d8d56125-2492-485c-9cb0-aa9839e3061d
type=vlan
interface-name=enp16s0f0.357
metered=2
permissions=
autoconnect=true
timestamp=1509229236

[vlan]
flags=1
id=357
#parent=30570805-b489-4f90-a317-ea11cbbdcd1f
parent=enp16s0f0

[ipv4]
method=auto

[ipv6]
method=auto
never-default=true

EOConn
chmod 0600 /etc/NetworkManager/system-connections/vlan357.nmconnection

mkdir -p /etc/systemd/system/serial-getty@ttyS1.service.d
cat >/etc/systemd/system/serial-getty@ttyS1.service.d/override.conf <<EOgty
[Service]
ExecStart=
ExecStart=-/sbin/agetty -h 115200,38400,9600 %I $TERM
EOgty
systemctl enable serial-getty@ttyS1.service

# No default route for enp16s0f1
grep -q '^DEFROUTE' /etc/sysconfig/network-scripts/ifcfg-enp16s0f1 || echo 'DEFROUTE=no' >>/etc/sysconfig/network-scripts/ifcfg-enp16s0f1
sed -i /DEFROUTE/s/yes/no/ /etc/sysconfig/network-scripts/ifcfg-enp16s0f1

%end