# Copyright 2019 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# Perform a fresh install, not an upgrade
install
cdrom

# Perform a text installation
text

# Do not install an X server
skipx

# Configure the locale/keyboard
lang en_US.UTF-8
keyboard us

# Configure networking
network --onboot yes --bootproto dhcp --hostname capv.vm
firewall --disabled
selinux --permissive
timezone UTC

# Don't flip out if unsupported hardware is detected
unsupported_hardware

# Configure the user(s)
auth --enableshadow --passalgo=sha512 --kickstart
user --name=builder --plaintext --password builder --groups=builder,wheel

# Disable general install minutia
firstboot --disabled
eula --agreed

# Create a single partition with no swap space
bootloader --location=mbr
zerombr
clearpart --all --initlabel
part / --grow --asprimary --fstype=ext4 --label=slash

%packages --ignoremissing --excludedocs
openssh-server
sed
sudo

# Remove unnecessary firmware
-*-firmware

# Remove other unnecessary packages
-postfix
%end

# Enable/disable the following services
services --enabled=sshd

# Perform a reboot once the installation has completed
reboot

# The %post section is essentially a shell script
%post --erroronfail

# Update the root certificates
update-ca-trust force-enable

# Ensure that the "builder" user doesn't require a password to use sudo,
# or else Ansible will fail
echo 'builder ALL=(ALL) NOPASSWD: ALL' >/etc/sudoers.d/builder
chmod 440 /etc/sudoers.d/builder

# Install open-vm-tools
yum install -y open-vm-tools

# Remove the package cache
yum -y clean all

# Disable swap
swapoff -a
rm -f /swapfile
sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab

# Ensure on next boot that network devices get assigned unique IDs.
sed -i '/^\(HWADDR\|UUID\)=/d' /etc/sysconfig/network-scripts/ifcfg-*

%end