96 lines
2.3 KiB
INI
96 lines
2.3 KiB
INI
# Copyright 2019 The Kubernetes Authors.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# Perform a fresh install, not an upgrade
|
|
install
|
|
cdrom
|
|
|
|
# Perform a text installation
|
|
text
|
|
|
|
# Do not install an X server
|
|
skipx
|
|
|
|
# Configure the locale/keyboard
|
|
lang en_US.UTF-8
|
|
keyboard us
|
|
|
|
# Configure networking
|
|
network --onboot yes --bootproto dhcp --hostname capv.vm
|
|
firewall --disabled
|
|
selinux --permissive
|
|
timezone UTC
|
|
|
|
# Don't flip out if unsupported hardware is detected
|
|
unsupported_hardware
|
|
|
|
# Configure the user(s)
|
|
auth --enableshadow --passalgo=sha512 --kickstart
|
|
user --name=builder --plaintext --password builder --groups=builder,wheel
|
|
|
|
# Disable general install minutia
|
|
firstboot --disabled
|
|
eula --agreed
|
|
|
|
# Create a single partition with no swap space
|
|
bootloader --location=mbr
|
|
zerombr
|
|
clearpart --all --initlabel
|
|
part / --grow --asprimary --fstype=ext4 --label=slash
|
|
|
|
%packages --ignoremissing --excludedocs
|
|
openssh-server
|
|
sed
|
|
sudo
|
|
|
|
# Remove unnecessary firmware
|
|
-*-firmware
|
|
|
|
# Remove other unnecessary packages
|
|
-postfix
|
|
%end
|
|
|
|
# Enable/disable the following services
|
|
services --enabled=sshd
|
|
|
|
# Perform a reboot once the installation has completed
|
|
reboot
|
|
|
|
# The %post section is essentially a shell script
|
|
%post --erroronfail
|
|
|
|
# Update the root certificates
|
|
update-ca-trust force-enable
|
|
|
|
# Ensure that the "builder" user doesn't require a password to use sudo,
|
|
# or else Ansible will fail
|
|
echo 'builder ALL=(ALL) NOPASSWD: ALL' >/etc/sudoers.d/builder
|
|
chmod 440 /etc/sudoers.d/builder
|
|
|
|
# Install open-vm-tools
|
|
yum install -y open-vm-tools
|
|
|
|
# Remove the package cache
|
|
yum -y clean all
|
|
|
|
# Disable swap
|
|
swapoff -a
|
|
rm -f /swapfile
|
|
sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab
|
|
|
|
# Ensure on next boot that network devices get assigned unique IDs.
|
|
sed -i '/^\(HWADDR\|UUID\)=/d' /etc/sysconfig/network-scripts/ifcfg-*
|
|
|
|
%end
|