

# This kickstart file was rendered from the Foreman provisioning template "Kickstart default".


install

url --url http://mirror.centos.org/centos/7/os/x86_64


lang en_US.UTF-8
selinux --enforcing
keyboard us
skipx

network --device=00-f0-54-1a-7e-e0 --hostname snapshot-ipv6-dhcp-el7 --noipv6 --bootproto dhcp --mtu=1342 --nameserver=2001:db8:42::8,2001:db8:42::4

rootpw --iscrypted $1$rtd8Ub7R$5Ohzuy8WXlkaK9cA2T1wb0
firewall --service=ssh
authconfig --useshadow --passalgo=sha256 --kickstart
timezone --utc UTC 

services --disabled gpm,sendmail,cups,pcmcia,isdn,rawdevices,hpoj,bluetooth,openibd,avahi-daemon,avahi-dnsconfd,hidd,hplip,pcscd



bootloader --location=mbr --append="nofb quiet splash=quiet" 

zerombr\nclearpart --all    --initlabel\npart /boot --fstype ext3 --size=100 --asprimary\npart /     --f   stype ext3 --size=1024 --grow\npart swap  --recommended

text
reboot

%packages

yum
dhclient
ntp
-chrony
wget
@Core

dracut-fips
-prelink

%end


%post --nochroot
exec < /dev/tty3 > /dev/tty3
chvt 3
(



chvt 1
) 2>&1 | tee /mnt/sysimage/root/install.postnochroot.log
%end


%post
exec < /dev/tty3 > /dev/tty3
chvt 3
(
logger "Starting anaconda snapshot-ipv6-dhcp-el7 postinstall"








echo "Updating system time"
yum -y install ntpdate
  systemctl enable --now ntpd
/usr/sbin/hwclock --systohc






rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm











# update all the base packages from the updates repository
if [ -f /usr/bin/dnf ]; then
  dnf -y update
else
  yum -t -y update
fi


# SSH keys setup snippet for Remote Execution plugin
#
# Parameters:
#
# remote_execution_ssh_keys: public keys to be put in ~/.ssh/authorized_keys
#
# remote_execution_ssh_user: user for which remote_execution_ssh_keys will be
#                            authorized
#
# remote_execution_create_user: create user if it not already existing
#
# remote_execution_effective_user_method: method to switch from ssh user to
#                                         effective user
#
# This template sets up SSH keys in any host so that as long as your public
# SSH key is in remote_execution_ssh_keys, you can SSH into a host. This
# works in combination with Remote Execution plugin by querying smart proxies
# to build an array.
#
# To use this snippet without the plugin provide the SSH keys as host parameter
# remote_execution_ssh_keys. It expects the same format like the authorized_keys
# file.




echo "blacklist amodule" >> /etc/modprobe.d/blacklist.conf




if [ -f /usr/bin/dnf ]; then
  dnf -y install puppet
else
  yum -t -y install puppet
fi

cat > /etc/puppet/puppet.conf << EOF
[main]
vardir = /var/lib/puppet
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = \$vardir/ssl

[agent]
pluginsync      = true
report          = true
certname        = snapshot-ipv6-dhcp-el7

EOF


puppet_unit=puppet
/usr/bin/systemctl list-unit-files | grep -q puppetagent && puppet_unit=puppetagent
/usr/bin/systemctl enable ${puppet_unit}

# export a custom fact called 'is_installer' to allow detection of the installer environment in Puppet modules
export FACTER_is_installer=true
# passing a non-existent tag like "no_such_tag" to the puppet agent only initializes the node
/usr/bin/puppet agent --config /etc/puppet/puppet.conf --onetime --tags no_such_tag  --no-daemonize




cat << EOF > /etc/systemd/system/ansible-callback.service
[Unit]
Description=Provisioning callback to Ansible Tower
Wants=network-online.target
After=network-online.target

[Service]
Type=oneshot
ExecStart=/usr/bin/curl -k -s --data "host_config_key=" https:///api/v2/job_templates//callback/
ExecStartPost=/usr/bin/systemctl disable ansible-callback

[Install]
WantedBy=multi-user.target
EOF
# Runs during first boot, removes itself
systemctl enable ansible-callback








touch /tmp/foreman_built

chvt 1
) 2>&1 | tee /root/install.post.log
%end

# copy %pre log files into chroot
%post --nochroot
cp -vf /tmp/*.pre.*.log /mnt/sysimage/root/
%end


%post --erroronfail --log=/root/install-callhome.post.log


if test -f /tmp/foreman_built; then
  echo "calling home: build is done!"
  if [ -x /usr/bin/curl ]; then
    /usr/bin/curl -o /dev/null --noproxy \* -H 'Content-Type: text/plain' --data @/root/install.post.log --silent 'http://foreman.some.host.fqdn/unattended/built'
  elif [ -x /usr/bin/wget ]; then
    /usr/bin/wget -q -O /dev/null --no-proxy --method POST --header 'Content-Type: text/plain' --body-file=/root/install.post.log 'http://foreman.some.host.fqdn/unattended/built'
  else
    wget -q -O /dev/null --header 'Content-Type: text/plain' 'http://foreman.some.host.fqdn/unattended/built'
  fi
else
  echo "calling home: build failed!"
  if [ -x /usr/bin/curl ]; then
    /usr/bin/curl -o /dev/null --noproxy \* -H 'Content-Type: text/plain' --data @/root/install.post.log --silent 'http://foreman.some.host.fqdn/unattended/failed'
  elif [ -x /usr/bin/wget ]; then
    /usr/bin/wget -q -O /dev/null --no-proxy --method POST --header 'Content-Type: text/plain' --body-file=/root/install.post.log 'http://foreman.some.host.fqdn/unattended/failed'
  else
    wget -q -O /dev/null --header 'Content-Type: text/plain' 'http://foreman.some.host.fqdn/unattended/failed'
  fi
fi

sync
%end
