added some initial files/placeholders

4 files changed, 333 insertions, 0 deletions

diff --git a/adapt-ks-template b/adapt-ks-template
new file mode 100755
index 0000000..db8ce3a
--- /dev/null
+++ b/adapt-ks-template
@@ -0,0 +1,7 @@
+#!/bin/bash
+#
+# This is just a placeholder for a script which will be called with some 
+# options, and create a kickstart config froma template using those options.
+#
+# The kickstart config will then be placed somewhere, where it can be pulled
+# by the installer
diff --git a/create-boot-floppy b/create-boot-floppy
new file mode 100755
index 0000000..7494043
--- /dev/null
+++ b/create-boot-floppy
@@ -0,0 +1,223 @@
+#!/bin/sh
+#
+# proof of concept script to create a bootable 'deployment' floppy
+#
+# This one can run on a centos7, to generate a boot floppy for a centos7.
+# 
+
+Self=$(basename $0)
+
+function print_usage {
+  echo "usage: $Self <options>"
+}
+
+function print_help {
+cat <<EOF
+$Self <options>
+
+Script to create a bootable 'install' floppy image.
+
+The image uses ipxe to retrieve a kernel to boot, and sets URLs for the
+'install' initrd and kickstart config the kernel should use.
+
+The whole thing is pretty CentOS 7 -centric at this point.
+
+Options given to this script will set values for the bootstrapping of the 
+*install* stage only. All values may subsequently be overridden from the 
+kickstart stage, once that is retrieved and control is handed over to it.
+
+Options:
+  -D, --domain		domain, to complete FQDN
+  -G, --gateway 	Gateway of target system
+  -H, --host		hostname of the target system
+  -I, --ip		IP address of target system
+  -K, --kserver		Kickstart server
+  -M, --netmask		Netmask of target system
+  -N, --nameserver	Nameserver of target system
+  -S, --cosmos-hash	Hash used by cosmos to verify stuff
+  -h, --help		this
+
+If --cosmos-hash is set to 'disabled', the kickstart stage should skip cosmos
+bootstrapping, and leave the system unmanaged.
+
+If -N, -K, -S options are not given, default values are provided.
+
+EOF
+}
+
+function parse_commadline {
+  while [ "$#" -gt 0 ] ; do
+    case "$1" in
+    -h|--help)
+      print_help
+      exit 0
+      ;;
+    -H|--host)
+      Host="$2"
+      shift
+      ;;
+    -D|--domain)
+      Domain="$2"
+      shift
+      ;;
+    -I|--ip)
+      IP="$2"
+      shift
+      ;;
+    -M|--netmask)
+      NM="$2"
+      shift
+      ;;
+    -G|--gateway)
+      GW="$2"
+      shift
+      ;;
+    -N|--nameserver)
+      NS="$2"
+      shift
+      ;;
+    -K|--kserver)
+      Kserver="$2"
+      shift
+      ;;
+    -S|--cosmos-hash)
+      CosmosHash="$2"
+      shift
+      ;;
+    *)
+      echo "what do you mean \"$1\"?"
+      exit 1
+      ;;
+    esac
+    shift
+  done
+  if [ "x${Host}" = "x" ]
+  then
+    echo "${Self}: --host is mandatory"
+    print_usage
+    exit 1
+  elif [ "x${Domain}" = "x" ]
+  then
+    echo "${Self}: --domain is mandatory"
+    print_usage
+    exit 1
+  elif [ "x${IP}" = "x" ]
+  then
+    echo "${Self}: --ip is mandatory"
+    print_usage
+    exit 1
+  elif [ "x${NM}" = "x" ]
+  then
+    echo "${Self}: --netmask is mandatory"
+    print_usage
+    exit 1
+  elif [ "x${GW}" = "x" ]
+  then
+    echo "${Self}: --gateway is mandatory"
+    print_usage
+    exit 1
+  elif [ "x${NS}" = "x" ]
+  then
+    NS="109.105.96.141"
+  elif [ "x${Kserver}" = "x" ]
+  then
+    Kserver="109.105.122.84"
+  elif [ "x${CosmosHash}" = "x" ]
+  then
+    CosmosHash="2f15e1edb02f14607084f167929bc145ed47954d"
+  fi
+}
+
+# Host="kas-fiona-10-02"
+# Domain="nordu.net"
+# IP="109.105.122.135"
+# NM="255.255.255.192"
+# GW="109.105.122.129"
+# NS="109.105.96.141"
+# Kserver="109.105.122.84"
+# CosmosHash="2f15e1edb02f14607084f167929bc145ed47954d"
+
+parse_commadline $@
+
+####
+# In a bid to be clever, we're adding the 'cosmos hash' to the install
+# kernel cmdline. This is the one place that cannot be forged, changed, get
+# lost or 'go missing' from the initial invocation here, until the
+# anaconda/kickstart process takes over...
+
+WorkDir="$HOME/tmp/${Host}.d"
+mkdir -p ${WorkDir}/mnt
+
+dd if=/dev/zero of=${WorkDir}/${Host}.img bs=2x80x18b count=1
+mkfs.ext2 -F "${WorkDir}/${Host}.img"
+sudo mount -o loop ${WorkDir}/${Host}.img ${WorkDir}/mnt
+
+sudo sh -c "cat >${WorkDir}/mnt/extlinux.conf <<EOF
+default ipxelabel
+label ipxelabel
+kernel /ipxe.lkrn
+append initrd=/${Host}.ipxe
+EOF"
+
+# We want to use variables in the rendered *.ipxe
+# We want to populate the variables in the *.ipxe with variables from this
+# script.
+# Redirection of output from the here-doc into a file needs root privs, because
+# there's no real directory structure in the floppy filesystem, and mounting
+# as a user is... also complicated.
+# This all leads to the 'sudo sh -c "cat ..."' construct, which works well
+# ...except:
+# Quoting and escapes get complicated as a consequence. The upshot is that
+# you *can* use your variables, and keep them too, but it has a price.
+
+sudo sh -c "cat >${WorkDir}/mnt/${Host}.ipxe <<EOF
+#!ipxe
+echo ${Host}
+ifopen net0
+###
+# Set some variables:
+set ip ${IP}
+set nm ${NM}
+set gw ${GW}
+set ns ${NS}
+set hn ${Host}
+set dn ${Domain}
+
+###
+# Set up network:
+set net0/ip \\$"{"ip"}"
+set net0/netmask \\$"{"nm"}"
+set net0/gateway \\$"{"gw"}"
+set dns \\$"{"ns"}"
+set hostname \\$"{"hn"}"
+set domain \\$"{"dn"}"
+###
+# Print some things on screen
+echo \"Configured IP Details:\"
+show net0/ip
+show net0/netmask
+show net0/gateway
+show dns
+show hostname
+show domain
+route
+###
+# Set install parameters:
+set base http://109.105.122.84/install/centos/7/os/x86_64
+kernel \\$"{"base"}"/images/pxeboot/vmlinuz text console=tty1 console=ttyS1,115200n8 ip=\\$"{"ip"}" netmask=\\$"{"nm"}" gateway=\\$"{"gw"}" repo=\\$"{"base"}" ks=http://\\$"{"Kserver"}"/install/ks/kas-fiona-10-02.cfg cosmoshash=${CosmosHash}
+initrd \\$"{"base"}"/images/pxeboot/initrd.img
+###
+# Boot into install
+boot
+####
+# We really never should be here, but if we are, start a shell
+echo \"why are we here?\"
+shell
+EOF
+"
+
+#read
+
+sudo cp -a /usr/share/ipxe/ipxe.lkrn ${WorkDir}/mnt/
+sudo extlinux --install ${WorkDir}/mnt/
+sudo umount ${WorkDir}/mnt/
diff --git a/ks-template/hw/supermicro/SYS-5018D-FN8T/dtn-10g.ks b/ks-template/hw/supermicro/SYS-5018D-FN8T/dtn-10g.ks
new file mode 100644
index 0000000..9aaa5e3
--- /dev/null
+++ b/ks-template/hw/supermicro/SYS-5018D-FN8T/dtn-10g.ks
@@ -0,0 +1,92 @@
+#version=DEVEL
+# System authorization information
+auth --enableshadow --passalgo=sha512
+# Use CDROM installation media
+#cdrom
+# Use URL as install media
+url --url=http://KSERVER/install/centos/7/os/x86_64/
+#url --url=http://mirror.centos.org/centos/7/os/x86_64/
+# Use text mode install
+text
+# Run the Setup Agent on first boot
+firstboot --enable
+ignoredisk --only-use=sda
+# Keyboard layouts
+keyboard --vckeymap=us --xlayouts=''
+# System language
+lang en_US.UTF-8
+
+# Network information
+network  --bootproto=static --device=eno1 --gateway=ENO1GATEWAY --ip=ENO1IP --netmask=ENO1NETMASK --nameserver=ENO1NAMESERVERS --ipv6=auto
+network  --bootproto=static --device=eno2 --onboot=off --ipv6=auto
+network  --bootproto=static --device=eno3 --onboot=off --ipv6=auto
+network  --bootproto=static --device=eno4 --onboot=off --ipv6=auto
+network  --bootproto=static --device=eno5 --onboot=off --ipv6=auto
+network  --bootproto=static --device=eno6 --onboot=off --ipv6=auto
+network  --bootproto=static --device=eno7 --onboot=off --ipv6=auto
+network  --bootproto=static --device=eno8 --ip=ENO8IP --netmask=ENO8NETMASK --nodefroute --onboot=off --ipv6=auto
+network  --hostname=HOSTNAME
+
+# Root password
+rootpw --iscrypted $6$OZ1kzVgDD3xDqL65$0q/XDwu7oSGkI8FJ/ykOIi7Pm0m0kNHC5kw7FLWsmOw3KLHCgoNHAzcJJM0nJdaJ7oqYJbxf86LgQK2zqTGX/.
+# System services
+services --enabled="chronyd"
+# Do not configure the X Window System
+skipx
+# System timezone
+timezone Europe/Copenhagen --isUtc
+user --name=jac --password=$6$t3nu7Hd9pAQCpy7J$uRbZOadIBN7AeRdQwG67ac4OD5nDCK9vb2wWlR1PWwovE7ssu/MngMsViP71ITVuij84.aF6a2c5IhTcYZv.0. --iscrypted --gecos="Jon Clausen" --groups=wheel
+# System bootloader configuration
+bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda elevator=deadline console=tty1 console=ttyS1,115200n8
+autopart --type=lvm
+# Partition clearing information
+clearpart --all --initlabel --drives=sda
+
+# Boot the installed system automatically once the install finishes;
+#reboot
+
+%packages
+@core
+chrony
+kexec-tools
+
+%end
+
+%pre
+# %pre
+%end
+
+%post
+# %post
+# disallow root login via ssh:
+/bin/sed -i '' -e 's/#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config
+# try to get access to the screen:
+exec < /dev/tty6 > /dev/tty6
+chvt 6
+# backticks don't work, but $() does
+CosmosHash=$(cat /proc/cmdline | sed -e 's/.*hash=//')
+
+if [ "x${CosmosHash}" = "x" ]
+then
+  echo "cannot get cosmos hash from cmdline, not running cosmos-bootstrap"
+elif [ "${CosmosHash}" = "disabled" ]
+then
+  echo "cosmos bootstrap disabled on kernel cmdline"
+else
+  curl -o /bin/cosmos-boostrap "https://git.nordu.net/?p=ndn-iaas.git;a=blob_plain;f=bootstrap/cosmos-bootstrap;hb=HEAD"
+  chmod +x /bin/cosmos-boostrap
+  /bin/cosmos-boostrap "http://gitproxy.nordu.net/ndn-sysconf.git" ${CosmosHash} HOSTNAME.DOMAIN
+fi
+# return to the first vt
+chvt 1
+%end
+
+%addon com_redhat_kdump --enable --reserve-mb='auto'
+
+%end
+
+%anaconda
+pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
+pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
+pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
+%end
diff --git a/prep-boot-floppy-and-ks-config b/prep-boot-floppy-and-ks-config
new file mode 100755
index 0000000..5e3f8cf
--- /dev/null
+++ b/prep-boot-floppy-and-ks-config
@@ -0,0 +1,11 @@
+#!/bin/bash
+#
+# This is a (placeholder for a) wrapper script
+#
+# The script expects a number of options, and with them it will first call
+# 'create-boot-floppy' and next 'adapt-ks-template'
+#
+# The results of both scripts will be made available for download, and will be
+# able to bootstrap a (CentOS 7) instance up to, and possibly including, 
+# cosmos+puppet bootstrap
+