#version=DEVEL # System authorization information auth --enableshadow --passalgo=sha512 # Use CDROM installation media #cdrom # Use URL as install media url --url=http://INSTALLSERVER/install/centos/7/os/x86_64/ #url --url=http://mirror.centos.org/centos/7/os/x86_64/ # Use text mode install text # Run the Setup Agent on first boot firstboot --enable ignoredisk --only-use=USEDISK # Keyboard layouts keyboard --vckeymap=us --xlayouts='' # System language lang en_US.UTF-8 # Network information network --bootproto=static --device=eno1 --gateway=PRIGATEWAY --ip=PRIIP --netmask=PRINETMASK --nameserver=PRINAMESERVERS --ipv6=auto network --bootproto=static --device=eno2 --onboot=off --ipv6=auto network --bootproto=static --device=eno3 --onboot=off --ipv6=auto network --bootproto=static --device=eno4 --onboot=off --ipv6=auto network --bootproto=static --device=eno5 --onboot=off --ipv6=auto network --bootproto=static --device=eno6 --onboot=off --ipv6=auto network --bootproto=static --device=eno7 --onboot=off --ipv6=auto network --bootproto=static --device=eno8 --ip=SECIP --netmask=SECNETMASK --nodefroute --onboot=on --ipv6=auto network --hostname=HOSTNAME.DOMAIN # Root password rootpw --iscrypted $6$BDD,Ee9.cqMe3zgI$yWLZMb5cORNSJyD0oJcLWVKX.p876wjDp2hrbPH0jqK/LmZgzQ9cP5qiEGHzqGMGNSwk/HGJXPxDbTwqNbuIw1 # System services services --enabled="chronyd" # Do not configure the X Window System skipx # System timezone timezone Europe/Copenhagen --isUtc user --name=nunoc --password=$6$U1pwST6dm0K1GQgD$TgYGXKLhjU5FTSNRy7u6TkuEoee4GhlbqPnWQOnJapnNkjGgULRBYhOd041yI7O7lmoLtf905U1XsPwVClAr4/ --iscrypted --gecos="NUNOC" --groups=wheel user --name=jac --password=$6$t3nu7Hd9pAQCpy7J$uRbZOadIBN7AeRdQwG67ac4OD5nDCK9vb2wWlR1PWwovE7ssu/MngMsViP71ITVuij84.aF6a2c5IhTcYZv.0. --iscrypted --gecos="Jon Clausen" --groups=wheel # System bootloader configuration bootloader --append=" crashkernel=auto elevator=deadline KRNLCMDLINE" --location=mbr --boot-drive=BOOTDEV autopart --type=lvm # Partition clearing information clearpart --all --initlabel --drives=CLEARPART # Boot the installed system automatically once the install finishes; reboot %packages @core chrony kexec-tools %end %pre # %pre %end %post # %post # disallow root login via ssh: /bin/sed -i '' -e 's/#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config /bin/sed -i '' -e 's/#ListenAddress 0.0.0.0/ListenAddress PRIIP/' /etc/ssh/sshd_config /bin/sed -i '' -e 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config # Install and enable rngd, to take advantage of HWRNG yum install -y rngd systemctl enable rngd systemctl start rngd # Set up secondary interface routing: #SIR#echo -e "1024\tmi-01" >>/etc/iproute2/rt_tables #SIR#echo "default table mi-01 via SECGATEWAY" \ #SIR# >/etc/sysconfig/network-scripts/route-eno8 #SIR#echo "from SECGATEWAY table mi-01" >/etc/sysconfig/network-scripts/rule-eno8 # try to get access to the screen: #exec < /dev/tty6 > /dev/tty6 #chvt 6 # backticks don't work, but $() does CosmosHash=$(cat /proc/cmdline | sed -e 's/.*cosmoshash=//') if [ -z ${CosmosHash} ] then echo "cannot get cosmos hash from cmdline, not running cosmos-bootstrap" elif [ "${CosmosHash}" = "disabled" ] then echo "cosmos bootstrap disabled on kernel cmdline" else curl -o /tmp/cosmos-bootstrap "https://git.nordu.net/?p=ndn-iaas.git;a=blob_plain;f=bootstrap/cosmos-bootstrap;hb=HEAD" chmod +x /tmp/cosmos-bootstrap /tmp/cosmos-bootstrap "http://gitproxy.nordu.net/ndn-sysconf.git" ${CosmosHash} COSMOSTAG fi # return to the first vt #chvt 1 %end %addon com_redhat_kdump --enable --reserve-mb='auto' %end %anaconda pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty %end