No OneTemporary
Actions

Authored By

Unknown

Size

3 KB

Referenced Files

None

Subscribers

None

View Options

	diff --git a/deployments/ansible/roles/kvm/templates/almalinux9.ks.j2 b/deployments/ansible/roles/kvm/templates/almalinux9.ks.j2
	index f361273..998e746 100644
	--- a/deployments/ansible/roles/kvm/templates/almalinux9.ks.j2
	+++ b/deployments/ansible/roles/kvm/templates/almalinux9.ks.j2
	@@ -1,110 +1,99 @@
	#auth --enableshadow --passalgo=sha51
	url --url="{{ _install_url }}"
	text
	firstboot --disable
	keyboard --vckeymap=us --xlayouts='us'
	lang en_US.UTF-8
	network --bootproto=dhcp --device=eth0 --ipv6=auto --activate
	network --hostname="{{ _hostname }}"
	selinux --disabled
	rootpw "{{ _vm_root_password }}"
	{% for _ssh_pubkey in root_ssh_pubkeys \| d([]) %}
	sshkey --username=root "{{ _ssh_pubkey }}"
	{% endfor %}
	-{% for _user in _vm_users \| d([]) %}
	-user
	-{{- ' --groups=' + _user['groups'] if _user['groups'] is defined }}
	-{{- ' --name=' + _user['name'] if _user['name'] is defined }}
	-{{- ' --password=' + _user['password'] if _user['password'] is defined }}
	-{{- ' --uid=' + _user['uid'] if _user['uid'] is defined }}
	-{{- ' --gid=' + _user['gid'] if _user['gid'] is defined }}
	-{% for _ssh_pubkey in _user['ssh_pubkeys'] \| d([]) %}
	-sshkey --username={{ _user['name'] }} "{{ _ssh_pubkey }}"
	-{% endfor %}
	-{% endfor %}
	timezone Europe/Paris --utc
	bootloader --location=mbr --append=" net.ifnames=0 biosdevname=0 crashkernel=no"
	# Clear the Master Boot Record
	zerombr
	# Remove partitions
	clearpart --all --initlabel
	# Remove partitions
	clearpart --drives=vda --initlabel
	ignoredisk --only-use=vda
	# Automatically create partitions using LVM
	autopart --type=lvm --nohome
	# Reboot after successful installation
	reboot

	%packages --excludedocs
	sudo
	qemu-guest-agent
	openssh-server
	sysstat
	tcpdump
	bind-utils
	telnet
	curl
	net-tools
	mtr
	vim-enhanced
	bash-completion
	podman
	-kexec-tools
	-dracut-config-rescue
	-plymouth*
	-iwl*firmware
	%end

	%addon com_redhat_kdump --disable
	%end

	%post
	# Update time
	#/usr/sbin/ntpdate -bu 0.fr.pool.ntp.org 1.fr.pool.ntp.org

	#sed -i 's/^.*requiretty/#Defaults requiretty/' /etc/sudoers
	sed -i 's/rhgb //' /etc/default/grub

	# Disable consistent network device naming
	#/usr/bin/ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules

	# Make some default settings available for kolabctl configure
	echo "export PATH=\$PATH:/usr/local/bin" >> /etc/profile.d/sh.local
	echo "export PUBLIC_IP=\$(ip route get 1 \| cut -d' ' -f7)" >> /etc/profile.d/sh.local
	echo "export KOLABBOOTSTRAP=true" >> /etc/profile.d/sh.local

	# sshd PermitRootLogin yes
	sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config

	# We need sudo access to k3s, so we add /usr/local/bin here too
	cat <<EOF >> /etc/sudoers
	Defaults !requiretty
	Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
	root ALL=(ALL) ALL
	kolab ALL=(ALL) NOPASSWD: ALL
	EOF

	cat <<EOF >> /etc/motd
	Welcome to Kolab
	EOF

	/usr/bin/systemctl enable sshd
	/usr/bin/systemctl start sshd

	# Need for host/guest communication
	/usr/bin/systemctl enable qemu-guest-agent
	/usr/bin/systemctl start qemu-guest-agent

	/usr/bin/systemctl enable sysstat
	/usr/bin/systemctl start sysstat

	# Update all packages (we in particular need and up-to-date kernel)
	/usr/bin/dnf -y update
	/usr/bin/dnf clean all

	# Not really needed since the kernel update already did this. Furthermore,
	# running this here reverts the grub menu to the current kernel.
	grub2-mkconfig -o /boot/grub2/grub.cfg
	%end

File Metadata

Mime Type: text/x-diff
Expires: Sat, Apr 4, 8:48 AM (2 w, 5 d ago)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 18823323
Default Alt Text: (3 KB)

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions