This repository has been archived by the owner on Jan 31, 2021. It is now read-only.
forked from minishift/minishift-fedora-iso
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathfedora.template
204 lines (175 loc) · 5.02 KB
/
fedora.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
sshpw --username=root --plaintext fedora
# Firewall configuration
firewall --disabled
selinux --enforcing
# Use network installation
url --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
network --bootproto=dhcp --device=eth0 --activate --onboot=on
network --bootproto=dhcp --device=eth1 --activate --onboot=on
skipx
rootpw --plaintext fedora
auth --useshadow --passalgo=sha512
timezone --utc America/New_York
bootloader --timeout=1 --location=mbr --append="no_timer_check console=ttyS0 console=tty0 net.ifnames=0 biosdevname=0"
clearpart --all
part / --size 10240 --fstype ext4
#Repos
repo --name=fedora --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
repo --name=updates --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
repo --name=hvkvp --baseurl=https://copr-be.cloud.fedoraproject.org/results/gbraad/go-hvkvp/epel-7-x86_64/
repo --name=varlink --baseurl=https://copr-be.cloud.fedoraproject.org/results/@varlink/varlink/fedora-29-x86_64/
shutdown
%packages --excludedocs --instLangs=en
@core
dracut-live
openssl
bash
fedora-logos
podman
buildah
dracut
e2fsprogs
xfsprogs
efibootmgr
grub2
grub2-efi
kernel
net-tools
parted
shadow-utils
shim
syslinux
hyperv-daemons
cifs-utils
fuse-sshfs
nfs-utils
go-hvkvp
python-setuptools
dnsmasq
com.redhat.resolver
fedora-varlink
patch
psmisc
#Packages to be removed
-aic94xx-firmware
-alsa-firmware
-iprutils
-ivtv-firmware
-iwl100-firmware
-iwl1000-firmware
-iwl105-firmware
-iwl135-firmware
-iwl2000-firmware
-iwl2030-firmware
-iwl3160-firmware
-iwl3945-firmware
-iwl4965-firmware
-iwl5000-firmware
-iwl5150-firmware
-iwl6000-firmware
-iwl6000g2a-firmware
-iwl6000g2b-firmware
-iwl6050-firmware
-iwl7260-firmware
-iwl7265-firmware
-postfix
-rsyslog
%end
%post
# Disable floppy driver to load
echo "omit_drivers+=\"floppy\"" > /etc/dracut.conf.d/nofloppy.conf
echo "blacklist floppy" > /etc/modprobe.d/nofloppy.conf
# Setting a global Locale for the server
echo "LANG=\"C\"" > /etc/locale.conf
# Add tc user with 'tcuser' password
/usr/sbin/useradd -p 'wtd3OP71kP1NQ' tc
/usr/sbin/groupadd staff
/usr/sbin/usermod -a -G staff tc
# sudo permission for tc user
echo "%tc ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/tc
sed -i "s/^.*requiretty/#Defaults requiretty/" /etc/sudoers
# Place holder for base64 encode handle-user-data script
cat > handle-user-data.base64 << EOF
${handle_user_data}
EOF
# Remove redhat-logo and firmware package to help with reduce box size
yum remove -y fedora-logos linux-firmware
# Clear yum package and metadata cache
yum clean all
# Show a warning banner when using yum to install software
mv /usr/bin/yum /usr/bin/yum-unsupported
# Place holder for base64 encode yum-wrapper script
cat > yum-wrapper.base64 << EOF
${yum_wrapper}
EOF
base64 -d < yum-wrapper.base64 > yum-wrapper
rm -f yum-wrapper.base64
chmod +x yum-wrapper
mv yum-wrapper /usr/bin/yum
# Place holder for base64 encode handle-user-data script
cat > handle-user-data.base64 << EOF
${handle_user_data}
EOF
base64 -d < handle-user-data.base64 > handle-user-data
rm -f handle-user-data.base64
chmod +x handle-user-data
mv handle-user-data /usr/local/bin/minishift-handle-user-data
# Handle user data (systemd service)
cat > handle-user-data-service.base64 << EOF
${handle_user_data_service}
EOF
base64 -d < handle-user-data-service.base64 > handle-user-data.service
rm handle-user-data-service.base64
mv handle-user-data.service /usr/lib/systemd/system/minishift-handle-user-data.service
# Set IP address based on settings or hvkvp (Hyper-V)
cat > set-ipaddress.base64 << EOF
${set_ipaddress}
EOF
base64 -d < set-ipaddress.base64 > set-ipaddress
rm set-ipaddress.base64
chmod +x set-ipaddress
mv set-ipaddress /usr/local/bin/minishift-set-ipaddress
# Set IP address (systemd service)
cat > set-ipaddress-service.base64 << EOF
${set_ipaddress_service}
EOF
base64 -d < set-ipaddress-service.base64 > set-ipaddress.service
rm set-ipaddress-service.base64
mv set-ipaddress.service /usr/lib/systemd/system/minishift-set-ipaddress.service
# Systemd configuration
systemctl disable kdump
systemctl disable rc-local
systemctl disable network
systemctl disable NetworkManager
systemctl disable NetworkManager-dispatcher
systemctl disable NetworkManager-wait-online
systemctl disable dnsmasq
systemctl enable minishift-handle-user-data
systemctl enable minishift-set-ipaddress
systemctl enable io.podman
systemctl enable com.redhat.resolver
# Enable podman in resolver
patch /usr/lib/fedora.json << EOF
--- fedora.json.orig 2018-11-11 14:24:43.022068639 +0100
+++ fedora.json 2018-12-07 22:34:24.658048674 +0100
@@ -50,6 +50,12 @@
}
},
{
+ "address": "unix:/run/podman/io.podman;mode=0600",
+ "interfaces": [
+ "io.podman"
+ ]
+ },
+ {
"address": "unix:/run/org.varlink.resolver;mode=0666",
"interfaces": [
"com.redhat.resolver",
EOF
# SELinux
/sbin/restorecon -R -v /
# Clean
rm -rf /usr/lib/locale/locale-archive
rm -rf /var/cache/yum/*
rm -rf /var/cache/dnf/*
%end