#version=9.6

# AlmaLinux 9.6 UEFI
# Kickstart Automation 1.3.2
# Kickstart Configuration #77,073

# Use text install
text

#Reboot after installation
reboot

# Use network installation
#url --url="http://almamirror.phoenixnap.com/alma/9.3/BaseOS/x86_64/os/"
#repo --name="AppStream" --baseurl="http://almamirror.phoenixnap.com/alma/9.3/AppStream/x86_64/os/"

url --url="http://mirrors-phx-1.securedservers.com/alma/alma/9.6/BaseOS/x86_64/os/"
repo --name="AppStream" --baseurl="http://mirrors-phx-1.securedservers.com/alma/alma/9.6/AppStream/x86_64/os/"

firstboot --disable

# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'

# System language
lang en_US.UTF-8

# Network information
# Backend
#network --bootproto=dhcp --device=link --ipv6=auto --activate
network --bootproto=dhcp --device=link --noipv6 --activate

# Root password
rootpw --plaintext FJ85oL0cxVPras
# System services
services --enabled="chronyd"
# System timezone
timezone US/Arizona --utc

# Setup the user here
user --groups= --homedir=/home/pnap22905 --name=pnap22905 --password=kMsONVZBxRmJOy --gecos="pnap22905"




# Custom Layout LVM
zerombr
clearpart     --all --initlabel --drives=sda
bootloader --location=mbr --boot-drive=sda
part pv.20 --fstype="lvmpv" --size=1 --grow --ondisk=sda --asprimary
volgroup sys-6GsR pv.20
logvol / --vgname=sys-6GsR --name=root --size=1 --grow --fstype="ext4"
part /boot --fstype="ext4" --size=1024 --ondisk=sda
logvol /boot/efi --vgname=sys-6GsR --name=bootefi --size=1024 --fstype="ext4"


%packages
@base
@core
@performance
#@php
@remote-system-management
@web-server
chrony
compat*
*compat
perl-CGI
%end

#%post --log=/tmp/post.log
%post

sed -i -r -e 's/^#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config

ETH0=$(ip ntable | grep dev | sort | uniq | sed -e 's/^.*dev //;/^*/d;/^lo/d' | head -n 1 | tail -n 1 | xargs)
ETH1=$(ip ntable | grep dev | sort | uniq | sed -e 's/^.*dev //;/^*/d;/^lo/d' | head -n 2 | tail -n 1 | xargs)

# Configure Backend IP on eth0
#sed -i 's/BOOTPROTO="dhcp"/BOOTPROTO="static"/g' /etc/sysconfig/network-scripts/ifcfg-$ETH0
#sed -i 's/BOOTPROTO=dhcp/BOOTPROTO=static/g' /etc/sysconfig/network-scripts/ifcfg-$ETH0

echo "BOOTPROTO=static" > /etc/sysconfig/network-scripts/ifcfg-$ETH0
echo "DEVICE=\"$ETH0\"" >> /etc/sysconfig/network-scripts/ifcfg-$ETH0
echo "NAME=\"$ETH0\"" >> /etc/sysconfig/network-scripts/ifcfg-$ETH0
echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-$ETH0
echo "IPADDR=\"0.0.0.0\"" >> /etc/sysconfig/network-scripts/ifcfg-$ETH0
echo "NETMASK=\"255.255.255.255\"" >> /etc/sysconfig/network-scripts/ifcfg-$ETH0
echo "USERCTL=yes" >> /etc/sysconfig/network-scripts/ifcfg-$ETH0
echo "TYPE=Ethernet" >> /etc/sysconfig/network-scripts/ifcfg-$ETH0

# Configure Frontend IP on eth1
echo "BOOTPROTO=static" > /etc/sysconfig/network-scripts/ifcfg-$ETH1
echo "DEVICE=\"$ETH1\"" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1
echo "NAME=\"$ETH1\"" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1
echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1
echo "IPADDR=66.85.129.10" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1
echo "NETMASK=255.255.255.248" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1
echo "GATEWAY=66.85.129.9" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1
echo "USERCTL=yes" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1
echo "TYPE=Ethernet" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1
echo "DEFROUTE=yes" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1

#echo "DNS1=8.8.8.8" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1
#echo "DNS2=8.8.4.4" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1


echo DEVICE=\"$ETH1:1\" > /etc/sysconfig/network-scripts/ifcfg-$ETH1:1
echo BOOTPROTO=\"static\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:1
echo IPADDR=\"66.85.129.11\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:1
echo NETMASK=\"255.255.255.248\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:1
echo ONBOOT=\"yes\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:1
echo DEVICE=\"$ETH1:2\" > /etc/sysconfig/network-scripts/ifcfg-$ETH1:2
echo BOOTPROTO=\"static\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:2
echo IPADDR=\"66.85.129.12\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:2
echo NETMASK=\"255.255.255.248\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:2
echo ONBOOT=\"yes\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:2
echo DEVICE=\"$ETH1:3\" > /etc/sysconfig/network-scripts/ifcfg-$ETH1:3
echo BOOTPROTO=\"static\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:3
echo IPADDR=\"66.85.129.13\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:3
echo NETMASK=\"255.255.255.248\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:3
echo ONBOOT=\"yes\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:3
echo DEVICE=\"$ETH1:4\" > /etc/sysconfig/network-scripts/ifcfg-$ETH1:4
echo BOOTPROTO=\"static\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:4
echo IPADDR=\"66.85.129.14\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:4
echo NETMASK=\"255.255.255.248\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:4
echo ONBOOT=\"yes\" >> /etc/sysconfig/network-scripts/ifcfg-$ETH1:4

#Find the user for password expiration
USER=''
USER=pnap22905
# Just one user?

#Set last password change to current day - without this change password is required after 1st boot
CURRENT_DATE=$(date +"%y-%m-%d")
chage --lastday "$CURRENT_DATE" root
chage --lastday "$CURRENT_DATE" "$USER"
#Set password expiration for 2 days
chage -M 2 root
chage -M 2 "$USER"

#Disable root ssh login
sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config


# Hostname
echo "telered.online.securedservers.com" > /etc/hostname

function messenger {
echo \$1 >> /dev/console
wall \$1
echo \$1 >> /home/bootcfg/config.log
}

messenger "**** ENTERING SOFTWARE INSTALLATION PHASE ****"
# Software Installation



dnf -y install wget

#Set network card as 1st boot

#Output of the efibootmgr command
#	BootCurent: 0000
#	Timeout: 1 sec
#	BootOrder: 0000,0008,0004,0005,0006,0007,0003,0002
#	Boot0000* Rocky Linux
#	Boot0002* UEFI: Built-in EFI Shell
#	Boot0003* Hard Drive
#	Boot0004* (B1/D0/F0) UEFI PXE: IPv4 Intel(R) Ethernet Controller X550(MAC:3cecef287064)
#	Boot0005* (B1/D0/F1) UEFI PXE: IPv4 Intel(R) Ethernet Controller X550(MAC:3cecef287065)
#	Boot0006* (B1/D0/F0) UEFI PXE: IPv6 Intel(R) Ethernet Controller X550(MAC:3cecef287064)
#	Boot0007* (B1/D0/F1) UEFI PXE: IPv6 Intel(R) Ethernet Controller X550(MAC:3cecef287065)
#	Boot0008* UEFI OS
#			TEST
#BOOT_ORDER=$(efibootmgr | grep "BootOrder")
#echo "BOOT_ORDER:"
#echo "$BOOT_ORDER"
#IP4=$(efibootmgr | grep "IP4")
#if [ -z "$IP4" ]; then
#NIC0_BOOT_NUMBER=$(efibootmgr | grep "IPv4" | head -n 1 | sed 's/*.*//' | sed 's/Boot//g')
#echo "IPv4"
#else
#echo "IP4"
#NIC0_BOOT_NUMBER=$(efibootmgr | grep "IP4" | head -n 1 | sed 's/*.*//' | sed 's/Boot//g')
#fi
#echo "NIC0_BOOT_NUMBER:"
#echo "$NIC0_BOOT_NUMBER"
##Set boot entry active
##fibootmgr -b $NIC0_BOOT_NUMBER -a
##Remove NIC0 boot number from boot order
#BOOT_ORDER_NO_NIC0=$(efibootmgr | awk '/BootOrder/ { print $2 }' | sed "s/,$NIC0_BOOT_NUMBER//g")
#echo "BOOT_ORDER_NO_NIC0:"
#echo "$BOOT_ORDER_NO_NIC0"
##Set new boot order - NIC0 1st boot
#NEW_BOOT_ORDER="$NIC0_BOOT_NUMBER,$BOOT_ORDER_NO_NIC0"
#echo "NEW_BOOT_ORDER:"
#echo "$NEW_BOOT_ORDER"
#efibootmgr -o $NEW_BOOT_ORDER
#BOOT_ORDER_NEW=$(efibootmgr | grep "BootOrder")
#echo "BOOT_ORDER_NEW:"
#echo "$BOOT_ORDER_NEW"

##################################################################################################################
#			SET NIC0 1ST BOOT DEVICE
##################################################################################################################
BOOT_ORDER=$(efibootmgr | grep "BootOrder")
IP4=$(efibootmgr | grep "IP4")
if [ -z "$IP4" ]; then
NIC0_BOOT_NUMBER=$(efibootmgr | grep "IPv4" | head -n 1 | sed 's/*.*//' | sed 's/Boot//g')
else
NIC0_BOOT_NUMBER=$(efibootmgr | grep "IP4" | head -n 1 | sed 's/*.*//' | sed 's/Boot//g')
fi
BOOT_ORDER_NO_NIC0=$(efibootmgr | awk '/BootOrder/ { print $2 }' | sed "s/,$NIC0_BOOT_NUMBER//g")
#Set new boot order - NIC0 1st boot
NEW_BOOT_ORDER="$NIC0_BOOT_NUMBER,$BOOT_ORDER_NO_NIC0"
efibootmgr -o $NEW_BOOT_ORDER
#################################################################################################################

# Cleanup
wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=79316&securityKey=auglkeubhrzfzcitfsfmlwatengsekto&percentComplete=99&message=Completing%20Installation'

# Complete installation before we remove nameservers
wget --timeout=30 -O /dev/null 'http://192.168.200.2/automation/completeKickstartInstallation.php?kickstartInstallationId=79316&securityKey=auglkeubhrzfzcitfsfmlwatengsekto'

echo "nameserver 8.8.8.8" > /etc/resolv.conf
echo "nameserver 8.8.4.4" >> /etc/resolv.conf


rm -rf /root/*.cfg
rm -rf /var/log/anaconda/

%end