# CentOS 6.9 # Kickstart Automation 1.3.1 # Kickstart Configuration #33,399 install url --url http://mirrors-phx-1.securedservers.com/centos/6.9/os/x86_64 #url --url http://centos-distro.cavecreek.net/centos/6.9/os/x86_64 #url --url http://vault.centos.org/6.9/os/x86_64 lang en_US.UTF-8 keyboard us skipx text network --device eth0 --bootproto dhcp rootpw LLZs6tbCuvVWFo firewall --disabled selinux --disabled authconfig --enableshadow --enablemd5 timezone --utc America/Phoenix bootloader --location=mbr --append="pcie_aspm=off" firstboot --disable reboot services --disabled=cpuspeed,gpm,iptables,ip6tables,kudzu,mdmonitor,nfslock,portmap,rpcidmapd,rpcsvcgssd,xinetd,smartd,rpcgssd,xfs,pcscd # Write Partitioning # Custom Layout EXT4 and RAID-1 zerombr yes clearpart --all --initlabel --drives=sda,sdb part raid.00 --fstype ext4 --size=1 --grow --ondisk=sda --asprimary part raid.01 --fstype ext4 --size=1 --grow --ondisk=sdb --asprimary raid / --level=1 --device=md1 raid.00 raid.01 part raid.10 --fstype ext4 --size=256 --ondisk=sda --asprimary part raid.11 --fstype ext4 --size=256 --ondisk=sdb --asprimary raid /boot --level=1 --device=md2 raid.10 raid.11 part raid.20 --size=32768 --ondisk=sda part raid.21 --size=32768 --ondisk=sdb raid swap --level=1 --device=md3 raid.20 raid.21 %packages # installs base packages plus some extras bind-utils curl elinks grub iptraf kernel lftp ltrace lynx mc mutt nano nc nfs-utils nmap ntp openssh openssh-clients openssh-server screen sudo sysstat tcpdump telnet-server vim-enhanced yum yum-fastestmirror net-snmp # Development packages autoconf automake automake14 automake15 automake16 cpp dialog expat-devel flex gcc gcc-c++ gdbm gdbm-devel libcurl-devel libpng libstdc++-devel libxml2-devel ncurses-devel openssl-devel perl-DBI pkgconfig rpm-build # some handy network services httpd httpd-devel httpd-manual mod_ssl mysql mysql-devel mysql-server php php-cli php-common php-devel php-gd php-imap php-mysql # crap to ignore -bluez-utils -libnotify -redhat-lsb -cups -cairo -pango -paps -gtk2 -ORBit2 -libwnck -pinfo -htmlview -redhat-menus -NetworkManager -dhcdbd -dhcpv6_client -eject -startup-notification -libXft -mesa-libGL -libX11 -libXi -libXrandr -libXres -libXinerama -libXxf86vm -libXext -libXrender -libXfixes -libXcursor -libXt -libXau -libXdmcp -logwatch -mailx -rdate -system-config-network-tui -firstboot-tui -rhpl -coolkey -wireless-tools -xorg-x11-filesystem -setuptool %pre wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=34774&securityKey=kexjspfdwfqxbwlmeaoxcrommafiatoo&percentComplete=10&message=Installing%20Operating%20System' %post # Output what's happening to another terminal for debugging purposes exec < /dev/tty6 > /dev/tty6 echo "Beginning Post Script" wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=34774&securityKey=kexjspfdwfqxbwlmeaoxcrommafiatoo&percentComplete=20&message=Adding%20Configuration%Scripts' #changing MOTD mv /etc/motd /etc/motd.orig cat <> /etc/motd Ths kickstart installation is now in phase two. Please be patient and do not reboot the server. If you see this message and you are a client, please contact support immediately. To monitor the installation process please run: tail -f /home/bootcfg/config.log EOM ## modify fstab default security cp /etc/fstab /etc/fstab.orig sed -i '\/tmp/s/defaults/noexec,nosuid/g' /etc/fstab #tweak bash config #echo "HISTTIMEFORMAT=\"%m/%d %H:%M \"" >> /etc/profile echo "HISTTIMEFORMAT=\"%m/%d/%y %H:%M \"" >> /etc/profile echo -e "HISTFILESIZE=1000000\nHISTSIZE=1000000\nexport HISTTIMEFORMAT" >> /etc/profile echo "set completion-ignore-case on" >> ~/.inputrc #fixup logrotate mv /etc/cron.daily/logrotate /root/old-logrotate-cron-script cd /etc/cron.daily wget http://192.168.200.2/post/logrotate.repl -O logrotate chmod +x logrotate mkdir -p /etc/logrotate/tmp chmod -R 755 /etc/logrotate #change hostname sed -i '/^HOSTNAME=localhost/d' /etc/sysconfig/network echo "HOSTNAME=e3-1230v5.BL-SRB0.bg.ne.c1.1.a2.H1.securedservers.com" >> /etc/sysconfig/network # Switch to the first kernel, which will have no useful effect in x86_64, but will switch to PAE in i386 sed -i -r -e 's/^default=[0-9]$/default=0/' /boot/grub/menu.lst # CentOS 6.5 FIX: Solves the problem of powering down ports sed -i 's/rhgb quiet/rhgb quiet pcie_aspm=off/g' /boot/grub/grub.conf #Sendmail hopeful fix echo "131.153.40.194 e3-1230v5.BL-SRB0.bg.ne.c1.1.a2.H1.securedservers.com e3-1230v5.BL-SRB0.bg.ne.c1.1.a2.H1" >> /etc/hosts #make a directory for us to put the boot script in mkdir -p /home/bootcfg #put the script in there cat < /home/bootcfg/setup.sh #!/bin/bash #we'll use this to send updates out to the log and the screen function messenger { echo \$1 >> /dev/console wall \$1 if [ -d /home/bootcfg ]; then echo \$1 >> /home/bootcfg/config.log fi } messenger "**** ENTERING NETWORK CONFIG PHASE ****" # Configure IPs on eth0 wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=34774&securityKey=kexjspfdwfqxbwlmeaoxcrommafiatoo&percentComplete=30&message=Configuring%20Eth0' messenger "configuring eth0 network script" messenger "no eth0 ip found" cat < /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE="eth0" BOOTPROTO="dhcp" ONBOOT="no" TYPE="Ethernet" NET_CFG # Configure IPs on eth1 wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=34774&securityKey=kexjspfdwfqxbwlmeaoxcrommafiatoo&percentComplete=33&message=Configuring%20Eth1' messenger "configuring eth1 network script" messenger "eth1 will get ip 131.153.40.194" cat < /etc/sysconfig/network-scripts/ifcfg-eth1 DEVICE="eth1" BOOTPROTO="static" ONBOOT="yes" TYPE="Ethernet" IPADDR="131.153.40.194" NETMASK="255.255.255.240" GATEWAY="131.153.40.193" NET_CFG messenger "eth1:$network_device.device} will get ip 131.153.40.195" cat < /etc/sysconfig/network-scripts/ifcfg-eth1:1 DEVICE="eth1:1" BOOTPROTO="static" ONBOOT="yes" IPADDR="131.153.40.195" NETMASK="255.255.255.240" NET_CFG messenger "eth1:$network_device.device} will get ip 131.153.40.196" cat < /etc/sysconfig/network-scripts/ifcfg-eth1:2 DEVICE="eth1:2" BOOTPROTO="static" ONBOOT="yes" IPADDR="131.153.40.196" NETMASK="255.255.255.240" NET_CFG messenger "eth1:$network_device.device} will get ip 131.153.40.197" cat < /etc/sysconfig/network-scripts/ifcfg-eth1:3 DEVICE="eth1:3" BOOTPROTO="static" ONBOOT="yes" IPADDR="131.153.40.197" NETMASK="255.255.255.240" NET_CFG messenger "eth1:$network_device.device} will get ip 131.153.40.198" cat < /etc/sysconfig/network-scripts/ifcfg-eth1:4 DEVICE="eth1:4" BOOTPROTO="static" ONBOOT="yes" IPADDR="131.153.40.198" NETMASK="255.255.255.240" NET_CFG messenger "eth1:$network_device.device} will get ip 131.153.40.199" cat < /etc/sysconfig/network-scripts/ifcfg-eth1:5 DEVICE="eth1:5" BOOTPROTO="static" ONBOOT="yes" IPADDR="131.153.40.199" NETMASK="255.255.255.240" NET_CFG messenger "eth1:$network_device.device} will get ip 131.153.40.200" cat < /etc/sysconfig/network-scripts/ifcfg-eth1:6 DEVICE="eth1:6" BOOTPROTO="static" ONBOOT="yes" IPADDR="131.153.40.200" NETMASK="255.255.255.240" NET_CFG messenger "eth1:$network_device.device} will get ip 131.153.40.201" cat < /etc/sysconfig/network-scripts/ifcfg-eth1:7 DEVICE="eth1:7" BOOTPROTO="static" ONBOOT="yes" IPADDR="131.153.40.201" NETMASK="255.255.255.240" NET_CFG messenger "eth1:$network_device.device} will get ip 131.153.40.202" cat < /etc/sysconfig/network-scripts/ifcfg-eth1:8 DEVICE="eth1:8" BOOTPROTO="static" ONBOOT="yes" IPADDR="131.153.40.202" NETMASK="255.255.255.240" NET_CFG messenger "eth1:$network_device.device} will get ip 131.153.40.203" cat < /etc/sysconfig/network-scripts/ifcfg-eth1:9 DEVICE="eth1:9" BOOTPROTO="static" ONBOOT="yes" IPADDR="131.153.40.203" NETMASK="255.255.255.240" NET_CFG messenger "eth1:$network_device.device} will get ip 131.153.40.204" cat < /etc/sysconfig/network-scripts/ifcfg-eth1:10 DEVICE="eth1:10" BOOTPROTO="static" ONBOOT="yes" IPADDR="131.153.40.204" NETMASK="255.255.255.240" NET_CFG messenger "eth1:$network_device.device} will get ip 131.153.40.205" cat < /etc/sysconfig/network-scripts/ifcfg-eth1:11 DEVICE="eth1:11" BOOTPROTO="static" ONBOOT="yes" IPADDR="131.153.40.205" NETMASK="255.255.255.240" NET_CFG messenger "eth1:$network_device.device} will get ip 131.153.40.206" cat < /etc/sysconfig/network-scripts/ifcfg-eth1:12 DEVICE="eth1:12" BOOTPROTO="static" ONBOOT="yes" IPADDR="131.153.40.206" NETMASK="255.255.255.240" NET_CFG # Configure resolvers wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=34774&securityKey=kexjspfdwfqxbwlmeaoxcrommafiatoo&percentComplete=36&message=Configuring%20Resolvers' messenger "configuring name resolvers" messenger "nameserver 8.8.8.8" messenger "nameserver 8.8.4.4" messenger "nameserver 192.168.200.2" # Update the resolv.conf to increase the speed of the installation cat < /etc/resolv.conf nameserver 8.8.8.8 nameserver 8.8.4.4 nameserver 192.168.200.2 NET_CFG messenger "**** ENTERING SOFTWARE INSTALLATION PHASE ****" # Software Installation # do this penultimately so that clients can't access device until we're done messenger "**** CONFIGURING SYSTEM USERS ****" # Setup the user here messenger "Config has users. Setting PermitRootLogin NO" sed -i -r -e 's/^#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config messenger "Adding user pnap23110" useradd -G wheel pnap23110 echo "T0ykRDuRJ79yKz" | passwd pnap23110 --stdin messenger "**** ENTERING CLEANUP PHASE ****" #this must be last. it will complete the kickstart #this must be last. it will complete the kickstart # Cleanup wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=34774&securityKey=kexjspfdwfqxbwlmeaoxcrommafiatoo&percentComplete=99&message=Completing%20Installation' messenger "completing installation" # Complete installation before we remove nameservers wget --timeout=30 -O /dev/null 'http://192.168.200.2/automation/completeKickstartInstallation.php?kickstartInstallationId=34774&securityKey=kexjspfdwfqxbwlmeaoxcrommafiatoo' messenger "cleaning up resolvers" cat < /etc/resolv.conf options rotate nameserver 8.8.8.8 nameserver 8.8.4.4 KICK_CLEAN # Remove the anaconda install copy messenger "cleaning up anaconda-ks.cfg" rm /root/anaconda-ks.cfg #Reset the MOTD if [ -f /etc/motd.orig ]; then messenger "resetting the MOTD" mv /etc/motd.orig /etc/motd else messenger "no original motd found" cat /dev/null > /etc/motd fi; #remove all the config files if [ -d /home/bootcfg ]; then messenger "removing /home/bootcfg completely" rm -rf /home/bootcfg fi; #remove the boot trigger messenger "removing boot trigger from rc.local" sed -i '/f \/home\/bootcfg\/setup\.sh/{N;N;d;}' /etc/rc.local #get rid of tmp files messenger "cleaning up tmp" rm -rf /tmp/* #and /var/tmp messenger "cleaning up /var/tmp" rm -rf /var/tmp/* messenger "rebooting now" reboot EOM #make script executable chmod +x /home/bootcfg/setup.sh # trigger the script on reboot cat <> /etc/rc.local if [ -f /home/bootcfg/setup.sh ]; then nohup /home/bootcfg/setup.sh & > /dev/null; fi EOM #undeploy the installation because it will need to reboot wget -q -O /dev/null 'http://192.168.200.2/automation/undeployKickstartInstallation.php?kickstartInstallationId=34774&securityKey=kexjspfdwfqxbwlmeaoxcrommafiatoo' wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=34774&securityKey=kexjspfdwfqxbwlmeaoxcrommafiatoo&percentComplete=25&message=Rebooting%20Into%20Phase%20Two' echo "Base Install Complete." echo "Rebooting to configure system now." reboot