# CentOS 5.9 # Kickstart Automation 1.2.1 # Kickstart Configuration #1,624 install url --url http://mirrors.securedservers.com/centos/5/os/x86_64 lang en_US.UTF-8 keyboard us skipx text network --device eth0 --bootproto dhcp rootpw z2&w41&n6jsn0 firewall --disabled selinux --disabled authconfig --enableshadow --enablemd5 timezone --utc America/Phoenix bootloader --location=mbr firstboot --disable reboot services --disabled=cpuspeed,gpm,iptables,ip6tables,kudzu,mdmonitor,nfslock,portmap,rpcidmapd,rpcsvcgssd,xinetd,smartd,rpcgssd,xfs,pcscd --enabled=ntpd,snmpd # Write Partitioning # This is default partitioning # Drive Layout - Standard Layout (w/LVM) zerombr yes clearpart --all --initlabel --drives=mapper/isw_bhbdehhcih_Volume0,mapper/isw_bhbdehhcih_Volume1 part /boot --fstype ext3 --size=1024 --ondisk=mapper/isw_bhbdehhcih_Volume0 --asprimary part swap --recommended --ondisk=mapper/isw_bhbdehhcih_Volume1 part pv.0 --size=1 --grow --ondisk=mapper/isw_bhbdehhcih_Volume1 --asprimary volgroup sys-AGJG pv.0 logvol /var/tmp --vgname=sys-AGJG --name=vartmp --size=2048 logvol /tmp --vgname=sys-AGJG --name=tmp --size=2048 logvol / --vgname=sys-AGJG --name=root --size=1 --grow %packages # installs base packages plus some extras bind-utils curl elinks grub iptraf joe kernel lftp ltrace lynx mc mutt nano nc nfs-utils nmap ntp openssh openssh-clients openssh-server screen sudo sysstat tcpdump telnet-server vim-enhanced yum yum-fastestmirror net-snmp # Development packages autoconf automake automake15 automake16 automake17 cpp curl-devel.x86_64 dialog expat-devel.x86_64 flex gcc gcc-c++ gdbm gdbm-devel.x86_64 libpng libstdc++-devel.x86_64 libxml2-devel.x86_64 ncurses-devel.x86_64 openssl-devel.x86_64 perl-DBI pkgconfig rpm-build # crap to ignore -bluez-utils -libnotify -redhat-lsb -cups -cairo -pango -paps -gtk2 -ORBit2 -libwnck -pinfo -htmlview -redhat-menus -NetworkManager -dhcdbd -dhcpv6_client -eject -startup-notification -libXft -mesa-libGL -libX11 -libXi -libXrandr -libXres -libXinerama -libXxf86vm -libXext -libXrender -libXfixes -libXcursor -libXt -libXau -libXdmcp -logwatch -mailx -rdate -system-config-network-tui -firstboot-tui -rhpl -coolkey -wireless-tools -xorg-x11-filesystem -setuptool %pre wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=2180&securityKey=obefvszglzqpjmhxuxvrdedkhvjlmldv&percentComplete=10&message=Installing%20Operating%20System' %post # Output what's happening to another terminal for debugging purposes exec < /dev/tty6 > /dev/tty6 echo "Beginning Post Script" wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=2180&securityKey=obefvszglzqpjmhxuxvrdedkhvjlmldv&percentComplete=20&message=Configuring%20Software' # Configure Backend IP on eth0 sed -i 's/BOOTPROTO="dhcp"/BOOTPROTO="static"/g' /etc/sysconfig/network-scripts/ifcfg-eth0 echo "IPADDR=\"172.26.99.27\"" >> /etc/sysconfig/network-scripts/ifcfg-eth0 echo "NETMASK=\"255.255.255.128\"" >> /etc/sysconfig/network-scripts/ifcfg-eth0 # Configure Frontend IP on eth1 # Limit speed to 10 or 100, but on 1000 is not written sed -i 's/BOOTPROTO="dhcp"/BOOTPROTO="static"/g' /etc/sysconfig/network-scripts/ifcfg-eth1 sed -i 's/BOOTPROTO=dhcp/BOOTPROTO=static/g' /etc/sysconfig/network-scripts/ifcfg-eth1 sed -i 's/ONBOOT=\"no\"/ONBOOT=\"yes\"/' /etc/sysconfig/network-scripts/ifcfg-eth1 sed -i 's/ONBOOT=no/ONBOOT=yes/' /etc/sysconfig/network-scripts/ifcfg-eth1 echo "IPADDR=\"184.95.40.18\"" >> /etc/sysconfig/network-scripts/ifcfg-eth1 echo "NETMASK=\"255.255.255.248\"" >> /etc/sysconfig/network-scripts/ifcfg-eth1 echo "GATEWAY=\"184.95.40.17\"" >> /etc/sysconfig/network-scripts/ifcfg-eth1 echo DEVICE=\"eth1:1\" > /etc/sysconfig/network-scripts/ifcfg-eth1:1 echo BOOTPROTO=\"static\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:1 echo IPADDR=\"184.95.40.19\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:1 echo NETMASK=\"255.255.255.248\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:1 echo ONBOOT=\"yes\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:1 echo DEVICE=\"eth1:2\" > /etc/sysconfig/network-scripts/ifcfg-eth1:2 echo BOOTPROTO=\"static\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:2 echo IPADDR=\"184.95.40.20\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:2 echo NETMASK=\"255.255.255.248\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:2 echo ONBOOT=\"yes\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:2 echo DEVICE=\"eth1:3\" > /etc/sysconfig/network-scripts/ifcfg-eth1:3 echo BOOTPROTO=\"static\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:3 echo IPADDR=\"184.95.40.21\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:3 echo NETMASK=\"255.255.255.248\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:3 echo ONBOOT=\"yes\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:3 echo DEVICE=\"eth1:4\" > /etc/sysconfig/network-scripts/ifcfg-eth1:4 echo BOOTPROTO=\"static\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:4 echo IPADDR=\"184.95.40.22\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:4 echo NETMASK=\"255.255.255.248\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:4 echo ONBOOT=\"yes\" >> /etc/sysconfig/network-scripts/ifcfg-eth1:4 # Set the Nameservers for installing software from the internet... Do we need this? # echo "nameserver 64.38.192.12" >> /etc/resolv.conf # echo "nameserver 64.38.192.13" >> /etc/resolv.conf ## modify fstab default security cp /etc/fstab /etc/fstab.orig sed -i '\/tmp/s/defaults/noexec,nosuid/g' /etc/fstab #change hostname sed -i '/^HOSTNAME=localhost/ d' /etc/sysconfig/network echo "HOSTNAME=x3430-24492.securedservers.com" >> /etc/sysconfig/network #tweak bash config echo "HISTTIMEFORMAT=\"%m/%d %H:%M \"" >> /etc/profile echo -e "HISTFILESIZE=1000000\nHISTSIZE=1000000\nexport HISTTIMEFORMAT" >> /etc/profile echo "set completion-ignore-case on" >> ~/.inputrc #fixup logrotate mv /etc/cron.daily/logrotate /root/old-logrotate-cron-script cd /etc/cron.daily wget http://192.168.200.2/post/logrotate.repl -O logrotate chmod +x logrotate mkdir -p /etc/logrotate/tmp chmod -R 755 /etc/logrotate # Install snmpd config & fix logging mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.stock wget http://192.168.200.2/post/snmpd.conf -O /etc/snmp/snmpd.conf sed -ir 's/-Lsd/-LS 0-4 d/g' /etc/init.d/snmpd wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=2180&securityKey=obefvszglzqpjmhxuxvrdedkhvjlmldv&percentComplete=30&message=Installing%20Updates' #modify default yum database # wget http://192.168.200.2/post/centos5-yum.repo -O /etc/yum.repos.d/CentOS-Base.repo #update yum and install stress util rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 yum -y install yum-priorities yum -y update # Use the correct version for the processor architecture rpm -Uhv http://192.168.200.2/post/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm echo "priority=10" >> /etc/yum.repos.d/rpmforge.repo yum -y install stress lshw rsync htop --disablerepo=\* --enablerepo=rpmforge wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=2180&securityKey=obefvszglzqpjmhxuxvrdedkhvjlmldv&percentComplete=40&message=Creating%20Users' # Setup the user here sed -i -r -e 's/^#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config useradd -G wheel -p `openssl passwd -1 2\&ne270438xof` ss3643 # Switch to the first kernel, which will have no useful effect in x86_64, but will switch to PAE in i386 sed -i -r -e 's/^default=[0-9]$/default=0/' /boot/grub/menu.lst #Sendmail hopeful fix echo "184.95.40.18 x3430-24492.securedservers.com x3430-24492" >> /etc/hosts wget -q -O /dev/null 'http://192.168.200.2/automation/completeKickstartInstallationStep.php?kickstartInstallationId=2180&securityKey=obefvszglzqpjmhxuxvrdedkhvjlmldv&identifier=centos5_9&percentComplete=50&message=Installing%20Software' # Update the resolv.conf to increase the speed of the installation echo "nameserver 174.138.175.115" > /etc/resolv.conf echo "nameserver 174.138.175.116" >> /etc/resolv.conf echo "nameserver 192.168.200.2" >> /etc/resolv.conf # Software Installation # Cleanup wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=2180&securityKey=obefvszglzqpjmhxuxvrdedkhvjlmldv&percentComplete=99&message=Completing%20Installation' # Complete installation before we remove nameservers wget --timeout=30 -O /dev/null 'http://192.168.200.2/automation/completeKickstartInstallation.php?kickstartInstallationId=2180&securityKey=obefvszglzqpjmhxuxvrdedkhvjlmldv' #This removes 192.168.200.2 from the resolv.conf, but it also prevents the "complete installation" post #echo "domain cwie.net" > /etc/resolv.conf #echo "search cwie.net" >> /etc/resolv.conf #echo "nameserver 64.38.192.12" >> /etc/resolv.conf #echo "nameserver 64.38.192.13" >> /etc/resolv.conf # secured servers #add default nameserver #line removed below to fix bug #echo "options rotate" > /etc/resolv.conf echo "options rotate" > /etc/resolv.conf echo "nameserver 174.138.175.115" >> /etc/resolv.conf echo "nameserver 174.138.175.116" >> /etc/resolv.conf # Remove the anaconda install copy rm /root/anaconda-ks.cfg echo "Installation Complete."