# CentOS 6.9 # Kickstart Automation 1.3.1 # Kickstart Configuration #31,416 install url --url http://centos-distro.cavecreek.net/centos/6.9/os/x86_64 #url --url http://mirror.5ninesolutions.com/centos/6.6/os/x86_64 #url --url http://vault.centos.org/6.6/os/x86_64 lang en_US.UTF-8 keyboard us skipx text network --device eth0 --bootproto dhcp rootpw Password1!!! firewall --disabled selinux --disabled authconfig --enableshadow --enablemd5 timezone --utc America/Phoenix bootloader --location=mbr --append="pcie_aspm=off" firstboot --disable reboot services --disabled=cpuspeed,gpm,iptables,ip6tables,kudzu,mdmonitor,nfslock,portmap,rpcidmapd,rpcsvcgssd,xinetd,smartd,rpcgssd,xfs,pcscd # Write Partitioning # This is default partitioning # Drive Layout - Standard Layout (w/LVM) zerombr yes clearpart --all --initlabel --drives=sda part /boot --fstype ext4 --size=512 --ondisk=sda --asprimary part swap --recommended --ondisk=sda part pv.0 --size=1 --grow --ondisk=sda --asprimary volgroup sys-Uf64 pv.0 logvol /var/tmp --vgname=sys-Uf64 --name=vartmp --size=2048 logvol /tmp --vgname=sys-Uf64 --name=tmp --size=2048 logvol / --vgname=sys-Uf64 --name=root --size=1 --grow %packages # installs base packages plus some extras bind-utils curl elinks grub iptraf kernel lftp ltrace lynx mc mutt nano nc nfs-utils nmap ntp openssh openssh-clients openssh-server screen sudo sysstat tcpdump telnet-server vim-enhanced yum yum-fastestmirror net-snmp # Development packages autoconf automake automake14 automake15 automake16 cpp dialog expat-devel flex gcc gcc-c++ gdbm gdbm-devel libcurl-devel libpng libstdc++-devel libxml2-devel ncurses-devel openssl-devel perl-DBI pkgconfig rpm-build # some handy network services httpd httpd-devel httpd-manual mod_ssl mysql mysql-devel mysql-server php php-cli php-common php-devel php-gd php-imap php-mysql # crap to ignore -bluez-utils -libnotify -redhat-lsb -cups -cairo -pango -paps -gtk2 -ORBit2 -libwnck -pinfo -htmlview -redhat-menus -NetworkManager -dhcdbd -dhcpv6_client -eject -startup-notification -libXft -mesa-libGL -libX11 -libXi -libXrandr -libXres -libXinerama -libXxf86vm -libXext -libXrender -libXfixes -libXcursor -libXt -libXau -libXdmcp -logwatch -mailx -rdate -system-config-network-tui -firstboot-tui -rhpl -coolkey -wireless-tools -xorg-x11-filesystem -setuptool %pre wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=32737&securityKey=sazzpsmltrsffkbuwgugewoyxdswwwpl&percentComplete=10&message=Installing%20Operating%20System' %post # Output what's happening to another terminal for debugging purposes exec < /dev/tty6 > /dev/tty6 echo "Beginning Post Script" wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=32737&securityKey=sazzpsmltrsffkbuwgugewoyxdswwwpl&percentComplete=20&message=Adding%20Configuration%Scripts' #changing MOTD mv /etc/motd /etc/motd.orig cat <> /etc/motd Ths kickstart installation is now in phase two. Please be patient and do not reboot the server. If you see this message and you are a client, please contact support immediately. To monitor the installation process please run: tail -f /home/bootcfg/config.log EOM ## modify fstab default security cp /etc/fstab /etc/fstab.orig sed -i '\/tmp/s/defaults/noexec,nosuid/g' /etc/fstab #tweak bash config echo "HISTTIMEFORMAT=\"%m/%d %H:%M \"" >> /etc/profile echo -e "HISTFILESIZE=1000000\nHISTSIZE=1000000\nexport HISTTIMEFORMAT" >> /etc/profile echo "set completion-ignore-case on" >> ~/.inputrc #fixup logrotate mv /etc/cron.daily/logrotate /root/old-logrotate-cron-script cd /etc/cron.daily wget http://192.168.200.2/post/logrotate.repl -O logrotate chmod +x logrotate mkdir -p /etc/logrotate/tmp chmod -R 755 /etc/logrotate #change hostname sed -i '/^HOSTNAME=localhost/d' /etc/sysconfig/network echo "HOSTNAME=srb-1-centos8_9.securedservers.com" >> /etc/sysconfig/network # Switch to the first kernel, which will have no useful effect in x86_64, but will switch to PAE in i386 sed -i -r -e 's/^default=[0-9]$/default=0/' /boot/grub/menu.lst # CentOS 6.5 FIX: Solves the problem of powering down ports sed -i 's/rhgb quiet/rhgb quiet pcie_aspm=off/g' /boot/grub/grub.conf #Sendmail hopeful fix echo "0.0.0.0 srb-1-centos8_9.securedservers.com srb-1-centos8_9" >> /etc/hosts #make a directory for us to put the boot script in mkdir -p /home/bootcfg #put the script in there cat < /home/bootcfg/setup.sh #!/bin/bash #we'll use this to send updates out to the log and the screen function messenger { echo \$1 >> /dev/console wall \$1 echo \$1 >> /home/bootcfg/config.log } messenger "**** ENTERING NETWORK CONFIG PHASE ****" # Configure IPs on eth0 wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=32737&securityKey=sazzpsmltrsffkbuwgugewoyxdswwwpl&percentComplete=30&message=Configuring%20Eth0' messenger "configuring eth0 network script" messenger "no eth0 ip found" cat < /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE="eth0" BOOTPROTO="dhcp" ONBOOT="no" TYPE="Ethernet" NET_CFG # Configure IPs on eth1 wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=32737&securityKey=sazzpsmltrsffkbuwgugewoyxdswwwpl&percentComplete=33&message=Configuring%20Eth1' messenger "configuring eth1 network script" messenger "configuring eth1 as dhcp" cat < /etc/sysconfig/network-scripts/ifcfg-eth1 DEVICE="eth1" BOOTPROTO="dhcp" ONBOOT="no" TYPE="Ethernet" NET_CFG # Configure resolvers wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=32737&securityKey=sazzpsmltrsffkbuwgugewoyxdswwwpl&percentComplete=36&message=Configuring%20Resolvers' messenger "configuring name resolvers" messenger "nameserver 174.138.175.115" messenger "nameserver 174.138.175.116" messenger "nameserver 192.168.200.2" # Update the resolv.conf to increase the speed of the installation cat < /etc/resolv.conf nameserver 174.138.175.115 nameserver 174.138.175.116 nameserver 192.168.200.2 NET_CFG messenger "**** ENTERING SOFTWARE INSTALLATION PHASE ****" # Software Installation # do this penultimately so that clients can't access device until we're done messenger "**** CONFIGURING SYSTEM USERS ****" # Setup the user here messenger "Config has users. Setting PermitRootLogin NO" sed -i -r -e 's/^#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config messenger "Adding user ss7841" useradd -G wheel ss7841 echo "5ty6%TY^" | passwd ss7841 --stdin messenger "**** ENTERING CLEANUP PHASE ****" #this must be last. it will complete the kickstart #this must be last. it will complete the kickstart # Cleanup wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=32737&securityKey=sazzpsmltrsffkbuwgugewoyxdswwwpl&percentComplete=99&message=Completing%20Installation' messenger "completing installation" # Complete installation before we remove nameservers wget --timeout=30 -O /dev/null 'http://192.168.200.2/automation/completeKickstartInstallation.php?kickstartInstallationId=32737&securityKey=sazzpsmltrsffkbuwgugewoyxdswwwpl' messenger "cleaning up resolvers" cat < /etc/resolv.conf options rotate nameserver 174.138.175.115 nameserver 174.138.175.116 KICK_CLEAN # Remove the anaconda install copy messenger "cleaning up anaconda-ks.cfg" rm /root/anaconda-ks.cfg #Reset the MOTD if [ -f /etc/motd.orig ]; then messenger "resetting the MOTD" mv /etc/motd.orig /etc/motd else messenger "no original motd found" cat /dev/null > /etc/motd fi; #remove all the config files if [ -d /home/bootcfg ]; then messenger "removing /home/bootcfg completely" rm -rf /home/bootcfg fi; #remove the boot trigger messenger "removing boot trigger from rc.local" sed -i '/f \/home\/bootcfg\/setup\.sh/{N;N;d;}' /etc/rc.local #get rid of tmp files messenger "cleaning up tmp" rm -rf /tmp/* #and /var/tmp messenger "cleaning up /var/tmp" rm -rf /var/tmp/* messenger "rebooting now" reboot EOM #make script executable chmod +x /home/bootcfg/setup.sh # trigger the script on reboot cat <> /etc/rc.local if [ -f /home/bootcfg/setup.sh ]; then nohup /home/bootcfg/setup.sh & > /dev/null; fi EOM #undeploy the installation because it will need to reboot wget -q -O /dev/null 'http://192.168.200.2/automation/undeployKickstartInstallation.php?kickstartInstallationId=32737&securityKey=sazzpsmltrsffkbuwgugewoyxdswwwpl' wget -q -O /dev/null 'http://192.168.200.2/automation/updateKickstartInstallationStatus.php?kickstartInstallationId=32737&securityKey=sazzpsmltrsffkbuwgugewoyxdswwwpl&percentComplete=25&message=Rebooting%20Into%20Phase%20Two' echo "Base Install Complete." echo "Rebooting to configure system now." reboot