HW4F
/
ansible-install-server
5
0
Fork 1
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Initial

This commit is contained in:
Alexander Böhm 2020-08-26 12:10:36 +02:00
commit d5eecc6a22
135 changed files with 4223 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored Normal file
View File

@ -0,0 +1,5 @@
# vim
*.swp
# Vagrant
.vagrant

26
Vagrantfile vendored Normal file
View File

@ -0,0 +1,26 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
def create(config, name)
config.vm.define name do |v|
v.vm.hostname = name
v.vm.box = "generic/debian10"
v.vm.provider "virtualbox" do |vb|
vb.memory = "1024"
vb.customize ["modifyvm", :id, "--nicpromisc2", "allow-all"]
end
v.vm.network "private_network", ip: "192.168.33.1", virtualbox__intnet: true
v.vm.provision "ansible" do |ans|
ans.playbook = "setup.yml"
#ans.vault_password_file = ".vault_pass"
ans.verbose = true
end
end
end
Vagrant.configure("2") do |config|
create(config, "faiserver")
end

85
fai.yml Normal file
View File

@ -0,0 +1,85 @@
- hosts: all
become: yes
vars:
use_ipxe: true
fai_menu: true
ensure_fai_setup_run: false
dhcp_interface: eth1
wan_interface: eth0
server_name: faiserver
server_ip: 192.168.33.1
server_net: 192.168.33
server_netbits: 24
server_netmask: 255.255.255.0
domain_name: lan
linux_version: 4.19.0-10
tasks:
- name: fai package selection
copy:
content: |
PACKAGES install
linuxmint-keyring
mintdesktop
dest: /srv/fai/config/package_config/MINT
mode: 0644
owner: root
group: root
- name: fai deb conf
copy:
content: |
exim4-config exim4/dc_eximconfig_configtype select local delivery only; not on a network
locales locales/default_environment_locale select de_DE.UTF-8 en_US.UTF-8
locales locales/locales_to_be_generated multiselect de_DE.UTF-8 en_US.UTF-8 UTF-8
keyboard-configuration keyboard-configuration/modelcode string pc105
keyboard-configuration keyboard-configuration/xkb-keymap select de
keyboard-configuration keyboard-configuration/variant select USA
keyboard-configuration keyboard-configuration/model select Generic 105-key (Intl) PC
keyboard-configuration keyboard-configuration/layoutcode string
keyboard-configuration keyboard-configuration/optionscode string ctrl:nocaps,terminate:ctrl_alt_bksp
dest: /srv/fai/config/debconf/DESKTOP
mode: 0644
owner: root
group: root
- name: fai set host class
copy:
content: |
#! /bin/bash
echo "DEBIAN GERMAN DESKTOP"
dest: /srv/fai/config/class/50-host-classes
mode: 0755
owner: root
group: root
- name: fai desk config
copy:
content: |
# example of new config file for setup-storage
#
# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
disk_config disk1 disklabel:msdos bootable:1 fstabkey:uuid
primary / 2G-50G ext4 rw,noatime,errors=remount-ro
logical swap 200-10G swap sw
logical /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1" tuneopts="-c 0 -i 0"
dest: /srv/fai/config/disk_config/DESKTOP
- name: fai vars
copy:
content: |
FAI_ALLOW_UNSIGNED=0
UTC=yes
TIMEZONE=Europe/Berlin
# pw is "fai"
ROOTPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1'
# errors in tasks greater than this value will cause the installation to stop
STOP_ON_ERROR=700
# set parameter for install_packages(8)
MAXPACKAGES=800
dest: /srv/fai/config/class/DESKTOP.var
mode: 0644
owner: root
group: root

29
roles/fai/.travis.yml Normal file
View File

@ -0,0 +1,29 @@
---
language: python
python: "2.7"
# Use the new container infrastructure
sudo: false
# Install ansible
addons:
apt:
packages:
- python-pip
install:
# Install ansible
- pip install ansible
# Check ansible version
- ansible --version
# Create ansible.cfg with correct roles_path
- printf '[defaults]\nroles_path=../' >ansible.cfg
script:
# Basic role syntax check
- ansible-playbook tests/test.yml -i tests/inventory --syntax-check
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

38
roles/fai/README.md Normal file
View File

@ -0,0 +1,38 @@
Role Name
=========
A brief description of the role goes here.
Requirements
------------
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
Role Variables
--------------
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
Dependencies
------------
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
Example Playbook
----------------
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- { role: username.rolename, x: 42 }
License
-------
BSD
Author Information
------------------
An optional section for the role authors to include contact information, or a website (HTML is not allowed).

15
roles/fai/defaults/main.yml Normal file
View File

@ -0,0 +1,15 @@
---
# defaults file for fai
use_ipxe: true
fai_menu: true
ensure_fai_setup_run: false
dhcp_interface: eth1
wan_interface: eth0
server_name: faiserver
server_ip: 192.168.33.1
server_net: 192.168.33
server_netmask: 255.255.255.0
domain_name: lan
linux_version: 4.19.0-10
use_apt_cache: false

BIN
roles/fai/files/dban/dban.bzi Normal file
View File

Binary file not shown.

BIN
roles/fai/files/ipxe/ipxe.efi Normal file
View File

Binary file not shown.

BIN
roles/fai/files/ipxe/ipxe.lkrn Normal file
View File

Binary file not shown.

BIN
roles/fai/files/ipxe/ipxe.pxe Normal file
View File

Binary file not shown.

BIN
roles/fai/files/ipxe/undionly.kpxe Normal file
View File

Binary file not shown.

309
roles/fai/files/profiles/basefiles/mk-basefile Executable file
View File

@ -0,0 +1,309 @@
#! /bin/bash
# mk-basefile, create basefiles for some distributions
#
# Thomas Lange, Uni Koeln, 2011-2020
# based on the Makefile implementation of Michael Goetze
#
# Usage example: mk-basefile -J STRETCH64
# This will create a STRETCH64.tar.xz basefile.
# Supported distributions (each i386/amd64):
# Debian GNU/Linux
# Ubuntu 14.04/16.04
# CentOS 5/6/7/8
# Scientific Linux Cern 5/6
#
# Packages you might want to install to use this command:
# debootstrap, rinse, xz-utils
# Define your local mirros here
# For the first stage, set the CentOS/SLC mirror in /etc/rinse/rinse.conf
MIRROR_DEBIAN=http://deb.debian.org/debian/
MIRROR_UBUNTU=http://mirror.netcologne.de/ubuntu/
MIRROR_CENTOS=http://mirror.netcologne.de/
EXCLUDE_SQUEEZE=isc-dhcp-client,isc-dhcp-common,info
EXCLUDE_WHEEZY=info
EXCLUDE_JESSIE=info
EXCLUDE_STRETCH=info
EXCLUDE_BUSTER=
EXCLUDE_BULLSEYE=
EXCLUDE_SID=
EXCLUDE_TRUSTY=dhcp3-client,dhcp3-common,info
EXCLUDE_XENIAL=udhcpc,dibbler-client,info
EXCLUDE_BIONIC=udhcpc,dibbler-client,info
EXCLUDE_FOCAL=udhcpc,dibbler-client,info
# here you can add packages, that are needed very early
INCLUDE_DEBIAN=
setarch() {
l32=
if [ X$1 = Xi386 ]; then
l32=linux32
fi
}
check() {
if [ `id -u` != 0 ]; then
echo "You must be root to create chroots."
exit 1
fi
mknod $xtmp/test-dev-null c 1 3
if [ $? -eq 1 ]; then
echo "Cannot create device files on $xtmp, aborting."
echo "Perhaps this directory is mounted with option nodev."
rm -rf $xtmp
exit 1
fi
echo test > $xtmp/test-dev-null
if [ $? -eq 1 ]; then
echo "Cannot create device files on $xtmp, aborting."
echo "Perhaps this directory is mounted with option nodev."
rm -rf $xtmp
exit 1
fi
rm -f $xtmp/test-dev-null
}
mkpost-centos() {
# set local mirror for rinse post script
[ -z "$MIRROR_CENTOS" ] && return
cat <<EOM > $xtmp/post
#! /bin/sh
mkdir -p $xtmp/etc/yum.repos.d/orig
cp -p $xtmp/etc/yum.repos.d/*.repo $xtmp/etc/yum.repos.d/orig
perl -pi -e 's,mirrorlist=,#mirrorlist=,; s,#baseurl=http://mirror.centos.org,baseurl=$MIRROR_CENTOS,;' $xtmp/etc/yum.repos.d/CentOS-Base.repo
EOM
chmod 555 $xtmp/post
}
mkpost-slc() {
# set local mirror for rinse post script
ver=$1
[ -z "$MIRROR_SLC" ] && return
cat <<EOM > $xtmp/post
#! /bin/sh
mkdir -p $xtmp/etc/yum.repos.d/orig
cp -p $xtmp/etc/yum.repos.d/*.repo $xtmp/etc/yum.repos.d/orig
perl -pi -e 's,baseurl=http://linuxsoft.cern.ch,baseurl=$MIRROR_SLC,;' $xtmp/etc/yum.repos.d/slc$ver-os.repo
perl -pi -e 's,baseurl=http://linuxsoft.cern.ch,baseurl=$MIRROR_SLC,;' $xtmp/etc/yum.repos.d/slc$ver-updates.repo
EOM
chmod 555 $xtmp/post
}
cleanup-deb() {
chroot $xtmp apt-get clean
rm -f $xtmp/etc/hostname $xtmp/etc/resolv.conf \
$xtmp/var/lib/apt/lists/*_* $xtmp/usr/bin/qemu-*-static \
$xtmp/etc/udev/rules.d/70-persistent-net.rules
> $xtmp/etc/machine-id
}
cleanup-rinse() {
# check if chroot works
echo "Installed packages in chroot:"
chroot $xtmp rpm -qa|sort
echo -n "CHROOT rpm -qa: "
chroot $xtmp rpm -qa|wc -l
rm -f $xtmp/etc/resolv.conf $xtmp/post
if [ -d $xtmp/etc/yum.repos.d/orig ]; then
mv $xtmp/etc/yum.repos.d/orig/* $xtmp/etc/yum.repos.d/
rm -rf $xtmp/etc/yum.repos.d/orig
fi
}
tarit() {
tar $attributes --numeric-owner --one-file-system -C $xtmp -cf - . | $zip > $target.$ext
}
centos() {
local arch=$1
local vers=$2
local domain=$(domainname)
check
setarch $arch
mkpost-centos
$l32 rinse --directory $xtmp --distribution centos-$vers --arch $arch --before-post-install $xtmp/post
domainname $domain # workaround for #613377
cleanup-rinse
tarit
}
slc() {
local arch=$1
local vers=$2
check
setarch $arch
mkpost-slc $vers
$l32 rinse --directory $xtmp --distribution slc-$vers --arch $arch --before-post-install $xtmp/post
cleanup-rinse
tarit
}
debgeneric() {
local DIST=$1
shift
local mirror=$1
shift
local arch=$1
dist=${DIST%%[0-9][0-9]}
local exc="EXCLUDE_$dist"
[ -n "${!exc}" ] && exc="--exclude=${!exc}" || unset exc
dist=${dist,,}
check
if [ -n "$INCLUDE_DEBIAN" ]; then
local inc="--include=$INCLUDE_DEBIAN"
fi
if [ -n "$arch" ]; then
qemu-debootstrap --arch $arch ${exc} $inc $dist $xtmp $mirror
target="${target}_${arch^^}"
else
if [[ $DIST =~ 64 ]]; then
arch=amd64
else
arch=i386
fi
debootstrap --arch $arch ${exc} $inc $dist $xtmp $mirror
fi
cleanup-deb
tarit
}
prtdists() {
echo "Available:
CENTOS5_32 CENTOS5_64
CENTOS6_32 CENTOS6_64
CENTOS7_32 CENTOS7_64
CENTOS8_64
SLC5_32 SLC5_64
SLC6_32 SLC6_64
SLC7_64
TRUSTY32 TRUSTY64
XENIAL32 XENIAL64
BIONIC64
FOCAL64
SQUEEZE32 SQUEEZE64
WHEEZY32 WHEEZY64
JESSIE32 JESSIE64
STRETCH32 STRETCH64
BUSTER32 BUSTER64
BULLSEYE32 BULLSEYE64
SID32 SID64
"
}
usage() {
cat <<EOF
mk-basefile, create minimal base files for a Linux distritubtion
Copyright (C) 2011-2020 by Thomas Lange
Usage: mk-basefile [OPTION] ... DISTRIBUTION
-s Show list of supported linux distributions
-f ARCH Build for foreign architecture ARCH.
-d DIR Use DIR for creating the temporary subtree structure.
-z Use gzip for compressing the tar file.
-J Use xz for compressing the tar file.
-k Keep the temporary subtree structure, do not remove it.
-h Print help.
Usage example: mk-basefile -J STRETCH64
This will create a STRETCH64.tar.xz basefile.
EOF
exit 0
}
# main routine
ext=tar
zip=cat
attributes=
cleanup=1
attributes="--xattrs --selinux --acls"
while getopts ashzJd:kf: opt ; do
case "$opt" in
a) echo "$0: Warning. -a is ignored, because xtattrs, acls and selinux are always added." ;;
d) export TMPDIR=$OPTARG ;;
f) export ARCH=$OPTARG ;;
z) zip="gzip -9"; ext=tar.gz ;;
J) zip="xz -8" ext=tar.xz ;;
k) cleanup=0 ;;
h) usage ;;
s) prtdists ; exit 0;;
?) exit 3 ;; # error in option parsing
esac
done
shift $(($OPTIND - 1))
xtmp=$(mktemp --tmpdir -d basefiles.XXXXXXXX)
if [ $? -eq 1 ]; then
echo "mktemp failed. Aborting."
exit 2
fi
chmod 755 $xtmp
target=$1 # also the name of the output file
[ -z "$target" ] && usage
case "$target" in
CENTOS5_32) centos i386 5 ;;
CENTOS5_64) centos amd64 5 ;;
CENTOS6_32) centos i386 6 ;;
CENTOS6_64) centos amd64 6 ;;
CENTOS7_32) centos i386 7 ;;
CENTOS7_64) centos amd64 7 ;;
CENTOS8_64) centos amd64 8 ;;
SLC5_32) slc i386 5 ;;
SLC5_64) slc amd64 5 ;;
SLC6_32) slc i386 6 ;;
SLC6_64) slc amd64 6 ;;
SLC7_64) slc amd64 7 ;;
TRUSTY*|XENIAL*|BIONIC*|FOCAL*)
debgeneric $target $MIRROR_UBUNTU ;;
SQUEEZE*|WHEEZY*|JESSIE*|STRETCH*|BUSTER*|BULLSEYE*|SID*)
debgeneric $target $MIRROR_DEBIAN $ARCH;;
*) echo "Unknown distribution. Aborting."
prtdists
exit 99 ;;
esac
# cleanup
if [ $cleanup -eq 1 ]; then
rm -rf $xtmp
fi

8
roles/fai/files/profiles/class/01-classes Executable file
View File

@ -0,0 +1,8 @@
#! /bin/bash
[ "$cmdlineclasses" ] || exit 0
# define the classes given on the cmdline (using -c) very early
echo $cmdlineclasses
exit 0

21
roles/fai/files/profiles/class/10-base-classes Executable file
View File

@ -0,0 +1,21 @@
#! /bin/bash
# do only execute if this is called on the client being installed. Do not use during fai-diskimage
if [ X$FAI_ACTION = Xinstall -a $do_init_tasks -eq 0 ]; then
exit 0
fi
# Echo architecture and OS name in uppercase. Do NOT remove these two lines.
uname -s | tr '[:lower:]' '[:upper:]'
command -v dpkg >&/dev/null && dpkg --print-architecture | tr a-z A-Z
# determin if we are a DHCP client or not
# count the : chars in the argument of ip=
n="${ip//[^:]}"
if [[ $ip =~ ^(on|any|dhcp)$ ]]; then
echo DHCPC
elif [ ${#n} -lt 6 ]; then
echo DHCPC
fi
exit 0

35
roles/fai/files/profiles/class/20-hwdetect.sh Executable file
View File

@ -0,0 +1,35 @@
#! /bin/bash
# (c) Thomas Lange, 2002-2013, lange@informatik.uni-koeln.de
# NOTE: Files named *.sh will be evaluated, but their output ignored.
[ $do_init_tasks -eq 1 ] || return 0 # Do only execute when doing install
echo 0 > /proc/sys/kernel/printk
#kernelmodules=
# here, you can load modules depending on the kernel version
case $(uname -r) in
2.6*) kernelmodules="$kernelmodules mptspi dm-mod md-mod aes dm-crypt" ;;
[3456]*) kernelmodules="$kernelmodules mptspi dm-mod md-mod aes dm-crypt" ;;
esac
for mod in $kernelmodules; do
[ X$verbose = X1 ] && echo Loading kernel module $mod
modprobe -a $mod 1>/dev/null 2>&1
done
ip ad show up | egrep -iv 'loopback|127.0.0.1|::1/128|_lft'
echo $printk > /proc/sys/kernel/printk
odisklist=$disklist
set_disk_info # recalculate list of available disks
if [ "$disklist" != "$odisklist" ]; then
echo New disklist: $disklist
echo disklist=\"$disklist\" >> $LOGDIR/additional.var
fi
save_dmesg # save new boot messages (from loading modules)

165
roles/fai/files/profiles/class/40-parse-profiles.sh Executable file
View File

@ -0,0 +1,165 @@
#! /bin/bash
# parse *.profile and build a curses menu, so the user can select a profile
#
# (c) 2015 by Thomas Lange, lange@informatik.uni-koeln.de
# Universitaet zu Koeln
if [ X$FAI_ACTION = Xinstall -o X$FAI_ACTION = Xdirinstall -o X$FAI_ACTION = X ]; then
:
else
return 0
fi
[ "$flag_menu" ] || return 0
out=$(tty)
tempfile=`(tempfile) 2>/dev/null`
tempfile2=`(tempfile) 2>/dev/null`
trap "rm -f $tempfile $tempfile2" EXIT INT QUIT
# declare the data structure, use associative arrays
declare -A arshort
declare -A ardesc
declare -A arlong
declare -A arclasses
declare -a list
parse_profile() {
# read a profile and add all info to the data structure
local short
local long
local desc
local name
local classes
local lflag=0
# disable word splitting when reading a line, this helps reading a keyword without a value
local OIF=$IFS
IFS=
while read -r line || [[ -n $line ]]; do
if [[ $line =~ "Name: " ]]; then
if [ -n "$long" ]; then
arlong[$name]="$long"
fi
short=
desc=
long=
classes=
lflag=0
name=${line##Name: }
[ $debug ] && echo "XX NAME $name found"
list+=("$name") # add new item to list
continue
fi
if [[ $line =~ "Description: " ]]; then
lflag=0
desc=${line##Description: }
[ $debug ] && echo "XX $desc found"
ardesc[$name]="$desc"
continue
fi
if [[ $line =~ "Short: " ]]; then
lflag=0
short=${line##Short: }
[ $debug ] && echo "XX $short found"
arshort[$name]="$short"
continue
fi
if [[ $line =~ "Classes: " ]]; then
lflag=0
classes=${line##Classes: }
[ $debug ] && echo "XX classes found"
arclasses[$name]="$classes"
continue
fi
if [[ $line =~ "Long: " ]]; then
lflag=1
long=${line##Long: }
[ $debug ] && echo "XX long found"
# else it's another long line
elif [ $lflag -eq 1 ]; then
long+="\n$line"
fi
if [[ $line =~ "Default: " ]]; then
lflag=0
default=${line##Default: }
continue
fi
done < $1
if [ -n "$long" ]; then
arlong[$name]="$long"
fi
IFS=$OIF
}
prtresult() {
# set newclasses which is used by fai-class(1)
local res=$(<$tempfile)
echo "$BASH_SOURCE defined new classes: ${arclasses[$res]}"
newclasses="${arclasses[$res]}"
}
# read all files with name matching *.profile
_parsed=0
shopt -s nullglob
for _f in *.profile; do
parse_profile $_f
_parsed=1
done
unset _f
# do nothing if no profile was read
if [ $_parsed -eq 0 ]; then
unset _parsed
return 0
fi
# create the argument list containing the menu entries
# and the help text file
for i in "${list[@]}"; do
par+=("$i")
par+=("${ardesc[${i}]}")
par+=("${arshort[${i}]}")
echo "Name: ${i}" >> $tempfile2
echo -e ${arlong[${i}]} >> $tempfile2
echo -e "Classes: " ${arclasses[${i}]} "\n" >> $tempfile2
done
unset i
while true; do
dialog --clear --item-help --title "FAI - Fully Automatic Installation" --help-button \
--default-item "$default" \
--menu "\nSelect your FAI profile\n\nThe profile will define a list of classes,\nwhich are used by FAI.\n\n\n"\
15 70 0 "${par[@]}" 2> $tempfile 1> $out
_retval=$?
case $_retval in
0)
prtresult
break ;;
1)
echo "No profile selected."
break ;;
2)
dialog --title "Description of all profiles" --textbox $tempfile2 0 0 1> $out;;
esac
done
unset par ardesc arshort arlong arclasses list tempfile tempfile2 _parsed _retval line

28
roles/fai/files/profiles/class/41-warning.sh Executable file
View File

@ -0,0 +1,28 @@
#! /bin/bash
if [ X$FAI_ACTION = Xinstall -o X$FAI_ACTION = X ]; then
:
else
return 0
fi
if [ X$action = Xdirinstall ]; then
return 0
fi
grep -q INSTALL $LOGDIR/FAI_CLASSES || return 0
[ "$flag_menu" ] || return 0
out=$(tty)
red=$(mktemp)
echo 'screen_color = (CYAN,RED,ON)' > $red
DIALOGRC=$red dialog --colors --clear --aspect 6 --title "FAI - Fully Automatic Installation" --trim \
--msgbox "\n\n If you continue, \n all your data on the disk \n \n|\Zr\Z1 WILL BE DESTROYED \Z0\Zn|\n\n" 0 0 1>$out
# stop on any error, or if ESC was hit
if [ $? -ne 0 ]; then
task_error 999
fi
rm $red
unset red

32
roles/fai/files/profiles/class/50-host-classes Executable file
View File

@ -0,0 +1,32 @@
#! /bin/bash
# assign classes to hosts based on their hostname
# do not use this if a menu will be presented
[ "$flag_menu" ] && exit 0
# use a list of classes for our demo machine
case $HOSTNAME in
faiserver)
echo "FAIBASE DEBIAN DEMO FAISERVER" ;;
demohost|client*)
echo "FAIBASE DEBIAN DEMO" ;;
xfcehost)
echo "FAIBASE DEBIAN DEMO XORG XFCE LVM";;
gnomehost)
echo "FAIBASE DEBIAN DEMO XORG GNOME";;
ubuntuhost)
echo "FAIBASE DEBIAN DEMO UBUNTU FOCAL FOCAL64 XORG";;
centos)
echo "FAIBASE CENTOS" # you may want to add class XORG here
ifclass AMD64 && echo CENTOS8_64
;;
slchost)
# Scientific Linux Cern, is very similar to CentOS. SLC should alsways use the class CENTOS
echo "FAIBASE CENTOS SLC" # you may want to add class XORG here
ifclass I386 && echo SLC7_32
ifclass AMD64 && echo SLC7_64
;;
*)
echo "UBUNTU MINT DESKTOP" ;;
esac

11
roles/fai/files/profiles/class/60-misc Executable file
View File

@ -0,0 +1,11 @@
#! /bin/bash
ifclass -o CENTOS SLC && exit 0
ifclass -o GRUB_PC GRUB_EFI && exit 0
if [ -d /sys/firmware/efi ]; then
echo GRUB_EFI
elif ifclass -o I386 AMD64 ; then
echo GRUB_PC
fi

19
roles/fai/files/profiles/class/85-efi-classes Executable file
View File

@ -0,0 +1,19 @@
#! /bin/bash
# define classes for disk_config in an EFI enironment
if [ ! -d /sys/firmware/efi ]; then
exit 0
fi
if ifclass FAIBASE; then
echo FAIBASE_EFI
elif ifclass FAISERVER; then
echo FAISERVER_EFI
elif ifclass LVM; then
echo LVM_EFI
elif ifclass XENIAL; then
echo XENIAL_EFI
elif ifclass UBUNTU; then
echo UBUNTU_EFI
fi

9
roles/fai/files/profiles/class/CENTOS.var Normal file
View File

@ -0,0 +1,9 @@
CONSOLEFONT=lat9v-16
KEYMAP=us
DEFAULTLOCALE=en_US.UTF-8
SUPPORTEDLOCALE=en_US.UTF-8:en_US:en
# if you install much software and have only few RAM, use the RAM disk
# not for var/cache/yum
#FAI_RAMDISKS="$target/var/lib/rpm $target/var/cache/yum"
FAI_RAMDISKS="$target/var/lib/rpm"

1
roles/fai/files/profiles/class/CLOUD.var Normal file
View File

@ -0,0 +1 @@
NIC1=eth0

19
roles/fai/files/profiles/class/DEBIAN.var Normal file
View File

@ -0,0 +1,19 @@
release=buster
apt_cdn=http://deb.debian.org
security_cdn=http://security.debian.org
CONSOLEFONT=
KEYMAP=de-latin1
# MODULESLIST contains modules that will be loaded by the new system,
# not during installation these modules will be written to /etc/modules
# If you need a module during installation, add it to $kernelmodules
# in 20-hwdetect.sh.
MODULESLIST="usbhid psmouse"
# if you have enough RAM (>2GB) you may want to enable this line. It
# also puts /var/cache into a ramdisk.
#FAI_RAMDISKS="$target/var/lib/dpkg $target/var/cache"
# if you want to use the faiserver as APT proxy
APTPROXY=http://faiserver:3142

22
roles/fai/files/profiles/class/FAIBASE.var Normal file
View File

@ -0,0 +1,22 @@
# default values for installation. You can override them in your *.var files
# allow installation of packages from unsigned repositories
FAI_ALLOW_UNSIGNED=0
# Set UTC=yes if your system clock is set to UTC (GMT), and UTC=no if not.
UTC=yes
TIMEZONE=Europe/Berlin
# the hash of the root password for the new installed linux system
# pw is "fai"
ROOTPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1'
# errors in tasks greater than this value will cause the installation to stop
STOP_ON_ERROR=700
# set parameter for install_packages(8)
MAXPACKAGES=800
# a user account will be created
username=demo
USERPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1'

3
roles/fai/files/profiles/class/GERMAN.var Normal file
View File

@ -0,0 +1,3 @@
# german environment (for Debian)
KEYMAP=de-latin1-nodeadkeys

1
roles/fai/files/profiles/class/INSTALL.var Normal file
View File

@ -0,0 +1 @@
FAI_ACTION=install

1
roles/fai/files/profiles/class/INVENTORY.var Normal file
View File

@ -0,0 +1 @@
FAI_ACTION=inventory

1
roles/fai/files/profiles/class/SYSINFO.var Normal file
View File

@ -0,0 +1 @@
FAI_ACTION=sysinfo

2
roles/fai/files/profiles/class/UBUNTU.var Normal file
View File

@ -0,0 +1,2 @@
ubuntumirror=http://archive.ubuntu.com
ubuntudist=focal

14
roles/fai/files/profiles/class/UBUNTU_DESKTOP.var Normal file
View File

@ -0,0 +1,14 @@
# set time
UTC=yes
TIMEZONE=Europe/Berlin
# some install parameters
STOP_ON_ERROR=700
MAXPACKAGES=800
# set root password
ROOTPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1'
# start user and password
username=demo
USERPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1'

72
roles/fai/files/profiles/class/menu.profile Normal file
View File

@ -0,0 +1,72 @@
Default: Ubuntu Desktop
Name: Ubuntu Desktop
Description: Ubuntu Deskop
Short: Ubuntu Desktop
Long: Ubuntu 20.04 LTS (Focal Fossa)
Classes: INSTALL UBUNTU UBUNTU_DESKTOP
Name: Ubuntu
Description: Ubuntu
Short: Ubuntu
Long: Ubuntu 20.04 LTS (Focal Fossa)
Classes: INSTALL UBUNTU
Name: Minimalist debian
Description: Minimal debian installation
Short: Simple debian
Long: Simple debian without additional packages
Classes: DEBIAN
Name: Debian Desktop with Cinnamon
Description: Xfce desktop, LVM partitioning
Short: A fancy Xfce desktop will be installed, the user account is demo
Long: This is the Xfce desktop example. Additional account called
demo with password: fai, root password: fai
All needed packages are already on the CD or USB stick.
Classes: INSTALL DEBIAN CINNAMON
Name: Xfce
Description: Xfce desktop, LVM partitioning
Short: A fancy Xfce desktop will be installed, the user account is demo
Long: This is the Xfce desktop example. Additional account called
demo with password: fai, root password: fai
All needed packages are already on the CD or USB stick.
Classes: INSTALL FAIBASE DEBIAN DEMO XORG XFCE LVM
Name: Gnome
Description: Gnome desktop installation
Short: A Gnome desktop, no LVM, You will get an account called demo
Long: This is the Gnome desktop example. Additional account called
demo with password: fai, root password: fai
You should have a fast network connection, because most packages are
downloaded from the internet.
Classes: INSTALL FAIBASE DEBIAN DEMO XORG GNOME
Name: CentOS 8
Description: CentOS 8 with Xfce desktop
Short: A normal Xfce desktop, running CentOS 8
Long: We use the Debian nfsroot for installing the CentOS 8 OS.
You should have a fast network connection, because most packages are
downloaded from the internet.
Classes: INSTALL FAIBASE CENTOS CENTOS8_64 XORG
Name: Ubuntu
Description: Ubuntu 20.04 desktop installation
Short: Unity desktop
Long: We use the Debian nfsroot for installing the Ubuntu OS.
You should have a fast network connection, because most packages are
downloaded from the internet.
Classes: INSTALL FAIBASE DEMO DEBIAN UBUNTU FOCAL FOCAL64 XORG
Name: Inventory
Description: Show hardware info
Short: Show some basic hardware infos
Long: Execute commands for showing hardware info
Classes: INVENTORY
Name: Sysinfo
Description: Show defailed system information
Short: Show detailed hardware and system information
Long: Execute a lot of commands for collecting system information
Classes: SYSINFO

2
roles/fai/files/profiles/debconf/CLOUD Normal file
View File

@ -0,0 +1,2 @@
# Linux command line:
grub-pc grub2/linux_cmdline_default string elevator=noop quiet

9
roles/fai/files/profiles/debconf/DEBIAN Normal file
View File

@ -0,0 +1,9 @@
exim4-config exim4/dc_eximconfig_configtype select local delivery only; not on a network
locales locales/default_environment_locale select de_DE.UTF-8
locales locales/locales_to_be_generated multiselect de_DE.UTF-8 UTF-8
keyboard-configuration keyboard-configuration/modelcode string pc105
keyboard-configuration keyboard-configuration/xkb-keymap select us
keyboard-configuration keyboard-configuration/variant select Deutsch
keyboard-configuration keyboard-configuration/model select Generic 105-key (Intl) PC
keyboard-configuration keyboard-configuration/layoutcode string de
keyboard-configuration keyboard-configuration/optionscode string ctrl:nocaps,terminate:ctrl_alt_bksp

8
roles/fai/files/profiles/debconf/GERMAN Normal file
View File

@ -0,0 +1,8 @@
locales locales/default_environment_locale select de_DE.UTF-8
locales locales/locales_to_be_generated multiselect de_DE.UTF-8 UTF-8
keyboard-configuration keyboard-configuration/modelcode string pc105
keyboard-configuration keyboard-configuration/xkb-keymap select de
keyboard-configuration keyboard-configuration/variant select Germany
keyboard-configuration keyboard-configuration/model select Generic 105-key (Intl) PC
keyboard-configuration keyboard-configuration/layoutcode string de
keyboard-configuration keyboard-configuration/optionscode string ctrl:nocaps,terminate:ctrl_alt_bksp

261
roles/fai/files/profiles/debconf/UBUNTU_DESKTOP Normal file
View File

File diff suppressed because one or more lines are too long

132
roles/fai/files/profiles/debconf/UBUNTU_DESKTOP2 Normal file
View File

File diff suppressed because one or more lines are too long

16
roles/fai/files/profiles/disk_config/CENTOS Normal file
View File

@ -0,0 +1,16 @@
# example of new config file for setup-storage
#
# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
disk_config disk1 disklabel:msdos bootable:1 fstabkey:label
# Note that the CentOS 5 version of GRUB cannot read from ext3 filesystems with inode_size > 128
# CentOS 5.6 needs /boot as ext3, so we use ext3 for /
#primary / 350 ext3 rw,noatime,errors=remount-ro createopts="-L ROOT -I 128"
# use following line for CentOS 7
primary / 4G-50G ext4 rw,noatime,errors=remount-ro createopts="-L ROOT"
logical swap 200-10G swap sw createopts="-L SWAP"
logical /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L HOME -m 1" tuneopts="-c 0 -i 0"

7
roles/fai/files/profiles/disk_config/CLOUD Normal file
View File

@ -0,0 +1,7 @@
# config for a disk image for a VM
#
# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
disk_config disk1 disklabel:msdos bootable:1 fstabkey:uuid align-at:1M
primary / 300- ext4 rw,discard,barrier=0,noatime,errors=remount-ro tuneopts="-c 0 -i 0"

9
roles/fai/files/profiles/disk_config/FAIBASE Normal file
View File

@ -0,0 +1,9 @@
# example of new config file for setup-storage
#
# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
disk_config disk1 disklabel:msdos bootable:1 fstabkey:uuid
primary / 2G-50G ext4 rw,noatime,errors=remount-ro
logical swap 200-10G swap sw
logical /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1" tuneopts="-c 0 -i 0"

10
roles/fai/files/profiles/disk_config/FAIBASE_EFI Normal file
View File

@ -0,0 +1,10 @@
# example of new config file for setup-storage
#
# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
disk_config disk1 disklabel:gpt bootable:1 fstabkey:uuid
primary /boot/efi 512M vfat rw
primary / 2G-50G ext4 rw,noatime,errors=remount-ro
primary swap 200-10G swap sw
primary /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1" tuneopts="-c 0 -i 0"

11
roles/fai/files/profiles/disk_config/FAISERVER Normal file
View File

@ -0,0 +1,11 @@
# config file for an FAI install server
#
# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
disk_config disk1 disklabel:msdos fstabkey:uuid
primary / 2G-15G ext4 rw,noatime,errors=remount-ro
logical swap 200-1000 swap sw
logical /tmp 100-1000 ext4 rw,noatime,nosuid,nodev createopts="-m 0" tuneopts="-c 0 -i 0"
logical /home 100-40% ext4 rw,noatime,nosuid,nodev createopts="-m 1" tuneopts="-c 0 -i 0"
logical /srv 1G-50% ext4 rw,noatime createopts="-m 1" tuneopts="-c 0 -i 0"

12
roles/fai/files/profiles/disk_config/FAISERVER_EFI Normal file
View File

@ -0,0 +1,12 @@
# config file for an FAI install server
#
# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
disk_config disk1 disklabel:gpt fstabkey:uuid
primary /boot/efi 512M vfat rw
primary / 2G-15G ext4 rw,noatime,errors=remount-ro
primary swap 200-1000 swap sw
primary /tmp 100-1000 ext4 rw,noatime,nosuid,nodev createopts="-m 0" tuneopts="-c 0 -i 0"
primary /home 100-40% ext4 rw,noatime,nosuid,nodev createopts="-m 1" tuneopts="-c 0 -i 0"
primary /srv 1G-50% ext4 rw,noatime createopts="-m 1" tuneopts="-c 0 -i 0"

15
roles/fai/files/profiles/disk_config/LVM Normal file
View File

@ -0,0 +1,15 @@
# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
# entire disk with LVM, separate /home
disk_config disk1 fstabkey:uuid align-at:1M
primary /boot 200 ext2 rw,noatime
primary - 4G- - -
disk_config lvm
vg vg1 disk1.2
vg1-root / 3G-50G ext4 noatime,rw
vg1-swap swap 200-4G swap sw
vg1-home /home 600- ext4 noatime,nosuid,nodev,rw

16
roles/fai/files/profiles/disk_config/LVM_EFI Normal file
View File

@ -0,0 +1,16 @@
# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
# entire disk with LVM, separate /home
disk_config disk1 disklabel:gpt fstabkey:uuid align-at:1M
primary /boot/efi 512M vfat rw
primary /boot 200 ext2 rw,noatime
primary - 4G- - -
disk_config lvm
vg vg1 disk1.3
vg1-root / 3G-50G ext4 noatime,rw
vg1-swap swap 200-4G swap sw
vg1-home /home 600- ext4 noatime,nosuid,nodev,rw

5
roles/fai/files/profiles/disk_config/UBUNTU_DESKTOP Normal file
View File

@ -0,0 +1,5 @@
disk_config disk1 disklabel:msdos bootable:1 fstabkey:uuid
primary / 2G-50G ext4 rw,noatime,errors=remount-ro
logical swap 200-10G swap sw
logical /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1" tuneopts="-c 0 -i 0"

6
roles/fai/files/profiles/disk_config/UBUNTU_DESKTOP_EFI Normal file
View File

@ -0,0 +1,6 @@
disk_config disk1 disklabel:gpt bootable:1 fstabkey:uuid
primary /boot/efi 512M vfat rw
primary / 2G-50G ext4 rw,noatime,errors=remount-ro
primary swap 200-10G swap sw
primary /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1" tuneopts="-c 0 -i 0"

12
roles/fai/files/profiles/disk_config/XENIAL Normal file
View File

@ -0,0 +1,12 @@
# example of new config file for setup-storage
#
# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
# this is a copy of FAIBASE, but with metadata_csum disabled.
# Ubuntu XENIAL does not yet suport this option
disk_config disk1 disklabel:msdos bootable:1 fstabkey:uuid
primary / 2G-50G ext4 rw,noatime,errors=remount-ro createopts="-O ^metadata_csum"
logical swap 200-1G swap sw
logical /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1 -O ^metadata_csum" tuneopts="-c 0 -i 0"

13
roles/fai/files/profiles/disk_config/XENIAL_EFI Normal file
View File

@ -0,0 +1,13 @@
# example of new config file for setup-storage
#
# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
# this is a copy of FAIBASE, but with metadata_csum disabled.
# Ubuntu XENIAL does not yet suport this option
disk_config disk1 disklabel:gpt bootable:1 fstabkey:uuid
primary /boot/efi 512M vfat rw
primary / 2G-50G ext4 rw,noatime,errors=remount-ro createopts="-O ^metadata_csum"
primary swap 200-1G swap sw
primary /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1 -O ^metadata_csum" tuneopts="-c 0 -i 0"

5
roles/fai/files/profiles/files/etc/apt/apt.conf.d/force_confdef/DEBIAN Normal file
View File

@ -0,0 +1,5 @@
DPkg {
Options {
"--force-confdef";
}
};

11
roles/fai/files/profiles/files/etc/apt/preferences.d/mint.pref/MINT Normal file
View File

@ -0,0 +1,11 @@
Package: *
Pin: origin live.linuxmint.com
Pin-Priority: 750
Package: *
Pin: release o=linuxmint,c=upstream
Pin-Priority: 700
Package: *
Pin: release o=Ubuntu
Pin-Priority: 500

0
roles/fai/files/profiles/files/etc/apt/sources.list.d/mint.list/MINTDESKTOP Normal file
View File

3
roles/fai/files/profiles/files/etc/apt/sources.list/GNOME Normal file
View File

@ -0,0 +1,3 @@
deb {%apt_cdn%}/debian {%release%} main
deb {%security_cdn%}/debian-security {%release%}/updates main
deb {%apt_cdn%}/debian {%release%}-updates main

BIN
roles/fai/files/profiles/files/etc/apt/trusted.gpg/DEBIAN Normal file
View File

Binary file not shown.

BIN
roles/fai/files/profiles/files/etc/apt/trusted.gpg/DEBIAN_MULTIMEDIA Normal file
View File

Binary file not shown.

BIN
roles/fai/files/profiles/files/etc/apt/trusted.gpg/MINTDESKTOP Normal file
View File

Binary file not shown.

BIN
roles/fai/files/profiles/files/etc/apt/trusted.gpg/UBUNTU Normal file
View File

Binary file not shown.

6
roles/fai/files/profiles/files/etc/default/grub.d/10_cloud_disable_net.ifnames.cfg/CLOUD Normal file
View File

@ -0,0 +1,6 @@
# Disable systemd's network interface name management.
# References:
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863385
# https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/
GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT net.ifnames=0"

32
roles/fai/files/profiles/files/etc/dhcp/dhcpd.conf/FAISERVER Normal file
View File

@ -0,0 +1,32 @@
# dhcpd.conf for a fai installation server
# replace faiserver with the name of your install server
ignore-client-uids on;
deny unknown-clients;
option dhcp-max-message-size 2048;
use-host-decl-names on;
#always-reply-rfc1048 on;
subnet 192.168.33.0 netmask 255.255.255.0 {
option routers 192.168.33.1;
option domain-name "fai.example";
option domain-name-servers 192.168.33.250;
option time-servers faiserver;
# option ntp-servers faiserver;
server-name faiserver;
next-server faiserver;
if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000" {
filename "fai/pxelinux.0";
}
if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007" {
filename "fai/syslinux.efi";
}
allow unknown-clients;
pool {
range 192.168.33.100 192.168.33.150;
}
}
# generate a lot of entries with:
# perl -e 'for (1..10) {printf "host client%02s {hardware ethernet XXX:$_;fixed-address client%02s;}\n",$_,$_;}'
# then replace XXX with the hardware addresses of your clients

8
roles/fai/files/profiles/files/etc/fai/fai.conf/FAISERVER Normal file
View File

@ -0,0 +1,8 @@
# See fai.conf(5) for detailed information.
# Account for saving log files and calling fai-chboot.
LOGUSER=fai
# URL to access the fai config space
# If undefined, use default nfs://<install server>/$FAI_CONFIGDIR
FAI_CONFIG_SRC=nfs://faiserver/srv/fai/config

15
roles/fai/files/profiles/files/etc/fai/nfsroot.conf/FAISERVER Normal file
View File

@ -0,0 +1,15 @@
# For a detailed description see nfsroot.conf(5)
# "<suite> <mirror>" for debootstrap
FAI_DEBOOTSTRAP="buster http://deb.debian.org/debian"
FAI_ROOTPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1'
NFSROOT=/srv/fai/nfsroot
TFTPROOT=/srv/tftp/fai
NFSROOT_HOOKS=/etc/fai/nfsroot-hooks/
FAI_DEBOOTSTRAP_OPTS="--exclude=info"
# Configuration space
FAI_CONFIGDIR=/srv/fai/config
NFSROOT_ETC_HOSTS="192.168.33.250 faiserver"

4
roles/fai/files/profiles/files/etc/motd/FAIBASE Normal file
View File

@ -0,0 +1,4 @@
Plan your installation, and FAI installs your plan.

4
roles/fai/files/profiles/files/etc/netplan/01-network-manager-all.yaml/UBUNTU_DESKTOP Normal file
View File

@ -0,0 +1,4 @@
# NetworkManager should manage all NICs
network:
version: 2
renderer: NetworkManager

8
roles/fai/files/profiles/files/etc/rc.local/CLOUD Executable file
View File

@ -0,0 +1,8 @@
#! /bin/bash
# regenerate ssh_host keys
ls /etc/ssh/ssh_host_* >/dev/null 2>&1
if [ $? -ne 0 ]; then
dpkg-reconfigure -fnoninteractive openssh-server
fi
rm $0

102
roles/fai/files/profiles/files/etc/rc.local/FAISERVER Executable file
View File

@ -0,0 +1,102 @@
#! /bin/bash
# setup script that is only run once at boot time
# set up an FAI install server
NORMAL='\E(B\E[m'
RED='\E[31m'
GREEN='\E[32m'
set -o pipefail
# setup network
nic=$(awk '/iface/ {print $2}' /etc/network/interfaces |egrep -v ^lo)
ifup $nic
# regenerate ssh_host keys
ls /etc/ssh/ssh_host_* > /dev/null
if [ $? -ne 0 ]; then
dpkg-reconfigure -fnoninteractive openssh-server
fi
sleep 8
[ -x /etc/init.d/nscd ] && invoke-rc.d nscd restart
echo "================================="
echo "Setting up the FAI install server"
echo "This will take a few minutes"
echo "================================="
. /etc/fai/fai.conf
. /etc/fai/nfsroot.conf
# copy the simple examples and pimp my config space
if [ ! -d "$FAI_CONFIGDIR/class" ]; then
mkdir -p $FAI_CONFIGDIR
cp -a /usr/share/doc/fai-doc/examples/simple/* $FAI_CONFIGDIR
ainsl /srv/fai/config/class/FAIBASE.var "^LOGUSER=fai"
myip=$(ip addr show up| grep -P -o '(?<=inet )[^/]+' | grep -v 127.0.0.1)
echo "APTPROXY=http://$myip:3142" >> /srv/fai/config/class/DEBIAN.var
fi
# set the LOGUSER, wo we get all the logs from our install clients
ainsl /etc/fai/fai.conf "^LOGUSER=fai"
# make index, then import the packages from the CD mirror
apt-get update >/dev/null
curl -fs 'http://127.0.0.1:3142/acng-report.html?doImport=Start+Import&calcSize=cs&asNeeded=an#bottom' >/dev/null
# setup the FAI server, including creating the nfsroot, use my own proxy
export APTPROXY="http://127.0.0.1:3142"
if [ -f /var/tmp/base.tar.xz ]; then
fai-setup -fvB /var/tmp/base.tar.xz > /var/log/fai/fai-setup.log 2>&1
else
fai-setup -fv > /var/log/fai/fai-setup.log 2>&1
fi
if [ $? -eq 0 ]; then
rm /var/tmp/base.tar.xz
echo ""
echo "================================================"
echo -e "Setting up the FAI server was ${GREEN}successful${NORMAL}"
echo "================================================"
echo ""
sleep 10
else
echo ""
echo "=================================================="
echo -e "${RED}ERROR${NORMAL}: Setting up the FAI install server ${RED}FAILED${NORMAL}!"
echo "Read /var/log/fai/fai-setup.log for more debugging"
echo "=================================================="
echo ""
sleep 10
exit 99
fi
cat <<EOF >> /srv/fai/nfsroot/etc/fai/fai.conf
# use short hostname instead of FQDN
export HOSTNAME=\${HOSTNAME%%.*}
echo \$HOSTNAME > /proc/sys/kernel/hostname
EOF
# create default pxelinux boot configuration
fai-chboot -o default
# create a template for booting the installation
fai-chboot -Iv -f verbose,sshd,createvt,menu -u nfs://faiserver/srv/fai/config buster.tmpl
# Since we do not know the MAC address, our DHCP cannot provide the hostname.
# Therefore we do explicitly set the hostname
fai-chboot -Iv -f verbose,sshd,createvt,menu -u nfs://faiserver/srv/fai/config -k hostname=xfcehost xfcehost
fai-chboot -Iv -f verbose,sshd,createvt,menu -u nfs://faiserver/srv/fai/config -k hostname=demohost demohost
for c in {01..10}; do
fai-chboot -Iv -f verbose,sshd,createvt,menu -u nfs://faiserver/srv/fai/config -k hostname=client$c client$c
done
fai-monitor > /var/log/fai/fai-monitor.log &
# move me away
mv $0 /var/tmp
# create new rc.local for next reboot
echo '#! /bin/bash' > /etc/rc.local
echo 'fai-monitor > /var/log/fai/fai-monitor.log &' >> /etc/rc.local
chmod a+rx /etc/rc.local
exit 0

12
roles/fai/files/profiles/files/etc/selinux/config/CENTOS Normal file
View File

@ -0,0 +1,12 @@
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
# SETLOCALDEFS= Check local definition changes

3
roles/fai/files/profiles/hooks/debconf.CENTOS Executable file
View File

@ -0,0 +1,3 @@
#! /bin/bash
skiptask debconf

45
roles/fai/files/profiles/hooks/debconf.IMAGE Executable file
View File

@ -0,0 +1,45 @@
#! /bin/bash
# hook for installing a file system image (tar file)
# this works for Ubuntu 14.04
#
# Copyright (C) 2015 Thomas Lange, lange@informatik.uni-koeln.de
# I use this tar command to create the image of an already running and configured machine
# tar -cf /tmp/IMAGE.tar --exclude /tmp/\* --exclude /run/\* --exclude /proc/\* --exclude /sys/\* --exclude /dev/\* /
# add --xattrs --selinux --acls if needed (for CentOS 7)
# Then copy this image to /srv/fai/config/basefiles/IMAGE.tar and make sure your client belongs to the class IMAGE
skiptask extrbase debconf repository updatebase instsoft
skiptask configure # do not run the usual configure scripts
# we assume, that the new host will get its hostname and IP via DHCP
# remove old hostname
fgrep -v 127.0.1.1 $target/etc/hosts >> /tmp/fai/hosts
mv /tmp/fai/hosts $target/etc/hosts
rm $target/etc/hostname
#install grub
mount -t proc proc $FAI_ROOT/proc
mount -t sysfs sysfs $FAI_ROOT/sys
mount --bind /dev $FAI_ROOT/dev
if [ -f $target/etc/debian_version ]; then
$ROOTCMD grub-install $BOOT_DEVICE
$ROOTCMD update-grub
fi
if [ -f $target/etc/centos-release ]; then
rm $target/etc/grub2/device.map
$FAI/scripts/CENTOS/40-install-grub
$FAI/scripts/CENTOS/30-mkinitrd
$ROOTCMD fixfiles onboot # this fixes the SELinux security contexts during the first boot
fi
# things that may be adjusted:
#
# MAC address ?? (not needed for Ubuntu, it uses iftab(5)
# /etc/hosts may contain the IP and name of the original host
# /etc/hostname (for Ubuntu just remove it)
# /var/lib/NetworkManager/dhclient-eth0.conf?

25
roles/fai/files/profiles/hooks/instsoft.DEBIAN Executable file
View File

@ -0,0 +1,25 @@
#! /bin/bash
# if package locales will be installed, then install it early, before
# other packages
if [ $FAI_ACTION != "install" -a $FAI_ACTION != "dirinstall" ]; then
exit 0
fi
fcopy -Bi /etc/apt/apt.conf.d/force_confdef
ainsl -a /etc/ucf.conf "^conf_force_conffold=YES"
# in case the locales are already included inside the base file (Ubuntu)
if [ -f $target/usr/sbin/locale-gen ]; then
exit
fi
# if we want to install locales, install them now
install_packages -l 2>/dev/null | egrep -q ' locales|locales '
if [ $? -eq 0 ]; then
if [ X$verbose = X1 ]; then
$ROOTCMD apt-get -y install locales
else
$ROOTCMD apt-get -y install locales > /dev/null
fi
fi

31
roles/fai/files/profiles/hooks/repository.CENTOS Executable file
View File

@ -0,0 +1,31 @@
#! /bin/bash
# (c) Michael Goetze, 2010-2011, mgoetze@mgoetze.net
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
if [ $FAI_ACTION = "install" ]; then
mount -t proc proc $target/proc
mount -t sysfs sysfs $target/sys
[ -L $target/etc/mtab ] || cp /etc/mtab $target/etc/mtab
cat > $target/etc/sysconfig/network <<-EOF
NETWORKING=yes
HOSTNAME=$HOSTNAME.$DOMAIN
EOF
echo "127.0.0.1 localhost" > $target/etc/hosts
ifclass DHCPC || ainsl -s /etc/hosts "$IPADDR $HOSTNAME.$DOMAIN $HOSTNAME"
cp /etc/resolv.conf $target/etc
fi
mkdir $target/dev/pts
mknod -m 000 $target/dev/pts/ptmx c 5 2
fcopy -riv /etc/yum.repos.d/
# disable the fastestmirror plugin
#sed -i -e 's/enabled=1/enabled=0/' $target/etc/yum/pluginconf.d/fastestmirror.conf
skiptask repository
exit $error

223
roles/fai/files/profiles/hooks/savelog.LAST.sh Executable file
View File

@ -0,0 +1,223 @@
#! /bin/bash
# parse all log files for error messages
# print errors and warnings found to error.log
# WARNING: This will only work with english error messages!
errfile=$LOGDIR/error.log
# Define grep patterns. Do not start or end with an empty line!
globalerrorpatterns="error
fail
warn
bad
bad
no space
syntax
Couldn't stat
Cannot access
conflict
is bigger than the limit
did not exist
non existent
not found
couldn't
can't
E: Sorry, broken packages
^E:
operator expected
ambiguous redirect
No previous regular expression
No such
Device or resource busy
unknown option
[a-z]\+\.log:E:
No candidate version found
segfault
Couldn't find any package whose name or description matched
cannot create
The following packages have unmet dependencies"
globalignorepatterns="[a-z]\+\.log:#
Error: Driver 'pcspkr' is already registered, aborting
: bytes packets errors dropped
:+ error=0
:+ trap error=
task_error_func=
STOP_ON_ERROR=
courier-webadmin
plugins-bad
Enabling conf localized-error-pages
ibwebadmin
kernel-patch-badram
kolab-webadmin
kolabadmin
gstreamer.\+-plugins-really-bad
liberrors.so
liberrors-samba
libsamba-errors
gsambad
libad
libtest-nowarnings-perl
libtest-warn-perl
libclass-errorhandler-perl
zope-ploneerrorreporting
libroxen-errormessage
liberror-perl
perl-Error
libgpg-error-dev
libgpg-error0
Opts:.\+errors=remount
[RT]X packets:
WARNING: unexpected IO-APIC
warned about = ( )
daemon.warn
kern.warn
rw,errors=
Expect some cache
no error
failmsg
RPC call returned error 101
deverror.out
(floppy), sector 0
mount version older than kernel
Can't locate module
Warning only .\+MB will be used.
hostname: Host name lookup failure
I can't tell the difference.
warning, not much extra random data, consider using the -rand option
confC._FILE
Warning: 3 database(s) sources
were not found, (but were created)
removing exim
The home dir you specified already exists.
No Rule for /usr/lib/ispell/default.hash.
/usr/sbin/update-fonts-.\+: warning: absolute path
hostname: Unknown server error
EXT2-fs warning: checktime reached
RPC: sendmsg returned error 101
can't print them to stdout. Define these classes
warning: downgrading
suppress emacs errors
echo Error:
Can't open dependencies file
documents in /usr/doc are no longer supported
if you have both a SCSI and an IDE CD-ROM
Warning: /proc/ide/hd?/settings interface is obsolete, and will be removed soon
Monitoring disabled
Error: only one processor found.
Error Recovery Strategy:
sector 0 does not have an
syslogin_perform_logout: logout() returned an error
grub is not in an XFS filesystem.
grub-install: line 374:
grub-probe: error: Cannot open \`/boot/grub/device.map'
is harmless
not updating .\+ font directory data.
register_serial(): autoconfig failed
Fontconfig error: Cannot load default config file
asking for cache data failed
However, I can not read the target:
Warning: The partition table looks like it was made
task_error=0
task_local_error=0
^info: Trying to set
warning: /usr/lib/X11/fonts
can't read /etc/udev/rules.d/z25_persistent-net.rules
/cow': No such file or directory
Dummy start-stop-daemon called
X: bytes packets errors
ACPI Error
ACPI Warning
AE_NOT_FOUND
conflicts with ACPI region
cannot stat \`/etc/modprobe.d/\*.conf'
cdrom: open failed.
libgpg-error
process \`kudzu' used the deprecated sysctl system call
PM: Resume from disk failed
JBD: barrier-based sync failed
aufs: module is from the staging directory, the quality is unknown
warning: linuxlogo stop runlevel arguments (none) do not match
insserv: warning: script .\+ missing LSB tags and overrides
live-premount.\+ If this fails
cannot read table of mounted file systems
error: no alternatives for
ERST: Error Record Serialization Table (ERST) support is initialized
ERST: Table is not found
HEST: Table not found
failed to stat /dev/pts
Failed to connect to socket /var/run/dbus/system_bus_socket
fail to add MMCONFIG information
can't initialize iptables table
can't initialize ip6tables table
Authentication warning overridden
41-warning.sh
PCCT header not found
Download is performed unsandboxed as root as file
update-alternatives: warning: skip creation of
loop: module verification failed: signature
Warning: apt-key output should not be parsed
WARNING: Failed to connect to lvmetad. Falling back to device scanning
Warning: The home dir /var/lib/usbmux you specified
diff: /var/lib/apparmor/profiles/.apparmor.md5sums: No such file or directory
error reporting disabled
Enabling Firmware First mode for corrected errors
errors: 0
0 errors
Memory Error Correction:
Memory Controller 0 - Channel . Error
IIO RAS/Control Status/Global Errors
RAS: Correctable Errors collector initialized
__stack_chk_fail
grub.cfg.new: Directory nonexistent
can't derive routing for PCI INT A
failed to load isci/isci_firmware.bin
Direct firmware load for isci/isci_firmware.bin failed with error
Loading user firmware failed, using default values
stunnel4 you specified can't be accessed: No such file or directory
install-docs --verbose --check file_name' may give more details about the above errors
cannot open '/etc/ssl/certs/java/cacerts' for reading: No such file or directory
can't claim BAR
disabling ASPM
data block query control method not found
subprocess.py.\+RuntimeWarning: line buffering
Resource conflict.\+ found
update-rc.d: warning: start and stop actions are no longer supported"
# add pattern on some conditions
if [ -n $FAI_ALLOW_UNSIGNED ] ; then
globalignorepatterns="$globalignorepatterns
WARNING: untrusted versions
WARNING: The following packages cannot be authenticated
Ignoring these trust violations"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Here you can define your own patterns. Put one pattern in a line,
# do not create empty lines.
myerrorpatterns="X_X-X_XX"
myignorepatterns="X_X-X_XX"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# The main routine
errorpatterns="$globalerrorpatterns
$myerrorpatterns"
ignorepatterns="$globalignorepatterns
$myignorepatterns"
cd $LOGDIR || exit 3
if [ -s $errfile ]; then
echo "Errorfile already exists. Aborting." >&2
exit
fi
grep -i "$errorpatterns" *.log | grep -vi "$ignorepatterns" > $errfile
if [ X$verbose = X1 ]; then
egrep -v '^software.log:' $errfile > $LOGDIR/tempfile
mv $LOGDIR/tempfile $errfile
fi
if [ -s $errfile ]; then
echo "ERRORS found in log files. See $errfile" >&2
else
echo "Congratulations! No errors found in log files."
fi

7
roles/fai/files/profiles/hooks/setup.DEFAULT.sh Executable file
View File

@ -0,0 +1,7 @@
#! /bin/bash
# use short hostname instead of FQDN
export HOSTNAME=${HOSTNAME%%.*}
if [ $do_init_tasks -eq 1 ]; then
echo $HOSTNAME > /proc/sys/kernel/hostname
fi

25
roles/fai/files/profiles/hooks/updatebase.CENTOS Executable file
View File

@ -0,0 +1,25 @@
#! /bin/bash
if [ ! -f $target/etc/resolv.conf ]; then
cp /etc/resolv.conf $target/etc
fi
if [ X$verbose = X1 ]; then
echo "Updating base"
$ROOTCMD yum -y update |& tee -a $LOGDIR/software.log
else
$ROOTCMD yum -y update >> $LOGDIR/software.log
fi
$ROOTCMD systemd-machine-id-setup
cat > $target/etc/sysconfig/kernel <<EOF
# UPDATEDEFAULT specifies if new-kernel-pkg should make
# new kernels the default
UPDATEDEFAULT=yes
# DEFAULTKERNEL specifies the default kernel package type
DEFAULTKERNEL=kernel-core
EOF
skiptask updatebase

14
roles/fai/files/profiles/hooks/updatebase.DEBIAN Executable file
View File

@ -0,0 +1,14 @@
#! /bin/bash
if [ -n "$APTPROXY" ]; then
echo "Acquire::http::Proxy \"$APTPROXY\";" > $target/etc/apt/apt.conf.d/02proxy
else
rm -f $target/etc/apt/apt.conf.d/02proxy
fi
echo force-unsafe-io > $target/etc/dpkg/dpkg.cfg.d/unsafe-io
# you may want to add i386 arch to amd64 hosts
# if ifclass AMD64; then
# $ROOTCMD dpkg --add-architecture i386
# fi

30
roles/fai/files/profiles/hooks/updatebase.UBUNTU Executable file
View File

@ -0,0 +1,30 @@
#! /bin/bash
# use external mirror, remove this script when using a mirror from CD
cat <<EOM > $target/etc/apt/sources.list
# external mirror
deb $ubuntumirror/ubuntu $ubuntudist main restricted universe multiverse
deb $ubuntumirror/ubuntu $ubuntudist-updates main restricted universe multiverse
deb $ubuntumirror/ubuntu $ubuntudist-security main restricted universe multiverse
EOM
# https://lists.uni-koeln.de/pipermail/linux-fai/2016-July/011398.html
# In Ubuntu 16.04 (but not 14.04), the locales configuration mechanism has
# changed. There is a /var/lib/dpkg/info/locales.config file, which
# overrides /var/lib/dpkg/info/locales.postinst and consults
# /var/lib/locales/supported.d/local instead of the debconf system. (See
# the code in /usr/share/debconf/frontend that prefers locales.config.) This
# hook applies the debconf setting. It must run after FAI's debconf task
# but before dpkg gets a chance to clobber debconf with an empty setting.
if [ ! -f "$target/var/lib/locales/supported.d/local" ]; then
$ROOTCMD debconf --owner=locales sh -c '
. /usr/share/debconf/confmodule
db_version 2.0
db_get locales/locales_to_be_generated &&
mkdir -p /var/lib/locales/supported.d &&
echo "$RET" > /var/lib/locales/supported.d/local' &&
$ROOTCMD dpkg-reconfigure locales
fi

30
roles/fai/files/profiles/package_config/CENTOS Normal file
View File

@ -0,0 +1,30 @@
PACKAGES dnfgroup
core
minimal-environment
#server-product-environment
#headless-management
PACKAGES dnfgroup XORG
graphical-server-environment
workstation-product-environment
PACKAGES dnfi
NetworkManager
chrony
kernel
dracut
grub2-pc
# CentOS 7
less
openssh
openssh-clients
openssh-server
vim-enhanced
man
curl
unzip
which
ncurses ncurses-base
PACKAGES dnfi LVM
lvm2

10
roles/fai/files/profiles/package_config/CINNAMON Normal file
View File

@ -0,0 +1,10 @@
PACKAGES install DEBIAN
task-cinnamon-desktop
network-manager
network-manager-applet
network-manager-config-connectivity-debian
network-manager-gnome
PACKAGES install UBUNTU
cinnamon-desktop-environment
network-manager

56
roles/fai/files/profiles/package_config/DEBIAN Normal file
View File

@ -0,0 +1,56 @@
PACKAGES install-norec
apt-transport-https # is only needed for stretch
debconf-utils
file
less
linuxlogo
rsync
openssh-client openssh-server
time
procinfo
nullmailer
eject
locales
console-setup kbd
pciutils usbutils
unattended-upgrades
PACKAGES install NONFREE
# you may want these non-free kernel drivers
firmware-bnx2 firmware-bnx2x firmware-realtek
firmware-linux-nonfree
PACKAGES install I386
linux-image-686-pae
memtest86+
PACKAGES install CHROOT
linux-image-686-pae-
linux-image-amd64-
PACKAGES install AMD64
linux-image-amd64
memtest86+
PACKAGES install ARM64
grub-efi-arm64
linux-image-arm64
PACKAGES install GRUB_PC
grub-pc
PACKAGES install GRUB_EFI
grub-efi
PACKAGES install LVM
lvm2
PACKAGES install CLOUD
unattended-upgrades
PACKAGE install-norec CINNAMON
task-cinnamon-desktop
task-desktop
PACKAGE install-norec GERMAN
task-german

BIN
roles/fai/files/profiles/package_config/DEBIAN.gpg Normal file
View File

Binary file not shown.

13
roles/fai/files/profiles/package_config/FAISERVER Normal file
View File

@ -0,0 +1,13 @@
PACKAGES install-norec
fai-quickstart
debmirror tcpdump
xorriso grub-pc
lftp curl
netselect
syslinux-common pxelinux
apt-cacher-ng
nscd psmisc
bind9 dnsutils
iptables-persistent
zile

5
roles/fai/files/profiles/package_config/GERMAN Normal file
View File

@ -0,0 +1,5 @@
PACKAGES install
task-german
PACKAGES install GNOME
firefox-esr-l10n-de thunderbird-l10n-de

9
roles/fai/files/profiles/package_config/GNOME Normal file
View File

@ -0,0 +1,9 @@
PACKAGES install-norec
firefox-esr
#thunderbird
menu gdm3
gnome-core
gconf-editor
gnome-screensaver gnome-system-monitor gnome-system-tools
network-manager-gnome

7
roles/fai/files/profiles/package_config/MINT Normal file
View File

@ -0,0 +1,7 @@
PACKAGES install-norec DESKTOP
linuxmint-keyring
mint-info-cinnamon
mint-info
mint-meta-cinnamon
mint-meta-core
mint-meta-codecs

34
roles/fai/files/profiles/package_config/STANDARD Normal file
View File

@ -0,0 +1,34 @@
PACKAGES install-norec
# the list of standard packages, without any libs and a few packages removed
apt-listchanges
bash-completion
bind9-host
dbus
dnsutils
doc-debian
file
gettext-base
groff-base
hdparm
less
locales
lsof
man-db
manpages
mime-support
ncurses-term
netcat-traditional
openssh-client
pciutils
perl
python
python-minimal
python3
python3-minimal
reportbug
telnet
traceroute
ucf
xz-utils
vim

22
roles/fai/files/profiles/package_config/UBUNTU Normal file
View File

@ -0,0 +1,22 @@
PACKAGES install I386
python
python-minimal
linux-image-generic
memtest86+
PACKAGES install CHROOT
linux-image-generic-
PACKAGES install AMD64
linux-image-generic
memtest86+
PACKAGES install GRUB_PC
grub-pc
PACKAGES install GRUB_EFI
grub-efi
PACKAGES install
ubuntu-minimal
unattended-upgrades

10
roles/fai/files/profiles/package_config/UBUNTU_DESKTOP Normal file
View File

@ -0,0 +1,10 @@
PACKAGES install-norec
ubuntu-desktop
PACKAGES install-norec GERMAN
language-pack-gnome-de
thunderbird-locale-de
firefox-locale-de
libreoffice-l10n-de
libreoffice-help-de
gimp-help-de

6
roles/fai/files/profiles/package_config/XFCE Normal file
View File

@ -0,0 +1,6 @@
PACKAGES install-norec
xfce4 # base system
xfce4-goodies # additional tools
lightdm
firefox-esr
network-manager-gnome

12
roles/fai/files/profiles/package_config/XORG Normal file
View File

@ -0,0 +1,12 @@
PACKAGES install-norec DEBIAN
xorg xserver-xorg-video-all xserver-xorg-input-all
fonts-freefont-ttf
xscreensaver
xscreensaver-gl
xterm
desktop-base
PACKAGES install UBUNTU
ubuntu-server-
ubuntu-standard
ubuntu-desktop

14
roles/fai/files/profiles/scripts/CENTOS/10-security Executable file
View File

@ -0,0 +1,14 @@
#! /bin/bash
# (c) Michael Goetze, 2010-11, mgoetze@mgoetze.net
# Thomas Lange, 2015-2020
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
$ROOTCMD usermod -p $ROOTPW root
fcopy -v /etc/selinux/config
$ROOTCMD fixfiles onboot # this fixes the SELinux security contexts during the first boot
chmod a+rx $target
exit $error

25
roles/fai/files/profiles/scripts/CENTOS/30-mkinitrd Executable file
View File

@ -0,0 +1,25 @@
#! /bin/bash
# (c) Michael Goetze, 2010-2011, mgoetze@mgoetze.net
# (c) Thomas Lange, 2011, Uni Koeln
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
ainsl -v /etc/fstab "proc /proc proc defaults 0 0"
ainsl -v /etc/fstab "sysfs /sys sysfs auto 0 0"
version=`$ROOTCMD rpm -qv kernel | cut -d- -f2-`
if [ -f $target/etc/lvm/lvm.conf ]; then
sed -i -e 's/use_lvmetad = 1/use_lvmetad = 0/' $target/etc/lvm/lvm.conf
ainsl -av /etc/dracut.conf.d/fai.conf 'add_dracutmodules+=" lvm "'
fi
# add filesystem driver into initrd
ainsl -av /etc/dracut.conf.d/fai.conf 'filesystems+="ext4"'
$ROOTCMD dracut -v --kver $version --force
exit $error

96
roles/fai/files/profiles/scripts/CENTOS/40-install-grub Executable file
View File

@ -0,0 +1,96 @@
#! /bin/bash
# (c) Michael Goetze, 2011, mgoetze@mgoetze.net
# (c) Thomas Lange 2014
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
if [ -r $LOGDIR/disk_var.sh ] ; then
. $LOGDIR/disk_var.sh
else
echo "disk_var.sh not found!"
exit 1
fi
# CentOS 7 does not have a device.map file, so generate one
if [ -d $target/boot/grub2 -a ! -f $target/boot/grub2/device.map ]; then
echo "# Generated by FAI" >> $target/boot/grub2/device.map
centosdisks=$(awk '/[sv]d.$/ {print $4}' /proc/partitions | sort)
dcount=0
for d in $centosdisks; do
echo "(hd$dcount) /dev/$d" >> $target/boot/grub2/device.map
dcount=$((dcount + 1))
done
fi
bootdev=`device2grub $BOOT_DEVICE`
bootpart=`device2grub $BOOT_PARTITION`
version=`$ROOTCMD rpm -qv kernel | cut -d- -f2-`
if grep '[[:space:]]/boot[[:space:]]' $LOGDIR/fstab; then
bootdir=''
else
bootdir='/boot'
fi
mount -o bind /dev $target/dev
if [ -f $target/usr/sbin/grub2-install ]; then
# CentOS 7
$ROOTCMD grub2-install --no-floppy "$BOOT_DEVICE"
$ROOTCMD grub2-mkconfig --output=/boot/grub2/grub.cfg
else
$ROOTCMD grub-install --just-copy
$ROOTCMD grub --device-map=/dev/null --no-floppy --batch <<-EOF
device $bootdev $BOOT_DEVICE
root $bootpart
setup $bootdev
quit
EOF
ln -s ./menu.lst $target/boot/grub/grub.conf
if [ -f $target/boot/grub/splash.xpm.gz ]; then
pretty="splashimage=$bootpart$bootdir/grub/splash.xpm.gz"
else
pretty="color cyan/blue white/blue"
fi
if [ -f $target/sbin/dracut -o -f $target/usr/sbin/dracut ]; then
# CentOS 6
iname=initramfs
else
# CentOS 5
iname=initrd
fi
title=`head -1 $target/etc/redhat-release`
cat > $target/boot/grub/grub.conf <<-EOF
timeout 5
default 0
$pretty
hiddenmenu
title $title
root $bootpart
kernel $bootdir/vmlinuz-$version root=$ROOT_PARTITION ro
initrd $bootdir/$iname-$version.img
EOF
fi
umount $target/dev
echo ""
echo "Grub installed on $BOOT_DEVICE = $bootdev"
echo "Grub boot partition is $BOOT_PARTITION = $bootpart"
echo "Root partition is $ROOT_PARTITION"
echo "Boot kernel: $version"
exit $error

29
roles/fai/files/profiles/scripts/CENTOS/50-sysconfig Executable file
View File

@ -0,0 +1,29 @@
#! /bin/bash
# (c) Michael Goetze, 2011, mgoetze@mgoetze.net
error=0 ; trap "error=$((error|1))" ERR
cat > $target/etc/sysconfig/clock <<-EOF
UTC=$UTC
ZONE=$TIMEZONE
EOF
cat > $target/etc/sysconfig/i18n <<-EOF
LANG="$DEFAULTLOCALE"
SUPPORTED="$SUPPORTEDLOCALE"
SYSFONT="$CONSOLEFONT"
EOF
cat > $target/etc/sysconfig/keyboard <<-EOF
KEYBOARDTYPE="pc"
KEYTABLE="$KEYMAP"
EOF
if [ -f $target/usr/lib/locale/locale-archive.tmpl \
-a ! -s $target/usr/lib/locale/locale-archive ]; then
mv $target/usr/lib/locale/locale-archive.tmpl $target/usr/lib/locale/locale-archive
fi
fcopy -iv /etc/sysconfig/i18n /etc/sysconfig/keyboard
exit $error

40
roles/fai/files/profiles/scripts/CENTOS/60-network-scripts Executable file
View File

@ -0,0 +1,40 @@
#! /bin/bash
error=0 ; trap "error=$((error|1))" ERR
# determine predictable network names
fields="ID_NET_NAME_FROM_DATABASE ID_NET_NAME_ONBOARD ID_NET_NAME_SLOT ID_NET_NAME_PATH"
for field in $fields; do
name=$(udevadm info /sys/class/net/$NIC1 | sed -rn "s/^E: $field=(.+)/\1/p")
if [[ $name ]]; then
NIC1=$name
break
fi
done
if [[ ! $name ]]; then
echo "$0: error: could not find systemd predictable network name. Using $NIC1."
fi
if [ $FAI_ACTION != "softupdate" ] && ifclass DHCPC; then
cat > $target/etc/sysconfig/network-scripts/ifcfg-$NIC1 <<-EOF
# generated by FAI
TYPE=Ethernet
PROXY_METHOD=none
BOOTPROTO=dhcp
DEFROUTE=yes
BROWSER_ONLY=no
IP4_FAILURE_FATAL=no
IPV6INIT=no
IPV6_AUTOCONF=no
NAME=$NIC1
DEVICE=$NIC1
ONBOOT=yes
EOF
fi
fcopy -iv /etc/sysconfig/network /etc/resolv.conf /etc/networks
fcopy -ivr /etc/sysconfig/network-scripts
exit $error

21
roles/fai/files/profiles/scripts/CENTOS/80-misc Executable file
View File

@ -0,0 +1,21 @@
#! /bin/bash
error=0 ; trap "error=$((error|1))" ERR
# add a $username user account
if [ -n "$username" ]; then
if ! $ROOTCMD getent passwd $username ; then
$ROOTCMD adduser -c "$username user" $username
$ROOTCMD usermod -p "$USERPW" $username
fi
fi
# enable graphical login screen, make run level 5 as default
if [ -f $target/usr/sbin/gdm ]; then
sed -i -e 's/id:3:initdefault:/id:5:initdefault:/' $target/etc/inittab
# do not run this tool
echo "RUN_FIRSTBOOT=NO" > $target/etc/sysconfig/firstboot
fi
exit $error

3
roles/fai/files/profiles/scripts/CENTOS/90-cleanup Executable file
View File

@ -0,0 +1,3 @@
#! /bin/bash
$ROOTCMD yum clean all

11
roles/fai/files/profiles/scripts/CLOUD/10-network Executable file
View File

@ -0,0 +1,11 @@
#!/bin/bash
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
# Disable systemd's network interface name management.
# References:
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863385
# https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/
fcopy -M /etc/default/grub.d/10_cloud_disable_net.ifnames.cfg
$ROOTCMD update-grub

27
roles/fai/files/profiles/scripts/CLOUD/99-cleanup Executable file
View File

@ -0,0 +1,27 @@
#! /bin/bash
fcopy /etc/init.d/expand-root
if [ -f $target/files/etc/init.d/expand-root ]; then
$ROOTCMD insserv --default expand-root
fi
sed -i "s/PermitRootLogin yes/PermitRootLogin without-password/" $target/etc/ssh/sshd_config
ainsl /etc/ssh/sshd_config 'ClientAliveInterval 120'
ainsl -a /etc/modprobe.d/blacklist.conf 'blacklist pcspkr'
ainsl -a /etc/modprobe.d/blacklist.conf 'blacklist floppy'
rm -f $target/etc/resolv.conf \
$target/etc/udev/rules.d/70-persistent-net.rules \
$target/lib/udev/write_net_rules \
$target/etc/mailname \
$target/var/lib/dbus/machine-id
> $target/etc/machine-id
shred --remove $target/etc/ssh/ssh_host_*
# FIXME: DHCP RFC3442 is used incorrect in Azure
if [ -f $target/etc/dhcp/dhclient.conf ]; then
sed -ie 's,rfc3442-classless-static-routes,disabled-\0,' $target/etc/dhcp/dhclient.conf
fi

15
roles/fai/files/profiles/scripts/DEBIAN/10-rootpw Executable file
View File

@ -0,0 +1,15 @@
#! /bin/bash
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
# set root password
if [ -n "$ROOTPW" ]; then
$ROOTCMD usermod -p "$ROOTPW" root
else
$ROOTCMD usermod -L root
# enable sudo for user
ainsl /etc/sudoers "$username ALL = ALL"
fi
exit $error

22
roles/fai/files/profiles/scripts/DEBIAN/20-capabilities Executable file
View File

@ -0,0 +1,22 @@
#!/bin/bash
#
# Capabilities get lost when creating the fai base.tar.xz image.
# Restore them here.
#
set -e
if [ ! -x $target/sbin/setcap ] ; then
exit 0
fi
for FILE in /bin/ping /bin/ping6 /usr/bin/fping /usr/bin/fping6; do
if [ -x $target/$FILE -a ! -h $target/$FILE ] ; then
if $ROOTCMD /sbin/setcap cap_net_raw+ep $FILE; then
echo "Setcap worked! $FILE is not suid!"
fi
fi
done
if [ -x $target/usr/bin/systemd-detect-virt ] ; then
$ROOTCMD /sbin/setcap cap_dac_override,cap_sys_ptrace+ep /usr/bin/systemd-detect-virt
fi

125
roles/fai/files/profiles/scripts/DEBIAN/30-interface Executable file
View File

@ -0,0 +1,125 @@
#! /bin/bash
netplan_yaml() {
# network configuration using ubuntu's netplan.io
local IFNAME="$1"
local METHOD="$2"
echo "Generating netplan configuration for $IFNAME ($METHOD)" >&2
echo "# generated by FAI"
echo "network:"
echo " version: 2"
echo " renderer: $RENDERER"
case "$RENDERER" in
networkd)
echo " ethernets:"
echo " $IFNAME:"
case "$METHOD" in
dhcp)
echo " dhcp4: true"
;;
static)
echo " addresses: [$CIDR]"
echo " gateway4: $GATEWAYS_1"
echo " nameservers:"
echo " search: [$DOMAIN]"
echo " addresses: [${DNSSRVS// /, }]"
;;
esac
esac
}
iface_stanza() {
# classic network configuration using /etc/network/interfaces
local IFNAME="$1"
local METHOD="$2"
echo "Generating interface configuration for $IFNAME ($METHOD)" >&2
echo "# generated by FAI"
echo "auto $IFNAME"
echo "iface $IFNAME inet $METHOD"
case "$METHOD" in
static)
echo " address $IPADDR"
echo " netmask $NETMASK"
echo " broadcast $BROADCAST"
echo " gateway $GATEWAYS"
;;
esac
}
newnicnames() {
# determine predictable network names only for stretch and above
local name
[ $do_init_tasks -eq 0 ] && return
[ -z "$NIC1" ] && return
ver=$($ROOTCMD dpkg-query --showformat='${Version}' --show udev)
if dpkg --compare-versions $ver lt 220-7; then
return
fi
fields="ID_NET_NAME_FROM_DATABASE ID_NET_NAME_ONBOARD ID_NET_NAME_SLOT ID_NET_NAME_PATH"
for field in $fields; do
name=$(udevadm info /sys/class/net/$NIC1 | sed -rn "s/^E: $field=(.+)/\1/p")
if [[ $name ]]; then
NIC1=$name
return
fi
done
# try to get altname net dev
name=$(ip link show $NIC1 | awk '/altname / { print $2 }')
if [[ $name ]]; then
NIC1=$name
return
else
echo "$0: error: could not find systemd predictable network name. Using $NIC1."
fi
}
if [ -z "$NIC1" ]; then
echo "WARNING: \$NIC1 is not defined. Cannot add ethernet to /etc/network/interfaces."
fi
CIDR=$(ip -o -f inet addr show $NIC1 | awk '{print $4}')
newnicnames
case "$FAI_ACTION" in
install|dirinstall)
ifclass DHCPC && METHOD=dhcp || METHOD=static
ifclass XORG && RENDERER=NetworkManager || RENDERER=networkd
if [ -d $target/etc/netplan ]; then
# Ubuntu >= 17.10 with netplan.io
if [ -n "$NIC1" ]; then
netplan_yaml $NIC1 $METHOD > $target/etc/netplan/01-${NIC1}.yaml
fi
elif [ -d $target/etc/network/interfaces.d ]; then
# ifupdown >= 0.7.41 (Debian >= 8, Ubuntu >= 14.04)
iface_stanza lo loopback > $target/etc/network/interfaces.d/lo
if [ -n "$NIC1" -a ! -f $target/etc/NetworkManager/NetworkManager.conf ]; then
iface_stanza $NIC1 $METHOD > $target/etc/network/interfaces.d/$NIC1
fi
else
(
iface_stanza lo loopback
iface_stanza $NIC1 $METHOD
) > $target/etc/network/interfaces
fi
if ! ifclass DHCPC ; then
[ -n "$NETWORK" ] && echo "localnet $NETWORK" > $target/etc/networks
if [ ! -L $target/etc/resolv.conf -a -e /etc/resolv.conf ]; then
cp -p /etc/resolv.conf $target/etc
fi
fi
;;
esac
# here fcopy is mostly used, when installing a client for running in a
# different subnet than during the installation
fcopy -iM /etc/resolv.conf
fcopy -iM /etc/network/interfaces /etc/networks
exit $error

51
roles/fai/files/profiles/scripts/DEBIAN/40-misc Executable file
View File

@ -0,0 +1,51 @@
#! /bin/bash
# (c) Thomas Lange, 2001-2016, lange@debian.org
# (c) Michael Goetze, 2010-2011, mgoetze@mgoetze.net
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
# a list of modules which are loaded at boot time
for module in $MODULESLIST; do
ainsl -a /etc/modules "^$module$"
done
fcopy -Mv /etc/hostname || echo $HOSTNAME > $target/etc/hostname
ainsl -a /etc/mailname ${HOSTNAME}
if [ ! -e $target/etc/adjtime ]; then
printf "0.0 0 0.0\n0\nUTC\n" > $target/etc/adjtime
fi
if [ "$UTC" = "yes" ]; then
sed -i -e 's:^LOCAL$:UTC:' $target/etc/adjtime
else
sed -i -e 's:^UTC$:LOCAL:' $target/etc/adjtime
fi
# enable linuxlogo
if [ -f $target/etc/inittab ]; then
sed -i -e 's#/sbin/getty 38400#/sbin/getty -f /etc/issue.linuxlogo 38400#' ${target}/etc/inittab
elif [ -f $target/lib/systemd/system/getty@.service ]; then
sed -i -e 's#sbin/agetty --noclear#sbin/agetty -f /etc/issue.linuxlogo --noclear#' $target/lib/systemd/system/getty@.service
fi
# make sure a machine-id exists
if [ ! -f $target/etc/machine-id ]; then
> $target/etc/machine-id
fi
# recreate machine-id if the file is empty
if [ X"$(stat -c '%s' $target/etc/machine-id 2>/dev/null)" = X0 -a -f $target/bin/systemd-machine-id-setup ]; then
$ROOTCMD systemd-machine-id-setup
fi
ln -fs /proc/mounts $target/etc/mtab
rm -f $target/etc/dpkg/dpkg.cfg.d/fai $target/etc/dpkg/dpkg.cfg.d/unsafe-io
if [ -d /etc/fai ]; then
if ! fcopy -Mv /etc/fai/fai.conf; then
ainsl -a /etc/fai/fai.conf "FAI_CONFIG_SRC=$FAI_CONFIG_SRC"
fi
fi
fcopy -iv /etc/rc.local
exit $error

Some files were not shown because too many files have changed in this diff Show More