From 07962ffa88560727b6d78f7a2bf1df00969f39ec Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Fri, 26 Apr 2019 15:21:05 -0500
Subject: [PATCH] Add kickstart for vmhost1

---
 vmhost1.ks | 108 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 108 insertions(+)
 create mode 100644 vmhost1.ks

diff --git a/vmhost1.ks b/vmhost1.ks
new file mode 100644
index 0000000..563d566
--- /dev/null
+++ b/vmhost1.ks
@@ -0,0 +1,108 @@
+# vim: set ft=sh :
+
+text
+install
+url --url http://www.nic.funet.fi/pub/mirrors/fedora.redhat.com/pub/fedora/linux/releases/28/Everything/x86_64/os/
+repo --name=updates --baseurl=http://www.nic.funet.fi/pub/mirrors/fedora.redhat.com/pub/fedora/linux/updates/28/Everything/x86_64/
+repo --name=dustin --baseurl=http://rosalina.pyrocufflink.blue/~dustin/repo
+lang en_US.UTF-8
+keyboard us
+timezone --utc UTC
+rootpw --lock
+reboot
+
+bootloader --location mbr --append "console=ttyS0,115200 quiet systemd.show_status=1"
+clearpart --all --initlabel
+reqpart
+part /boot --fstype xfs --mkfsoptions "-m crc=0" --size=200
+part pv.01 --fstype lvmpv --size=46180 --grow
+volgroup vmhost1 pv.01
+logvol / --fstype xfs --name=root --vgname=vmhost1 --size=3072
+logvol /home --fstype xfs --name=home --vgname=vmhost1 --size=100
+logvol /var --fstype xfs --name=var --vgname=vmhost1 --size=8192
+logvol /var/log --fstype xfs --name=var_log --vgname=vmhost1 --size=2048
+logvol swap --fstype swap --name=swap --vgname=vmhost1 --size=32768 --grow
+
+%packages --excludeWeakdeps --excludedocs
+-NetworkManager
+-authconfig
+-dhcp-client
+-dnf-plugins-core
+-dnf-yum
+-dracut-config-rescue
+-e2fsprogs
+-initscripts
+-iputils
+-kbd
+-man-db
+-openssh-clients
+-parted
+-plymouth
+-sssd-common
+-sssd-kcm
+-vim-minimal
+chrony
+cracklib-dicts
+dhcpcd
+dhcpcd-local-selinux
+dnf
+dnf-command(system-upgrade)
+libselinux-python3
+openssh-server
+policycoreutils-python3
+selinux-policy-targeted
+%end
+
+services --enabled dhcpcd
+
+%addon com_redhat_kdump --disable
+%end
+
+%post --erroronfail
+echo vmhost1.pyrocufflink.blue > /etc/hostname
+
+echo 'install_weak_deps=0' >> /etc/dnf/dnf.conf
+echo 'deltarpm=0' >> /etc/dnf/dnf.conf
+echo '%_excludedocs 1' >> /etc/rpm/macros
+
+systemctl mask systemd-journald-audit.socket
+
+install -m700 -d /root/.ssh
+cat >> /root/.ssh/authorized_keys <<EOF
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJsL5fSylmiJmBtW0DH/viAAmtU2E/2M17GPvysiyRs+ dustin@rosalina
+EOF
+
+# Configure GRUB2 to display the menu on the serial console
+cat >> /etc/default/grub <<EOF
+GRUB_TERMINAL="serial"
+GRUB_SERIAL_COMMAND="serial --speed=115200"
+EOF
+grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
+
+rm -rf /etc/sysconfig/network-scripts /etc/sysconfig/network
+
+# Avoid "libudev: received NULL device" log spam from dhcpcd
+echo nodev >> /etc/dhcpcd.conf
+# Although dhcpcd.conf(5) claims the default value for `fqdn` is `both`, this
+# does not appear to be the case, at least in v6.11.3.
+echo fqdn both >> /etc/dhcpcd.conf
+
+# Generate SSH host keys before first boot, since / will be read-only then
+/usr/libexec/openssh/sshd-keygen ecdsa
+/usr/libexec/openssh/sshd-keygen ed25519
+/usr/libexec/openssh/sshd-keygen rsa
+
+# Additional read-only root filesystem compatibility hacks
+ln -sf /var/lib/dhcpcd/dhcpcd.duid /etc/dhcpcd.duid
+ln -sf /var/lib/dhcpcd/dhcpcd.secret /etc/dhcpcd.secret
+ln -sf /etc/sysconfig/networking/resolv.conf /etc/resolv.conf
+mkdir -p /etc/sysconfig/networking
+chcon system_u:object_r:net_conf_t:s0 /etc/sysconfig/networking
+cat >> /etc/fstab <<EOF
+tmpfs /etc/sysconfig/networking tmpfs size=1M,mode=0755,context=system_u:object_r:net_conf_t:s0 0 0
+EOF
+
+# Enable read-only rootfs. This cannot be done with part/logvol, as that would
+# make Anaconda mount it read-only befor the installation starts.
+sed -i -r '/\S+\s+\/\s+/s/defaults/ro/' /etc/fstab
+%end