michael/packer-templates
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
packer-templates/centos7/ks.cfg
Michael Trip 6cb709bc3a first commit
2023-01-16 21:44:18 +01:00

97 lines
No EOL
2 KiB
INI
Raw Blame History

# based on work by Jeff Geerling - https://github.com/geerlingguy/packer-boxes/blob/master/centos7/http/ks.cfg
install
cdrom
lang en_US.UTF-8
keyboard us
network --bootproto=dhcp
rootpw Packer
firewall --disabled
selinux --permissive
timezone UTC
bootloader --location=mbr
text
skipx
zerombr
clearpart --all --initlabel
# systems will often run better with a bit of swap
part / --fstype xfs --grow --size=6144
part swap --fstype swap --size=512
auth --enableshadow --passalgo=sha512 --kickstart
firstboot --disabled
eula --agreed
services --enabled=NetworkManager,sshd
reboot
%packages --ignoremissing --excludedocs
@Core
openssh-clients
openssh-server
sudo
net-tools
curl
# unnecessary firmware
-aic94xx-firmware
-atmel-firmware
-b43-openfwwf
-bfa-firmware
-ipw2100-firmware
-ipw2200-firmware
-ivtv-firmware
-iwl100-firmware
-iwl1000-firmware
-iwl3945-firmware
-iwl4965-firmware
-iwl5000-firmware
-iwl5150-firmware
-iwl6000-firmware
-iwl6000g2a-firmware
-iwl6050-firmware
-libertas-usb8388-firmware
-ql2100-firmware
-ql2200-firmware
-ql23xx-firmware
-ql2400-firmware
-ql2500-firmware
-rt61pci-firmware
-rt73usb-firmware
-xorg-x11-drv-ati-firmware
-zd1211-firmware
%end
%post
yum update -y
# set virtual-guest as default profile for tuned
echo "virtual-guest" > /etc/tuned/active_profile
# Because memory is scarce resource in most cloud/virt environments,
# and because this impedes forensics, we are differing from the Fedora
# default of having /tmp on tmpfs.
echo "Disabling tmpfs for /tmp."
systemctl mask tmp.mount
cat <<EOL > /etc/sysconfig/kernel
# UPDATEDEFAULT specifies if new-kernel-pkg should make
# new kernels the default
UPDATEDEFAULT=yes
# DEFAULTKERNEL specifies the default kernel package type
DEFAULTKERNEL=kernel
EOL
# make sure firstboot doesn't start
echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
echo "Fixing SELinux contexts."
touch /var/log/cron
touch /var/log/boot.log
mkdir -p /var/cache/yum
/usr/sbin/fixfiles -R -a restore
yum -y remove firewalld
sed -i "s/^.*requiretty/#Defaults requiretty/" /etc/sudoers
yum clean all
%end
Reference in a new issue View git blame Copy permalink