diff options
author | baigk <baiguoku@huawei.com> | 2015-08-04 22:21:43 -0400 |
---|---|---|
committer | baigk <baiguoku@huawei.com> | 2015-08-05 01:01:22 -0400 |
commit | d05b5f04c92034eae1675dc8102247a3cc3315f7 (patch) | |
tree | 9721a1cfddc4b234ff302922da01cc3da0eb0fb9 /deploy/adapters/cobbler | |
parent | 79b571dae951ba9bfe36440750c1a1408b19cd69 (diff) |
delete the windows newline character
JIRA: COMPASS-7
Change-Id: Iffd549877b8cc50a995bdc59adf1f05c0fcb1d5e
Signed-off-by: baigk <baiguoku@huawei.com>
Diffstat (limited to 'deploy/adapters/cobbler')
75 files changed, 4698 insertions, 4699 deletions
diff --git a/deploy/adapters/cobbler/conf/cobbler.conf b/deploy/adapters/cobbler/conf/cobbler.conf index 3789232d..fa4457f2 100644 --- a/deploy/adapters/cobbler/conf/cobbler.conf +++ b/deploy/adapters/cobbler/conf/cobbler.conf @@ -1,40 +1,40 @@ -# This configuration file allows cobbler data
-# to be accessed over HTTP.
-
-AliasMatch ^/cblr/svc/op/ks/system/(.*)?$ "/var/www/cblr_ks/$1"
-AliasMatch ^/cblr(?!/svc/)(.*)?$ "/var/www/cobbler$1"
-AliasMatch ^/cobbler_track(.*)?$ "/var/www/cobbler$1"
-#AliasMatch ^/cobbler(.*)?$ "/var/www/cobbler$1"
-Alias /cobbler /var/www/cobbler
-Alias /cobbler_webui_content /var/www/cobbler_webui_content
-
-WSGIScriptAliasMatch ^/cblr/svc/([^/]*) /var/www/cobbler/svc/services.py
-
-<Directory "/var/www/cobbler">
- Options Indexes FollowSymLinks
- Order allow,deny
- Allow from all
-</Directory>
-
-ProxyRequests off
-
-ProxyPass /cobbler_api http://localhost:25151/
-ProxyPassReverse /cobbler_api http://localhost:25151/
-
-BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
-
-# the webui is now part of the "cobbler-web" package
-# and is visited at http://.../cobbler_web not this URL.
-# this is only a pointer to the new page.
-
-<Directory "/var/www/cobbler/web/">
- Options Indexes FollowSymLinks
- Order allow,deny
- Allow from all
-</Directory>
-
-<Directory "/var/www/cblr_ks/">
- Options Indexes FollowSymLinks
- Order allow,deny
- Allow from all
-</Directory>
+# This configuration file allows cobbler data +# to be accessed over HTTP. + +AliasMatch ^/cblr/svc/op/ks/system/(.*)?$ "/var/www/cblr_ks/$1" +AliasMatch ^/cblr(?!/svc/)(.*)?$ "/var/www/cobbler$1" +AliasMatch ^/cobbler_track(.*)?$ "/var/www/cobbler$1" +#AliasMatch ^/cobbler(.*)?$ "/var/www/cobbler$1" +Alias /cobbler /var/www/cobbler +Alias /cobbler_webui_content /var/www/cobbler_webui_content + +WSGIScriptAliasMatch ^/cblr/svc/([^/]*) /var/www/cobbler/svc/services.py + +<Directory "/var/www/cobbler"> + Options Indexes FollowSymLinks + Order allow,deny + Allow from all +</Directory> + +ProxyRequests off + +ProxyPass /cobbler_api http://localhost:25151/ +ProxyPassReverse /cobbler_api http://localhost:25151/ + +BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On + +# the webui is now part of the "cobbler-web" package +# and is visited at http://.../cobbler_web not this URL. +# this is only a pointer to the new page. + +<Directory "/var/www/cobbler/web/"> + Options Indexes FollowSymLinks + Order allow,deny + Allow from all +</Directory> + +<Directory "/var/www/cblr_ks/"> + Options Indexes FollowSymLinks + Order allow,deny + Allow from all +</Directory> diff --git a/deploy/adapters/cobbler/conf/dhcp.template b/deploy/adapters/cobbler/conf/dhcp.template index 2a71bc12..79b2037d 100644 --- a/deploy/adapters/cobbler/conf/dhcp.template +++ b/deploy/adapters/cobbler/conf/dhcp.template @@ -1,98 +1,98 @@ -# ******************************************************************
-# Cobbler managed dhcpd.conf file
-#
-# generated from cobbler dhcp.conf template ($date)
-# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
-# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
-# overwritten.
-#
-# ******************************************************************
-
-ddns-update-style interim;
-
-allow booting;
-allow bootp;
-deny unknown-clients;
-local-address $ipaddr;
-log-facility local6;
-
-ignore client-updates;
-set vendorclass = option vendor-class-identifier;
-
-option pxe-system-type code 93 = unsigned integer 16;
-option space pxelinux;
-option pxelinux.magic code 208 = string;
-option pxelinux.configfile code 209 = text;
-option pxelinux.pathprefix code 210 = text;
-option pxelinux.reboottime code 211 = unsigned integer 32;
-
-subnet $subnet netmask $netmask {
- option routers $gateway;
- option domain-name-servers $ipaddr;
- option subnet-mask $netmask;
- range dynamic-bootp $ip_range;
- default-lease-time 21600;
- max-lease-time 43200;
- next-server $next_server;
- class "pxeclients" {
- match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
- if option pxe-system-type = 00:02 {
- filename "ia64/elilo.efi";
- } else if option pxe-system-type = 00:06 {
- filename "grub/grub-x86.efi";
- } else if option pxe-system-type = 00:07 {
- filename "grub/grub-x86_64.efi";
- } else {
- filename "pxelinux.0";
- }
- }
-
-}
-
-#for dhcp_tag in $dhcp_tags.keys():
- ## group could be subnet if your dhcp tags line up with your subnets
- ## or really any valid dhcpd.conf construct ... if you only use the
- ## default dhcp tag in cobbler, the group block can be deleted for a
- ## flat configuration
-# group for Cobbler DHCP tag: $dhcp_tag
-group {
- #for mac in $dhcp_tags[$dhcp_tag].keys():
- #set iface = $dhcp_tags[$dhcp_tag][$mac]
- host $iface.name {
- hardware ethernet $mac;
- site-option-space "pxelinux";
- option pxelinux.magic f1:00:74:7e;
- if exists dhcp-parameter-request-list {
- # Always send the PXELINUX options (specified in hexadecimal)
- option dhcp-parameter-request-list = concat(option dhcp-parameter-request-list,d0,d1,d2,d3);
- }
- option pxelinux.reboottime 30;
- #if $iface.hostname:
- option host-name "$iface.hostname";
- #end if
- #if $iface.netmask:
- option subnet-mask $iface.netmask;
- #end if
- #if $iface.gateway:
- option routers $iface.gateway;
- #end if
- #if $iface.enable_gpxe:
- if exists user-class and option user-class = "gPXE" {
- filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
- } else if exists user-class and option user-class = "iPXE" {
- filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
- } else {
- filename "undionly.kpxe";
- }
- #else
- filename "$iface.filename";
- #end if
- ## Cobbler defaults to $next_server, but some users
- ## may like to use $iface.system.server for proxied setups
- next-server $next_server;
- ## next-server $iface.next_server;
- }
- #end for
-}
-#end for
-
+# ****************************************************************** +# Cobbler managed dhcpd.conf file +# +# generated from cobbler dhcp.conf template ($date) +# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes +# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be +# overwritten. +# +# ****************************************************************** + +ddns-update-style interim; + +allow booting; +allow bootp; +deny unknown-clients; +local-address $ipaddr; +log-facility local6; + +ignore client-updates; +set vendorclass = option vendor-class-identifier; + +option pxe-system-type code 93 = unsigned integer 16; +option space pxelinux; +option pxelinux.magic code 208 = string; +option pxelinux.configfile code 209 = text; +option pxelinux.pathprefix code 210 = text; +option pxelinux.reboottime code 211 = unsigned integer 32; + +subnet $subnet netmask $netmask { + option routers $gateway; + option domain-name-servers $ipaddr; + option subnet-mask $netmask; + range dynamic-bootp $ip_range; + default-lease-time 21600; + max-lease-time 43200; + next-server $next_server; + class "pxeclients" { + match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; + if option pxe-system-type = 00:02 { + filename "ia64/elilo.efi"; + } else if option pxe-system-type = 00:06 { + filename "grub/grub-x86.efi"; + } else if option pxe-system-type = 00:07 { + filename "grub/grub-x86_64.efi"; + } else { + filename "pxelinux.0"; + } + } + +} + +#for dhcp_tag in $dhcp_tags.keys(): + ## group could be subnet if your dhcp tags line up with your subnets + ## or really any valid dhcpd.conf construct ... if you only use the + ## default dhcp tag in cobbler, the group block can be deleted for a + ## flat configuration +# group for Cobbler DHCP tag: $dhcp_tag +group { + #for mac in $dhcp_tags[$dhcp_tag].keys(): + #set iface = $dhcp_tags[$dhcp_tag][$mac] + host $iface.name { + hardware ethernet $mac; + site-option-space "pxelinux"; + option pxelinux.magic f1:00:74:7e; + if exists dhcp-parameter-request-list { + # Always send the PXELINUX options (specified in hexadecimal) + option dhcp-parameter-request-list = concat(option dhcp-parameter-request-list,d0,d1,d2,d3); + } + option pxelinux.reboottime 30; + #if $iface.hostname: + option host-name "$iface.hostname"; + #end if + #if $iface.netmask: + option subnet-mask $iface.netmask; + #end if + #if $iface.gateway: + option routers $iface.gateway; + #end if + #if $iface.enable_gpxe: + if exists user-class and option user-class = "gPXE" { + filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner"; + } else if exists user-class and option user-class = "iPXE" { + filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner"; + } else { + filename "undionly.kpxe"; + } + #else + filename "$iface.filename"; + #end if + ## Cobbler defaults to $next_server, but some users + ## may like to use $iface.system.server for proxied setups + next-server $next_server; + ## next-server $iface.next_server; + } + #end for +} +#end for + diff --git a/deploy/adapters/cobbler/conf/modules.conf b/deploy/adapters/cobbler/conf/modules.conf index 28bfb6cd..fde469c8 100644 --- a/deploy/adapters/cobbler/conf/modules.conf +++ b/deploy/adapters/cobbler/conf/modules.conf @@ -1,83 +1,83 @@ -# cobbler module configuration file
-# =================================
-
-# authentication:
-# what users can log into the WebUI and Read-Write XMLRPC?
-# choices:
-# authn_denyall -- no one (default)
-# authn_configfile -- use /etc/cobbler/users.digest (for basic setups)
-# authn_passthru -- ask Apache to handle it (used for kerberos)
-# authn_ldap -- authenticate against LDAP
-# authn_spacewalk -- ask Spacewalk/Satellite (experimental)
-# authn_pam -- use PAM facilities
-# authn_testing -- username/password is always testing/testing (debug)
-# (user supplied) -- you may write your own module
-# WARNING: this is a security setting, do not choose an option blindly.
-# for more information:
-# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface
-# https://github.com/cobbler/cobbler/wiki/Security-overview
-# https://github.com/cobbler/cobbler/wiki/Kerberos
-# https://github.com/cobbler/cobbler/wiki/Ldap
-
-[authentication]
-module = authn_configfile
-
-# authorization:
-# once a user has been cleared by the WebUI/XMLRPC, what can they do?
-# choices:
-# authz_allowall -- full access for all authneticated users (default)
-# authz_ownership -- use users.conf, but add object ownership semantics
-# (user supplied) -- you may write your own module
-# WARNING: this is a security setting, do not choose an option blindly.
-# If you want to further restrict cobbler with ACLs for various groups,
-# pick authz_ownership. authz_allowall does not support ACLs. configfile
-# does but does not support object ownership which is useful as an additional
-# layer of control.
-
-# for more information:
-# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface
-# https://github.com/cobbler/cobbler/wiki/Security-overview
-# https://github.com/cobbler/cobbler/wiki/Web-authorization
-
-[authorization]
-module = authz_allowall
-
-# dns:
-# chooses the DNS management engine if manage_dns is enabled
-# in /etc/cobbler/settings, which is off by default.
-# choices:
-# manage_bind -- default, uses BIND/named
-# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below
-# NOTE: more configuration is still required in /etc/cobbler
-# for more information:
-# https://github.com/cobbler/cobbler/wiki/Dns-management
-
-[dns]
-module = manage_bind
-
-# dhcp:
-# chooses the DHCP management engine if manage_dhcp is enabled
-# in /etc/cobbler/settings, which is off by default.
-# choices:
-# manage_isc -- default, uses ISC dhcpd
-# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above
-# NOTE: more configuration is still required in /etc/cobbler
-# for more information:
-# https://github.com/cobbler/cobbler/wiki/Dhcp-management
-
-[dhcp]
-module = manage_isc
-
-# tftpd:
-# chooses the TFTP management engine if manage_tftp is enabled
-# in /etc/cobbler/settings, which is ON by default.
-#
-# choices:
-# manage_in_tftpd -- default, uses the system's tftp server
-# manage_tftpd_py -- uses cobbler's tftp server
-#
-
-[tftpd]
-module = manage_in_tftpd
-
-#--------------------------------------------------
+# cobbler module configuration file +# ================================= + +# authentication: +# what users can log into the WebUI and Read-Write XMLRPC? +# choices: +# authn_denyall -- no one (default) +# authn_configfile -- use /etc/cobbler/users.digest (for basic setups) +# authn_passthru -- ask Apache to handle it (used for kerberos) +# authn_ldap -- authenticate against LDAP +# authn_spacewalk -- ask Spacewalk/Satellite (experimental) +# authn_pam -- use PAM facilities +# authn_testing -- username/password is always testing/testing (debug) +# (user supplied) -- you may write your own module +# WARNING: this is a security setting, do not choose an option blindly. +# for more information: +# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface +# https://github.com/cobbler/cobbler/wiki/Security-overview +# https://github.com/cobbler/cobbler/wiki/Kerberos +# https://github.com/cobbler/cobbler/wiki/Ldap + +[authentication] +module = authn_configfile + +# authorization: +# once a user has been cleared by the WebUI/XMLRPC, what can they do? +# choices: +# authz_allowall -- full access for all authneticated users (default) +# authz_ownership -- use users.conf, but add object ownership semantics +# (user supplied) -- you may write your own module +# WARNING: this is a security setting, do not choose an option blindly. +# If you want to further restrict cobbler with ACLs for various groups, +# pick authz_ownership. authz_allowall does not support ACLs. configfile +# does but does not support object ownership which is useful as an additional +# layer of control. + +# for more information: +# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface +# https://github.com/cobbler/cobbler/wiki/Security-overview +# https://github.com/cobbler/cobbler/wiki/Web-authorization + +[authorization] +module = authz_allowall + +# dns: +# chooses the DNS management engine if manage_dns is enabled +# in /etc/cobbler/settings, which is off by default. +# choices: +# manage_bind -- default, uses BIND/named +# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below +# NOTE: more configuration is still required in /etc/cobbler +# for more information: +# https://github.com/cobbler/cobbler/wiki/Dns-management + +[dns] +module = manage_bind + +# dhcp: +# chooses the DHCP management engine if manage_dhcp is enabled +# in /etc/cobbler/settings, which is off by default. +# choices: +# manage_isc -- default, uses ISC dhcpd +# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above +# NOTE: more configuration is still required in /etc/cobbler +# for more information: +# https://github.com/cobbler/cobbler/wiki/Dhcp-management + +[dhcp] +module = manage_isc + +# tftpd: +# chooses the TFTP management engine if manage_tftp is enabled +# in /etc/cobbler/settings, which is ON by default. +# +# choices: +# manage_in_tftpd -- default, uses the system's tftp server +# manage_tftpd_py -- uses cobbler's tftp server +# + +[tftpd] +module = manage_in_tftpd + +#-------------------------------------------------- diff --git a/deploy/adapters/cobbler/conf/named.template b/deploy/adapters/cobbler/conf/named.template index acf86a57..14f27988 100644 --- a/deploy/adapters/cobbler/conf/named.template +++ b/deploy/adapters/cobbler/conf/named.template @@ -1,31 +1,31 @@ -options {
- listen-on port 53 { $ipaddr; };
- directory "/var/named";
- dump-file "/var/named/data/cache_dump.db";
- statistics-file "/var/named/data/named_stats.txt";
- memstatistics-file "/var/named/data/named_mem_stats.txt";
- allow-query { 127.0.0.0/8; $subnet; };
- recursion yes;
-};
-
-logging {
- channel default_debug {
- file "data/named.run";
- severity dynamic;
- };
-};
-
-#for $zone in $forward_zones
-zone "${zone}." {
- type master;
- file "$zone";
-};
-
-#end for
-#for $zone, $arpa in $reverse_zones
-zone "${arpa}." {
- type master;
- file "$zone";
-};
-
-#end for
+options { + listen-on port 53 { $ipaddr; }; + directory "/var/named"; + dump-file "/var/named/data/cache_dump.db"; + statistics-file "/var/named/data/named_stats.txt"; + memstatistics-file "/var/named/data/named_mem_stats.txt"; + allow-query { 127.0.0.0/8; $subnet; }; + recursion yes; +}; + +logging { + channel default_debug { + file "data/named.run"; + severity dynamic; + }; +}; + +#for $zone in $forward_zones +zone "${zone}." { + type master; + file "$zone"; +}; + +#end for +#for $zone, $arpa in $reverse_zones +zone "${arpa}." { + type master; + file "$zone"; +}; + +#end for diff --git a/deploy/adapters/cobbler/conf/settings b/deploy/adapters/cobbler/conf/settings index cacae69a..f6d0b961 100644 --- a/deploy/adapters/cobbler/conf/settings +++ b/deploy/adapters/cobbler/conf/settings @@ -1,450 +1,450 @@ ----
-# cobbler settings file
-# restart cobblerd and run "cobbler sync" after making changes
-# This config file is in YAML 1.0 format
-# see http://yaml.org
-# ==========================================================
-# if 1, cobbler will allow insertions of system records that duplicate
-# the --dns-name information of other system records. In general,
-# this is undesirable and should be left 0.
-allow_duplicate_hostnames: 0
-
-# if 1, cobbler will allow insertions of system records that duplicate
-# the ip address information of other system records. In general,
-# this is undesirable and should be left 0.
-allow_duplicate_ips: 0
-
-# if 1, cobbler will allow insertions of system records that duplicate
-# the mac address information of other system records. In general,
-# this is undesirable.
-allow_duplicate_macs: 0
-
-# if 1, cobbler will allow settings to be changed dynamically without
-# a restart of the cobblerd daemon. You can only change this variable
-# by manually editing the settings file, and you MUST restart cobblerd
-# after changing it.
-allow_dynamic_settings: 0
-
-# by default, installs are *not* set to send installation logs to the cobbler
-# # # server. With 'anamon_enabled', kickstart templates may use the pre_anamon
-# # # snippet to allow remote live monitoring of their installations from the
-# # # cobbler server. Installation logs will be stored under
-# # # /var/log/cobbler/anamon/. NOTE: This does allow an xmlrpc call to send logs
-# # # to this directory, without authentication, so enable only if you are
-# # # ok with this limitation.
-anamon_enabled: 1
-
-# If using authn_pam in the modules.conf, this can be configured
-# to change the PAM service authentication will be tested against.
-# The default value is "login".
-authn_pam_service: "login"
-
-# Email out a report when cobbler finishes installing a system.
-# enabled: set to 1 to turn this feature on
-# sender: optional
-# email: which addresses to email
-# smtp_server: used to specify another server for an MTA
-# subject: use the default subject unless overridden
-build_reporting_enabled: 0
-build_reporting_sender: ""
-build_reporting_email: [ 'root@localhost' ]
-build_reporting_smtp_server: "localhost"
-build_reporting_subject: ""
-
-# Cheetah-language kickstart templates can import Python modules.
-# while this is a useful feature, it is not safe to allow them to
-# import anything they want. This whitelists which modules can be
-# imported through Cheetah. Users can expand this as needed but
-# should never allow modules such as subprocess or those that
-# allow access to the filesystem as Cheetah templates are evaluated
-# by cobblerd as code.
-cheetah_import_whitelist:
- - "random"
- - "re"
- - "time"
-
-# Default createrepo_flags to use for new repositories. If you have
-# createrepo >= 0.4.10, consider "-c cache --update -C", which can
-# dramatically improve your "cobbler reposync" time. "-s sha"
-# enables working with Fedora repos from F11/F12 from EL-4 or
-# EL-5 without python-hashlib installed (which is not available
-# on EL-4)
-createrepo_flags: "-c cache -s sha"
-
-# if no kickstart is specified to profile add, use this template
-default_kickstart: /var/lib/cobbler/kickstarts/default.ks
-
-# configure all installed systems to use these nameservers by default
-# unless defined differently in the profile. For DHCP configurations
-# you probably do /not/ want to supply this.
-default_name_servers: ['$ipaddr']
-
-# if using the authz_ownership module (see the Wiki), objects
-# created without specifying an owner are assigned to this
-# owner and/or group. Can be a comma seperated list.
-default_ownership:
- - "admin"
-
-# cobbler has various sample kickstart templates stored
-# in /var/lib/cobbler/kickstarts/. This controls
-# what install (root) password is set up for those
-# systems that reference this variable. The factory
-# default is "cobbler" and cobbler check will warn if
-# this is not changed.
-# The simplest way to change the password is to run
-# openssl passwd -1
-# and put the output between the "" below.
-default_password_crypted: "$1$huawei$9OkoVJwO4W8vavlXd1bUS/"
-
-# the default template type to use in the absence of any
-# other detected template. If you do not specify the template
-# with '#template=<template_type>' on the first line of your
-# templates/snippets, cobbler will assume try to use the
-# following template engine to parse the templates.
-#
-# Current valid values are: cheetah, jinja2
-default_template_type: "cheetah"
-
-# for libvirt based installs in koan, if no virt bridge
-# is specified, which bridge do we try? For EL 4/5 hosts
-# this should be xenbr0, for all versions of Fedora, try
-# "virbr0". This can be overriden on a per-profile
-# basis or at the koan command line though this saves
-# typing to just set it here to the most common option.
-default_virt_bridge: xenbr0
-
-# use this as the default disk size for virt guests (GB)
-default_virt_file_size: 5
-
-# use this as the default memory size for virt guests (MB)
-default_virt_ram: 512
-
-# if koan is invoked without --virt-type and no virt-type
-# is set on the profile/system, what virtualization type
-# should be assumed? Values: xenpv, xenfv, qemu, vmware
-# (NOTE: this does not change what virt_type is chosen by import)
-default_virt_type: xenpv
-
-# enable gPXE booting? Enabling this option will cause cobbler
-# to copy the undionly.kpxe file to the tftp root directory,
-# and if a profile/system is configured to boot via gpxe it will
-# chain load off pxelinux.0.
-# Default: 0
-enable_gpxe: 0
-
-# controls whether cobbler will add each new profile entry to the default
-# PXE boot menu. This can be over-ridden on a per-profile
-# basis when adding/editing profiles with --enable-menu=0/1. Users
-# should ordinarily leave this setting enabled unless they are concerned
-# with accidental reinstalls from users who select an entry at the PXE
-# boot menu. Adding a password to the boot menus templates
-# may also be a good solution to prevent unwanted reinstallations
-enable_menu: 0
-
-# enable Func-integration? This makes sure each installed machine is set up
-# to use func out of the box, which is a powerful way to script and control
-# remote machines.
-# Func lives at http://fedorahosted.org/func
-# read more at https://github.com/cobbler/cobbler/wiki/Func-integration
-# you will need to mirror Fedora/EPEL packages for this feature, so see
-# https://github.com/cobbler/cobbler/wiki/Manage-yum-repos if you want cobbler
-# to help you with this
-func_auto_setup: 0
-func_master: overlord.example.org
-
-# change this port if Apache is not running plaintext on port
-# 80. Most people can leave this alone.
-http_port: 80
-
-# kernel options that should be present in every cobbler installation.
-# kernel options can also be applied at the distro/profile/system
-# level.
-kernel_options:
- ksdevice: bootif
- lang: ' '
- text: ~
-
-# s390 systems require additional kernel options in addition to the
-# above defaults
-kernel_options_s390x:
- RUNKS: 1
- ramdisk_size: 40000
- root: /dev/ram0
- ro: ~
- ip: off
- vnc: ~
-
-# configuration options if using the authn_ldap module. See the
-# the Wiki for details. This can be ignored if you are not using
-# LDAP for WebUI/XMLRPC authentication.
-ldap_server: "ldap.example.com"
-ldap_base_dn: "DC=example,DC=com"
-ldap_port: 389
-ldap_tls: 1
-ldap_anonymous_bind: 1
-ldap_search_bind_dn: ''
-ldap_search_passwd: ''
-ldap_search_prefix: 'uid='
-ldap_tls_cacertfile: ''
-ldap_tls_keyfile: ''
-ldap_tls_certfile: ''
-
-# cobbler has a feature that allows for integration with config management
-# systems such as Puppet. The following parameters work in conjunction with
-# --mgmt-classes and are described in furhter detail at:
-# https://github.com/cobbler/cobbler/wiki/Using-cobbler-with-a-configuration-management-system
-mgmt_classes: []
-mgmt_parameters:
- from_cobbler: 1
-
-# if enabled, this setting ensures that puppet is installed during
-# machine provision, a client certificate is generated and a
-# certificate signing request is made with the puppet master server
-puppet_auto_setup: 0
-
-# when puppet starts on a system after installation it needs to have
-# its certificate signed by the puppet master server. Enabling the
-# following feature will ensure that the puppet server signs the
-# certificate after installation if the puppet master server is
-# running on the same machine as cobbler. This requires
-# puppet_auto_setup above to be enabled
-sign_puppet_certs_automatically: 0
-
-# location of the puppet executable, used for revoking certificates
-puppetca_path: "/usr/bin/puppet"
-
-# when a puppet managed machine is reinstalled it is necessary to
-# remove the puppet certificate from the puppet master server before a
-# new certificate is signed (see above). Enabling the following
-# feature will ensure that the certificate for the machine to be
-# installed is removed from the puppet master server if the puppet
-# master server is running on the same machine as cobbler. This
-# requires puppet_auto_setup above to be enabled
-remove_old_puppet_certs_automatically: 0
-
-# choose a --server argument when running puppetd/puppet agent during kickstart
-#puppet_server: 'puppet'
-
-# let cobbler know that you're using a newer version of puppet
-# choose version 3 to use: 'puppet agent'; version 2 uses status quo: 'puppetd'
-#puppet_version: 2
-
-# choose whether to enable puppet parameterized classes or not.
-# puppet versions prior to 2.6.5 do not support parameters
-#puppet_parameterized_classes: 1
-
-# set to 1 to enable Cobbler's DHCP management features.
-# the choice of DHCP management engine is in /etc/cobbler/modules.conf
-manage_dhcp: 1
-
-# set to 1 to enable Cobbler's DNS management features.
-# the choice of DNS mangement engine is in /etc/cobbler/modules.conf
-manage_dns: 1
-
-# set to path of bind chroot to create bind-chroot compatible bind
-# configuration files. This should be automatically detected.
-bind_chroot_path: ""
-
-# set to the ip address of the master bind DNS server for creating secondary
-# bind configuration files
-bind_master: 127.0.0.1
-
-# set to 1 to enable Cobbler's TFTP management features.
-# the choice of TFTP mangement engine is in /etc/cobbler/modules.conf
-manage_tftpd: 1
-
-# set to 1 to enable Cobbler's RSYNC management features.
-manage_rsync: 0
-
-# if using BIND (named) for DNS management in /etc/cobbler/modules.conf
-# and manage_dns is enabled (above), this lists which zones are managed
-# See the Wiki (https://github.com/cobbler/cobbler/wiki/Dns-management) for more info
-manage_forward_zones: []
-manage_reverse_zones: []
-
-# if using cobbler with manage_dhcp, put the IP address
-# of the cobbler server here so that PXE booting guests can find it
-# if you do not set this correctly, this will be manifested in TFTP open timeouts.
-next_server: $next_server
-
-# settings for power management features. optional.
-# see https://github.com/cobbler/cobbler/wiki/Power-management to learn more
-# choices (refer to codes.py):
-# apc_snmp bladecenter bullpap drac ether_wake ilo integrity
-# ipmilan ipmitool lpar rsa virsh wti
-power_management_default_type: 'ipmitool'
-
-# the commands used by the power management module are sourced
-# from what directory?
-power_template_dir: "/etc/cobbler/power"
-
-# if this setting is set to 1, cobbler systems that pxe boot
-# will request at the end of their installation to toggle the
-# --netboot-enabled record in the cobbler system record. This eliminates
-# the potential for a PXE boot loop if the system is set to PXE
-# first in it's BIOS order. Enable this if PXE is first in your BIOS
-# boot order, otherwise leave this disabled. See the manpage
-# for --netboot-enabled.
-pxe_just_once: 1
-
-# the templates used for PXE config generation are sourced
-# from what directory?
-pxe_template_dir: "/etc/cobbler/pxe"
-
-# Path to where system consoles are
-consoles: "/var/consoles"
-
-# Are you using a Red Hat management platform in addition to Cobbler?
-# Cobbler can help you register to it. Choose one of the following:
-# "off" : I'm not using Red Hat Network, Satellite, or Spacewalk
-# "hosted" : I'm using Red Hat Network
-# "site" : I'm using Red Hat Satellite Server or Spacewalk
-# You will also want to read: https://github.com/cobbler/cobbler/wiki/Tips-for-RHN
-redhat_management_type: "off"
-
-# if redhat_management_type is enabled, choose your server
-# "management.example.org" : For Satellite or Spacewalk
-# "xmlrpc.rhn.redhat.com" : For Red Hat Network
-# This setting is also used by the code that supports using Spacewalk/Satellite users/passwords
-# within Cobbler Web and Cobbler XMLRPC. Using RHN Hosted for this is not supported.
-# This feature can be used even if redhat_management_type is off, you just have
-# to have authn_spacewalk selected in modules.conf
-redhat_management_server: "xmlrpc.rhn.redhat.com"
-
-# specify the default Red Hat authorization key to use to register
-# system. If left blank, no registration will be attempted. Similarly
-# you can set the --redhat-management-key to blank on any system to
-# keep it from trying to register.
-redhat_management_key: ""
-
-# if using authn_spacewalk in modules.conf to let cobbler authenticate
-# against Satellite/Spacewalk's auth system, by default it will not allow per user
-# access into Cobbler Web and Cobbler XMLRPC.
-# in order to permit this, the following setting must be enabled HOWEVER
-# doing so will permit all Spacewalk/Satellite users of certain types to edit all
-# of cobbler's configuration.
-# these roles are: config_admin and org_admin
-# users should turn this on only if they want this behavior and
-# do not have a cross-multi-org seperation concern. If you have
-# a single org in your satellite, it's probably safe to turn this
-# on and then you can use CobblerWeb alongside a Satellite install.
-redhat_management_permissive: 0
-
-# if set to 1, allows /usr/bin/cobbler-register (part of the koan package)
-# to be used to remotely add new cobbler system records to cobbler.
-# this effectively allows for registration of new hardware from system
-# records.
-register_new_installs: 0
-
-# Flags to use for yum's reposync. If your version of yum reposync
-# does not support -l, you may need to remove that option.
-reposync_flags: "-l -n -d"
-
-# These options will be used for an rsync initiated by cobbler replicate
-replicate_rsync_options: "-avzH"
-
-# when DHCP and DNS management are enabled, cobbler sync can automatically
-# restart those services to apply changes. The exception for this is
-# if using ISC for DHCP, then omapi eliminates the need for a restart.
-# omapi, however, is experimental and not recommended for most configurations.
-# If DHCP and DNS are going to be managed, but hosted on a box that
-# is not on this server, disable restarts here and write some other
-# script to ensure that the config files get copied/rsynced to the destination
-# box. This can be done by modifying the restart services trigger.
-# Note that if manage_dhcp and manage_dns are disabled, the respective
-# parameter will have no effect. Most users should not need to change
-# this.
-restart_dns: 1
-restart_dhcp: 1
-
-# install triggers are scripts in /var/lib/cobbler/triggers/install
-# that are triggered in kickstart pre and post sections. Any
-# executable script in those directories is run. They can be used
-# to send email or perform other actions. They are currently
-# run as root so if you do not need this functionality you can
-# disable it, though this will also disable "cobbler status" which
-# uses a logging trigger to audit install progress.
-run_install_triggers: 1
-
-# enables a trigger which version controls all changes to /var/lib/cobbler
-# when add, edit, or sync events are performed. This can be used
-# to revert to previous database versions, generate RSS feeds, or for
-# other auditing or backup purposes. "git" and "hg" are currently suported,
-# but git is the recommend SCM for use with this feature.
-scm_track_enabled: 0
-scm_track_mode: "git"
-
-# this is the address of the cobbler server -- as it is used
-# by systems during the install process, it must be the address
-# or hostname of the system as those systems can see the server.
-# if you have a server that appears differently to different subnets
-# (dual homed, etc), you need to read the --server-override section
-# of the manpage for how that works.
-server: $ipaddr
-
-# If set to 1, all commands will be forced to use the localhost address
-# instead of using the above value which can force commands like
-# cobbler sync to open a connection to a remote address if one is in the
-# configuration and would traceback.
-client_use_localhost: 0
-
-# If set to 1, all commands to the API (not directly to the XMLRPC
-# server) will go over HTTPS instead of plaintext. Be sure to change
-# the http_port setting to the correct value for the web server
-client_use_https: 0
-
-# this is a directory of files that cobbler uses to make
-# templating easier. See the Wiki for more information. Changing
-# this directory should not be required.
-snippetsdir: /var/lib/cobbler/snippets
-
-# Normally if a kickstart is specified at a remote location, this
-# URL will be passed directly to the kickstarting system, thus bypassing
-# the usual snippet templating Cobbler does for local kickstart files. If
-# this option is enabled, Cobbler will fetch the file contents internally
-# and serve a templated version of the file to the client.
-template_remote_kickstarts: 0
-
-# should new profiles for virtual machines default to auto booting with the physical host when the physical host reboots?
-# this can be overridden on each profile or system object.
-virt_auto_boot: 1
-
-# cobbler's web directory. Don't change this setting -- see the
-# Wiki on "relocating your cobbler install" if your /var partition
-# is not large enough.
-webdir: /var/www/cobbler
-
-# cobbler's public XMLRPC listens on this port. Change this only
-# if absolutely needed, as you'll have to start supplying a new
-# port option to koan if it is not the default.
-xmlrpc_port: 25151
-
-# "cobbler repo add" commands set cobbler up with repository
-# information that can be used during kickstart and is automatically
-# set up in the cobbler kickstart templates. By default, these
-# are only available at install time. To make these repositories
-# usable on installed systems (since cobbler makes a very convient)
-# mirror, set this to 1. Most users can safely set this to 1. Users
-# who have a dual homed cobbler server, or are installing laptops that
-# will not always have access to the cobbler server may wish to leave
-# this as 0. In that case, the cobbler mirrored yum repos are still
-# accessable at http://cobbler.example.org/cblr/repo_mirror and yum
-# configuration can still be done manually. This is just a shortcut.
-yum_post_install_mirror: 1
-
-# the default yum priority for all the distros. This is only used
-# if yum-priorities plugin is used. 1=maximum. Tweak with caution.
-yum_distro_priority: 1
-
-# Flags to use for yumdownloader. Not all versions may support
-# --resolve.
-yumdownloader_flags: "--resolve"
-
-# sort and indent JSON output to make it more human-readable
-serializer_pretty_json: 0
-
-# replication rsync options for distros, kickstarts, snippets set to override default value of "-avzH"
-replicate_rsync_options: "-avzH"
-
-# replication rsync options for repos set to override default value of "-avzH"
-replicate_repo_rsync_options: "-avzH"
+--- +# cobbler settings file +# restart cobblerd and run "cobbler sync" after making changes +# This config file is in YAML 1.0 format +# see http://yaml.org +# ========================================================== +# if 1, cobbler will allow insertions of system records that duplicate +# the --dns-name information of other system records. In general, +# this is undesirable and should be left 0. +allow_duplicate_hostnames: 0 + +# if 1, cobbler will allow insertions of system records that duplicate +# the ip address information of other system records. In general, +# this is undesirable and should be left 0. +allow_duplicate_ips: 0 + +# if 1, cobbler will allow insertions of system records that duplicate +# the mac address information of other system records. In general, +# this is undesirable. +allow_duplicate_macs: 0 + +# if 1, cobbler will allow settings to be changed dynamically without +# a restart of the cobblerd daemon. You can only change this variable +# by manually editing the settings file, and you MUST restart cobblerd +# after changing it. +allow_dynamic_settings: 0 + +# by default, installs are *not* set to send installation logs to the cobbler +# # # server. With 'anamon_enabled', kickstart templates may use the pre_anamon +# # # snippet to allow remote live monitoring of their installations from the +# # # cobbler server. Installation logs will be stored under +# # # /var/log/cobbler/anamon/. NOTE: This does allow an xmlrpc call to send logs +# # # to this directory, without authentication, so enable only if you are +# # # ok with this limitation. +anamon_enabled: 1 + +# If using authn_pam in the modules.conf, this can be configured +# to change the PAM service authentication will be tested against. +# The default value is "login". +authn_pam_service: "login" + +# Email out a report when cobbler finishes installing a system. +# enabled: set to 1 to turn this feature on +# sender: optional +# email: which addresses to email +# smtp_server: used to specify another server for an MTA +# subject: use the default subject unless overridden +build_reporting_enabled: 0 +build_reporting_sender: "" +build_reporting_email: [ 'root@localhost' ] +build_reporting_smtp_server: "localhost" +build_reporting_subject: "" + +# Cheetah-language kickstart templates can import Python modules. +# while this is a useful feature, it is not safe to allow them to +# import anything they want. This whitelists which modules can be +# imported through Cheetah. Users can expand this as needed but +# should never allow modules such as subprocess or those that +# allow access to the filesystem as Cheetah templates are evaluated +# by cobblerd as code. +cheetah_import_whitelist: + - "random" + - "re" + - "time" + +# Default createrepo_flags to use for new repositories. If you have +# createrepo >= 0.4.10, consider "-c cache --update -C", which can +# dramatically improve your "cobbler reposync" time. "-s sha" +# enables working with Fedora repos from F11/F12 from EL-4 or +# EL-5 without python-hashlib installed (which is not available +# on EL-4) +createrepo_flags: "-c cache -s sha" + +# if no kickstart is specified to profile add, use this template +default_kickstart: /var/lib/cobbler/kickstarts/default.ks + +# configure all installed systems to use these nameservers by default +# unless defined differently in the profile. For DHCP configurations +# you probably do /not/ want to supply this. +default_name_servers: ['$ipaddr'] + +# if using the authz_ownership module (see the Wiki), objects +# created without specifying an owner are assigned to this +# owner and/or group. Can be a comma seperated list. +default_ownership: + - "admin" + +# cobbler has various sample kickstart templates stored +# in /var/lib/cobbler/kickstarts/. This controls +# what install (root) password is set up for those +# systems that reference this variable. The factory +# default is "cobbler" and cobbler check will warn if +# this is not changed. +# The simplest way to change the password is to run +# openssl passwd -1 +# and put the output between the "" below. +default_password_crypted: "$1$huawei$9OkoVJwO4W8vavlXd1bUS/" + +# the default template type to use in the absence of any +# other detected template. If you do not specify the template +# with '#template=<template_type>' on the first line of your +# templates/snippets, cobbler will assume try to use the +# following template engine to parse the templates. +# +# Current valid values are: cheetah, jinja2 +default_template_type: "cheetah" + +# for libvirt based installs in koan, if no virt bridge +# is specified, which bridge do we try? For EL 4/5 hosts +# this should be xenbr0, for all versions of Fedora, try +# "virbr0". This can be overriden on a per-profile +# basis or at the koan command line though this saves +# typing to just set it here to the most common option. +default_virt_bridge: xenbr0 + +# use this as the default disk size for virt guests (GB) +default_virt_file_size: 5 + +# use this as the default memory size for virt guests (MB) +default_virt_ram: 512 + +# if koan is invoked without --virt-type and no virt-type +# is set on the profile/system, what virtualization type +# should be assumed? Values: xenpv, xenfv, qemu, vmware +# (NOTE: this does not change what virt_type is chosen by import) +default_virt_type: xenpv + +# enable gPXE booting? Enabling this option will cause cobbler +# to copy the undionly.kpxe file to the tftp root directory, +# and if a profile/system is configured to boot via gpxe it will +# chain load off pxelinux.0. +# Default: 0 +enable_gpxe: 0 + +# controls whether cobbler will add each new profile entry to the default +# PXE boot menu. This can be over-ridden on a per-profile +# basis when adding/editing profiles with --enable-menu=0/1. Users +# should ordinarily leave this setting enabled unless they are concerned +# with accidental reinstalls from users who select an entry at the PXE +# boot menu. Adding a password to the boot menus templates +# may also be a good solution to prevent unwanted reinstallations +enable_menu: 0 + +# enable Func-integration? This makes sure each installed machine is set up +# to use func out of the box, which is a powerful way to script and control +# remote machines. +# Func lives at http://fedorahosted.org/func +# read more at https://github.com/cobbler/cobbler/wiki/Func-integration +# you will need to mirror Fedora/EPEL packages for this feature, so see +# https://github.com/cobbler/cobbler/wiki/Manage-yum-repos if you want cobbler +# to help you with this +func_auto_setup: 0 +func_master: overlord.example.org + +# change this port if Apache is not running plaintext on port +# 80. Most people can leave this alone. +http_port: 80 + +# kernel options that should be present in every cobbler installation. +# kernel options can also be applied at the distro/profile/system +# level. +kernel_options: + ksdevice: bootif + lang: ' ' + text: ~ + +# s390 systems require additional kernel options in addition to the +# above defaults +kernel_options_s390x: + RUNKS: 1 + ramdisk_size: 40000 + root: /dev/ram0 + ro: ~ + ip: off + vnc: ~ + +# configuration options if using the authn_ldap module. See the +# the Wiki for details. This can be ignored if you are not using +# LDAP for WebUI/XMLRPC authentication. +ldap_server: "ldap.example.com" +ldap_base_dn: "DC=example,DC=com" +ldap_port: 389 +ldap_tls: 1 +ldap_anonymous_bind: 1 +ldap_search_bind_dn: '' +ldap_search_passwd: '' +ldap_search_prefix: 'uid=' +ldap_tls_cacertfile: '' +ldap_tls_keyfile: '' +ldap_tls_certfile: '' + +# cobbler has a feature that allows for integration with config management +# systems such as Puppet. The following parameters work in conjunction with +# --mgmt-classes and are described in furhter detail at: +# https://github.com/cobbler/cobbler/wiki/Using-cobbler-with-a-configuration-management-system +mgmt_classes: [] +mgmt_parameters: + from_cobbler: 1 + +# if enabled, this setting ensures that puppet is installed during +# machine provision, a client certificate is generated and a +# certificate signing request is made with the puppet master server +puppet_auto_setup: 0 + +# when puppet starts on a system after installation it needs to have +# its certificate signed by the puppet master server. Enabling the +# following feature will ensure that the puppet server signs the +# certificate after installation if the puppet master server is +# running on the same machine as cobbler. This requires +# puppet_auto_setup above to be enabled +sign_puppet_certs_automatically: 0 + +# location of the puppet executable, used for revoking certificates +puppetca_path: "/usr/bin/puppet" + +# when a puppet managed machine is reinstalled it is necessary to +# remove the puppet certificate from the puppet master server before a +# new certificate is signed (see above). Enabling the following +# feature will ensure that the certificate for the machine to be +# installed is removed from the puppet master server if the puppet +# master server is running on the same machine as cobbler. This +# requires puppet_auto_setup above to be enabled +remove_old_puppet_certs_automatically: 0 + +# choose a --server argument when running puppetd/puppet agent during kickstart +#puppet_server: 'puppet' + +# let cobbler know that you're using a newer version of puppet +# choose version 3 to use: 'puppet agent'; version 2 uses status quo: 'puppetd' +#puppet_version: 2 + +# choose whether to enable puppet parameterized classes or not. +# puppet versions prior to 2.6.5 do not support parameters +#puppet_parameterized_classes: 1 + +# set to 1 to enable Cobbler's DHCP management features. +# the choice of DHCP management engine is in /etc/cobbler/modules.conf +manage_dhcp: 1 + +# set to 1 to enable Cobbler's DNS management features. +# the choice of DNS mangement engine is in /etc/cobbler/modules.conf +manage_dns: 1 + +# set to path of bind chroot to create bind-chroot compatible bind +# configuration files. This should be automatically detected. +bind_chroot_path: "" + +# set to the ip address of the master bind DNS server for creating secondary +# bind configuration files +bind_master: 127.0.0.1 + +# set to 1 to enable Cobbler's TFTP management features. +# the choice of TFTP mangement engine is in /etc/cobbler/modules.conf +manage_tftpd: 1 + +# set to 1 to enable Cobbler's RSYNC management features. +manage_rsync: 0 + +# if using BIND (named) for DNS management in /etc/cobbler/modules.conf +# and manage_dns is enabled (above), this lists which zones are managed +# See the Wiki (https://github.com/cobbler/cobbler/wiki/Dns-management) for more info +manage_forward_zones: [] +manage_reverse_zones: [] + +# if using cobbler with manage_dhcp, put the IP address +# of the cobbler server here so that PXE booting guests can find it +# if you do not set this correctly, this will be manifested in TFTP open timeouts. +next_server: $next_server + +# settings for power management features. optional. +# see https://github.com/cobbler/cobbler/wiki/Power-management to learn more +# choices (refer to codes.py): +# apc_snmp bladecenter bullpap drac ether_wake ilo integrity +# ipmilan ipmitool lpar rsa virsh wti +power_management_default_type: 'ipmitool' + +# the commands used by the power management module are sourced +# from what directory? +power_template_dir: "/etc/cobbler/power" + +# if this setting is set to 1, cobbler systems that pxe boot +# will request at the end of their installation to toggle the +# --netboot-enabled record in the cobbler system record. This eliminates +# the potential for a PXE boot loop if the system is set to PXE +# first in it's BIOS order. Enable this if PXE is first in your BIOS +# boot order, otherwise leave this disabled. See the manpage +# for --netboot-enabled. +pxe_just_once: 1 + +# the templates used for PXE config generation are sourced +# from what directory? +pxe_template_dir: "/etc/cobbler/pxe" + +# Path to where system consoles are +consoles: "/var/consoles" + +# Are you using a Red Hat management platform in addition to Cobbler? +# Cobbler can help you register to it. Choose one of the following: +# "off" : I'm not using Red Hat Network, Satellite, or Spacewalk +# "hosted" : I'm using Red Hat Network +# "site" : I'm using Red Hat Satellite Server or Spacewalk +# You will also want to read: https://github.com/cobbler/cobbler/wiki/Tips-for-RHN +redhat_management_type: "off" + +# if redhat_management_type is enabled, choose your server +# "management.example.org" : For Satellite or Spacewalk +# "xmlrpc.rhn.redhat.com" : For Red Hat Network +# This setting is also used by the code that supports using Spacewalk/Satellite users/passwords +# within Cobbler Web and Cobbler XMLRPC. Using RHN Hosted for this is not supported. +# This feature can be used even if redhat_management_type is off, you just have +# to have authn_spacewalk selected in modules.conf +redhat_management_server: "xmlrpc.rhn.redhat.com" + +# specify the default Red Hat authorization key to use to register +# system. If left blank, no registration will be attempted. Similarly +# you can set the --redhat-management-key to blank on any system to +# keep it from trying to register. +redhat_management_key: "" + +# if using authn_spacewalk in modules.conf to let cobbler authenticate +# against Satellite/Spacewalk's auth system, by default it will not allow per user +# access into Cobbler Web and Cobbler XMLRPC. +# in order to permit this, the following setting must be enabled HOWEVER +# doing so will permit all Spacewalk/Satellite users of certain types to edit all +# of cobbler's configuration. +# these roles are: config_admin and org_admin +# users should turn this on only if they want this behavior and +# do not have a cross-multi-org seperation concern. If you have +# a single org in your satellite, it's probably safe to turn this +# on and then you can use CobblerWeb alongside a Satellite install. +redhat_management_permissive: 0 + +# if set to 1, allows /usr/bin/cobbler-register (part of the koan package) +# to be used to remotely add new cobbler system records to cobbler. +# this effectively allows for registration of new hardware from system +# records. +register_new_installs: 0 + +# Flags to use for yum's reposync. If your version of yum reposync +# does not support -l, you may need to remove that option. +reposync_flags: "-l -n -d" + +# These options will be used for an rsync initiated by cobbler replicate +replicate_rsync_options: "-avzH" + +# when DHCP and DNS management are enabled, cobbler sync can automatically +# restart those services to apply changes. The exception for this is +# if using ISC for DHCP, then omapi eliminates the need for a restart. +# omapi, however, is experimental and not recommended for most configurations. +# If DHCP and DNS are going to be managed, but hosted on a box that +# is not on this server, disable restarts here and write some other +# script to ensure that the config files get copied/rsynced to the destination +# box. This can be done by modifying the restart services trigger. +# Note that if manage_dhcp and manage_dns are disabled, the respective +# parameter will have no effect. Most users should not need to change +# this. +restart_dns: 1 +restart_dhcp: 1 + +# install triggers are scripts in /var/lib/cobbler/triggers/install +# that are triggered in kickstart pre and post sections. Any +# executable script in those directories is run. They can be used +# to send email or perform other actions. They are currently +# run as root so if you do not need this functionality you can +# disable it, though this will also disable "cobbler status" which +# uses a logging trigger to audit install progress. +run_install_triggers: 1 + +# enables a trigger which version controls all changes to /var/lib/cobbler +# when add, edit, or sync events are performed. This can be used +# to revert to previous database versions, generate RSS feeds, or for +# other auditing or backup purposes. "git" and "hg" are currently suported, +# but git is the recommend SCM for use with this feature. +scm_track_enabled: 0 +scm_track_mode: "git" + +# this is the address of the cobbler server -- as it is used +# by systems during the install process, it must be the address +# or hostname of the system as those systems can see the server. +# if you have a server that appears differently to different subnets +# (dual homed, etc), you need to read the --server-override section +# of the manpage for how that works. +server: $ipaddr + +# If set to 1, all commands will be forced to use the localhost address +# instead of using the above value which can force commands like +# cobbler sync to open a connection to a remote address if one is in the +# configuration and would traceback. +client_use_localhost: 0 + +# If set to 1, all commands to the API (not directly to the XMLRPC +# server) will go over HTTPS instead of plaintext. Be sure to change +# the http_port setting to the correct value for the web server +client_use_https: 0 + +# this is a directory of files that cobbler uses to make +# templating easier. See the Wiki for more information. Changing +# this directory should not be required. +snippetsdir: /var/lib/cobbler/snippets + +# Normally if a kickstart is specified at a remote location, this +# URL will be passed directly to the kickstarting system, thus bypassing +# the usual snippet templating Cobbler does for local kickstart files. If +# this option is enabled, Cobbler will fetch the file contents internally +# and serve a templated version of the file to the client. +template_remote_kickstarts: 0 + +# should new profiles for virtual machines default to auto booting with the physical host when the physical host reboots? +# this can be overridden on each profile or system object. +virt_auto_boot: 1 + +# cobbler's web directory. Don't change this setting -- see the +# Wiki on "relocating your cobbler install" if your /var partition +# is not large enough. +webdir: /var/www/cobbler + +# cobbler's public XMLRPC listens on this port. Change this only +# if absolutely needed, as you'll have to start supplying a new +# port option to koan if it is not the default. +xmlrpc_port: 25151 + +# "cobbler repo add" commands set cobbler up with repository +# information that can be used during kickstart and is automatically +# set up in the cobbler kickstart templates. By default, these +# are only available at install time. To make these repositories +# usable on installed systems (since cobbler makes a very convient) +# mirror, set this to 1. Most users can safely set this to 1. Users +# who have a dual homed cobbler server, or are installing laptops that +# will not always have access to the cobbler server may wish to leave +# this as 0. In that case, the cobbler mirrored yum repos are still +# accessable at http://cobbler.example.org/cblr/repo_mirror and yum +# configuration can still be done manually. This is just a shortcut. +yum_post_install_mirror: 1 + +# the default yum priority for all the distros. This is only used +# if yum-priorities plugin is used. 1=maximum. Tweak with caution. +yum_distro_priority: 1 + +# Flags to use for yumdownloader. Not all versions may support +# --resolve. +yumdownloader_flags: "--resolve" + +# sort and indent JSON output to make it more human-readable +serializer_pretty_json: 0 + +# replication rsync options for distros, kickstarts, snippets set to override default value of "-avzH" +replicate_rsync_options: "-avzH" + +# replication rsync options for repos set to override default value of "-avzH" +replicate_repo_rsync_options: "-avzH" diff --git a/deploy/adapters/cobbler/conf/tftpd.template b/deploy/adapters/cobbler/conf/tftpd.template index 08e612d5..98c1e9ac 100644 --- a/deploy/adapters/cobbler/conf/tftpd.template +++ b/deploy/adapters/cobbler/conf/tftpd.template @@ -1,21 +1,21 @@ -# default: off
-# description: The tftp server serves files using the trivial file transfer \
-# protocol. The tftp protocol is often used to boot diskless \
-# workstations, download configuration files to network-aware printers, \
-# and to start the installation process for some operating systems.
-service tftp
-{
- disable = no
- log_type = SYSLOG local5 info
- socket_type = dgram
- protocol = udp
- wait = yes
- user = $user
- server = $binary
- server_args = -B 1380 -v -s $args
- instances = 1000
- per_source = 1000
- cps = 1000 2
- flags = IPv4
-}
-
+# default: off +# description: The tftp server serves files using the trivial file transfer \ +# protocol. The tftp protocol is often used to boot diskless \ +# workstations, download configuration files to network-aware printers, \ +# and to start the installation process for some operating systems. +service tftp +{ + disable = no + log_type = SYSLOG local5 info + socket_type = dgram + protocol = udp + wait = yes + user = $user + server = $binary + server_args = -B 1380 -v -s $args + instances = 1000 + per_source = 1000 + cps = 1000 2 + flags = IPv4 +} + diff --git a/deploy/adapters/cobbler/conf/zone.template b/deploy/adapters/cobbler/conf/zone.template index 1d04c734..0f900d4c 100644 --- a/deploy/adapters/cobbler/conf/zone.template +++ b/deploy/adapters/cobbler/conf/zone.template @@ -1,17 +1,17 @@ -\$TTL 300
-@ IN SOA $cobbler_server. nobody.example.com. (
- $serial ; Serial
- 600 ; Refresh
- 1800 ; Retry
- 604800 ; Expire
- 300 ; TTL
- )
-
- IN NS $cobbler_server.
-
-
-$cname_record
-
-$host_record
-$hostname IN A $ipaddr
-metrics IN A $ipaddr
+\$TTL 300 +@ IN SOA $cobbler_server. nobody.example.com. ( + $serial ; Serial + 600 ; Refresh + 1800 ; Retry + 604800 ; Expire + 300 ; TTL + ) + + IN NS $cobbler_server. + + +$cname_record + +$host_record +$hostname IN A $ipaddr +metrics IN A $ipaddr diff --git a/deploy/adapters/cobbler/kickstarts/default.seed b/deploy/adapters/cobbler/kickstarts/default.seed index a53b7c05..7461f83d 100644 --- a/deploy/adapters/cobbler/kickstarts/default.seed +++ b/deploy/adapters/cobbler/kickstarts/default.seed @@ -1,137 +1,137 @@ -# Mostly based on the Ubuntu installation guide
-# https://help.ubuntu.com/12.04/installation-guide/
-
-## Figure out if we're kickstarting a system or a profile
-#if $getVar('system_name','') != ''
-#set $what = "system"
-#else
-#set $what = "profile"
-#end if
-
-# Preseeding only locale sets language, country and locale.
-d-i debian-installer/locale string en_US
-d-i debian-installer/country string US
-d-i debian-installer/language string en
-
-# Keyboard selection.
-# Disable automatic (interactive) keymap detection.
-d-i console-setup/ask_detect boolean false
-d-i console-setup/layoutcode string us
-d-i console-setup/modelcode string SKIP
-d-i keyboard-configuration/variantcode string us
-d-i keyboard-configuration/layoutcode string us
-d-i keyboard-configuration/model select Generic 105-key (Intl) PC
-d-i console-keymaps-at/keymap select us
-d-i keyboard-configuration/xkb-keymap select us
-
-d-i preseed/early_command string \
-wget -O- \
-http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_early_default | /bin/sh -s; \
-debconf-set-selections /tmp/pre_install_network_config
-
-d-i partman/early_command string \
-wget -O- \
-http://$http_server/cblr/svc/op/script/$what/$name/?script=partman_early_default | /bin/sh -s; \
-debconf-set-selections /tmp/part-include
-
-$SNIPPET('preseed_network_config')
-$SNIPPET('preseed_partition_disks')
-
-# NTP/Time Setup
-#if $getVar('timezone', '') != ""
-d-i time/zone string $timezone
-#else
-d-i time/zone string US/Pacific
-#end if
-d-i clock-setup/utc boolean true
-d-i clock-setup/ntp boolean true
-#if $getVar('ntp_server', '') == ""
-d-i clock-setup/ntp-server string 0.ubuntu.pool.ntp.org
-#else
-d-i clock-setup/ntp-server string $ntp_server
-#end if
-
-# Setup the installation source
-d-i mirror/country string manual
-d-i mirror/http/hostname string $http_server
-d-i mirror/http/directory string $install_source_directory
-d-i mirror/http/proxy string
-d-i mirror/http/mirror select $http_server
-d-i mirror/protocol select http
-d-i mirror/udeb/components multiselect main, restricted
-
-#set $os_v = $getVar('os_version','')
-#if $os_v and $os_v.lower()[0] > 'p'
-# Required at least for 12.10+
-d-i live-installer/net-image string http://$http_server/cobbler/ks_mirror/$distro_name/install/filesystem.squashfs
-#end if
-
-# root account and password
-#if $getVar('username', 'root') != "root"
-d-i passwd/root-login boolean false
-d-i passwd/make-user boolean true
-d-i user-setup/allow-password-weak boolean true
-d-i passwd/root-password password root
-d-i passwd/root-password-again password root
- #set username = $getVar('username', 'root')
-d-i passwd/user-fullname string $username
-d-i passwd/username string $username
- #if $getVar('password', '') != ""
-d-i passwd/user-password-crypted password $password
- #else
-d-i passwd/user-password password $username
-d-i passwd/user-password-again password $username
- #end if
-#else
-d-i passwd/root-login boolean true
-d-i passwd/make-user boolean false
-d-i user-setup/allow-password-weak boolean true
- #if $getVar('password', '') != ""
-d-i passwd/root-password-crypted password $password
- #else
-d-i passwd/root-password password root
-d-i passwd/root-password-again password root
- #end if
-#end if
-
-$SNIPPET('preseed_apt_repo_config')
-
-# Individual additional packages to install
-# wget is REQUIRED otherwise quite a few things won't work
-# later in the build (like late-command scripts)
-#if $getVar('tool', '') != ''
- #set $preseed_software = "preseed_software_%s" % $tool
-$SNIPPET($preseed_software)
-#else
-d-i pkgsel/include string ntp ssh wget
-#end if
-
-# Whether to upgrade packages after debootstrap.
-# Allowed values: none, safe-upgrade, full-upgrade
-d-i pkgsel/upgrade select none
-d-i popularity-contest/participate boolean false
-d-i lilo-installer/skip boolean true
-d-i grub-installer/only_debian boolean true
-
-# Use the following option to add additional boot parameters for the
-# installed system (if supported by the bootloader installer).
-# Note: options passed to the installer will be added automatically.
-d-i debian-installer/add-kernel-opts string $kernel_options_post
-d-i debian-installer/allow_unauthenticated string true
-
-# Avoid that last message about the install being complete.
-d-i finish-install/reboot_in_progress note
-
-# This will prevent the installer from ejecting the CD during the reboot,
-# which is useful in some situations.
-d-i cdrom-detect/eject boolean false
-
-# This command is run just before the install finishes, but when there is
-# still a usable /target directory. You can chroot to /target and use it
-# directly, or use the apt-install and in-target commands to easily install
-# packages and run commands in the target system.
-# d-i preseed/late_command string [command]
-d-i preseed/late_command string \
-wget -O- \
- http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_late_default | \
- chroot /target /bin/sh -s; cp /target/etc/network/interfaces /etc/network/interfaces
+# Mostly based on the Ubuntu installation guide +# https://help.ubuntu.com/12.04/installation-guide/ + +## Figure out if we're kickstarting a system or a profile +#if $getVar('system_name','') != '' +#set $what = "system" +#else +#set $what = "profile" +#end if + +# Preseeding only locale sets language, country and locale. +d-i debian-installer/locale string en_US +d-i debian-installer/country string US +d-i debian-installer/language string en + +# Keyboard selection. +# Disable automatic (interactive) keymap detection. +d-i console-setup/ask_detect boolean false +d-i console-setup/layoutcode string us +d-i console-setup/modelcode string SKIP +d-i keyboard-configuration/variantcode string us +d-i keyboard-configuration/layoutcode string us +d-i keyboard-configuration/model select Generic 105-key (Intl) PC +d-i console-keymaps-at/keymap select us +d-i keyboard-configuration/xkb-keymap select us + +d-i preseed/early_command string \ +wget -O- \ +http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_early_default | /bin/sh -s; \ +debconf-set-selections /tmp/pre_install_network_config + +d-i partman/early_command string \ +wget -O- \ +http://$http_server/cblr/svc/op/script/$what/$name/?script=partman_early_default | /bin/sh -s; \ +debconf-set-selections /tmp/part-include + +$SNIPPET('preseed_network_config') +$SNIPPET('preseed_partition_disks') + +# NTP/Time Setup +#if $getVar('timezone', '') != "" +d-i time/zone string $timezone +#else +d-i time/zone string US/Pacific +#end if +d-i clock-setup/utc boolean true +d-i clock-setup/ntp boolean true +#if $getVar('ntp_server', '') == "" +d-i clock-setup/ntp-server string 0.ubuntu.pool.ntp.org +#else +d-i clock-setup/ntp-server string $ntp_server +#end if + +# Setup the installation source +d-i mirror/country string manual +d-i mirror/http/hostname string $http_server +d-i mirror/http/directory string $install_source_directory +d-i mirror/http/proxy string +d-i mirror/http/mirror select $http_server +d-i mirror/protocol select http +d-i mirror/udeb/components multiselect main, restricted + +#set $os_v = $getVar('os_version','') +#if $os_v and $os_v.lower()[0] > 'p' +# Required at least for 12.10+ +d-i live-installer/net-image string http://$http_server/cobbler/ks_mirror/$distro_name/install/filesystem.squashfs +#end if + +# root account and password +#if $getVar('username', 'root') != "root" +d-i passwd/root-login boolean false +d-i passwd/make-user boolean true +d-i user-setup/allow-password-weak boolean true +d-i passwd/root-password password root +d-i passwd/root-password-again password root + #set username = $getVar('username', 'root') +d-i passwd/user-fullname string $username +d-i passwd/username string $username + #if $getVar('password', '') != "" +d-i passwd/user-password-crypted password $password + #else +d-i passwd/user-password password $username +d-i passwd/user-password-again password $username + #end if +#else +d-i passwd/root-login boolean true +d-i passwd/make-user boolean false +d-i user-setup/allow-password-weak boolean true + #if $getVar('password', '') != "" +d-i passwd/root-password-crypted password $password + #else +d-i passwd/root-password password root +d-i passwd/root-password-again password root + #end if +#end if + +$SNIPPET('preseed_apt_repo_config') + +# Individual additional packages to install +# wget is REQUIRED otherwise quite a few things won't work +# later in the build (like late-command scripts) +#if $getVar('tool', '') != '' + #set $preseed_software = "preseed_software_%s" % $tool +$SNIPPET($preseed_software) +#else +d-i pkgsel/include string ntp ssh wget +#end if + +# Whether to upgrade packages after debootstrap. +# Allowed values: none, safe-upgrade, full-upgrade +d-i pkgsel/upgrade select none +d-i popularity-contest/participate boolean false +d-i lilo-installer/skip boolean true +d-i grub-installer/only_debian boolean true + +# Use the following option to add additional boot parameters for the +# installed system (if supported by the bootloader installer). +# Note: options passed to the installer will be added automatically. +d-i debian-installer/add-kernel-opts string $kernel_options_post +d-i debian-installer/allow_unauthenticated string true + +# Avoid that last message about the install being complete. +d-i finish-install/reboot_in_progress note + +# This will prevent the installer from ejecting the CD during the reboot, +# which is useful in some situations. +d-i cdrom-detect/eject boolean false + +# This command is run just before the install finishes, but when there is +# still a usable /target directory. You can chroot to /target and use it +# directly, or use the apt-install and in-target commands to easily install +# packages and run commands in the target system. +# d-i preseed/late_command string [command] +d-i preseed/late_command string \ +wget -O- \ + http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_late_default | \ + chroot /target /bin/sh -s; cp /target/etc/network/interfaces /etc/network/interfaces diff --git a/deploy/adapters/cobbler/kickstarts/default.xml b/deploy/adapters/cobbler/kickstarts/default.xml index 6583af4e..04f53632 100644 --- a/deploy/adapters/cobbler/kickstarts/default.xml +++ b/deploy/adapters/cobbler/kickstarts/default.xml @@ -1,269 +1,269 @@ -## Figure out if we're kickstarting a system or a profile
-#if $getVar('system_name','') != ''
-#set $what = "system"
-#else
-#set $what = "profile"
-#end if
-<?xml version="1.0" standalone="no"?>
-<!--
-
- Copyright (c) 2011 Novell
- Uwe Gansert ug@suse.de
-
- This software is licensed to you under the GNU General Public License,
- version 2 (GPLv2). There is NO WARRANTY for this software, express or
- implied, including the implied warranties of MERCHANTABILITY or FITNESS
- FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
- along with this software; if not, see
- http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
-
--->
-<!DOCTYPE profile [
-<!ENTITY network SYSTEM "/tmp/profile/network.xml">
-<!ENTITY partition SYSTEM "/tmp/profile/partition.xml">
-<!ENTITY bootloader SYSTEM "/tmp/profile/bootloader.xml">
-]>
-<profile xmlns="http://www.suse.com/1.0/yast2ns" xmlns:config="http://www.suse.com/1.0/configns">
- <deploy_image>
- <image_installation config:type="boolean">false</image_installation>
- </deploy_image>
- ## without the next 6 lines autoyast will ask for confirmation bevore installation
- <general>
- <signature-handling>
- <accept_unsigned_file config:type="boolean">true</accept_unsigned_file>
- <accept_file_without_checksum config:type="boolean">true</accept_file_without_checksum>
- <accept_verification_failed config:type="boolean">true</accept_verification_failed>
- <accept_unknown_gpg_key config:type="boolean">true</accept_unknown_gpg_key>
- <import_gpg_key config:type="boolean">true</import_gpg_key>
- <accept_non_trusted_gpg_key config:type="boolean">true</accept_non_trusted_gpg_key>
- </signature-handling>
- <mode>
- <confirm config:type="boolean">false</confirm>
- <final_reboot config:type="boolean">true</final_reboot>
- </mode>
- </general>
- $SNIPPET('hosts.xml')
- $SNIPPET('kdump.xml')
- ## <keyboard>
- ## <keymap>english</keymap>
- ## </keyboard>
- <language>
- <language>en_US</language>
- <languages></languages>
- </language>
- <timezone>
- <hwclock>localtime</hwclock>
-#if $getVar('timezone', '') != ""
- <timezone>$timezone</timezone>
-#else
- <timezone>US/Pacific</timezone>
-#end if
- </timezone>
- <software>
- <add-on>
- <add_on_products config:type="list">
- $SNIPPET('repo_config.xml')
- </add_on_products>
- </add-on>
- <patterns config:type="list">
- <pattern>base</pattern>
- </patterns>
- <packages config:type="list">
- <package>iputils</package>
- <package>openssh</package>
- <package>gcc</package>
- <package>net-tools</package>
- <package>ethtool</package>
- <package>ntp</package>
- <package>wget</package>
- <package>rsyslog</package>
- <package>iproute2</package>
- <package>parted</package>
- <package>lsb-release</package>
-#if $getVar('tool', '') != ''
- #set $suse_software = "software_%s.xml" % $tool
-$SNIPPET($suse_software)
-#end if
- </packages>
- <do_online_update config:type="boolean">true</do_online_update> <!-- since openSUSE 11.1 -->
- </software>
- $SNIPPET('yast_repo_config.xml')
- <files config:type="list">
- $SNIPPET('limits_conf.xml')
- $SNIPPET('ssh.xml')
- $SNIPPET('sshd.xml')
- $SNIPPET('sysctl.xml')
- $SNIPPET('rsyslog.xml')
- </files>
- <login_settings/>
- <sysconfig config:type="list" >
- </sysconfig>
- <networking>
- &amp;network;
- </networking>
- $SNIPPET('ntp.xml')
- <partitioning config:type="list">
- &amp;partition;
- </partitioning>
- <bootloader>
- &amp;bootloader;
- </bootloader>
- <runlevel>
- <default>3</default>
- <services config:type="list">
- <service>
- <service_name>sshd</service_name>
- <service_status>enable</service_status>
- </service>
- <service>
- <service_name>ntp</service_name>
- <service_status>enable</service_status>
- </service>
- <service>
- <service_name>syslog</service_name>
- <service_status>enable</service_status>
- </service>
- <service>
- <service_name>autoyast</service_name>
- <service_status>enable</service_status>
- </service>
- </services>
- </runlevel>
- <sysconfig config:type="list">
- <sysconfig_entry>
- <sysconfig_key>SYSLOG_DAEMON</sysconfig_key>
- <sysconfig_path>/etc/sysconfig/syslog</sysconfig_path>
- <sysconfig_value>rsyslogd</sysconfig_value>
- </sysconfig_entry>
- <sysconfig_entry>
- <sysconfig_key>RSYSLOGD_COMPAT_VERSION</sysconfig_key>
- <sysconfig_path>/etc/sysconfig/syslog</sysconfig_path>
- <sysconfig_value>4</sysconfig_value>
- </sysconfig_entry>
- </sysconfig>
- <user_defaults>
- <expire></expire>
- <home>/home</home>
- <inactive>-1</inactive>
- <shell>/bin/bash</shell>
- <skel>/etc/skel</skel>
- </user_defaults>
- <users config:type="list">
-#if $getVar('username', 'root') != "root"
- <user>
- <encrypted config:type="boolean">false</encrypted>
- <fullname>root</fullname>
- <gid>0</gid>
- <home>/root</home>
- <password_settings>
- <expire></expire>
- <flag></flag>
- <inact></inact>
- <max></max>
- <min></min>
- <warn></warn>
- </password_settings>
- <shell>/bin/bash</shell>
- <uid>0</uid>
- <username>root</username>
- <user_password>root</user_password>
- </user>
- #set username = $getVar('username', 'root')
- <user>
-#if $getVar('password', '') != ""
- <encrypted config:type="boolean">true</encrypted>
- <user_password>$password</user_password>
-#else
- <encrypted config:type="boolean">false</encrypted>
- <user_password>$username</user_password>
-#end if
- <username>$username</username>
- <fullname>$username</fullname>
- <password_settings>
- <expire></expire>
- <flag></flag>
- <inact></inact>
- <max></max>
- <min></min>
- <warn></warn>
- </password_settings>
- <shell>/bin/bash</shell>
- </user>
-#else
- <user>
-#if $getVar('password', '') != ""
- <encrypted config:type="boolean">true</encrypted>
- <user_password>$password</user_password>
-#else
- <encrypted config:type="boolean">false</encrypted>
- <user_password>root</user_password>
-#end if
- <username>root</username>
- <fullname>root</fullname>
- <gid>0</gid>
- <home>/root</home>
- <password_settings>
- <expire></expire>
- <flag></flag>
- <inact></inact>
- <max></max>
- <min></min>
- <warn></warn>
- </password_settings>
- <shell>/bin/bash</shell>
- <uid>0</uid>
- </user>
-#end if
- </users>
- <scripts>
- ## we have to include the pre-scripts tag to get kickstart_start included
- <pre-scripts config:type="list">
- <script>
- <interpreter>shell</interpreter>
- <filename>pre_install_script.sh</filename>
- <source><![CDATA[
- wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=suse_early_default | /bin/bash
- ]]></source>
- </script>
- ## SuSE has an annoying habit on ppc64 of changing the system
- ## boot order after installation. This makes it non-trivial to
- ## automatically re-install future OS.
-#set global $wrappedscript = 'save_boot_device'
-$SNIPPET('suse_scriptwrapper.xml')
- </pre-scripts>
- <post-scripts config:type="list">
- <script>
- <interpreter>shell</interpreter>
- <network_needed config:type="boolean">true</network_needed>
- <filename>post_install_script.sh</filename>
- <source><![CDATA[
- wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=suse_post_default | /bin/bash
- ]]></source>
- </script>
- ## This plugin wrapper provides the flexibility to call pure shell
- ## snippets which can be used directly on kickstart and with with
- ## wrapper on SuSE.
-#set global $wrappedscript = 'restore_boot_device'
-$SNIPPET('suse_scriptwrapper.xml')
- </post-scripts>
- <chroot-scripts config:type="list">
- <script>
- <interpreter>shell</interpreter>
- <chrooted config:type="boolean">true</chrooted>
- <filename>chroot_install_script.sh</filename>
- <source><![CDATA[
- wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=suse_late_default | /bin/bash
- ]]></source>
- </script>
- </chroot-scripts>
- <init-scripts config:type="list">
- <script>
- <interpreter>shell</interpreter>
- <filename>init_install_script.sh</filename>
- <source><![CDATA[
- wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=suse_init_default | /bin/bash
- ]]></source>
- </script>
- </init-scripts>
- </scripts>
-</profile>
+## Figure out if we're kickstarting a system or a profile +#if $getVar('system_name','') != '' +#set $what = "system" +#else +#set $what = "profile" +#end if +<?xml version="1.0" standalone="no"?> +<!-- + + Copyright (c) 2011 Novell + Uwe Gansert ug@suse.de + + This software is licensed to you under the GNU General Public License, + version 2 (GPLv2). There is NO WARRANTY for this software, express or + implied, including the implied warranties of MERCHANTABILITY or FITNESS + FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2 + along with this software; if not, see + http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt. + +--> +<!DOCTYPE profile [ +<!ENTITY network SYSTEM "/tmp/profile/network.xml"> +<!ENTITY partition SYSTEM "/tmp/profile/partition.xml"> +<!ENTITY bootloader SYSTEM "/tmp/profile/bootloader.xml"> +]> +<profile xmlns="http://www.suse.com/1.0/yast2ns" xmlns:config="http://www.suse.com/1.0/configns"> + <deploy_image> + <image_installation config:type="boolean">false</image_installation> + </deploy_image> + ## without the next 6 lines autoyast will ask for confirmation bevore installation + <general> + <signature-handling> + <accept_unsigned_file config:type="boolean">true</accept_unsigned_file> + <accept_file_without_checksum config:type="boolean">true</accept_file_without_checksum> + <accept_verification_failed config:type="boolean">true</accept_verification_failed> + <accept_unknown_gpg_key config:type="boolean">true</accept_unknown_gpg_key> + <import_gpg_key config:type="boolean">true</import_gpg_key> + <accept_non_trusted_gpg_key config:type="boolean">true</accept_non_trusted_gpg_key> + </signature-handling> + <mode> + <confirm config:type="boolean">false</confirm> + <final_reboot config:type="boolean">true</final_reboot> + </mode> + </general> + $SNIPPET('hosts.xml') + $SNIPPET('kdump.xml') + ## <keyboard> + ## <keymap>english</keymap> + ## </keyboard> + <language> + <language>en_US</language> + <languages></languages> + </language> + <timezone> + <hwclock>localtime</hwclock> +#if $getVar('timezone', '') != "" + <timezone>$timezone</timezone> +#else + <timezone>US/Pacific</timezone> +#end if + </timezone> + <software> + <add-on> + <add_on_products config:type="list"> + $SNIPPET('repo_config.xml') + </add_on_products> + </add-on> + <patterns config:type="list"> + <pattern>base</pattern> + </patterns> + <packages config:type="list"> + <package>iputils</package> + <package>openssh</package> + <package>gcc</package> + <package>net-tools</package> + <package>ethtool</package> + <package>ntp</package> + <package>wget</package> + <package>rsyslog</package> + <package>iproute2</package> + <package>parted</package> + <package>lsb-release</package> +#if $getVar('tool', '') != '' + #set $suse_software = "software_%s.xml" % $tool +$SNIPPET($suse_software) +#end if + </packages> + <do_online_update config:type="boolean">true</do_online_update> <!-- since openSUSE 11.1 --> + </software> + $SNIPPET('yast_repo_config.xml') + <files config:type="list"> + $SNIPPET('limits_conf.xml') + $SNIPPET('ssh.xml') + $SNIPPET('sshd.xml') + $SNIPPET('sysctl.xml') + $SNIPPET('rsyslog.xml') + </files> + <login_settings/> + <sysconfig config:type="list" > + </sysconfig> + <networking> + &amp;network; + </networking> + $SNIPPET('ntp.xml') + <partitioning config:type="list"> + &amp;partition; + </partitioning> + <bootloader> + &amp;bootloader; + </bootloader> + <runlevel> + <default>3</default> + <services config:type="list"> + <service> + <service_name>sshd</service_name> + <service_status>enable</service_status> + </service> + <service> + <service_name>ntp</service_name> + <service_status>enable</service_status> + </service> + <service> + <service_name>syslog</service_name> + <service_status>enable</service_status> + </service> + <service> + <service_name>autoyast</service_name> + <service_status>enable</service_status> + </service> + </services> + </runlevel> + <sysconfig config:type="list"> + <sysconfig_entry> + <sysconfig_key>SYSLOG_DAEMON</sysconfig_key> + <sysconfig_path>/etc/sysconfig/syslog</sysconfig_path> + <sysconfig_value>rsyslogd</sysconfig_value> + </sysconfig_entry> + <sysconfig_entry> + <sysconfig_key>RSYSLOGD_COMPAT_VERSION</sysconfig_key> + <sysconfig_path>/etc/sysconfig/syslog</sysconfig_path> + <sysconfig_value>4</sysconfig_value> + </sysconfig_entry> + </sysconfig> + <user_defaults> + <expire></expire> + <home>/home</home> + <inactive>-1</inactive> + <shell>/bin/bash</shell> + <skel>/etc/skel</skel> + </user_defaults> + <users config:type="list"> +#if $getVar('username', 'root') != "root" + <user> + <encrypted config:type="boolean">false</encrypted> + <fullname>root</fullname> + <gid>0</gid> + <home>/root</home> + <password_settings> + <expire></expire> + <flag></flag> + <inact></inact> + <max></max> + <min></min> + <warn></warn> + </password_settings> + <shell>/bin/bash</shell> + <uid>0</uid> + <username>root</username> + <user_password>root</user_password> + </user> + #set username = $getVar('username', 'root') + <user> +#if $getVar('password', '') != "" + <encrypted config:type="boolean">true</encrypted> + <user_password>$password</user_password> +#else + <encrypted config:type="boolean">false</encrypted> + <user_password>$username</user_password> +#end if + <username>$username</username> + <fullname>$username</fullname> + <password_settings> + <expire></expire> + <flag></flag> + <inact></inact> + <max></max> + <min></min> + <warn></warn> + </password_settings> + <shell>/bin/bash</shell> + </user> +#else + <user> +#if $getVar('password', '') != "" + <encrypted config:type="boolean">true</encrypted> + <user_password>$password</user_password> +#else + <encrypted config:type="boolean">false</encrypted> + <user_password>root</user_password> +#end if + <username>root</username> + <fullname>root</fullname> + <gid>0</gid> + <home>/root</home> + <password_settings> + <expire></expire> + <flag></flag> + <inact></inact> + <max></max> + <min></min> + <warn></warn> + </password_settings> + <shell>/bin/bash</shell> + <uid>0</uid> + </user> +#end if + </users> + <scripts> + ## we have to include the pre-scripts tag to get kickstart_start included + <pre-scripts config:type="list"> + <script> + <interpreter>shell</interpreter> + <filename>pre_install_script.sh</filename> + <source><![CDATA[ + wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=suse_early_default | /bin/bash + ]]></source> + </script> + ## SuSE has an annoying habit on ppc64 of changing the system + ## boot order after installation. This makes it non-trivial to + ## automatically re-install future OS. +#set global $wrappedscript = 'save_boot_device' +$SNIPPET('suse_scriptwrapper.xml') + </pre-scripts> + <post-scripts config:type="list"> + <script> + <interpreter>shell</interpreter> + <network_needed config:type="boolean">true</network_needed> + <filename>post_install_script.sh</filename> + <source><![CDATA[ + wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=suse_post_default | /bin/bash + ]]></source> + </script> + ## This plugin wrapper provides the flexibility to call pure shell + ## snippets which can be used directly on kickstart and with with + ## wrapper on SuSE. +#set global $wrappedscript = 'restore_boot_device' +$SNIPPET('suse_scriptwrapper.xml') + </post-scripts> + <chroot-scripts config:type="list"> + <script> + <interpreter>shell</interpreter> + <chrooted config:type="boolean">true</chrooted> + <filename>chroot_install_script.sh</filename> + <source><![CDATA[ + wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=suse_late_default | /bin/bash + ]]></source> + </script> + </chroot-scripts> + <init-scripts config:type="list"> + <script> + <interpreter>shell</interpreter> + <filename>init_install_script.sh</filename> + <source><![CDATA[ + wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=suse_init_default | /bin/bash + ]]></source> + </script> + </init-scripts> + </scripts> +</profile> diff --git a/deploy/adapters/cobbler/scripts/partman_early_default b/deploy/adapters/cobbler/scripts/partman_early_default index 0891b037..01502871 100644 --- a/deploy/adapters/cobbler/scripts/partman_early_default +++ b/deploy/adapters/cobbler/scripts/partman_early_default @@ -1,5 +1,5 @@ -# Start partman_early_default
-# This script is not run in the chroot /target by default
-$SNIPPET('preseed_pre_partition_disks')
-# End partman_early_default
-
+# Start partman_early_default +# This script is not run in the chroot /target by default +$SNIPPET('preseed_pre_partition_disks') +# End partman_early_default + diff --git a/deploy/adapters/cobbler/scripts/preseed_early_default b/deploy/adapters/cobbler/scripts/preseed_early_default index f1c2a7c0..36ad3b6b 100644 --- a/deploy/adapters/cobbler/scripts/preseed_early_default +++ b/deploy/adapters/cobbler/scripts/preseed_early_default @@ -1,7 +1,7 @@ -# Start preseed_early_default
-# This script is not run in the chroot /target by default
-$SNIPPET('kickstart_start')
-$SNIPPET('preseed_pre_anamon')
-echo "processed preseed_pre_anamon" >> /tmp/preseed.log
-$SNIPPET('preseed_pre_install_network_config')
-# End preseed_early_default
+# Start preseed_early_default +# This script is not run in the chroot /target by default +$SNIPPET('kickstart_start') +$SNIPPET('preseed_pre_anamon') +echo "processed preseed_pre_anamon" >> /tmp/preseed.log +$SNIPPET('preseed_pre_install_network_config') +# End preseed_early_default diff --git a/deploy/adapters/cobbler/scripts/preseed_late_default b/deploy/adapters/cobbler/scripts/preseed_late_default index d6dc29f9..3fd0ac10 100644 --- a/deploy/adapters/cobbler/scripts/preseed_late_default +++ b/deploy/adapters/cobbler/scripts/preseed_late_default @@ -1,18 +1,18 @@ -# Start preseed_late_default
-# This script runs in the chroot /target by default
-$SNIPPET('preseed_post_install_kernel_options')
-$SNIPPET('preseed_post_install_network_config')
-$SNIPPET('preseed_post_partition_disks')
-$SNIPPET('preseed_ssh')
-$SNIPPET('preseed_ntp')
-$SNIPPET('preseed_post_apt_repo_config')
-#if $getVar('tool', '') != ''
- #set $preseed_tool = "preseed_%s" % $tool
-$SNIPPET($preseed_tool)
-#end if
-$SNIPPET('preseed_limits.conf')
-$SNIPPET('preseed_sysctl.conf')
-$SNIPPET('preseed_rsyslog.conf')
-$SNIPPET('preseed_post_anamon')
-$SNIPPET('kickstart_done')
-# End preseed_late_default
+# Start preseed_late_default +# This script runs in the chroot /target by default +$SNIPPET('preseed_post_install_kernel_options') +$SNIPPET('preseed_post_install_network_config') +$SNIPPET('preseed_post_partition_disks') +$SNIPPET('preseed_ssh') +$SNIPPET('preseed_ntp') +$SNIPPET('preseed_post_apt_repo_config') +#if $getVar('tool', '') != '' + #set $preseed_tool = "preseed_%s" % $tool +$SNIPPET($preseed_tool) +#end if +$SNIPPET('preseed_limits.conf') +$SNIPPET('preseed_sysctl.conf') +$SNIPPET('preseed_rsyslog.conf') +$SNIPPET('preseed_post_anamon') +$SNIPPET('kickstart_done') +# End preseed_late_default diff --git a/deploy/adapters/cobbler/snippets/apt.repos.d/ubuntu/12.04/preseed_repos b/deploy/adapters/cobbler/snippets/apt.repos.d/ubuntu/12.04/preseed_repos index 8d70dafa..d72a2666 100644 --- a/deploy/adapters/cobbler/snippets/apt.repos.d/ubuntu/12.04/preseed_repos +++ b/deploy/adapters/cobbler/snippets/apt.repos.d/ubuntu/12.04/preseed_repos @@ -1,8 +1,8 @@ -cat << EOF >> /etc/apt/sources.list
-deb http://archive.ubuntu.com/ubuntu/ precise main restricted universe multiverse
-deb http://archive.ubuntu.com/ubuntu/ precise-security main restricted universe multiverse
-deb http://archive.ubuntu.com/ubuntu/ precise-updates main restricted universe multiverse
-deb http://archive.ubuntu.com/ubuntu/ precise-proposed main restricted universe multiverse
-deb http://archive.ubuntu.com/ubuntu/ precise-backports main restricted universe multiverse
-EOF
-
+cat << EOF >> /etc/apt/sources.list +deb http://archive.ubuntu.com/ubuntu/ precise main restricted universe multiverse +deb http://archive.ubuntu.com/ubuntu/ precise-security main restricted universe multiverse +deb http://archive.ubuntu.com/ubuntu/ precise-updates main restricted universe multiverse +deb http://archive.ubuntu.com/ubuntu/ precise-proposed main restricted universe multiverse +deb http://archive.ubuntu.com/ubuntu/ precise-backports main restricted universe multiverse +EOF + diff --git a/deploy/adapters/cobbler/snippets/apt.repos.d/ubuntu/14.04/preseed_repos b/deploy/adapters/cobbler/snippets/apt.repos.d/ubuntu/14.04/preseed_repos index 86ad7130..2eb0b275 100644 --- a/deploy/adapters/cobbler/snippets/apt.repos.d/ubuntu/14.04/preseed_repos +++ b/deploy/adapters/cobbler/snippets/apt.repos.d/ubuntu/14.04/preseed_repos @@ -1,8 +1,8 @@ -cat << EOF >> /etc/apt/sources.list
-deb http://archive.ubuntu.com/ubuntu/ trusty main restricted universe multiverse
-deb http://archive.ubuntu.com/ubuntu/ trusty-security main restricted universe multiverse
-deb http://archive.ubuntu.com/ubuntu/ trusty-updates main restricted universe multiverse
-deb http://archive.ubuntu.com/ubuntu/ trusty-proposed main restricted universe multiverse
-deb http://archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse
-EOF
-
+cat << EOF >> /etc/apt/sources.list +deb http://archive.ubuntu.com/ubuntu/ trusty main restricted universe multiverse +deb http://archive.ubuntu.com/ubuntu/ trusty-security main restricted universe multiverse +deb http://archive.ubuntu.com/ubuntu/ trusty-updates main restricted universe multiverse +deb http://archive.ubuntu.com/ubuntu/ trusty-proposed main restricted universe multiverse +deb http://archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse +EOF + diff --git a/deploy/adapters/cobbler/snippets/cobbler_register b/deploy/adapters/cobbler/snippets/cobbler_register index 8067ec32..87dbb370 100644 --- a/deploy/adapters/cobbler/snippets/cobbler_register +++ b/deploy/adapters/cobbler/snippets/cobbler_register @@ -1,13 +1,13 @@ -# Begin cobbler registration
-#if $getVar('system_name','') == ''
-#if $str($getVar('register_new_installs','')) in [ "1", "true", "yes", "y" ]
-if [ -f "/usr/bin/cobbler-register" ]; then
- cobbler-register --server=$server --fqdn '*AUTO*' --profile=$profile_name --batch
-fi
-#else
-# cobbler registration is disabled in /etc/cobbler/settings
-#end if
-#else
-# skipping for system-based installation
-#end if
-# End cobbler registration
+# Begin cobbler registration +#if $getVar('system_name','') == '' +#if $str($getVar('register_new_installs','')) in [ "1", "true", "yes", "y" ] +if [ -f "/usr/bin/cobbler-register" ]; then + cobbler-register --server=$server --fqdn '*AUTO*' --profile=$profile_name --batch +fi +#else +# cobbler registration is disabled in /etc/cobbler/settings +#end if +#else +# skipping for system-based installation +#end if +# End cobbler registration diff --git a/deploy/adapters/cobbler/snippets/download_config_files b/deploy/adapters/cobbler/snippets/download_config_files index 4bd56027..04443113 100644 --- a/deploy/adapters/cobbler/snippets/download_config_files +++ b/deploy/adapters/cobbler/snippets/download_config_files @@ -1,18 +1,18 @@ -# Start download cobbler managed config files (if applicable)
-#for $tkey, $tpath in $template_files.items()
- #set $orig = $tpath
- #set $tpath = $tpath.replace("_","__").replace("/","_")
- #if $getVar("system_name","") != ""
- #set $ttype = "system"
- #set $tname = $system_name
- #else
- #set $ttype = "profile"
- #set $tname = $profile_name
- #end if
- #set $turl = "http://"+$http_server+"/cblr/svc/op/template/"+$ttype+"/"+$tname+"/path/"+$tpath
-#if $orig.startswith("/")
-mkdir -p `dirname $orig`
-wget "$turl" --output-document="$orig"
-#end if
-#end for
-# End download cobbler managed config files (if applicable)
+# Start download cobbler managed config files (if applicable) +#for $tkey, $tpath in $template_files.items() + #set $orig = $tpath + #set $tpath = $tpath.replace("_","__").replace("/","_") + #if $getVar("system_name","") != "" + #set $ttype = "system" + #set $tname = $system_name + #else + #set $ttype = "profile" + #set $tname = $profile_name + #end if + #set $turl = "http://"+$http_server+"/cblr/svc/op/template/"+$ttype+"/"+$tname+"/path/"+$tpath +#if $orig.startswith("/") +mkdir -p `dirname $orig` +wget "$turl" --output-document="$orig" +#end if +#end for +# End download cobbler managed config files (if applicable) diff --git a/deploy/adapters/cobbler/snippets/download_config_files_deb b/deploy/adapters/cobbler/snippets/download_config_files_deb index efb3a01f..95297d30 100644 --- a/deploy/adapters/cobbler/snippets/download_config_files_deb +++ b/deploy/adapters/cobbler/snippets/download_config_files_deb @@ -1,22 +1,22 @@ -## Start download cobbler managed config files (if applicable)
-#import os
-#import stat
-#set $cmd = '\\'
-#for $tkey, $tpath in $template_files.items()
- #set $orig = $tpath
- #set $tpath = $tpath.replace("_","__").replace("/","_")
- #if $getVar("system_name","") != ""
- #set $ttype = "system"
- #set $tname = $system_name
- #else
- #set $ttype = "profile"
- #set $tname = $profile_name
- #end if
- #set $turl = "http://"+$http_server+"/cblr/svc/op/template/"+$ttype+"/"+$tname+"/path/"+$tpath
-#if $orig.startswith("/")
-#set $perms = oct(stat.S_IMODE(os.stat($tkey).st_mode))[-3:]
-#set $cmd = $cmd + "\n" + "mkdir -p " + "`dirname " + $orig + "`; wget -nv " + $turl + " --output-document=" + $orig + "; chmod " + $perms +" " + $orig +"; \\"
-#end if
-#end for
-#echo $cmd
-## End download cobbler managed config files (if applicable)
+## Start download cobbler managed config files (if applicable) +#import os +#import stat +#set $cmd = '\\' +#for $tkey, $tpath in $template_files.items() + #set $orig = $tpath + #set $tpath = $tpath.replace("_","__").replace("/","_") + #if $getVar("system_name","") != "" + #set $ttype = "system" + #set $tname = $system_name + #else + #set $ttype = "profile" + #set $tname = $profile_name + #end if + #set $turl = "http://"+$http_server+"/cblr/svc/op/template/"+$ttype+"/"+$tname+"/path/"+$tpath +#if $orig.startswith("/") +#set $perms = oct(stat.S_IMODE(os.stat($tkey).st_mode))[-3:] +#set $cmd = $cmd + "\n" + "mkdir -p " + "`dirname " + $orig + "`; wget -nv " + $turl + " --output-document=" + $orig + "; chmod " + $perms +" " + $orig +"; \\" +#end if +#end for +#echo $cmd +## End download cobbler managed config files (if applicable) diff --git a/deploy/adapters/cobbler/snippets/func_install_if_enabled b/deploy/adapters/cobbler/snippets/func_install_if_enabled index 66c878a5..4bff348c 100644 --- a/deploy/adapters/cobbler/snippets/func_install_if_enabled +++ b/deploy/adapters/cobbler/snippets/func_install_if_enabled @@ -1,4 +1,4 @@ -#if $str($getVar('func_auto_setup','')) == "1"
-func
-#end if
-
+#if $str($getVar('func_auto_setup','')) == "1" +func +#end if + diff --git a/deploy/adapters/cobbler/snippets/func_register_if_enabled b/deploy/adapters/cobbler/snippets/func_register_if_enabled index 0e5580b3..4258fa33 100644 --- a/deploy/adapters/cobbler/snippets/func_register_if_enabled +++ b/deploy/adapters/cobbler/snippets/func_register_if_enabled @@ -1,26 +1,26 @@ -
-#if $str($getVar('func_auto_setup','')) == "1"
-# Start func registration section
-
-/sbin/chkconfig --level 345 funcd on
-
-cat <<EOFM > /etc/func/minion.conf
-[main]
-log_level = INFO
-acl_dir = /etc/func/minion-acl.d
-
-listen_addr =
-listen_port = 51234
-EOFM
-
-cat <<EOCM > /etc/certmaster/minion.conf
-[main]
-certmaster = $func_master
-certmaster_port = 51235
-log_level = DEBUG
-cert_dir = /etc/pki/certmaster
-EOCM
-
-# End func registration section
-#end if
-
+ +#if $str($getVar('func_auto_setup','')) == "1" +# Start func registration section + +/sbin/chkconfig --level 345 funcd on + +cat <<EOFM > /etc/func/minion.conf +[main] +log_level = INFO +acl_dir = /etc/func/minion-acl.d + +listen_addr = +listen_port = 51234 +EOFM + +cat <<EOCM > /etc/certmaster/minion.conf +[main] +certmaster = $func_master +certmaster_port = 51235 +log_level = DEBUG +cert_dir = /etc/pki/certmaster +EOCM + +# End func registration section +#end if + diff --git a/deploy/adapters/cobbler/snippets/hosts.xml b/deploy/adapters/cobbler/snippets/hosts.xml index 21a24dfc..7fd4ab6c 100644 --- a/deploy/adapters/cobbler/snippets/hosts.xml +++ b/deploy/adapters/cobbler/snippets/hosts.xml @@ -1,25 +1,25 @@ -<host>
- <hosts config:type="list">
- <hosts_entry>
- <host_address>127.0.0.1</host_address>
- <names config:type="list">
- <name>localhost</name>
- </names>
- </hosts_entry>
- #if $getVar("system_name","") != ""
- #set $ikeys = $interfaces.keys()
- #for $iface in $ikeys
- #set $idata = $interfaces[$iface]
- #if $idata["interface_type"].lower() in ["","na","bridge","bond"]
- <hosts_entry>
- <host_address>$idata["ip_address"]</host_address>
- <names config:type="list">
- #set $my_interface_hostname_short = $idata["dns_name"].split('.',1)[:1][0]
- <name>$idata["dns_name"].lower() $my_interface_hostname_short.lower()</name>
- </names>
- </hosts_entry>
- #end if
- #end for
- #end if
- </hosts>
- </host>
+<host> + <hosts config:type="list"> + <hosts_entry> + <host_address>127.0.0.1</host_address> + <names config:type="list"> + <name>localhost</name> + </names> + </hosts_entry> + #if $getVar("system_name","") != "" + #set $ikeys = $interfaces.keys() + #for $iface in $ikeys + #set $idata = $interfaces[$iface] + #if $idata["interface_type"].lower() in ["","na","bridge","bond"] + <hosts_entry> + <host_address>$idata["ip_address"]</host_address> + <names config:type="list"> + #set $my_interface_hostname_short = $idata["dns_name"].split('.',1)[:1][0] + <name>$idata["dns_name"].lower() $my_interface_hostname_short.lower()</name> + </names> + </hosts_entry> + #end if + #end for + #end if + </hosts> +</host> diff --git a/deploy/adapters/cobbler/snippets/kdump.xml b/deploy/adapters/cobbler/snippets/kdump.xml index 3d6ca9a4..0cffe976 100644 --- a/deploy/adapters/cobbler/snippets/kdump.xml +++ b/deploy/adapters/cobbler/snippets/kdump.xml @@ -1,35 +1,35 @@ -<kdump>
- <!-- memory reservation -->
- <!-- reserve 64 MB with 256MB to 2GB Memory and 128MB with more then 2GB Memory -->
- <add_crash_kernel config:type="boolean">true</add_crash_kernel>
- <crash_kernel>256M-2G:64M,2G-:128M</crash_kernel>
-
- <general>
- <!-- dump target settings -->
- <KDUMP_SAVEDIR>file:///var/crash</KDUMP_SAVEDIR>
- <KDUMP_COPY_KERNEL>true</KDUMP_COPY_KERNEL>
- <KDUMP_FREE_DISK_SIZE>64</KDUMP_FREE_DISK_SIZE>
- <KDUMP_KEEP_OLD_DUMPS>4</KDUMP_KEEP_OLD_DUMPS>
-
- <!-- filtering and compression -->
- <KDUMP_DUMPFORMAT>compressed</KDUMP_DUMPFORMAT>
- <KDUMP_DUMPLEVEL>31</KDUMP_DUMPLEVEL>
-
- <!-- notification -->
- <KDUMP_NOTIFICATION_TO></KDUMP_NOTIFICATION_TO>
- <KDUMP_NOTIFICATION_CC></KDUMP_NOTIFICATION_CC>
- <KDUMP_SMTP_SERVER></KDUMP_SMTP_SERVER>
- <KDUMP_SMTP_USER></KDUMP_SMTP_USER>
- <KDUMP_SMTP_PASSWORD></KDUMP_SMTP_PASSWORD>
-
- <!-- kdump kernel -->
- <KDUMP_KERNELVER></KDUMP_KERNELVER>
- <KDUMP_COMMANDLINE></KDUMP_COMMANDLINE>
- <KDUMP_COMMANDLINE_APPEND></KDUMP_COMMANDLINE_APPEND>
-
- <!-- expert settings -->
- <KDUMP_IMMEDIATE_REBOOT>yes</KDUMP_IMMEDIATE_REBOOT>
- <KDUMP_VERBOSE>3</KDUMP_VERBOSE>
- <KEXEC_OPTIONS></KEXEC_OPTIONS>
- </general>
- </kdump>
+<kdump> + <!-- memory reservation --> + <!-- reserve 64 MB with 256MB to 2GB Memory and 128MB with more then 2GB Memory --> + <add_crash_kernel config:type="boolean">true</add_crash_kernel> + <crash_kernel>256M-2G:64M,2G-:128M</crash_kernel> + + <general> + <!-- dump target settings --> + <KDUMP_SAVEDIR>file:///var/crash</KDUMP_SAVEDIR> + <KDUMP_COPY_KERNEL>true</KDUMP_COPY_KERNEL> + <KDUMP_FREE_DISK_SIZE>64</KDUMP_FREE_DISK_SIZE> + <KDUMP_KEEP_OLD_DUMPS>4</KDUMP_KEEP_OLD_DUMPS> + + <!-- filtering and compression --> + <KDUMP_DUMPFORMAT>compressed</KDUMP_DUMPFORMAT> + <KDUMP_DUMPLEVEL>31</KDUMP_DUMPLEVEL> + + <!-- notification --> + <KDUMP_NOTIFICATION_TO></KDUMP_NOTIFICATION_TO> + <KDUMP_NOTIFICATION_CC></KDUMP_NOTIFICATION_CC> + <KDUMP_SMTP_SERVER></KDUMP_SMTP_SERVER> + <KDUMP_SMTP_USER></KDUMP_SMTP_USER> + <KDUMP_SMTP_PASSWORD></KDUMP_SMTP_PASSWORD> + + <!-- kdump kernel --> + <KDUMP_KERNELVER></KDUMP_KERNELVER> + <KDUMP_COMMANDLINE></KDUMP_COMMANDLINE> + <KDUMP_COMMANDLINE_APPEND></KDUMP_COMMANDLINE_APPEND> + + <!-- expert settings --> + <KDUMP_IMMEDIATE_REBOOT>yes</KDUMP_IMMEDIATE_REBOOT> + <KDUMP_VERBOSE>3</KDUMP_VERBOSE> + <KEXEC_OPTIONS></KEXEC_OPTIONS> + </general> +</kdump> diff --git a/deploy/adapters/cobbler/snippets/keep_cfengine_keys b/deploy/adapters/cobbler/snippets/keep_cfengine_keys index 61c8eb51..06854adc 100644 --- a/deploy/adapters/cobbler/snippets/keep_cfengine_keys +++ b/deploy/adapters/cobbler/snippets/keep_cfengine_keys @@ -1,95 +1,95 @@ -#raw
-# Nifty trick to restore cfengine keys without using a nochroot %post
-
-echo "Saving cfengine keys..." > /dev/ttyS0
-
-SEARCHDIR=/var/cfengine/ppkeys
-TEMPDIR=cfengine
-PATTERN=localhost
-
-keys_found=no
-# /var could be a separate partition
-SHORTDIR=${SEARCHDIR#/var}
-if [ $SHORTDIR = $SEARCHDIR ]; then
- SHORTDIR=''
-fi
-insmod /lib/jbd.o
-insmod /lib/ext3.o
-
-mkdir -p /tmp/$TEMPDIR
-
-function findkeys
-{
- for disk in $DISKS; do
- name=$(basename $disk)
- tmpdir=$(mktemp -d $name.XXXXXX)
- mkdir -p /tmp/$tmpdir
- mount $disk /tmp/$tmpdir
- if [ $? -ne 0 ]; then # Skip to the next partition if the mount fails
- rm -rf /tmp/$tmpdir
- continue
- fi
- # Copy current host keys out to be reused
- if [ -d /tmp/$tmpdir$SEARCHDIR ] && cp -a /tmp/$tmpdir$SEARCHDIR/${PATTERN}* /tmp/$TEMPDIR; then
- keys_found="yes"
- umount /tmp/$tmpdir
- rm -r /tmp/$tmpdir
- break
- elif [ -n "$SHORTDIR" ] && [ -d /tmp/$tmpdir$SHORTDIR ] && cp -a /tmp/$tmpdir$SHORTDIR/${PATTERN}* /tmp/$TEMPDIR; then
- keys_found="yes"
- umount /tmp/$tmpdir
- rm -r /tmp/$tmpdir
- break
- fi
- umount /tmp/$tmpdir
- rm -r /tmp/$tmpdir
- done
-}
-
-DISKS=$(awk '{if ($NF ~ "^[a-zA-Z].*[0-9]$" && $NF !~ "c[0-9]+d[0-9]+$" && $NF !~ "^loop.*") print "/dev/"$NF}' /proc/partitions)
-# In the awk line above we want to make list of partitions, but not devices/controllers
-# cciss raid controllers have partitions like /dev/cciss/cNdMpL, where N,M,L - some digits, we want to make sure 'pL' is there
-# No need to scan loopback niether.
-# Try to find the keys on ordinary partitions
-
-findkeys
-
-# Try software RAID
-if [ "$keys_found" = "no" ]; then
- if mdadm -As; then
- DISKS=$(awk '/md/{print "/dev/"$1}' /proc/mdstat)
- findkeys
- fi
-fi
-
-
-# Try LVM if that didn't work
-if [ "$keys_found" = "no" ]; then
- lvm lvmdiskscan
- vgs=$(lvm vgs | tail -n +2 | awk '{ print $1 }')
- for vg in $vgs; do
- # Activate any VG we found
- lvm vgchange -ay $vg
- done
-
- DISKS=$(lvm lvs | tail -n +2 | awk '{ print "/dev/" $2 "/" $1 }')
- findkeys
-
- # And clean up..
- for vg in $vgs; do
- lvm vgchange -an $vg
- done
-fi
-
-# Loop until the corresponding rpm is installed
-if [ "$keys_found" = "yes" ]; then
- while : ; do
- sleep 10
- if [ -d /mnt/sysimage$SEARCHDIR ] ; then
- cp -af /tmp/$TEMPDIR/${PATTERN}* /mnt/sysimage$SEARCHDIR
- logger "keys copied to newly installed system"
- break
- fi
- done &
-fi
-#end raw
+#raw +# Nifty trick to restore cfengine keys without using a nochroot %post + +echo "Saving cfengine keys..." > /dev/ttyS0 + +SEARCHDIR=/var/cfengine/ppkeys +TEMPDIR=cfengine +PATTERN=localhost + +keys_found=no +# /var could be a separate partition +SHORTDIR=${SEARCHDIR#/var} +if [ $SHORTDIR = $SEARCHDIR ]; then + SHORTDIR='' +fi +insmod /lib/jbd.o +insmod /lib/ext3.o + +mkdir -p /tmp/$TEMPDIR + +function findkeys +{ + for disk in $DISKS; do + name=$(basename $disk) + tmpdir=$(mktemp -d $name.XXXXXX) + mkdir -p /tmp/$tmpdir + mount $disk /tmp/$tmpdir + if [ $? -ne 0 ]; then # Skip to the next partition if the mount fails + rm -rf /tmp/$tmpdir + continue + fi + # Copy current host keys out to be reused + if [ -d /tmp/$tmpdir$SEARCHDIR ] && cp -a /tmp/$tmpdir$SEARCHDIR/${PATTERN}* /tmp/$TEMPDIR; then + keys_found="yes" + umount /tmp/$tmpdir + rm -r /tmp/$tmpdir + break + elif [ -n "$SHORTDIR" ] && [ -d /tmp/$tmpdir$SHORTDIR ] && cp -a /tmp/$tmpdir$SHORTDIR/${PATTERN}* /tmp/$TEMPDIR; then + keys_found="yes" + umount /tmp/$tmpdir + rm -r /tmp/$tmpdir + break + fi + umount /tmp/$tmpdir + rm -r /tmp/$tmpdir + done +} + +DISKS=$(awk '{if ($NF ~ "^[a-zA-Z].*[0-9]$" && $NF !~ "c[0-9]+d[0-9]+$" && $NF !~ "^loop.*") print "/dev/"$NF}' /proc/partitions) +# In the awk line above we want to make list of partitions, but not devices/controllers +# cciss raid controllers have partitions like /dev/cciss/cNdMpL, where N,M,L - some digits, we want to make sure 'pL' is there +# No need to scan loopback niether. +# Try to find the keys on ordinary partitions + +findkeys + +# Try software RAID +if [ "$keys_found" = "no" ]; then + if mdadm -As; then + DISKS=$(awk '/md/{print "/dev/"$1}' /proc/mdstat) + findkeys + fi +fi + + +# Try LVM if that didn't work +if [ "$keys_found" = "no" ]; then + lvm lvmdiskscan + vgs=$(lvm vgs | tail -n +2 | awk '{ print $1 }') + for vg in $vgs; do + # Activate any VG we found + lvm vgchange -ay $vg + done + + DISKS=$(lvm lvs | tail -n +2 | awk '{ print "/dev/" $2 "/" $1 }') + findkeys + + # And clean up.. + for vg in $vgs; do + lvm vgchange -an $vg + done +fi + +# Loop until the corresponding rpm is installed +if [ "$keys_found" = "yes" ]; then + while : ; do + sleep 10 + if [ -d /mnt/sysimage$SEARCHDIR ] ; then + cp -af /tmp/$TEMPDIR/${PATTERN}* /mnt/sysimage$SEARCHDIR + logger "keys copied to newly installed system" + break + fi + done & +fi +#end raw diff --git a/deploy/adapters/cobbler/snippets/keep_files b/deploy/adapters/cobbler/snippets/keep_files index 65214377..d0e5e073 100644 --- a/deploy/adapters/cobbler/snippets/keep_files +++ b/deploy/adapters/cobbler/snippets/keep_files @@ -1,154 +1,154 @@ -## This snippet preserves files during re-build.
-## It supersedes other similar snippets - keep_*_keys.
-## Put it in %pre section of the kickstart template file
-## It uses preserve_files field which should contain a list of items to preserve
-## This field for now could contain any of the following:
-## 'ssh', 'cfengine', 'rhn' in any order
-## 'rhn' part of this snippet should NOT be used with systems subscribed
-## to Red Hat Satellite Server or Spacewalk as these
-## have a concept of "reactivation keys" to keep the systems
-## appearing to be the same. Also do not use if changing
-## base channels, i.e. RHEL4 -> RHEL5 upgrades.
-##
-
-#if $getVar('$preserve_files','') != ''
- #set $preserve_files = $getVar('$preserve_files','')
- preserve_files = $preserve_files
-
-#raw
-# Nifty trick to restore keys without using a nochroot %post
-
-echo "Saving keys..." > /dev/ttyS0
-
-insmod /lib/jbd.o
-insmod /lib/ext3.o
-
-function findkeys
-{
- for disk in $DISKS; do
- name=$(basename $disk)
- tmpdir=$(mktemp -d $name.XXXXXX)
- mkdir -p /tmp/$tmpdir
- mount $disk /tmp/$tmpdir
- if [ $? -ne 0 ]; then # Skip to the next partition if the mount fails
- rm -rf /tmp/$tmpdir
- continue
- fi
- # Copy current host keys out to be reused
- if [ -d /tmp/$tmpdir$SEARCHDIR ] && cp -a /tmp/$tmpdir$SEARCHDIR/${PATTERN}* /tmp/$TEMPDIR; then
- keys_found="yes"
- umount /tmp/$tmpdir
- rm -r /tmp/$tmpdir
- break
- elif [ -n "$SHORTDIR" ] && [ -d /tmp/$tmpdir$SHORTDIR ] && cp -a /tmp/$tmpdir$SHORTDIR/${PATTERN}* /tmp/$TEMPDIR; then
- keys_found="yes"
- umount /tmp/$tmpdir
- rm -r /tmp/$tmpdir
- break
- fi
- umount /tmp/$tmpdir
- rm -r /tmp/$tmpdir
- done
-}
-
-function search_for_keys
-{
-
- SEARCHDIR=$1
- TEMPDIR=$2
- PATTERN=$3
-
- keys_found=no
- # /var could be a separate partition
- SHORTDIR=${SEARCHDIR#/var}
- if [ $SHORTDIR = $SEARCHDIR ]; then
- SHORTDIR=''
- fi
-
- mkdir -p /tmp/$TEMPDIR
-
- DISKS=$(awk '{if ($NF ~ "^[a-zA-Z].*[0-9]$" && $NF !~ "c[0-9]+d[0-9]+$" && $NF !~ "^loop.*") print "/dev/"$NF}' /proc/partitions)
- # In the awk line above we want to make list of partitions, but not devices/controllers
- # cciss raid controllers have partitions like /dev/cciss/cNdMpL, where N,M,L - some digits, we want to make sure 'pL' is there
- # No need to scan loopback niether.
- # Try to find the keys on ordinary partitions
-
- findkeys
-
- # Try software RAID
- if [ "$keys_found" = "no" ]; then
- if mdadm -As; then
- DISKS=$(awk '/md/{print "/dev/"$1}' /proc/mdstat)
- findkeys
- fi
- fi
-
-
- # Try LVM if that didn't work
- if [ "$keys_found" = "no" ]; then
- lvm lvmdiskscan
- vgs=$(lvm vgs | tail -n +2 | awk '{ print $1 }')
- for vg in $vgs; do
- # Activate any VG we found
- lvm vgchange -ay $vg
- done
-
- DISKS=$(lvm lvs | tail -n +2 | awk '{ print "/dev/" $2 "/" $1 }')
- findkeys
-
- # And clean up..
- for vg in $vgs; do
- lvm vgchange -an $vg
- done
- fi
-}
-
-function restore_keys
-{
- SEARCHDIR=$1
- TEMPDIR=$2
- PATTERN=$3
- # Loop until the corresponding rpm is installed if the keys are saved
- if [ "$keys_found" = "yes" ] && [ -f /tmp/$TEMPDIR/${PATTERN}* ]; then
- while : ; do
- sleep 10
- if [ -d /mnt/sysimage$SEARCHDIR ] ; then
- cp -af /tmp/$TEMPDIR/${PATTERN}* /mnt/sysimage$SEARCHDIR
- logger "$TEMPDIR keys copied to newly installed system"
- break
- fi
- done &
- fi
-}
-
-for key in $preserve_files
-do
- if [ $key = 'ssh' ]; then
- search_for_keys '/etc/ssh' 'ssh' 'ssh_host_'
- elif [ $key = 'cfengine' ]; then
- search_for_keys '/var/cfengine/ppkeys' 'cfengine' 'localhost'
- elif [ $key = 'rhn' ]; then
- search_for_keys '/etc/sysconfig/rhn', 'rhn', '*'
- else
- echo "No keys to save!" > /dev/ttyS0
- fi
-done
-
-# now restore keys if found
-
-for key in $preserve_files
-do
- if [ $key = 'ssh' ]; then
- restore_keys '/etc/ssh' 'ssh' 'ssh_host_'
- elif [ $key = 'cfengine' ]; then
- restore_keys '/var/cfengine/ppkeys' 'cfengine' 'localhost'
- elif [ $key = 'rhn' ]; then
- restore_keys '/etc/sysconfig/rhn', 'rhn', '*'
- else
- echo "Nothing to restore!" > /dev/ttyS0
- fi
-done
-
-
-#end raw
-#end if
+## This snippet preserves files during re-build. +## It supersedes other similar snippets - keep_*_keys. +## Put it in %pre section of the kickstart template file +## It uses preserve_files field which should contain a list of items to preserve +## This field for now could contain any of the following: +## 'ssh', 'cfengine', 'rhn' in any order +## 'rhn' part of this snippet should NOT be used with systems subscribed +## to Red Hat Satellite Server or Spacewalk as these +## have a concept of "reactivation keys" to keep the systems +## appearing to be the same. Also do not use if changing +## base channels, i.e. RHEL4 -> RHEL5 upgrades. +## + +#if $getVar('$preserve_files','') != '' + #set $preserve_files = $getVar('$preserve_files','') + preserve_files = $preserve_files + +#raw +# Nifty trick to restore keys without using a nochroot %post + +echo "Saving keys..." > /dev/ttyS0 + +insmod /lib/jbd.o +insmod /lib/ext3.o + +function findkeys +{ + for disk in $DISKS; do + name=$(basename $disk) + tmpdir=$(mktemp -d $name.XXXXXX) + mkdir -p /tmp/$tmpdir + mount $disk /tmp/$tmpdir + if [ $? -ne 0 ]; then # Skip to the next partition if the mount fails + rm -rf /tmp/$tmpdir + continue + fi + # Copy current host keys out to be reused + if [ -d /tmp/$tmpdir$SEARCHDIR ] && cp -a /tmp/$tmpdir$SEARCHDIR/${PATTERN}* /tmp/$TEMPDIR; then + keys_found="yes" + umount /tmp/$tmpdir + rm -r /tmp/$tmpdir + break + elif [ -n "$SHORTDIR" ] && [ -d /tmp/$tmpdir$SHORTDIR ] && cp -a /tmp/$tmpdir$SHORTDIR/${PATTERN}* /tmp/$TEMPDIR; then + keys_found="yes" + umount /tmp/$tmpdir + rm -r /tmp/$tmpdir + break + fi + umount /tmp/$tmpdir + rm -r /tmp/$tmpdir + done +} + +function search_for_keys +{ + + SEARCHDIR=$1 + TEMPDIR=$2 + PATTERN=$3 + + keys_found=no + # /var could be a separate partition + SHORTDIR=${SEARCHDIR#/var} + if [ $SHORTDIR = $SEARCHDIR ]; then + SHORTDIR='' + fi + + mkdir -p /tmp/$TEMPDIR + + DISKS=$(awk '{if ($NF ~ "^[a-zA-Z].*[0-9]$" && $NF !~ "c[0-9]+d[0-9]+$" && $NF !~ "^loop.*") print "/dev/"$NF}' /proc/partitions) + # In the awk line above we want to make list of partitions, but not devices/controllers + # cciss raid controllers have partitions like /dev/cciss/cNdMpL, where N,M,L - some digits, we want to make sure 'pL' is there + # No need to scan loopback niether. + # Try to find the keys on ordinary partitions + + findkeys + + # Try software RAID + if [ "$keys_found" = "no" ]; then + if mdadm -As; then + DISKS=$(awk '/md/{print "/dev/"$1}' /proc/mdstat) + findkeys + fi + fi + + + # Try LVM if that didn't work + if [ "$keys_found" = "no" ]; then + lvm lvmdiskscan + vgs=$(lvm vgs | tail -n +2 | awk '{ print $1 }') + for vg in $vgs; do + # Activate any VG we found + lvm vgchange -ay $vg + done + + DISKS=$(lvm lvs | tail -n +2 | awk '{ print "/dev/" $2 "/" $1 }') + findkeys + + # And clean up.. + for vg in $vgs; do + lvm vgchange -an $vg + done + fi +} + +function restore_keys +{ + SEARCHDIR=$1 + TEMPDIR=$2 + PATTERN=$3 + # Loop until the corresponding rpm is installed if the keys are saved + if [ "$keys_found" = "yes" ] && [ -f /tmp/$TEMPDIR/${PATTERN}* ]; then + while : ; do + sleep 10 + if [ -d /mnt/sysimage$SEARCHDIR ] ; then + cp -af /tmp/$TEMPDIR/${PATTERN}* /mnt/sysimage$SEARCHDIR + logger "$TEMPDIR keys copied to newly installed system" + break + fi + done & + fi +} + +for key in $preserve_files +do + if [ $key = 'ssh' ]; then + search_for_keys '/etc/ssh' 'ssh' 'ssh_host_' + elif [ $key = 'cfengine' ]; then + search_for_keys '/var/cfengine/ppkeys' 'cfengine' 'localhost' + elif [ $key = 'rhn' ]; then + search_for_keys '/etc/sysconfig/rhn', 'rhn', '*' + else + echo "No keys to save!" > /dev/ttyS0 + fi +done + +# now restore keys if found + +for key in $preserve_files +do + if [ $key = 'ssh' ]; then + restore_keys '/etc/ssh' 'ssh' 'ssh_host_' + elif [ $key = 'cfengine' ]; then + restore_keys '/var/cfengine/ppkeys' 'cfengine' 'localhost' + elif [ $key = 'rhn' ]; then + restore_keys '/etc/sysconfig/rhn', 'rhn', '*' + else + echo "Nothing to restore!" > /dev/ttyS0 + fi +done + + +#end raw +#end if diff --git a/deploy/adapters/cobbler/snippets/keep_rhn_keys b/deploy/adapters/cobbler/snippets/keep_rhn_keys index d8d9faf6..46f7c993 100644 --- a/deploy/adapters/cobbler/snippets/keep_rhn_keys +++ b/deploy/adapters/cobbler/snippets/keep_rhn_keys @@ -1,88 +1,88 @@ -#raw
-
-## this snippet should NOT be used with systems subscribed
-## to Red Hat Satellite Server or Spacewalk as these
-## have a concept of "reactivation keys" to keep the systems
-## appearing to be the same. Also do not use if changing
-## base channels, i.e. RHEL4 -> RHEL5 upgrades.
-
-echo "Saving RHN keys..." > /dev/ttyS0
-
-rhn_keys_found=no
-
-insmod /lib/jbd.o
-insmod /lib/ext3.o
-
-mkdir -p /tmp/rhn
-
-drives=$(list-harddrives | awk '{print $1}')
-for disk in $drives; do
- DISKS="$DISKS $(fdisk -l /dev/$disk | awk '/^\/dev/{print $1}')"
-done
-
-# Try to find the keys on ordinary partitions
-for disk in $DISKS; do
- name=$(basename $disk)
- mkdir -p /tmp/$name
- mount $disk /tmp/$name
- [ $? -eq 0 ] || continue # Skip to the next partition if the mount fails
-
- # Copy current RHN host keys out to be reused
- if [ -d /tmp/${name}/etc/sysconfig/rhn ]; then
- cp -a /tmp/${name}/etc/sysconfig/rhn/install-num /tmp/rhn
- cp -a /tmp/${name}/etc/sysconfig/rhn/systemid /tmp/rhn
- cp -a /tmp/${name}/etc/sysconfig/rhn/up2date /tmp/rhn
- rhn_keys_found="yes"
- umount /tmp/$name
- break
- fi
- umount /tmp/$name
- rm -r /tmp/$name
-done
-
-# Try LVM if that didn't work
-if [ "$rhn_keys_found" = "no" ]; then
- lvm lvmdiskscan
- vgs=$(lvm vgs | tail -n +2 | awk '{ print $1 }')
- for vg in $vgs; do
- # Activate any VG we found
- lvm vgchange -ay $vg
- done
-
- lvs=$(lvm lvs | tail -n +2 | awk '{ print "/dev/" $2 "/" $1 }')
- for lv in $lvs; do
- tmpdir=$(mktemp -d findkeys.XXXXXX)
- mkdir -p /tmp/${tmpdir}
- mount $lv /tmp/${tmpdir} || continue # Skip to next volume if this fails
-
- # Let's see if the keys are in there
- if [ -d /tmp/${tmpdir}/etc/sysconfig/rhn ]; then
- cp -a /tmp/${tmpdir}/etc/sysconfig/rhn/install-num* /tmp/rhn/
- cp -a /tmp/${tmpdir}/etc/sysconfig/rhn/systemid* /tmp/rhn/
- cp -a /tmp/${tmpdir}/etc/sysconfig/rhn/up2date /tmp/rhn/
- rhn_keys_found="yes"
- umount /tmp/${tmpdir}
- break # We're done!
- fi
- umount /tmp/${tmpdir}
- rm -r /tmp/${tmpdir}
- done
-
- # And clean up..
- for vg in $vgs; do
- lvm vgchange -an $vg
- done
-fi
-
-# Loop until the RHN rpm is installed
-if [ "$rhn_keys_found" = "yes" ]; then
- while : ; do
- sleep 10
- if [ -d /mnt/sysimage/etc/sysconfig/rhn ] ; then
- cp -af /tmp/rhn/* /mnt/sysimage/etc/sysconfig/rhn/
- logger "RHN KEY copied to newly installed system"
- break
- fi
- done &
-fi
-#end raw
+#raw + +## this snippet should NOT be used with systems subscribed +## to Red Hat Satellite Server or Spacewalk as these +## have a concept of "reactivation keys" to keep the systems +## appearing to be the same. Also do not use if changing +## base channels, i.e. RHEL4 -> RHEL5 upgrades. + +echo "Saving RHN keys..." > /dev/ttyS0 + +rhn_keys_found=no + +insmod /lib/jbd.o +insmod /lib/ext3.o + +mkdir -p /tmp/rhn + +drives=$(list-harddrives | awk '{print $1}') +for disk in $drives; do + DISKS="$DISKS $(fdisk -l /dev/$disk | awk '/^\/dev/{print $1}')" +done + +# Try to find the keys on ordinary partitions +for disk in $DISKS; do + name=$(basename $disk) + mkdir -p /tmp/$name + mount $disk /tmp/$name + [ $? -eq 0 ] || continue # Skip to the next partition if the mount fails + + # Copy current RHN host keys out to be reused + if [ -d /tmp/${name}/etc/sysconfig/rhn ]; then + cp -a /tmp/${name}/etc/sysconfig/rhn/install-num /tmp/rhn + cp -a /tmp/${name}/etc/sysconfig/rhn/systemid /tmp/rhn + cp -a /tmp/${name}/etc/sysconfig/rhn/up2date /tmp/rhn + rhn_keys_found="yes" + umount /tmp/$name + break + fi + umount /tmp/$name + rm -r /tmp/$name +done + +# Try LVM if that didn't work +if [ "$rhn_keys_found" = "no" ]; then + lvm lvmdiskscan + vgs=$(lvm vgs | tail -n +2 | awk '{ print $1 }') + for vg in $vgs; do + # Activate any VG we found + lvm vgchange -ay $vg + done + + lvs=$(lvm lvs | tail -n +2 | awk '{ print "/dev/" $2 "/" $1 }') + for lv in $lvs; do + tmpdir=$(mktemp -d findkeys.XXXXXX) + mkdir -p /tmp/${tmpdir} + mount $lv /tmp/${tmpdir} || continue # Skip to next volume if this fails + + # Let's see if the keys are in there + if [ -d /tmp/${tmpdir}/etc/sysconfig/rhn ]; then + cp -a /tmp/${tmpdir}/etc/sysconfig/rhn/install-num* /tmp/rhn/ + cp -a /tmp/${tmpdir}/etc/sysconfig/rhn/systemid* /tmp/rhn/ + cp -a /tmp/${tmpdir}/etc/sysconfig/rhn/up2date /tmp/rhn/ + rhn_keys_found="yes" + umount /tmp/${tmpdir} + break # We're done! + fi + umount /tmp/${tmpdir} + rm -r /tmp/${tmpdir} + done + + # And clean up.. + for vg in $vgs; do + lvm vgchange -an $vg + done +fi + +# Loop until the RHN rpm is installed +if [ "$rhn_keys_found" = "yes" ]; then + while : ; do + sleep 10 + if [ -d /mnt/sysimage/etc/sysconfig/rhn ] ; then + cp -af /tmp/rhn/* /mnt/sysimage/etc/sysconfig/rhn/ + logger "RHN KEY copied to newly installed system" + break + fi + done & +fi +#end raw diff --git a/deploy/adapters/cobbler/snippets/keep_ssh_host_keys b/deploy/adapters/cobbler/snippets/keep_ssh_host_keys index eb0a43eb..75970477 100644 --- a/deploy/adapters/cobbler/snippets/keep_ssh_host_keys +++ b/deploy/adapters/cobbler/snippets/keep_ssh_host_keys @@ -1,114 +1,114 @@ -#raw
-# Nifty trick to restore keys without using a nochroot %post
-
-echo "Saving keys..." > /dev/ttyS0
-
-SEARCHDIR=/etc/ssh
-TEMPDIR=ssh
-PATTERN=ssh_host_
-
-keys_found=no
-# /var could be a separate partition
-SHORTDIR=${SEARCHDIR#/var}
-if [ $SHORTDIR = $SEARCHDIR ]; then
- SHORTDIR=''
-fi
-insmod /lib/jbd.o
-insmod /lib/ext3.o
-
-mkdir -p /tmp/$TEMPDIR
-
-
-function findkeys
-{
- for disk in $DISKS; do
- name=$(basename $disk)
- tmpdir=$(mktemp -d $name.XXXXXX)
- mkdir -p /tmp/$tmpdir
- mount $disk /tmp/$tmpdir
- if [ $? -ne 0 ]; then # Skip to the next partition if the mount fails
- rm -rf /tmp/$tmpdir
- continue
- fi
- # Copy current host keys out to be reused
- if [ -d /tmp/$tmpdir$SEARCHDIR ] && cp -a /tmp/$tmpdir$SEARCHDIR/${PATTERN}* /tmp/$TEMPDIR; then
- keys_found="yes"
- umount /tmp/$tmpdir
- rm -r /tmp/$tmpdir
- break
- elif [ -n "$SHORTDIR" ] && [ -d /tmp/$tmpdir$SHORTDIR ] && cp -a /tmp/$tmpdir$SHORTDIR/${PATTERN}* /tmp/$TEMPDIR; then
- keys_found="yes"
- umount /tmp/$tmpdir
- rm -r /tmp/$tmpdir
- break
- fi
- umount /tmp/$tmpdir
- rm -r /tmp/$tmpdir
- done
-}
-
-DISKS=$(awk '{if ($NF ~ "^[a-zA-Z].*[0-9]$" && $NF !~ "c[0-9]+d[0-9]+$" && $NF !~ "^loop.*") print "/dev/"$NF}' /proc/partitions)
-# In the awk line above we want to make list of partitions, but not devices/controllers
-# cciss raid controllers have partitions like /dev/cciss/cNdMpL, where N,M,L - some digits, we want to make sure 'pL' is there
-# No need to scan loopback niether.
-# Try to find the keys on ordinary partitions
-
-findkeys
-
-# Try software RAID
-if [ "$keys_found" = "no" ]; then
- if mdadm -As; then
- DISKS=$(awk '/md/{print "/dev/"$1}' /proc/mdstat)
- findkeys
- # unmount and deactivate all md
- for md in $DISKS ; do
- umount $md
- mdadm -S $md
- done
- fi
-fi
-
-
-# Try LVM if that didn't work
-if [ "$keys_found" = "no" ]; then
- lvm lvmdiskscan
- vgs=$(lvm vgs | tail -n +2 | awk '{ print $1 }')
- for vg in $vgs; do
- # Activate any VG we found
- lvm vgchange -ay $vg
- done
-
- DISKS=$(lvm lvs | tail -n +2 | awk '{ print "/dev/" $2 "/" $1 }')
- findkeys
-
- # And clean up..
- for vg in $vgs; do
- lvm vgchange -an $vg
- done
-fi
-
-# Loop until the corresponding rpm is installed
-if [ "$keys_found" = "yes" ]; then
- if [ "$PATTERN" = "ssh_host_" ]; then
- while : ; do
- sleep 10
- if [ -f /etc/ssh/ssh_host_key ] ; then
- cp -af /tmp/$TEMPDIR/${PATTERN}* $SEARCHDIR
- break
- fi
- done 1>/dev/null 2>/dev/null &
- fi
- while : ; do
- sleep 10
- if [ -d /mnt/sysimage$SEARCHDIR ] ; then
- cp -af /tmp/$TEMPDIR/${PATTERN}* /mnt/sysimage$SEARCHDIR
- if [ -e "/sbin/restorecon"]; then
- /sbin/restorecon -r /etc/ssh
- fi
- logger "keys copied to newly installed system"
- break
- fi
- done 1>/dev/null 2>/dev/null &
-fi
-#end raw
-
+#raw +# Nifty trick to restore keys without using a nochroot %post + +echo "Saving keys..." > /dev/ttyS0 + +SEARCHDIR=/etc/ssh +TEMPDIR=ssh +PATTERN=ssh_host_ + +keys_found=no +# /var could be a separate partition +SHORTDIR=${SEARCHDIR#/var} +if [ $SHORTDIR = $SEARCHDIR ]; then + SHORTDIR='' +fi +insmod /lib/jbd.o +insmod /lib/ext3.o + +mkdir -p /tmp/$TEMPDIR + + +function findkeys +{ + for disk in $DISKS; do + name=$(basename $disk) + tmpdir=$(mktemp -d $name.XXXXXX) + mkdir -p /tmp/$tmpdir + mount $disk /tmp/$tmpdir + if [ $? -ne 0 ]; then # Skip to the next partition if the mount fails + rm -rf /tmp/$tmpdir + continue + fi + # Copy current host keys out to be reused + if [ -d /tmp/$tmpdir$SEARCHDIR ] && cp -a /tmp/$tmpdir$SEARCHDIR/${PATTERN}* /tmp/$TEMPDIR; then + keys_found="yes" + umount /tmp/$tmpdir + rm -r /tmp/$tmpdir + break + elif [ -n "$SHORTDIR" ] && [ -d /tmp/$tmpdir$SHORTDIR ] && cp -a /tmp/$tmpdir$SHORTDIR/${PATTERN}* /tmp/$TEMPDIR; then + keys_found="yes" + umount /tmp/$tmpdir + rm -r /tmp/$tmpdir + break + fi + umount /tmp/$tmpdir + rm -r /tmp/$tmpdir + done +} + +DISKS=$(awk '{if ($NF ~ "^[a-zA-Z].*[0-9]$" && $NF !~ "c[0-9]+d[0-9]+$" && $NF !~ "^loop.*") print "/dev/"$NF}' /proc/partitions) +# In the awk line above we want to make list of partitions, but not devices/controllers +# cciss raid controllers have partitions like /dev/cciss/cNdMpL, where N,M,L - some digits, we want to make sure 'pL' is there +# No need to scan loopback niether. +# Try to find the keys on ordinary partitions + +findkeys + +# Try software RAID +if [ "$keys_found" = "no" ]; then + if mdadm -As; then + DISKS=$(awk '/md/{print "/dev/"$1}' /proc/mdstat) + findkeys + # unmount and deactivate all md + for md in $DISKS ; do + umount $md + mdadm -S $md + done + fi +fi + + +# Try LVM if that didn't work +if [ "$keys_found" = "no" ]; then + lvm lvmdiskscan + vgs=$(lvm vgs | tail -n +2 | awk '{ print $1 }') + for vg in $vgs; do + # Activate any VG we found + lvm vgchange -ay $vg + done + + DISKS=$(lvm lvs | tail -n +2 | awk '{ print "/dev/" $2 "/" $1 }') + findkeys + + # And clean up.. + for vg in $vgs; do + lvm vgchange -an $vg + done +fi + +# Loop until the corresponding rpm is installed +if [ "$keys_found" = "yes" ]; then + if [ "$PATTERN" = "ssh_host_" ]; then + while : ; do + sleep 10 + if [ -f /etc/ssh/ssh_host_key ] ; then + cp -af /tmp/$TEMPDIR/${PATTERN}* $SEARCHDIR + break + fi + done 1>/dev/null 2>/dev/null & + fi + while : ; do + sleep 10 + if [ -d /mnt/sysimage$SEARCHDIR ] ; then + cp -af /tmp/$TEMPDIR/${PATTERN}* /mnt/sysimage$SEARCHDIR + if [ -e "/sbin/restorecon"]; then + /sbin/restorecon -r /etc/ssh + fi + logger "keys copied to newly installed system" + break + fi + done 1>/dev/null 2>/dev/null & +fi +#end raw + diff --git a/deploy/adapters/cobbler/snippets/koan_environment b/deploy/adapters/cobbler/snippets/koan_environment index 8a888b6e..3ad417f6 100644 --- a/deploy/adapters/cobbler/snippets/koan_environment +++ b/deploy/adapters/cobbler/snippets/koan_environment @@ -1,4 +1,4 @@ -# Start koan environment setup
-echo "export COBBLER_SERVER=$server" > /etc/profile.d/cobbler.sh
-echo "setenv COBBLER_SERVER $server" > /etc/profile.d/cobbler.csh
-# End koan environment setup
+# Start koan environment setup +echo "export COBBLER_SERVER=$server" > /etc/profile.d/cobbler.sh +echo "setenv COBBLER_SERVER $server" > /etc/profile.d/cobbler.csh +# End koan environment setup diff --git a/deploy/adapters/cobbler/snippets/limits_conf.xml b/deploy/adapters/cobbler/snippets/limits_conf.xml index b9281fcf..80caaf43 100644 --- a/deploy/adapters/cobbler/snippets/limits_conf.xml +++ b/deploy/adapters/cobbler/snippets/limits_conf.xml @@ -1,61 +1,61 @@ -<file>
- <file_path>/etc/security/limits.conf</file_path>
- <file_contents>
-<![CDATA[
-#raw
-# /etc/security/limits.conf
-#
-# Each line describes a limit for a user in the form:
-#
-#<domain> <type> <item> <value>
-#
-#Where:
-#<domain> can be:
-# - an user name
-# - a group name, with @group syntax
-# - the wildcard *, for default entry
-# - the wildcard %, can be also used with %group syntax,
-# for maxlogin limit
-#
-#<type> can have the two values:
-# - "soft" for enforcing the soft limits
-# - "hard" for enforcing hard limits
-#
-#<item> can be one of the following:
-# - core - limits the core file size (KB)
-# - data - max data size (KB)
-# - fsize - maximum filesize (KB)
-# - memlock - max locked-in-memory address space (KB)
-# - nofile - max number of open files
-# - rss - max resident set size (KB)
-# - stack - max stack size (KB)
-# - cpu - max CPU time (MIN)
-# - nproc - max number of processes
-# - as - address space limit (KB)
-# - maxlogins - max number of logins for this user
-# - maxsyslogins - max number of logins on the system
-# - priority - the priority to run user process with
-# - locks - max number of file locks the user can hold
-# - sigpending - max number of pending signals
-# - msgqueue - max memory used by POSIX message queues (bytes)
-# - nice - max nice priority allowed to raise to values: [-20, 19]
-# - rtprio - max realtime priority
-#
-#<domain> <type> <item> <value>
-#
-
-#* soft core 0
-#* hard rss 10000
-#@student hard nproc 20
-#@faculty soft nproc 20
-#@faculty hard nproc 50
-#ftp hard nproc 0
-#@student - maxlogins 4
-* - nofile 100000
-# End of file
-#end raw
-]]>
- </file_contents>
- <file_owner>root.root</file_owner>
- <file_permissions>644</file_permissions>
-</file>
+<file> + <file_path>/etc/security/limits.conf</file_path> + <file_contents> +<![CDATA[ +#raw +# /etc/security/limits.conf +# +# Each line describes a limit for a user in the form: +# +#<domain> <type> <item> <value> +# +#Where: +#<domain> can be: +# - an user name +# - a group name, with @group syntax +# - the wildcard *, for default entry +# - the wildcard %, can be also used with %group syntax, +# for maxlogin limit +# +#<type> can have the two values: +# - "soft" for enforcing the soft limits +# - "hard" for enforcing hard limits +# +#<item> can be one of the following: +# - core - limits the core file size (KB) +# - data - max data size (KB) +# - fsize - maximum filesize (KB) +# - memlock - max locked-in-memory address space (KB) +# - nofile - max number of open files +# - rss - max resident set size (KB) +# - stack - max stack size (KB) +# - cpu - max CPU time (MIN) +# - nproc - max number of processes +# - as - address space limit (KB) +# - maxlogins - max number of logins for this user +# - maxsyslogins - max number of logins on the system +# - priority - the priority to run user process with +# - locks - max number of file locks the user can hold +# - sigpending - max number of pending signals +# - msgqueue - max memory used by POSIX message queues (bytes) +# - nice - max nice priority allowed to raise to values: [-20, 19] +# - rtprio - max realtime priority +# +#<domain> <type> <item> <value> +# + +#* soft core 0 +#* hard rss 10000 +#@student hard nproc 20 +#@faculty soft nproc 20 +#@faculty hard nproc 50 +#ftp hard nproc 0 +#@student - maxlogins 4 +* - nofile 100000 +# End of file +#end raw +]]> + </file_contents> + <file_owner>root.root</file_owner> + <file_permissions>644</file_permissions> +</file> diff --git a/deploy/adapters/cobbler/snippets/log_ks_post b/deploy/adapters/cobbler/snippets/log_ks_post index 7bed3008..d1df0265 100644 --- a/deploy/adapters/cobbler/snippets/log_ks_post +++ b/deploy/adapters/cobbler/snippets/log_ks_post @@ -1,2 +1,2 @@ -set -x -v
-exec 1>/root/ks-post.log 2>&1
+set -x -v +exec 1>/root/ks-post.log 2>&1 diff --git a/deploy/adapters/cobbler/snippets/log_ks_pre b/deploy/adapters/cobbler/snippets/log_ks_pre index 98eeb23b..fe71c592 100644 --- a/deploy/adapters/cobbler/snippets/log_ks_pre +++ b/deploy/adapters/cobbler/snippets/log_ks_pre @@ -1,12 +1,12 @@ -set -x -v
-exec 1>/tmp/ks-pre.log 2>&1
-
-# Once root's homedir is there, copy over the log.
-while : ; do
- sleep 10
- if [ -d /mnt/sysimage/root ]; then
- cp /tmp/ks-pre.log /mnt/sysimage/root/
- logger "Copied %pre section log to system"
- break
- fi
-done &
+set -x -v +exec 1>/tmp/ks-pre.log 2>&1 + +# Once root's homedir is there, copy over the log. +while : ; do + sleep 10 + if [ -d /mnt/sysimage/root ]; then + cp /tmp/ks-pre.log /mnt/sysimage/root/ + logger "Copied %pre section log to system" + break + fi +done & diff --git a/deploy/adapters/cobbler/snippets/networking.xml b/deploy/adapters/cobbler/snippets/networking.xml index a468ab47..c9428a48 100644 --- a/deploy/adapters/cobbler/snippets/networking.xml +++ b/deploy/adapters/cobbler/snippets/networking.xml @@ -1,131 +1,131 @@ -#set $hostname = $getVar("hostname","")
-#if $hostname == ""
-#set $hostname = $getVar("system_name","cobbler")
-#end if
-#if $getVar("dns_name_eth0","") != ""
- #set $my_hostname = $hostname.split('.',1)[:1][0]
- #set $my_domainname = $dns_name_eth0.split('.',1)[1:][0]
-#else
- #set $my_hostname = $hostname
- #set $my_domainname = "site"
-#end if
-
- <networking>
- <keep_install_network config:type="boolean">false</keep_install_network>
- <dhcp_options>
- <dhclient_client_id></dhclient_client_id>
- <dhclient_hostname_option></dhclient_hostname_option>
- </dhcp_options>
- <dns>
- <dhcp_hostname config:type="boolean">false</dhcp_hostname>
- <dhcp_resolv config:type="boolean">false</dhcp_resolv>
- <write_hostname config:type="boolean">false</write_hostname>
- <resolv_conf_policy></resolv_conf_policy>
- <hostname>$my_hostname</hostname>
- <domain>$my_domainname</domain>
- #if $getVar("name_servers_search","") != ""
- <searchlist config:type="list">
- #for $sd in $name_servers_search
- <search>$sd</search>
- #end for
- </searchlist>
- #end if
- <nameservers config:type="list">
- #for $ns in $name_servers
- <nameserver>$ns</nameserver>
- #end for
- </nameservers>
- </dns>
- <interfaces config:type="list">
- #if $getVar("system_name","") != ""
- #set $ikeys = $interfaces.keys()
- #for $iface in $ikeys
- #set $idata = $interfaces[$iface]
- #set $mac = $idata["mac_address"]
- #set $ip = $idata["ip_address"]
- #set $netmask = $idata["netmask"]
- #set $iface_type = $idata["interface_type"]
- #set $bonding_opts = $idata["bonding_opts"]
- #if $iface_type.lower() == "bond"
- <interface>
- <bonding_master>yes</bonding_master>
- <bonding_module_opts>$bonding_opts.lower()</bonding_module_opts>
- #set $loop_ikeys = $interfaces.keys()
- #set $loop_counter = 0
- #for $loop_iface in $loop_ikeys
- #set $loop_idata = $interfaces[$loop_iface]
- #set $loop_interface_type = $loop_idata["interface_type"]
- #if $loop_interface_type.lower == "bond_slave"
- #if $loop_idata["interface_master"] != ""
- #if $loop_idata["interface_master"].lower() == $iface.lower()
- <bonding_slave$loop_counter>$loop_iface</bonding_slave$loop_counter>
- #set $loop_counter += 1
- #end if
- #end if
- #end if
- #end for
- <bootproto>static</bootproto>
- <device>$iface</device>
- <ipaddr>$ip</ipaddr>
- <netmask>$netmask</netmask>
- <startmode>auto</startmode>
- <usercontrol>no</usercontrol>
- </interface>
- #end if
- #if $iface_type.lower() in ["bond_slave","bridge_slave"]
- <interface>
- <bootproto>none</bootproto>
- <device>$iface</device>
- <startmode>off</startmode>
- <usercontrol>no</usercontrol>
- </interface>
- #end if
- #if $iface_type.lower() in ["","na"]
- <interface>
- <bootproto>static</bootproto>
- <device>$iface</device>
- <lladdr>$mac.lower()</lladdr>
- <ipaddr>$ip</ipaddr>
- <netmask>$netmask</netmask>
- <startmode>auto</startmode>
- <usercontrol>no</usercontrol>
- </interface>
- #end if
- #end for
- #end if
- </interfaces>
- <managed config:type="boolean">false</managed>
- <net-udev config:type="list">
- #if $getVar("system_name","") != ""
- #set $ikeys = $interfaces.keys()
- #for $iface in $ikeys
- #set $idata = $interfaces[$iface]
- #set $mac = $idata["mac_address"]
- #set $interface_type = $idata["interface_type"]
- #if $mac.lower() != ""
- #if $interface_type.lower() not in ["bond","bridge"]
- <rule>
- <name>$iface</name>
- <rule>ATTR{address}</rule>
- <value>$mac.lower()</value>
- </rule>
- #end if
- #end if
- #end for
- #end if
- </net-udev>
- <routing>
- <ip_forward config:type="boolean">false</ip_forward>
- #if $getVar("system_name","") != ""
- ## TODO: add in static routes here
- <routes config:type="list">
- <route>
- <destination>default</destination>
- <netmask>-</netmask>
- <device>-</device>
- <gateway>$gateway</gateway>
- </route>
- </routes>
- #end if
- </routing>
- </networking>
+#set $hostname = $getVar("hostname","") +#if $hostname == "" +#set $hostname = $getVar("system_name","cobbler") +#end if +#if $getVar("dns_name_eth0","") != "" + #set $my_hostname = $hostname.split('.',1)[:1][0] + #set $my_domainname = $dns_name_eth0.split('.',1)[1:][0] +#else + #set $my_hostname = $hostname + #set $my_domainname = "site" +#end if + + <networking> + <keep_install_network config:type="boolean">false</keep_install_network> + <dhcp_options> + <dhclient_client_id></dhclient_client_id> + <dhclient_hostname_option></dhclient_hostname_option> + </dhcp_options> + <dns> + <dhcp_hostname config:type="boolean">false</dhcp_hostname> + <dhcp_resolv config:type="boolean">false</dhcp_resolv> + <write_hostname config:type="boolean">false</write_hostname> + <resolv_conf_policy></resolv_conf_policy> + <hostname>$my_hostname</hostname> + <domain>$my_domainname</domain> + #if $getVar("name_servers_search","") != "" + <searchlist config:type="list"> + #for $sd in $name_servers_search + <search>$sd</search> + #end for + </searchlist> + #end if + <nameservers config:type="list"> + #for $ns in $name_servers + <nameserver>$ns</nameserver> + #end for + </nameservers> + </dns> + <interfaces config:type="list"> + #if $getVar("system_name","") != "" + #set $ikeys = $interfaces.keys() + #for $iface in $ikeys + #set $idata = $interfaces[$iface] + #set $mac = $idata["mac_address"] + #set $ip = $idata["ip_address"] + #set $netmask = $idata["netmask"] + #set $iface_type = $idata["interface_type"] + #set $bonding_opts = $idata["bonding_opts"] + #if $iface_type.lower() == "bond" + <interface> + <bonding_master>yes</bonding_master> + <bonding_module_opts>$bonding_opts.lower()</bonding_module_opts> + #set $loop_ikeys = $interfaces.keys() + #set $loop_counter = 0 + #for $loop_iface in $loop_ikeys + #set $loop_idata = $interfaces[$loop_iface] + #set $loop_interface_type = $loop_idata["interface_type"] + #if $loop_interface_type.lower == "bond_slave" + #if $loop_idata["interface_master"] != "" + #if $loop_idata["interface_master"].lower() == $iface.lower() + <bonding_slave$loop_counter>$loop_iface</bonding_slave$loop_counter> + #set $loop_counter += 1 + #end if + #end if + #end if + #end for + <bootproto>static</bootproto> + <device>$iface</device> + <ipaddr>$ip</ipaddr> + <netmask>$netmask</netmask> + <startmode>auto</startmode> + <usercontrol>no</usercontrol> + </interface> + #end if + #if $iface_type.lower() in ["bond_slave","bridge_slave"] + <interface> + <bootproto>none</bootproto> + <device>$iface</device> + <startmode>off</startmode> + <usercontrol>no</usercontrol> + </interface> + #end if + #if $iface_type.lower() in ["","na"] + <interface> + <bootproto>static</bootproto> + <device>$iface</device> + <lladdr>$mac.lower()</lladdr> + <ipaddr>$ip</ipaddr> + <netmask>$netmask</netmask> + <startmode>auto</startmode> + <usercontrol>no</usercontrol> + </interface> + #end if + #end for + #end if + </interfaces> + <managed config:type="boolean">false</managed> + <net-udev config:type="list"> + #if $getVar("system_name","") != "" + #set $ikeys = $interfaces.keys() + #for $iface in $ikeys + #set $idata = $interfaces[$iface] + #set $mac = $idata["mac_address"] + #set $interface_type = $idata["interface_type"] + #if $mac.lower() != "" + #if $interface_type.lower() not in ["bond","bridge"] + <rule> + <name>$iface</name> + <rule>ATTR{address}</rule> + <value>$mac.lower()</value> + </rule> + #end if + #end if + #end for + #end if + </net-udev> + <routing> + <ip_forward config:type="boolean">false</ip_forward> + #if $getVar("system_name","") != "" + ## TODO: add in static routes here + <routes config:type="list"> + <route> + <destination>default</destination> + <netmask>-</netmask> + <device>-</device> + <gateway>$gateway</gateway> + </route> + </routes> + #end if + </routing> + </networking> diff --git a/deploy/adapters/cobbler/snippets/ntp.xml b/deploy/adapters/cobbler/snippets/ntp.xml index 20832b4b..0f1a10f5 100644 --- a/deploy/adapters/cobbler/snippets/ntp.xml +++ b/deploy/adapters/cobbler/snippets/ntp.xml @@ -1,16 +1,16 @@ -#if $getVar('ntp_server', '') == ""
- #set $ntp_server = '0.pool.ntp.org'
-#end if
- <ntp-client>
- <configure_dhcp config:type="boolean">false</configure_dhcp>
- <peers config:type="list">
- <peer>
- <address>$ntp_server</address>
- <initial_sync config:type="boolean">true</initial_sync>
- <options></options>
- <type>server</type>
- </peer>
- </peers>
- <start_at_boot config:type="boolean">true</start_at_boot>
- <start_in_chroot config:type="boolean">true</start_in_chroot>
- </ntp-client>
+#if $getVar('ntp_server', '') == "" + #set $ntp_server = '0.pool.ntp.org' +#end if + <ntp-client> + <configure_dhcp config:type="boolean">false</configure_dhcp> + <peers config:type="list"> + <peer> + <address>$ntp_server</address> + <initial_sync config:type="boolean">true</initial_sync> + <options></options> + <type>server</type> + </peer> + </peers> + <start_at_boot config:type="boolean">true</start_at_boot> + <start_in_chroot config:type="boolean">true</start_in_chroot> + </ntp-client> diff --git a/deploy/adapters/cobbler/snippets/post_koan_add_reinstall_entry b/deploy/adapters/cobbler/snippets/post_koan_add_reinstall_entry index f0c516d1..63a9c59f 100644 --- a/deploy/adapters/cobbler/snippets/post_koan_add_reinstall_entry +++ b/deploy/adapters/cobbler/snippets/post_koan_add_reinstall_entry @@ -1,6 +1,6 @@ -%post
-#if $getVar("system_name","") != ""
- koan --server=$server --replace-self --add-reinstall-entry
-#else
- koan --server=$server --replace-self --profile=$profile_name --add-reinstall-entry
-#end if
+%post +#if $getVar("system_name","") != "" + koan --server=$server --replace-self --add-reinstall-entry +#else + koan --server=$server --replace-self --profile=$profile_name --add-reinstall-entry +#end if diff --git a/deploy/adapters/cobbler/snippets/post_s390_reboot b/deploy/adapters/cobbler/snippets/post_s390_reboot index be99664f..fa33f06c 100644 --- a/deploy/adapters/cobbler/snippets/post_s390_reboot +++ b/deploy/adapters/cobbler/snippets/post_s390_reboot @@ -1,67 +1,67 @@ -## RHEL zVM installs do not properly reboot into the installed system. This
-## issue has been resolved in RHEL-5 Update3. To get a consistent reboot
-## behavior for s390* installs on all distros, this snippet can be used. The
-## snippet will attempt to discover the IPL volume zipl is being installed
-## to and will attempt a reipl. Be sure to set this snippet as the *last*
-## snippet your kickstart template.
-
-#if $arch.startswith("s390"):
-%post --nochroot
-
-# Does the kickstart file request a reboot?
-grep -q "^reboot" /tmp/ks.cfg /ks.cfg 2>/dev/null
-if [ \$? -ne 0 ]; then
- exit 0
-fi
-
-# find out the location of /boot and use it to re-ipl
-boot_dev=""
-for mountpt in /mnt/sysimage/boot /mnt/sysimage;
-do
- set -- \$(grep " \$mountpt " /proc/mounts)
- if [ -b "\$1" ]; then
- boot_dev=\$1
- break
- fi
-done
-
-# lookup dasd disk
-if [[ \$boot_dev == *dasd* ]]; then
- # remove the '/dev/' (aka basename)
- boot_dev=\${boot_dev\#\#/[^/]*/}
- # strip partition number from dasd device
- boot_dev=\${boot_dev%%[0-9]}
- type="ccw"
- id=`basename \$(readlink /sys/block/\$boot_dev/device)`
-
- # HACK - In RHEL4 and RHEL3 ... we do it the hard way
- grep -q "^[34]\$" /.buildstamp 2>/dev/null
- if [ \$? -eq 0 ]; then
- cat <<EOF> /mnt/sysimage/tmp/zeboot.sh
-\#!/bin/bash
-/sbin/modprobe -r vmcp
-rm -f "/dev/vmcp"
-sleep 2
-[ -b "/dev/vmcp" ] || /bin/mknod /dev/vmcp c 10 61
-/sbin/modprobe -a vmcp
-sync
-# Force a boot (e.g. IPL 0100)
-/sbin/vmcp ipl \${id\#\#*.}
-EOF
- /bin/chmod +x /mnt/sysimage/tmp/zeboot.sh
- /bin/chroot /mnt/sysimage /tmp/zeboot.sh
- # In RHEL5 ... lets cleanly shutdown (Update 3 and newer)
- else
- echo \$type > /sys/firmware/reipl/reipl_type
- echo \$id > /sys/firmware/reipl/\$type/device
-
- # Force a reboot
- pid=\$(cat /var/run/init.pid)
- [ -z "\$pid" ] && pid=\$(pidof init)
- kill -12 \$pid
- pid=\$(cat /var/run/loader.run)
- [ -z "\$pid" ] && pid=\$(pidof loader)
- kill \$pid
- fi
-fi
-#end if
+## RHEL zVM installs do not properly reboot into the installed system. This +## issue has been resolved in RHEL-5 Update3. To get a consistent reboot +## behavior for s390* installs on all distros, this snippet can be used. The +## snippet will attempt to discover the IPL volume zipl is being installed +## to and will attempt a reipl. Be sure to set this snippet as the *last* +## snippet your kickstart template. + +#if $arch.startswith("s390"): +%post --nochroot + +# Does the kickstart file request a reboot? +grep -q "^reboot" /tmp/ks.cfg /ks.cfg 2>/dev/null +if [ \$? -ne 0 ]; then + exit 0 +fi + +# find out the location of /boot and use it to re-ipl +boot_dev="" +for mountpt in /mnt/sysimage/boot /mnt/sysimage; +do + set -- \$(grep " \$mountpt " /proc/mounts) + if [ -b "\$1" ]; then + boot_dev=\$1 + break + fi +done + +# lookup dasd disk +if [[ \$boot_dev == *dasd* ]]; then + # remove the '/dev/' (aka basename) + boot_dev=\${boot_dev\#\#/[^/]*/} + # strip partition number from dasd device + boot_dev=\${boot_dev%%[0-9]} + type="ccw" + id=`basename \$(readlink /sys/block/\$boot_dev/device)` + + # HACK - In RHEL4 and RHEL3 ... we do it the hard way + grep -q "^[34]\$" /.buildstamp 2>/dev/null + if [ \$? -eq 0 ]; then + cat <<EOF> /mnt/sysimage/tmp/zeboot.sh +\#!/bin/bash +/sbin/modprobe -r vmcp +rm -f "/dev/vmcp" +sleep 2 +[ -b "/dev/vmcp" ] || /bin/mknod /dev/vmcp c 10 61 +/sbin/modprobe -a vmcp +sync +# Force a boot (e.g. IPL 0100) +/sbin/vmcp ipl \${id\#\#*.} +EOF + /bin/chmod +x /mnt/sysimage/tmp/zeboot.sh + /bin/chroot /mnt/sysimage /tmp/zeboot.sh + # In RHEL5 ... lets cleanly shutdown (Update 3 and newer) + else + echo \$type > /sys/firmware/reipl/reipl_type + echo \$id > /sys/firmware/reipl/\$type/device + + # Force a reboot + pid=\$(cat /var/run/init.pid) + [ -z "\$pid" ] && pid=\$(pidof init) + kill -12 \$pid + pid=\$(cat /var/run/loader.run) + [ -z "\$pid" ] && pid=\$(pidof loader) + kill \$pid + fi +fi +#end if diff --git a/deploy/adapters/cobbler/snippets/preseed_ansible b/deploy/adapters/cobbler/snippets/preseed_ansible index d3f5a12f..8b137891 100644 --- a/deploy/adapters/cobbler/snippets/preseed_ansible +++ b/deploy/adapters/cobbler/snippets/preseed_ansible @@ -1 +1 @@ -
+ diff --git a/deploy/adapters/cobbler/snippets/preseed_apt_repo_config b/deploy/adapters/cobbler/snippets/preseed_apt_repo_config index 185b6118..e28dd808 100644 --- a/deploy/adapters/cobbler/snippets/preseed_apt_repo_config +++ b/deploy/adapters/cobbler/snippets/preseed_apt_repo_config @@ -1,27 +1,27 @@ -# Uncomment this if you don't want to use a network mirror
-d-i apt-setup/use_mirror boolean false
-d-i apt-setup/services-select multiselect
-d-i apt-setup/security_host string $http_server
-d-i apt-setup/security_path string $install_source_directory
-# Additional repositories, local[0-9] available
-#set $cur=0
-#set $repo_data = $getVar("repo_data",[])
-#for $repo in $repo_data
- #for $dist in $repo.apt_dists
- #set $comps = " ".join($repo.apt_components)
-d-i apt-setup/local${cur}/repository string \
- #if $repo.mirror_locally
-deb http://$http_server/cobbler/repo_mirror/${repo.name} $dist $comps
- #else
-deb ${repo.mirror} $dist $comps
- #end if
- #if $repo.comment != ""
-d-i apt-setup/local${cur}/comment string ${repo.comment}
- #end if
- #if $repo.breed == "src"
-# Enable deb-src lines
-d-i apt-setup/local${cur}/source boolean false
- #end if
- #set $cur=$cur+1
- #end for
-#end for
+# Uncomment this if you don't want to use a network mirror +d-i apt-setup/use_mirror boolean false +d-i apt-setup/services-select multiselect +d-i apt-setup/security_host string $http_server +d-i apt-setup/security_path string $install_source_directory +# Additional repositories, local[0-9] available +#set $cur=0 +#set $repo_data = $getVar("repo_data",[]) +#for $repo in $repo_data + #for $dist in $repo.apt_dists + #set $comps = " ".join($repo.apt_components) +d-i apt-setup/local${cur}/repository string \ + #if $repo.mirror_locally +deb http://$http_server/cobbler/repo_mirror/${repo.name} $dist $comps + #else +deb ${repo.mirror} $dist $comps + #end if + #if $repo.comment != "" +d-i apt-setup/local${cur}/comment string ${repo.comment} + #end if + #if $repo.breed == "src" +# Enable deb-src lines +d-i apt-setup/local${cur}/source boolean false + #end if + #set $cur=$cur+1 + #end for +#end for diff --git a/deploy/adapters/cobbler/snippets/preseed_chef b/deploy/adapters/cobbler/snippets/preseed_chef index 52d93fa0..c6ab4855 100644 --- a/deploy/adapters/cobbler/snippets/preseed_chef +++ b/deploy/adapters/cobbler/snippets/preseed_chef @@ -1,13 +1,13 @@ -mkdir -p /etc/chef
-mkdir -p /var/log/chef
-
-## Generate validation.pem
-$SNIPPET('preseed_chef-validator.pem')
-## Generate admin.pem
-$SNIPPET('preseed_chef-admin.pem')
-## Generate client.rb
-$SNIPPET('preseed_client.rb')
-$SNIPPET('preseed_knife.rb')
-$SNIPPET('preseed_gem_local_repo')
-$SNIPPET('preseed_chef_run.sh')
-$SNIPPET('preseed_chef_init')
+mkdir -p /etc/chef +mkdir -p /var/log/chef + +## Generate validation.pem +$SNIPPET('preseed_chef-validator.pem') +## Generate admin.pem +$SNIPPET('preseed_chef-admin.pem') +## Generate client.rb +$SNIPPET('preseed_client.rb') +$SNIPPET('preseed_knife.rb') +$SNIPPET('preseed_gem_local_repo') +$SNIPPET('preseed_chef_run.sh') +$SNIPPET('preseed_chef_init') diff --git a/deploy/adapters/cobbler/snippets/preseed_chef-admin.pem b/deploy/adapters/cobbler/snippets/preseed_chef-admin.pem index 4d098bd8..36aad5d1 100644 --- a/deploy/adapters/cobbler/snippets/preseed_chef-admin.pem +++ b/deploy/adapters/cobbler/snippets/preseed_chef-admin.pem @@ -1,8 +1,8 @@ -#if $getVar('chef_admin_file', '') == ""
- #set chef_admin_file = '/etc/chef-server/admin.pem'
-#end if
-#set f = $open($chef_admin_file)
-cat << EOL > /etc/chef/admin.pem
-#echo $f.read()
-EOL
-#silent $f.close()
+#if $getVar('chef_admin_file', '') == "" + #set chef_admin_file = '/etc/chef-server/admin.pem' +#end if +#set f = $open($chef_admin_file) +cat << EOL > /etc/chef/admin.pem +#echo $f.read() +EOL +#silent $f.close() diff --git a/deploy/adapters/cobbler/snippets/preseed_chef-validator.pem b/deploy/adapters/cobbler/snippets/preseed_chef-validator.pem index e181c977..515a2195 100644 --- a/deploy/adapters/cobbler/snippets/preseed_chef-validator.pem +++ b/deploy/adapters/cobbler/snippets/preseed_chef-validator.pem @@ -1,8 +1,8 @@ -#if $getVar('chef_validation_file', '') == ""
- #set chef_validation_file = '/etc/chef-server/chef-validator.pem'
-#end if
-#set f = $open($chef_validation_file)
-cat << EOL > /etc/chef/validation.pem
-#echo $f.read()
-EOL
-#silent $f.close()
+#if $getVar('chef_validation_file', '') == "" + #set chef_validation_file = '/etc/chef-server/chef-validator.pem' +#end if +#set f = $open($chef_validation_file) +cat << EOL > /etc/chef/validation.pem +#echo $f.read() +EOL +#silent $f.close() diff --git a/deploy/adapters/cobbler/snippets/preseed_chef_init b/deploy/adapters/cobbler/snippets/preseed_chef_init index ec9938a2..57fe7672 100644 --- a/deploy/adapters/cobbler/snippets/preseed_chef_init +++ b/deploy/adapters/cobbler/snippets/preseed_chef_init @@ -1,31 +1,31 @@ -## A self-destruct service to boot chef client and register cron job
-#if $getVar('ntp_server', '') == ""
- #set $ntp_server = '0.ubuntu.pool.ntp.org'
-#end if
-cat << EOF > /etc/init.d/chef
-#raw
-#!/bin/bash
-# chkconfig: 2345 99 20
-# description: Description of the script
-# processname: chef-agent
-#end raw
-echo "old date is: `date`" 2>&1 > /tmp/ntp.log
-service ntpd stop 2>&1 >> /tmp/ntp.log
-ntpdate $ntp_server 2>&1 >> /tmp/ntp.log
-service ntpd start 2>&1 >> /tmp/ntp.log
-echo "new date is: `date`" 2>&1 >> /tmp/ntp.log
-apt-get -y update 2>&1 >> /tmp/apt_update
-
-crontab -l > /tmp/mycron
-echo "*/30 * * * * /etc/chef/chef_client_run.sh" >> /tmp/mycron
-crontab /tmp/mycron
-rm /tmp/mycron
-
-/etc/chef/chef_client_run.sh &
-
-update-rc.d -f chef remove
-mv /etc/init.d/chef /tmp/chef
-EOF
-
-chmod +x /etc/init.d/chef
-update-rc.d chef defaults 99 20
+## A self-destruct service to boot chef client and register cron job +#if $getVar('ntp_server', '') == "" + #set $ntp_server = '0.ubuntu.pool.ntp.org' +#end if +cat << EOF > /etc/init.d/chef +#raw +#!/bin/bash +# chkconfig: 2345 99 20 +# description: Description of the script +# processname: chef-agent +#end raw +echo "old date is: `date`" 2>&1 > /tmp/ntp.log +service ntpd stop 2>&1 >> /tmp/ntp.log +ntpdate $ntp_server 2>&1 >> /tmp/ntp.log +service ntpd start 2>&1 >> /tmp/ntp.log +echo "new date is: `date`" 2>&1 >> /tmp/ntp.log +apt-get -y update 2>&1 >> /tmp/apt_update + +crontab -l > /tmp/mycron +echo "*/30 * * * * /etc/chef/chef_client_run.sh" >> /tmp/mycron +crontab /tmp/mycron +rm /tmp/mycron + +/etc/chef/chef_client_run.sh & + +update-rc.d -f chef remove +mv /etc/init.d/chef /tmp/chef +EOF + +chmod +x /etc/init.d/chef +update-rc.d chef defaults 99 20 diff --git a/deploy/adapters/cobbler/snippets/preseed_chef_rsyslog.conf b/deploy/adapters/cobbler/snippets/preseed_chef_rsyslog.conf index 011191b2..f26613bd 100644 --- a/deploy/adapters/cobbler/snippets/preseed_chef_rsyslog.conf +++ b/deploy/adapters/cobbler/snippets/preseed_chef_rsyslog.conf @@ -1,10 +1,10 @@ -echo "\\$ModLoad imfile" > /target/etc/rsyslog.d/chef.conf; \
-echo "\\$InputFileName /var/log/chef-client.log" >> /target/etc/rsyslog.d/chef.conf; \
-echo "\\$InputFileReadMode 0" >> /target/etc/rsyslog.d/chef.conf; \
-echo "\\$InputFileTag" >> /target/etc/rsyslog.d/chef.conf; \
-echo "\\$InputFileStateFile firstboot_log" >> /target/etc/rsyslog.d/chef.conf; \
-echo "\\$InputFileSeverity notice" >> /target/etc/rsyslog.d/chef.conf; \
-echo "\\$InputFileFacility local3" >> /target/etc/rsyslog.d/chef.conf; \
-echo "\\$InputRunFileMonitor" >> /target/etc/rsyslog.d/chef.conf; \
-echo "\\$InputFilePollInterval 1" >> /target/etc/rsyslog.d/chef.conf; \
-echo "local3.info @$server:514" >> /target/etc/rsyslog.d/chef.conf; \
+echo "\\$ModLoad imfile" > /target/etc/rsyslog.d/chef.conf; \ +echo "\\$InputFileName /var/log/chef-client.log" >> /target/etc/rsyslog.d/chef.conf; \ +echo "\\$InputFileReadMode 0" >> /target/etc/rsyslog.d/chef.conf; \ +echo "\\$InputFileTag" >> /target/etc/rsyslog.d/chef.conf; \ +echo "\\$InputFileStateFile firstboot_log" >> /target/etc/rsyslog.d/chef.conf; \ +echo "\\$InputFileSeverity notice" >> /target/etc/rsyslog.d/chef.conf; \ +echo "\\$InputFileFacility local3" >> /target/etc/rsyslog.d/chef.conf; \ +echo "\\$InputRunFileMonitor" >> /target/etc/rsyslog.d/chef.conf; \ +echo "\\$InputFilePollInterval 1" >> /target/etc/rsyslog.d/chef.conf; \ +echo "local3.info @$server:514" >> /target/etc/rsyslog.d/chef.conf; \ diff --git a/deploy/adapters/cobbler/snippets/preseed_chef_run.sh b/deploy/adapters/cobbler/snippets/preseed_chef_run.sh index 8bda6210..ade6215f 100644 --- a/deploy/adapters/cobbler/snippets/preseed_chef_run.sh +++ b/deploy/adapters/cobbler/snippets/preseed_chef_run.sh @@ -1,105 +1,105 @@ -#set ip_address = ""
-#set ikeys = $interfaces.keys()
-#for $iname in $ikeys
- #set $idata = $interfaces[$iname]
- #set $static = $idata["static"]
- #set $management = $idata["management"]
- #set $ip = $idata["ip_address"]
- #if $management and $ip
- #set $ip_address = $ip
- #end if
-#end for
-
-#set $proxy_url = ""
-#set $local_repo_url = ""
-#if $getVar("local_repo","") != ""
- #set $local_repo_url = $local_repo
-#end if
-#if $getVar("proxy","") != ""
- #set $proxy_url = $proxy
-#end if
-
-#if $getVar('compass_server', '') != ""
- #set srv = $getVar('compass_server','')
-#else
- #set srv = $getVar('server','')
-#end if
-
-cat << EOF > /etc/chef/chef_client_run.sh
-#!/bin/bash
-touch /var/log/chef.log
-PIDFILE=/tmp/chef_client_run.pid
-if [ -f \\$PIDFILE ]; then
- pid=\\$(cat \\$PIDFILE)
- if [ -f /proc/\\$pid/exe ]; then
- echo "there are chef_client_run.sh running with pid \\$pid" >> /var/log/chef.log 2>&1
- exit 1
- fi
-fi
-echo \\$$ > \\$PIDFILE
-while true; do
- echo "run chef-client on \`date\`" >> /var/log/chef.log 2>&1
- clients=\\$(pgrep chef-client)
- if [[ "\\$?" == "0" ]]; then
- echo "there are chef-clients '\\$clients' running" >> /var/log/chef.log 2>&1
- break
- else
- echo "knife search nodes" >> /var/log/chef.log 2>&1
- USER=root HOME=/root knife node list |grep \\$HOSTNAME. >> /var/log/chef.log 2>&1
- nodes=\\$(USER=root HOME=/root knife node list |grep \\$HOSTNAME.)
- echo "found nodes \\$nodes" >> /var/log/chef.log 2>&1
- all_nodes_success=1
- for node in \\$nodes; do
- mkdir -p /var/log/chef/\\$node
- if [ ! -f /etc/chef/\\$node.json ]; then
- cat << EOL > /etc/chef/\\$node.json
-{
- "local_repo": "$local_repo_url",
- "proxy_url": "$proxy_url",
- "ip_address": "$ip_address"
-}
-EOL
- fi
- if [ ! -f "/etc/chef/\\$node.pem" ]; then
- cat << EOL > /etc/rsyslog.d/\\$node.conf
-\\\\$ModLoad imfile
-\\\\$InputFileName /var/log/chef/\\$node/chef-client.log
-\\\\$InputFileReadMode 0
-\\\\$InputFileTag \\$node
-\\\\$InputFileStateFile chef_\\${node}_log
-\\\\$InputFileSeverity notice
-\\\\$InputFileFacility local3
-\\\\$InputRunFileMonitor
-\\\\$InputFilePollInterval 1
-#if $getVar("compass_server","") != ""
-local3.info @$compass_server:514
-#else
-local3.info @@$server:514
-#end if
-EOL
- rm -rf /var/lib/rsyslog/chef_\\$node_log
- service rsyslog restart
- fi
- if [ -f "/etc/chef/\\$node.done" ]; then
- USER=root HOME=/root chef-client --node-name \\$node -j /etc/chef/\\$node.json --client_key /etc/chef/\\$node.pem >> /var/log/chef.log 2>&1
- else
- USER=root HOME=/root chef-client --node-name \\$node -j /etc/chef/\\$node.json --client_key /etc/chef/\\$node.pem -L /var/log/chef/\\$node/chef-client.log >> /var/log/chef.log 2>&1
- fi
- if [ "\\$?" != "0" ]; then
- echo "chef-client --node-name \\$node run failed" >> /var/log/chef.log 2>&1
- all_nodes_success=0
- else
- echo "chef-client --node-name \\$node run success" >> /var/log/chef.log 2>&1
- touch /etc/chef/\\$node.done
- wget -O /tmp/package_state.\\$node --post-data='{"ready": true}' --header=Content-Type:application/json "http://$srv/api/clusterhosts/\\${node}/state_internal"
- fi
- done
- if [ \\$all_nodes_success -eq 0 ]; then
- sleep 1m
- else
- break
- fi
- fi
-done
-EOF
-chmod +x /etc/chef/chef_client_run.sh
+#set ip_address = "" +#set ikeys = $interfaces.keys() +#for $iname in $ikeys + #set $idata = $interfaces[$iname] + #set $static = $idata["static"] + #set $management = $idata["management"] + #set $ip = $idata["ip_address"] + #if $management and $ip + #set $ip_address = $ip + #end if +#end for + +#set $proxy_url = "" +#set $local_repo_url = "" +#if $getVar("local_repo","") != "" + #set $local_repo_url = $local_repo +#end if +#if $getVar("proxy","") != "" + #set $proxy_url = $proxy +#end if + +#if $getVar('compass_server', '') != "" + #set srv = $getVar('compass_server','') +#else + #set srv = $getVar('server','') +#end if + +cat << EOF > /etc/chef/chef_client_run.sh +#!/bin/bash +touch /var/log/chef.log +PIDFILE=/tmp/chef_client_run.pid +if [ -f \\$PIDFILE ]; then + pid=\\$(cat \\$PIDFILE) + if [ -f /proc/\\$pid/exe ]; then + echo "there are chef_client_run.sh running with pid \\$pid" >> /var/log/chef.log 2>&1 + exit 1 + fi +fi +echo \\$$ > \\$PIDFILE +while true; do + echo "run chef-client on \`date\`" >> /var/log/chef.log 2>&1 + clients=\\$(pgrep chef-client) + if [[ "\\$?" == "0" ]]; then + echo "there are chef-clients '\\$clients' running" >> /var/log/chef.log 2>&1 + break + else + echo "knife search nodes" >> /var/log/chef.log 2>&1 + USER=root HOME=/root knife node list |grep \\$HOSTNAME. >> /var/log/chef.log 2>&1 + nodes=\\$(USER=root HOME=/root knife node list |grep \\$HOSTNAME.) + echo "found nodes \\$nodes" >> /var/log/chef.log 2>&1 + all_nodes_success=1 + for node in \\$nodes; do + mkdir -p /var/log/chef/\\$node + if [ ! -f /etc/chef/\\$node.json ]; then + cat << EOL > /etc/chef/\\$node.json +{ + "local_repo": "$local_repo_url", + "proxy_url": "$proxy_url", + "ip_address": "$ip_address" +} +EOL + fi + if [ ! -f "/etc/chef/\\$node.pem" ]; then + cat << EOL > /etc/rsyslog.d/\\$node.conf +\\\\$ModLoad imfile +\\\\$InputFileName /var/log/chef/\\$node/chef-client.log +\\\\$InputFileReadMode 0 +\\\\$InputFileTag \\$node +\\\\$InputFileStateFile chef_\\${node}_log +\\\\$InputFileSeverity notice +\\\\$InputFileFacility local3 +\\\\$InputRunFileMonitor +\\\\$InputFilePollInterval 1 +#if $getVar("compass_server","") != "" +local3.info @$compass_server:514 +#else +local3.info @@$server:514 +#end if +EOL + rm -rf /var/lib/rsyslog/chef_\\$node_log + service rsyslog restart + fi + if [ -f "/etc/chef/\\$node.done" ]; then + USER=root HOME=/root chef-client --node-name \\$node -j /etc/chef/\\$node.json --client_key /etc/chef/\\$node.pem >> /var/log/chef.log 2>&1 + else + USER=root HOME=/root chef-client --node-name \\$node -j /etc/chef/\\$node.json --client_key /etc/chef/\\$node.pem -L /var/log/chef/\\$node/chef-client.log >> /var/log/chef.log 2>&1 + fi + if [ "\\$?" != "0" ]; then + echo "chef-client --node-name \\$node run failed" >> /var/log/chef.log 2>&1 + all_nodes_success=0 + else + echo "chef-client --node-name \\$node run success" >> /var/log/chef.log 2>&1 + touch /etc/chef/\\$node.done + wget -O /tmp/package_state.\\$node --post-data='{"ready": true}' --header=Content-Type:application/json "http://$srv/api/clusterhosts/\\${node}/state_internal" + fi + done + if [ \\$all_nodes_success -eq 0 ]; then + sleep 1m + else + break + fi + fi +done +EOF +chmod +x /etc/chef/chef_client_run.sh diff --git a/deploy/adapters/cobbler/snippets/preseed_client.rb b/deploy/adapters/cobbler/snippets/preseed_client.rb index 465d96e1..e6c60a4d 100644 --- a/deploy/adapters/cobbler/snippets/preseed_client.rb +++ b/deploy/adapters/cobbler/snippets/preseed_client.rb @@ -1,35 +1,35 @@ -cat << EOL > /etc/chef/client.rb
-log_level :info
-log_location '/dev/null'
-#if $getVar('chef_url', '') != ""
-chef_server_url '$chef_url'
-#elif $getVar("compass_server","") != ""
-chef_server_url 'https://$compass_server'
-#else
-chef_server_url 'https://$server'
-#end if
-validation_client_name 'chef-validator'
-json_attribs nil
-pid_file '/var/run/chef-client.pid'
-# Using default node name (fqdn)
-no_lazy_load true
-ssl_verify_mode :verify_none
-EOL
-
-mkdir -p /etc/chef/trusted_certs
-#set certs_path = $getVar("trusted_certs_path", "/var/opt/chef-server/nginx/ca")
-#if $certs_path != ""
- #import os
- #import os.path
- #set filenames = $os.listdir($certs_path)
- #for filename in $filenames
- #if $filename.endswith('.crt')
- #set filepath = $os.path.join($certs_path, $filename)
- #set f = $open($filepath)
-cat << EOF > /etc/chef/trusted_certs/$filename
- #echo $f.read()
-EOF
- #silent $f.close()
- #end if
- #end for
-#end if
+cat << EOL > /etc/chef/client.rb +log_level :info +log_location '/dev/null' +#if $getVar('chef_url', '') != "" +chef_server_url '$chef_url' +#elif $getVar("compass_server","") != "" +chef_server_url 'https://$compass_server' +#else +chef_server_url 'https://$server' +#end if +validation_client_name 'chef-validator' +json_attribs nil +pid_file '/var/run/chef-client.pid' +# Using default node name (fqdn) +no_lazy_load true +ssl_verify_mode :verify_none +EOL + +mkdir -p /etc/chef/trusted_certs +#set certs_path = $getVar("trusted_certs_path", "/var/opt/chef-server/nginx/ca") +#if $certs_path != "" + #import os + #import os.path + #set filenames = $os.listdir($certs_path) + #for filename in $filenames + #if $filename.endswith('.crt') + #set filepath = $os.path.join($certs_path, $filename) + #set f = $open($filepath) +cat << EOF > /etc/chef/trusted_certs/$filename + #echo $f.read() +EOF + #silent $f.close() + #end if + #end for +#end if diff --git a/deploy/adapters/cobbler/snippets/preseed_gem_local_repo b/deploy/adapters/cobbler/snippets/preseed_gem_local_repo index 457bfd4f..ac779382 100644 --- a/deploy/adapters/cobbler/snippets/preseed_gem_local_repo +++ b/deploy/adapters/cobbler/snippets/preseed_gem_local_repo @@ -1,23 +1,23 @@ -cat << EOF > /root/.gemrc
-#if $getVar('proxy', '') != ""
-gem: --no-ri --no-rdoc --http-proxy=$proxy
-#else
-gem: --no-ri --no-rdoc
-#end if
-:backtrace: false
-:benchmark: false
-:bulk_threshold: 1000
-:sources:
-#if $getVar("local_repo","") != ""
-- $local_repo/gem_repo/
- #if $getVar("local_repo_only","1") == "0"
-- https://rubygems.org/
- #end if
-#else
-- https://rubygems.org/
-#end if
-:update_sources: true
-:verbose: true
-EOF
-
-cp -f /root/.gemrc /etc/gemrc
+cat << EOF > /root/.gemrc +#if $getVar('proxy', '') != "" +gem: --no-ri --no-rdoc --http-proxy=$proxy +#else +gem: --no-ri --no-rdoc +#end if +:backtrace: false +:benchmark: false +:bulk_threshold: 1000 +:sources: +#if $getVar("local_repo","") != "" +- $local_repo/gem_repo/ + #if $getVar("local_repo_only","1") == "0" +- https://rubygems.org/ + #end if +#else +- https://rubygems.org/ +#end if +:update_sources: true +:verbose: true +EOF + +cp -f /root/.gemrc /etc/gemrc diff --git a/deploy/adapters/cobbler/snippets/preseed_hosts b/deploy/adapters/cobbler/snippets/preseed_hosts index 67ecba80..7f8426d9 100644 --- a/deploy/adapters/cobbler/snippets/preseed_hosts +++ b/deploy/adapters/cobbler/snippets/preseed_hosts @@ -1,15 +1,15 @@ -cat << EOL > /etc/hosts
-127.0.0.1 $system_name localhost localhost.localdomain localhost4 localhost4.localdomain4
-::1 $system_name localhost localhost.localdomain localhost6 localhost6.localdomain6
-#for $iname, $idata in $interfaces.items()
- #if $hostname and $idata["management"] and $idata["static"] and $idata.get("ip_address", "") != ""
-$idata["ip_address"] $hostname
- #end if
-#end for
-#import os
-#set $server_name = $os.uname[1]
-$server $server_name
-#if $getVar("chef_server_ip", "") != "" and $getVar("chef_server_dns", "") != ""
-$chef_server_ip $chef_server_dns
-#end if
-EOL
+cat << EOL > /etc/hosts +127.0.0.1 $system_name localhost localhost.localdomain localhost4 localhost4.localdomain4 +::1 $system_name localhost localhost.localdomain localhost6 localhost6.localdomain6 +#for $iname, $idata in $interfaces.items() + #if $hostname and $idata["management"] and $idata["static"] and $idata.get("ip_address", "") != "" +$idata["ip_address"] $hostname + #end if +#end for +#import os +#set $server_name = $os.uname[1] +$server $server_name +#if $getVar("chef_server_ip", "") != "" and $getVar("chef_server_dns", "") != "" +$chef_server_ip $chef_server_dns +#end if +EOL diff --git a/deploy/adapters/cobbler/snippets/preseed_knife.rb b/deploy/adapters/cobbler/snippets/preseed_knife.rb index 4e9efb21..32047bbc 100644 --- a/deploy/adapters/cobbler/snippets/preseed_knife.rb +++ b/deploy/adapters/cobbler/snippets/preseed_knife.rb @@ -1,32 +1,32 @@ -mkdir -p /root/.chef
-cat << EOL > /root/.chef/knife.rb
-log_level :info
-log_location '/dev/null'
-#if $getVar('chef_url', '') != ""
-chef_server_url '$chef_url'
-#end if
-node_name 'admin'
-client_key '/etc/chef/admin.pem'
-validation_client_name 'chef-validator'
-validation_key '/etc/chef/validation.pem'
-syntax_check_cache_path '/root/.chef/syntax_check_cache'
-ssl_verify_mode :verify_none
-EOL
-
-mkdir -p /root/.chef/trusted_certs
-#set certs_path = $getVar("trusted_certs_path", "/var/opt/chef-server/nginx/ca")
-#if $certs_path != ""
- #import os
- #import os.path
- #set filenames = $os.listdir($certs_path)
- #for filename in $filenames
- #if $filename.endswith('.crt')
- #set filepath = $os.path.join($certs_path, $filename)
- #set f = $open($filepath)
-cat << EOF > /root/.chef/trusted_certs/$filename
- #echo $f.read()
-EOF
- #silent $f.close()
- #end if
- #end for
-#end if
+mkdir -p /root/.chef +cat << EOL > /root/.chef/knife.rb +log_level :info +log_location '/dev/null' +#if $getVar('chef_url', '') != "" +chef_server_url '$chef_url' +#end if +node_name 'admin' +client_key '/etc/chef/admin.pem' +validation_client_name 'chef-validator' +validation_key '/etc/chef/validation.pem' +syntax_check_cache_path '/root/.chef/syntax_check_cache' +ssl_verify_mode :verify_none +EOL + +mkdir -p /root/.chef/trusted_certs +#set certs_path = $getVar("trusted_certs_path", "/var/opt/chef-server/nginx/ca") +#if $certs_path != "" + #import os + #import os.path + #set filenames = $os.listdir($certs_path) + #for filename in $filenames + #if $filename.endswith('.crt') + #set filepath = $os.path.join($certs_path, $filename) + #set f = $open($filepath) +cat << EOF > /root/.chef/trusted_certs/$filename + #echo $f.read() +EOF + #silent $f.close() + #end if + #end for +#end if diff --git a/deploy/adapters/cobbler/snippets/preseed_limits.conf b/deploy/adapters/cobbler/snippets/preseed_limits.conf index a6df3e0c..00cf8610 100644 --- a/deploy/adapters/cobbler/snippets/preseed_limits.conf +++ b/deploy/adapters/cobbler/snippets/preseed_limits.conf @@ -1,54 +1,54 @@ -cat << EOF > /etc/security/limits.conf
-#raw
-# /etc/security/limits.conf
-#
-# Each line describes a limit for a user in the form:
-#
-#<domain> <type> <item> <value>
-#
-#Where:
-#<domain> can be:
-# - an user name
-# - a group name, with @group syntax
-# - the wildcard *, for default entry
-# - the wildcard %, can be also used with %group syntax,
-# for maxlogin limit
-#
-#<type> can have the two values:
-# - "soft" for enforcing the soft limits
-# - "hard" for enforcing hard limits
-#
-#<item> can be one of the following:
-# - core - limits the core file size (KB)
-# - data - max data size (KB)
-# - fsize - maximum filesize (KB)
-# - memlock - max locked-in-memory address space (KB)
-# - nofile - max number of open files
-# - rss - max resident set size (KB)
-# - stack - max stack size (KB)
-# - cpu - max CPU time (MIN)
-# - nproc - max number of processes
-# - as - address space limit (KB)
-# - maxlogins - max number of logins for this user
-# - maxsyslogins - max number of logins on the system
-# - priority - the priority to run user process with
-# - locks - max number of file locks the user can hold
-# - sigpending - max number of pending signals
-# - msgqueue - max memory used by POSIX message queues (bytes)
-# - nice - max nice priority allowed to raise to values: [-20, 19]
-# - rtprio - max realtime priority
-#
-#<domain> <type> <item> <value>
-#
-
-#* soft core 0
-#* hard rss 10000
-#@student hard nproc 20
-#@faculty soft nproc 20
-#@faculty hard nproc 50
-#ftp hard nproc 0
-#@student - maxlogins 4
-* - nofile 100000
-# End of file
-#end raw
-EOF
+cat << EOF > /etc/security/limits.conf +#raw +# /etc/security/limits.conf +# +# Each line describes a limit for a user in the form: +# +#<domain> <type> <item> <value> +# +#Where: +#<domain> can be: +# - an user name +# - a group name, with @group syntax +# - the wildcard *, for default entry +# - the wildcard %, can be also used with %group syntax, +# for maxlogin limit +# +#<type> can have the two values: +# - "soft" for enforcing the soft limits +# - "hard" for enforcing hard limits +# +#<item> can be one of the following: +# - core - limits the core file size (KB) +# - data - max data size (KB) +# - fsize - maximum filesize (KB) +# - memlock - max locked-in-memory address space (KB) +# - nofile - max number of open files +# - rss - max resident set size (KB) +# - stack - max stack size (KB) +# - cpu - max CPU time (MIN) +# - nproc - max number of processes +# - as - address space limit (KB) +# - maxlogins - max number of logins for this user +# - maxsyslogins - max number of logins on the system +# - priority - the priority to run user process with +# - locks - max number of file locks the user can hold +# - sigpending - max number of pending signals +# - msgqueue - max memory used by POSIX message queues (bytes) +# - nice - max nice priority allowed to raise to values: [-20, 19] +# - rtprio - max realtime priority +# +#<domain> <type> <item> <value> +# + +#* soft core 0 +#* hard rss 10000 +#@student hard nproc 20 +#@faculty soft nproc 20 +#@faculty hard nproc 50 +#ftp hard nproc 0 +#@student - maxlogins 4 +* - nofile 100000 +# End of file +#end raw +EOF diff --git a/deploy/adapters/cobbler/snippets/preseed_network_config b/deploy/adapters/cobbler/snippets/preseed_network_config index 7afd4169..651467a7 100644 --- a/deploy/adapters/cobbler/snippets/preseed_network_config +++ b/deploy/adapters/cobbler/snippets/preseed_network_config @@ -1,23 +1,23 @@ -#if $getVar("system_name","") != ""
-d-i netcfg/link_detection_timeout string 0
-d-i netcfg/dhcp_timeout string 0
-d-i netcfg/dhcpv6_timeout string 0
-d-i netcfg/enable boolean false
-d-i netcfg/disable_autoconfig boolean true
-d-i netcfg/use_autoconfig boolean false
-d-i netcfg/disable_dhcp boolean true
-d-i netcfg/dhcp_failed note
-d-i netcfg/dhcp_options select Configure network manually
-d-i hw-detect/load_firmware boolean true
-d-i netcfg/confirm_static boolean true
- #if $hostname != ""
-d-i netcfg/get_hostname string $hostname
-d-i netcfg/hostname string $hostname
- #end if
- #if $gateway != ""
-d-i netcfg/get_gateway string $gateway
- #end if
- #if $len($name_servers) > 0
-d-i netcfg/get_nameservers string $name_servers[0]
- #end if
-#end if
+#if $getVar("system_name","") != "" +d-i netcfg/link_detection_timeout string 0 +d-i netcfg/dhcp_timeout string 0 +d-i netcfg/dhcpv6_timeout string 0 +d-i netcfg/enable boolean false +d-i netcfg/disable_autoconfig boolean true +d-i netcfg/use_autoconfig boolean false +d-i netcfg/disable_dhcp boolean true +d-i netcfg/dhcp_failed note +d-i netcfg/dhcp_options select Configure network manually +d-i hw-detect/load_firmware boolean true +d-i netcfg/confirm_static boolean true + #if $hostname != "" +d-i netcfg/get_hostname string $hostname +d-i netcfg/hostname string $hostname + #end if + #if $gateway != "" +d-i netcfg/get_gateway string $gateway + #end if + #if $len($name_servers) > 0 +d-i netcfg/get_nameservers string $name_servers[0] + #end if +#end if diff --git a/deploy/adapters/cobbler/snippets/preseed_ntp b/deploy/adapters/cobbler/snippets/preseed_ntp index 68caf090..83b30559 100644 --- a/deploy/adapters/cobbler/snippets/preseed_ntp +++ b/deploy/adapters/cobbler/snippets/preseed_ntp @@ -1,70 +1,70 @@ -#if $getVar('ntp_server', '') == ""
- #set $ntp_server = '0.ubuntu.pool.ntp.org'
-#end if
-
-cat << EOF > /etc/ntp.conf
-# For more information about this file, see the man pages
-# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
-
-# Include the option tinker panic 0 at the top of your ntp.conf file.
-# By default, the NTP daemon sometimes panics and exits if the underlying clock
-# appears to be behaving erratically. This option causes the daemon to keep
-# running instead of panicking.
-tinker panic 0
-
-driftfile /var/lib/ntp/drift
-
-# Permit time synchronization with our time source, but do not
-# permit the source to query or modify the service on this system.
-restrict default kod nomodify notrap nopeer noquery
-restrict -6 default kod nomodify notrap nopeer noquery
-
-# Permit all access over the loopback interface. This could
-# be tightened as well, but to do so would effect some of
-# the administrative functions.
-restrict 127.0.0.1
-restrict -6 ::1
-
-# Hosts on local network are less restricted.
-# restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
-
-# Use public servers from the pool.ntp.org project.
-# Please consider joining the pool (http://www.pool.ntp.org/join.html).
-# server 0.ubuntu.pool.ntp.org
-# server 1.ubuntu.pool.ntp.org
-# server 2.ubuntu.pool.ntp.org
-server $ntp_server
-
-# broadcast 192.168.1.255 autokey # broadcast server
-# broadcastclient # broadcast client
-# broadcast 224.0.1.1 autokey # multicast server
-# multicastclient 224.0.1.1 # multicast client
-# manycastserver 239.255.254.254 # manycast server
-# manycastclient 239.255.254.254 autokey # manycast client
-
-# Undisciplined Local Clock. This is a fake driver intended for backup
-# and when no outside source of synchronized time is available.
-server 127.127.1.0 # local clock
-
-# Enable public key cryptography.
-# crypto
-
-includefile /etc/ntp/crypto/pw
-
-# Key file containing the keys and key identifiers used when operating
-# with symmetric key cryptography.
-keys /etc/ntp/keys
-
-# Specify the key identifiers which are trusted.
-# trustedkey 4 8 42
-
-# Specify the key identifier to use with the ntpdc utility.
-# requestkey 8
-
-# Specify the key identifier to use with the ntpq utility.
-# controlkey 8
-
-# Enable writing of statistics records.
-# statistics clockstats cryptostats loopstats peerstats
-EOF
-update-rc.d ntp defaults 58 74
+#if $getVar('ntp_server', '') == "" + #set $ntp_server = '0.ubuntu.pool.ntp.org' +#end if + +cat << EOF > /etc/ntp.conf +# For more information about this file, see the man pages +# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). + +# Include the option tinker panic 0 at the top of your ntp.conf file. +# By default, the NTP daemon sometimes panics and exits if the underlying clock +# appears to be behaving erratically. This option causes the daemon to keep +# running instead of panicking. +tinker panic 0 + +driftfile /var/lib/ntp/drift + +# Permit time synchronization with our time source, but do not +# permit the source to query or modify the service on this system. +restrict default kod nomodify notrap nopeer noquery +restrict -6 default kod nomodify notrap nopeer noquery + +# Permit all access over the loopback interface. This could +# be tightened as well, but to do so would effect some of +# the administrative functions. +restrict 127.0.0.1 +restrict -6 ::1 + +# Hosts on local network are less restricted. +# restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap + +# Use public servers from the pool.ntp.org project. +# Please consider joining the pool (http://www.pool.ntp.org/join.html). +# server 0.ubuntu.pool.ntp.org +# server 1.ubuntu.pool.ntp.org +# server 2.ubuntu.pool.ntp.org +server $ntp_server + +# broadcast 192.168.1.255 autokey # broadcast server +# broadcastclient # broadcast client +# broadcast 224.0.1.1 autokey # multicast server +# multicastclient 224.0.1.1 # multicast client +# manycastserver 239.255.254.254 # manycast server +# manycastclient 239.255.254.254 autokey # manycast client + +# Undisciplined Local Clock. This is a fake driver intended for backup +# and when no outside source of synchronized time is available. +server 127.127.1.0 # local clock + +# Enable public key cryptography. +# crypto + +includefile /etc/ntp/crypto/pw + +# Key file containing the keys and key identifiers used when operating +# with symmetric key cryptography. +keys /etc/ntp/keys + +# Specify the key identifiers which are trusted. +# trustedkey 4 8 42 + +# Specify the key identifier to use with the ntpdc utility. +# requestkey 8 + +# Specify the key identifier to use with the ntpq utility. +# controlkey 8 + +# Enable writing of statistics records. +# statistics clockstats cryptostats loopstats peerstats +EOF +update-rc.d ntp defaults 58 74 diff --git a/deploy/adapters/cobbler/snippets/preseed_partition_disks b/deploy/adapters/cobbler/snippets/preseed_partition_disks index af93c2ea..e3b20bf2 100644 --- a/deploy/adapters/cobbler/snippets/preseed_partition_disks +++ b/deploy/adapters/cobbler/snippets/preseed_partition_disks @@ -1,23 +1,23 @@ -d-i partman-auto/init_automatically_partition string custom
-d-i partman-auto/automatically_partition string custom
-d-i partman-auto/method string lvm
-d-i partman-auto/purge_lvm_from_device boolean true
-d-i partman-auto-lvm/guided_size string max
-d-i partman-lvm/device_remove_lvm boolean true
-d-i partman-lvm/device_remove_lvm_span boolean true
-d-i partman-lvm/confirm boolean true
-d-i partman-lvm/confirm_nooverwrite boolean true
-d-i partman-md/device_remove_md boolean true
-d-i partman-md/confirm boolean true
-d-i partman-partitioning/confirm_write_new_label boolean true
-d-i partman/confirm boolean true
-d-i partman/confirm_nooverwrite boolean true
-d-i partman/default_filesystem string ext3
-d-i partman/mount_style select uuid
-d-i partman/confirm_write_changes_to_disks_and_configure_lvm boolean true
-d-i partman/choose_partition select Finish partitioning and write changes to disk
-d-i mdadm/boot_degraded boolean true
-d-i partman-auto-lvm/no_boot boolean true
-d-i partman-basicfilesystems/no_mount_point false
-d-i partman/filter_mounted boolean false
-d-i partman/unmount_active boolean false
+d-i partman-auto/init_automatically_partition string custom +d-i partman-auto/automatically_partition string custom +d-i partman-auto/method string lvm +d-i partman-auto/purge_lvm_from_device boolean true +d-i partman-auto-lvm/guided_size string max +d-i partman-lvm/device_remove_lvm boolean true +d-i partman-lvm/device_remove_lvm_span boolean true +d-i partman-lvm/confirm boolean true +d-i partman-lvm/confirm_nooverwrite boolean true +d-i partman-md/device_remove_md boolean true +d-i partman-md/confirm boolean true +d-i partman-partitioning/confirm_write_new_label boolean true +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true +d-i partman/default_filesystem string ext3 +d-i partman/mount_style select uuid +d-i partman/confirm_write_changes_to_disks_and_configure_lvm boolean true +d-i partman/choose_partition select Finish partitioning and write changes to disk +d-i mdadm/boot_degraded boolean true +d-i partman-auto-lvm/no_boot boolean true +d-i partman-basicfilesystems/no_mount_point false +d-i partman/filter_mounted boolean false +d-i partman/unmount_active boolean false diff --git a/deploy/adapters/cobbler/snippets/preseed_post_anamon b/deploy/adapters/cobbler/snippets/preseed_post_anamon index 5ed99760..6d889bb7 100644 --- a/deploy/adapters/cobbler/snippets/preseed_post_anamon +++ b/deploy/adapters/cobbler/snippets/preseed_post_anamon @@ -1,80 +1,80 @@ -#if $str($getVar('anamon_enabled','')) == "1"
-
-## install anamon script
- #if $getVar("compass_server", "") != ""
-wget -O /usr/local/sbin/anamon "http://$compass_server:$http_port/cobbler/aux/anamon"
- #else
-wget -O /usr/local/sbin/anamon "http://$server:$http_port/cobbler/aux/anamon"
- #end if
-## install anamon system service
-cat << EOF > /etc/init.d/anamon.init
-#raw
-#!/bin/bash
-## BEGIN INIT INFO
-# Provides: anamon.init
-# Default-Start: 3 5
-# Default-Stop: 0 1 2 4 6
-# Required-Start: $network
-# Short-Description: Starts the cobbler anamon boot notification program
-# Description: anamon runs the first time a machine is booted after
-# installation.
-## END INIT INFO
-
-#
-# anamon.init: Starts the cobbler post-install boot notification program
-#
-# chkconfig: 35 95 95
-#
-# description: anamon runs the first time a machine is booted after
-# installation.
-#
-#end raw
-cd /var/log/installer
-gunzip initial-status.gz
-cd -
-#if $getVar("compass_server","") != ""
-/usr/local/sbin/anamon --watchfile "/var/log/installer/syslog /var/log/installer/hardware-summary /var/log/installer/initial-status /var/log/installer/status" --name $name --server $compass_server --port $http_port --exit
-#else
-/usr/local/sbin/anamon --watchfile "/var/log/installer/syslog /var/log/installer/hardware-summary /var/log/installer/initial-status /var/log/installer/status" --name $name --server $server --port $http_port --exit
-#end if
-update-rc.d -f anamon remove
-mv /etc/init.d/anamon.init /tmp/anamon.init
-EOF
-
-## adjust permissions
-chmod 755 /etc/init.d/anamon.init /usr/local/sbin/anamon
-test -d /selinux && restorecon /etc/init.d/anamon.init /usr/local/sbin/anamon
-
-## enable the script
-update-rc.d anamon.init defaults 95 95
-#end if
-
-## place start-up script for updating os state
-#if $getVar('compass_server', '') != ""
- #set srv = $getVar('compass_server','')
-#else
- #set srv = $getVar('server','')
-#end if
-cat << EOF > /etc/init.d/set_state
-#raw
-#!/bin/bash
-# Provides: set_state
-# Default-Start: 3 5
-# Default-Stop: 0 1 2 4 6
-# Required-Start: $network $ssh
-# Short-Description: Notifies the os installation is finished
-# Description: set_state runs the first time a machine is booted after
-# installation.
-#end raw
-wget -O /tmp/os_state --post-data='{"ready": true}' --header=Content-Type:application/json "http://$srv/api/hosts/${hostname}/state_internal"
-update-rc.d -f set_state remove
-mv /etc/init.d/set_state /tmp/set_state
-EOF
-
-## adjust permissions
-chmod 755 /etc/init.d/set_state
-test -d /selinux && restorecon /etc/init.d/set_state
-
-update-rc.d set_state defaults 99 99
-
-echo "compass_server=$server" >> /etc/compass.conf
+#if $str($getVar('anamon_enabled','')) == "1" + +## install anamon script + #if $getVar("compass_server", "") != "" +wget -O /usr/local/sbin/anamon "http://$compass_server:$http_port/cobbler/aux/anamon" + #else +wget -O /usr/local/sbin/anamon "http://$server:$http_port/cobbler/aux/anamon" + #end if +## install anamon system service +cat << EOF > /etc/init.d/anamon.init +#raw +#!/bin/bash +## BEGIN INIT INFO +# Provides: anamon.init +# Default-Start: 3 5 +# Default-Stop: 0 1 2 4 6 +# Required-Start: $network +# Short-Description: Starts the cobbler anamon boot notification program +# Description: anamon runs the first time a machine is booted after +# installation. +## END INIT INFO + +# +# anamon.init: Starts the cobbler post-install boot notification program +# +# chkconfig: 35 95 95 +# +# description: anamon runs the first time a machine is booted after +# installation. +# +#end raw +cd /var/log/installer +gunzip initial-status.gz +cd - +#if $getVar("compass_server","") != "" +/usr/local/sbin/anamon --watchfile "/var/log/installer/syslog /var/log/installer/hardware-summary /var/log/installer/initial-status /var/log/installer/status" --name $name --server $compass_server --port $http_port --exit +#else +/usr/local/sbin/anamon --watchfile "/var/log/installer/syslog /var/log/installer/hardware-summary /var/log/installer/initial-status /var/log/installer/status" --name $name --server $server --port $http_port --exit +#end if +update-rc.d -f anamon remove +mv /etc/init.d/anamon.init /tmp/anamon.init +EOF + +## adjust permissions +chmod 755 /etc/init.d/anamon.init /usr/local/sbin/anamon +test -d /selinux && restorecon /etc/init.d/anamon.init /usr/local/sbin/anamon + +## enable the script +update-rc.d anamon.init defaults 95 95 +#end if + +## place start-up script for updating os state +#if $getVar('compass_server', '') != "" + #set srv = $getVar('compass_server','') +#else + #set srv = $getVar('server','') +#end if +cat << EOF > /etc/init.d/set_state +#raw +#!/bin/bash +# Provides: set_state +# Default-Start: 3 5 +# Default-Stop: 0 1 2 4 6 +# Required-Start: $network $ssh +# Short-Description: Notifies the os installation is finished +# Description: set_state runs the first time a machine is booted after +# installation. +#end raw +wget -O /tmp/os_state --post-data='{"ready": true}' --header=Content-Type:application/json "http://$srv/api/hosts/${hostname}/state_internal" +update-rc.d -f set_state remove +mv /etc/init.d/set_state /tmp/set_state +EOF + +## adjust permissions +chmod 755 /etc/init.d/set_state +test -d /selinux && restorecon /etc/init.d/set_state + +update-rc.d set_state defaults 99 99 + +echo "compass_server=$server" >> /etc/compass.conf diff --git a/deploy/adapters/cobbler/snippets/preseed_post_apt_repo_config b/deploy/adapters/cobbler/snippets/preseed_post_apt_repo_config index 1d8a34be..6ea56c56 100644 --- a/deploy/adapters/cobbler/snippets/preseed_post_apt_repo_config +++ b/deploy/adapters/cobbler/snippets/preseed_post_apt_repo_config @@ -1,68 +1,67 @@ -#set profile_name = $getVar('profile_name','')
-#set os_info = $profile_name.split('-')
-#set osname = $os_info[0].lower()
-#set osversion = $os_info[1]
-#set osversion_flat = $osversion.replace('.', '_')
-
-cat << EOF > /etc/apt/apt.conf
-APT::Get::Assume-Yes "true";
-APT::Get::force-yes "true";
-#if $getVar('proxy', '') != ''
-Acquire::http::Proxy "$proxy";
-#end if
-Acquire::http::Proxy::$http_server DIRECT;
-#if $getVar("local_repo","") != ""
- #import urlparse
- #set $local_repo_url = $urlparse.urlparse($local_repo)
- #set $local_repo_server = $local_repo_url.hostname
- #if $http_server != $local_repo_server
-Acquire::http::Proxy::${local_repo_server} DIRECT;
- #end if
-#end if
-EOF
-
-
-#if $getVar("local_repo", "") == "" or $getVar("local_repo_only","1") == "0"
- #set repos_snippet = 'apt.repos.d/%s/%s/preseed_repos' % ($osname, $osversion)
-$SNIPPET($repos_snippet)
-#end if
-
-#if $arch == "x86_64"
- #set $rarch = "[arch=amd64]"
-#else
- #set $rarch = "[arch=%s]" % $arch
-#end if
-
-rm -f /etc/apt/sources.list
-cat << EOF >> /etc/apt/sources.list
-deb ${rarch} $tree $os_version main restricted
-EOF
-
-cat << EOF >> /etc/apt/sources.list
- #set $repo_data = $getVar("repo_data",[])
- #for $repo in $repo_data
- #for $dist in $repo.apt_dists
- #set $comps = " ".join($repo.apt_components)
- #if $repo.comment != ""
-# ${repo.comment}
- #end if
- #if $repo.mirror_locally
-deb ${rarch} http://$http_server/cblr/repo_mirror/${repo.name} $dist $comps
- #else
-deb ${rarch} ${repo.mirror} $dist $comps
- #end if
- #end for
- #end for
-EOF
-
-#if $getVar("local_repo","") != ""
-cat << EOF >> /etc/apt/sources.list
-#set compass_repo = 'apt.repos.d/%s/%s/ubuntu_repo' % ($osname, $osversion)
-deb ${rarch} $local_repo/$compass_repo/ local_repo main
-EOF
-
-
- #if $getVar("local_repo_only","1") != "0"
-apt-get -y update
- #end if
-#end if
+#set profile_name = $getVar('profile_name','') +#set os_info = $profile_name.split('-') +#set osname = $os_info[0].lower() +#set osversion = $os_info[1] +#set osversion_flat = $osversion.replace('.', '_') + +cat << EOF > /etc/apt/apt.conf +APT::Get::Assume-Yes "true"; +APT::Get::force-yes "true"; +#if $getVar('proxy', '') != '' +Acquire::http::Proxy "$proxy"; +#end if +Acquire::http::Proxy::$http_server DIRECT; +#if $getVar("local_repo","") != "" + #import urlparse + #set $local_repo_url = $urlparse.urlparse($local_repo) + #set $local_repo_server = $local_repo_url.hostname + #if $http_server != $local_repo_server +Acquire::http::Proxy::${local_repo_server} DIRECT; + #end if +#end if +EOF + + +#if $getVar("local_repo", "") == "" or $getVar("local_repo_only","1") == "0" + #set repos_snippet = 'apt.repos.d/%s/%s/preseed_repos' % ($osname, $osversion) +$SNIPPET($repos_snippet) +#end if + +#if $arch == "x86_64" + #set $rarch = "[arch=amd64]" +#else + #set $rarch = "[arch=%s]" % $arch +#end if + +rm -f /etc/apt/sources.list +cat << EOF >> /etc/apt/sources.list +deb ${rarch} $tree $os_version main restricted +EOF + +cat << EOF >> /etc/apt/sources.list + #set $repo_data = $getVar("repo_data",[]) + #for $repo in $repo_data + #for $dist in $repo.apt_dists + #set $comps = " ".join($repo.apt_components) + #if $repo.comment != "" +# ${repo.comment} + #end if + #if $repo.mirror_locally +deb ${rarch} http://$http_server/cblr/repo_mirror/${repo.name} $dist $comps + #else +deb ${rarch} ${repo.mirror} $dist $comps + #end if + #end for + #end for +EOF + +#if $getVar("local_repo","") != "" +cat << EOF >> /etc/apt/sources.list +#set compass_repo = 'apt.repos.d/%s/%s/ubuntu_repo' % ($osname, $osversion) +deb ${rarch} $local_repo/$compass_repo/ local_repo main +EOF + + #if $getVar("local_repo_only","1") != "0" +apt-get -y update + #end if +#end if diff --git a/deploy/adapters/cobbler/snippets/preseed_post_install_kernel_options b/deploy/adapters/cobbler/snippets/preseed_post_install_kernel_options index 0d937490..1cff9c99 100644 --- a/deploy/adapters/cobbler/snippets/preseed_post_install_kernel_options +++ b/deploy/adapters/cobbler/snippets/preseed_post_install_kernel_options @@ -1,14 +1,14 @@ -#if $getVar('kernel_options_post','') != ''
-# Start post install kernel options update
-if [ -f /etc/default/grub ]; then
- TMP_GRUB=\$(gawk 'match(\$0,/^GRUB_CMDLINE_LINUX="([^"]+)"/,a) {printf("%s\n",a[1])}' /etc/default/grub)
- sed -i '/^GRUB_CMDLINE_LINUX=/d' /etc/default/grub
- echo "GRUB_CMDLINE_LINUX=\"\$TMP_GRUB $kernel_options_post\"" >> /etc/default/grub
- grub2-mkconfig -o /boot/grub2/grub.cfg
-else
- /sbin/grubby --update-kernel=\$(/sbin/grubby --default-kernel) --args="$kernel_options_post"
-fi
-# End post install kernel options update
-#end if
-
-
+#if $getVar('kernel_options_post','') != '' +# Start post install kernel options update +if [ -f /etc/default/grub ]; then + TMP_GRUB=\$(gawk 'match(\$0,/^GRUB_CMDLINE_LINUX="([^"]+)"/,a) {printf("%s\n",a[1])}' /etc/default/grub) + sed -i '/^GRUB_CMDLINE_LINUX=/d' /etc/default/grub + echo "GRUB_CMDLINE_LINUX=\"\$TMP_GRUB $kernel_options_post\"" >> /etc/default/grub + grub2-mkconfig -o /boot/grub2/grub.cfg +else + /sbin/grubby --update-kernel=\$(/sbin/grubby --default-kernel) --args="$kernel_options_post" +fi +# End post install kernel options update +#end if + + diff --git a/deploy/adapters/cobbler/snippets/preseed_post_install_network_config b/deploy/adapters/cobbler/snippets/preseed_post_install_network_config index 177769cf..3e577830 100644 --- a/deploy/adapters/cobbler/snippets/preseed_post_install_network_config +++ b/deploy/adapters/cobbler/snippets/preseed_post_install_network_config @@ -1,630 +1,630 @@ -## Start post_install_network_config generated code
-#if $getVar('promisc_nics', '') != ""
- #set promisc_interfaces = [promisc.strip() for promisc in $promisc_nics.split(',') if promisc.strip()]
-#else
- #set promisc_interfaces = []
-#end if
-#if $hostname != ""
-# set the hostname
-echo "$hostname" > /etc/hostname
-/bin/hostname $hostname
-#end if
-
-#set osversion = $getVar("os_version","")
-
-$SNIPPET('preseed_hosts')
-
-#set $num_ns_search = $len($name_servers_search)
-#if $num_ns_search > 0
-sed -i -e "/^search /d" /etc/resolv.conf
-echo -n "search " >>/etc/resolv.conf
- #for $nameserversearch in $name_servers_search
-echo -n "$nameserversearch " >>/etc/resolv.conf
- #end for
-echo "" >>/etc/resolv.conf
-#end if
-
-#set $num_ns = $len($name_servers)
-#if $num_ns > 0
-sed -i -e "/^nameserver /d" /etc/resolv.conf
- #for $nameserver in $name_servers
-echo "nameserver $nameserver" >>/etc/resolv.conf
- #end for
-#end if
-
-echo '' > /tmp/network_log
-
-# get physical interfaces
-physical_interfaces=""
-for physical_interface in \$(ip -o link | cut -d: -f2 | grep -v lo); do
- echo "processing physical interface \${physical_interface}" >> /tmp/network_log
- if [ -z "\${physical_interfaces}" ]; then
- physical_interfaces="\${physical_interface}"
- else
- physical_interfaces="\${physical_interfaces} \${physical_interface}"
- fi
- eval "physical_interface_\${physical_interface}=\${physical_interface}"
-done
-echo "physical interfaces: \${physical_interfaces}" >> /tmp/network_log
-
-# map physical interface to mac address
-mac_names=""
-for physical_interface in \${physical_interfaces}; do
- set \$(ip link show \${physical_interface})
-#if $osversion == "trusty"
- mac=\$(echo \$@ | cut -d' ' -f17)
-#else
- mac=\$(echo \$@ | cut -d' ' -f13)
-#end if
- mac_name=\$(echo \${mac} |tr 'a-z' 'A-Z' | tr ':' '_')
- if [ -z "\${mac_name}" ]; then
- mac_names="\${mac_name}"
- else
- mac_names="\${mac_names} \${mac_name}"
- fi
- echo "mapping physical interface \${physical_interface} to mac \${mac}" >> /tmp/network_log
- eval "physical_interface_mac_\${physical_interface}=\$mac"
- eval "physical_mac_interface_\${mac_name}=\${physical_interface}"
- eval "mac_name_\${mac_name}=\$mac"
-done
-
-echo "list physical interfaces to mac" >> /tmp/network_log
-for physical_interface in \${physical_interfaces}; do
- eval "mac=\\${physical_interface_mac_\${physical_interface}}"
- echo "physical interface to mac: \${physical_interface} => \${mac}" >> /tmp/network_log
-done
-
-echo "list mac to physical interface mapping" >> /tmp/network_log
-for mac_name in \${mac_names}; do
- eval "mac=\\${mac_name_\${mac_name}}"
- eval "physical_interface=\\${physical_mac_interface_\${mac_name}}"
- echo "mac to physical interface: \${mac} => \${physical_interface}" >> /tmp/network_log
-done
-
-logical_interfaces=""
-#set ikeys = $interfaces.keys()
-#import re
-#set $vlanpattern = $re.compile("([a-zA-Z0-9]+)[\.][0-9]+")
-#set $subinterfacepattern = $re.compile("([a-zA-Z0-9]+)[:][0-9]+")
-#set $numbondingdevs = 0
-#for $iname in $ikeys
- #set $idata = $interfaces[$iname]
- #set $mac = $idata.get("mac_address", "").upper()
- #set $interface_type = $idata.get("interface_type", "").lower()
- #if $interface_type in ("master","bond","bonded_bridge_slave")
- #set $numbondingdevs += 1
- #end if
- #if $interface_type in ("master","bond","bridge","bonded_bridge_slave")
- #continue
- #end if
- #if $vlanpattern.match($iname)
- #set $interface_matched = $vlanpattern.match($iname)
- #set $interface_name = $interface_matched.group(1)
-logical_interface=${interface_name}
- #elif $subinterfacepattern.match($iname)
- #set $interface_matched = $subinterfacepattern.match($iname)
- #set $interface_name = $interface_matched.group(1)
-logical_interface=${interface_name}
- #else
-logical_interface=$iname
- #end if
-if [ -z "\${logical_interfaces}" ]; then
- logical_interfaces="\${logical_interface}"
-else
- logical_interfaces="\${logical_interfaces} \${logical_interface}"
-fi
-eval "logical_interface_\${logical_interface}=\${logical_interface}"
- #if $mac != ""
- #set mac_name = $mac.replace(':', '_')
-physical_interface=\${physical_mac_interface_${mac_name}}
-eval "logical_interface_mapping_\${logical_interface}=\${physical_interface}"
-if [ ! -z "\${physical_interface}" ]; then
- eval "physical_interface_mapping_\${physical_interface}=\${logical_interface}"
-fi
- #else
-eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}"
-if [ -z "\${physical_interface}" ]; then
- eval "logical_interface_mapping_\${logical_interface}="
-fi
- #end if
-#end for
-
-echo "logical interfaces: \${logical_interfaces}" >> /tmp/network_log
-
-echo "finish mapping logical interfaces in network config to physical interfaces" >> /tmp/network_log
-for key in \${logical_interfaces}; do
- eval "physical_interface=\\${logical_interface_mapping_\${key}}"
- echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log
-done
-for key in \${physical_interfaces}; do
- eval "logical_interface=\\${physical_interface_mapping_\${key}}"
- echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log
-done
-
-# map unmapped logical interface to the same name physical interface
-echo "mapping unmapped logical interfaces to the same name physical interfaces" >> /tmp/network_log
-for logical_interface in \${logical_interfaces}; do
- eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}"
- if [ ! -z "\${physical_interface}" ]; then
- echo "ignore logical interface \${logical_interface} where its physical interface is \${physical_interface}" >> /tmp/network_log
- continue
- fi
- # check if the same name physical interface is mapped
- eval "mapped_logical_interface=\\${physical_interface_mapping_\${logical_interface}}"
- if [ ! -z "\${mapped_logical_interface}" ]; then
- echo "ignore logical interface \${logical_interface} since the same name physical interface is mapped by logical interface \${mapped_logical_interface}" >> /tmp/network_log
- continue
- fi
- # check if the same name physical interface exists
- eval "mapped_logical_interface=\\${physical_interface_\${logical_interface}}"
- if [ -z "\${mapped_logical_interface}" ]; then
- echo "ignore logical interface \${logical_interface} since the same name physical interface does not exist" >> /tmp/network_log
- continue
- fi
- eval "logical_interface_mapping_\${logical_interface}=\${logical_interface}"
- eval "physical_interface_mapping_\${logical_interface}=\${logical_interface}"
- echo "set logical interface \${logical_interface} to the same physical interface" >> /tmp/network_log
-done
-
-echo "finish mapping unmapped logical interfaces in network config to the same name physical interfaces" >> /tmp/network_log
-for key in \${logical_interfaces}; do
- eval "physical_interface=\\${logical_interface_mapping_\${key}}"
- echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log
-done
-for key in \${physical_interfaces}; do
- eval "logical_interface=\\${physical_interface_mapping_\${key}}"
- echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log
-done
-
-
-unset_physical_interfaces=""
-echo "get unset physical interfaces from \${physical_interfaces}" >> /tmp/network_log
-for physical_interface in \${physical_interfaces}; do
- eval "logical_interface=\\${physical_interface_mapping_\${physical_interface}}"
- if [ ! -z "\${logical_interface}" ]; then
- echo "physical interface \${physical_interface} is already set to \${logical_interface}" >> /tmp/network_log
- continue
- fi
- if [ -z "\${unset_physical_interfaces}" ]; then
- unset_physical_interfaces="\${physical_interface}"
- else
- unset_physical_interfaces="\${unset_physical_interfaces} \${physical_interface}"
- fi
- eval "unset_physical_interface_\${physical_interface}=\${physical_interface}"
-done
-echo "unset physical interfaces \${unset_physical_interfaces}" >> /tmp/network_log
-
-unset_logical_interfaces=""
-echo "get unset logical interfaces from \${logical_interfaces}" >> /tmp/network_log
-for logical_interface in \${logical_interfaces}; do
- eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}"
- if [ ! -z "\${physical_interface}" ]; then
- echo "logical interface \${logical_interface} is already set to \${physical_interface}" >> /tmp/network_log
- continue
- fi
- if [ -z "\${unset_logical_interfaces}" ]; then
- unset_logical_interfaces="\${logical_interface}"
- else
- unset_logical_interfaces="\${unset_logical_interfaces} \${logical_interface}"
- fi
-done
-echo "unset logical interfaces \${unset_logical_interfaces}" >> /tmp/network_log
-
-sorted_unset_physical_interfaces=\$(printf '%s\n' \${unset_physical_interfaces} | sort | xargs)
-echo "sorted unset physical interfaces \${sorted_unset_physical_interfaces}" >> /tmp/network_log
-sorted_unset_logical_interfaces=\$(printf '%s\n' \${unset_logical_interfaces} | sort | xargs)
-echo "sorted unset logical interfaces \${sorted_unset_logical_interfaces}" >> /tmp/network_log
-
-# map unset logical interface to unset physical interface
-echo "map unset logical interfaces \${sorted_unset_logical_interfaces} to unset physical interfaces \${sorted_unset_physical_interfaces}" >> /tmp/network_log
-unset_logical_interfaces=""
-for logical_interface in \${sorted_unset_logical_interfaces}; do
- set \${sorted_unset_physical_interfaces}
- physical_interface_num=\$#;
- if [ \${physical_interface_num} -gt 0 ]; then
- physical_interface=\$1
- shift 1
- sorted_unset_physical_interfaces="\$@"
- echo "map unset logical interface \${logical_interface} to unset physical interface \${physical_interface}" >> /tmp/network_log
- eval "physical_interface_mapping_\${physical_interface}=\${logical_interface}"
- eval "logical_interface_mapping_\${logical_interface}=\${physical_interface}"
- else
- echo "remain unset logical interface \${logical_interface} since there is no remain unset physical interfaces" >> /tmp/network_log
- if [ -z "\${unset_logical_interfaces}" ]; then
- unset_logical_interfaces="\${logical_interface}"
- else
- unset_logical_interfaces="\${unset_logical_interfaces} \${logical_interface}"
- fi
- fi
-done
-sorted_unset_logical_interfaces=\${unset_logical_interfaces}
-unset_physical_interfaces=\${sorted_unset_physical_interfaces}
-
-echo "finish mapping unmapped logical interfaces in network config to unmapped physical interfaces" >> /tmp/network_log
-for key in \${logical_interfaces}; do
- eval "physical_interface=\\${logical_interface_mapping_\${key}}"
- echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log
-done
-for key in \${physical_interfaces}; do
- eval "logical_interface=\\${physical_interface_mapping_\${key}}"
- echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log
-done
-
-echo "unset physical interfaces \${sorted_unset_physical_interfaces}" >> /tmp/network_log
-echo "unset logical interfaces \${sorted_unset_logical_interfaces}" >> /tmp/network_log
-
-# map remaining unmapped logical interfaces
-echo "map remaining unmapped logical interfaces" >> /tmp/network_log
-if [ ! -z "\${sorted_unset_logical_interfaces}" ]; then
- # get all available logical interfaces which the same name physical interface is not used
- available_logical_interfaces=""
- for logical_interface in \${logical_interfaces}; do
- eval "mapped_logical_interface=\\${physical_interface_mapping_\${logical_interface}}"
- if [ -z "\${mapped_logical_interface}" ]; then
- eval "available_logical_interface_\${logical_interface}=\${logical_interface}"
- if [ -z "\${available_logical_interfaces}" ]; then
- available_logical_interfaces="\${logical_interface}"
- else
- available_logical_interfaces="\${available_logical_interfaces} \${logical_interface}"
- fi
- else
- echo "ignore logical interface \${logical_interface} since the same name physical interface mapped to logical interface \${mapped_logical_interface}" >> /tmp/network_log
- fi
- done
-
- # add extra logical interfaces name to physical interfaces
- if [ -z "\${physical_interfaces}" ]; then
- physical_interfaces="\${available_logical_interfaces}"
- else
- physical_interfaces="\${physical_interfaces} \${available_logical_interfaces}"
- fi
- echo "updated physical interfaces: \${physical_interfaces}" >> /tmp/network_log
-
- #first map logical interface to the same name physical interface if that physical interface name is not used
- unset_logical_interfaces=""
- for logical_interface in \${sorted_unset_logical_interfaces}; do
- eval "available_logical_interface=\\${available_logical_interface_\${logical_interface}}"
- if [ ! -z "\${available_logical_interface}" ]; then
- eval "physical_interface_mapping_\${available_logical_interface}=\${logical_interface}"
- eval "logical_interface_mapping_\${logical_interface}=\${available_logical_interface}"
- else
- if [ -z "\${unset_logical_interfaces}" ]; then
- unset_logical_interfaces="\${logical_interface}"
- else
- unset_logical_interfaces="\${unset_logical_interfaces} \${logical_interface}"
- fi
- fi
- done
- sorted_unset_logical_interfaces=\${unset_logical_interfaces}
-
- # map remain unset logical interfaces to available logical interface names
- for logical_interface in \${sorted_unset_logical_interfaces}; do
- for available_logical_interface in \${available_logical_interfaces}; do
- eval "mapped_logical_interface=\\${physical_interface_mapping_\${available_logical_interface}}"
- if [ -z "\${mapped_logical_interface}" ]; then
- eval "physical_interface_mapping_\${available_logical_interface}=\${logical_interface}"
- eval "logical_interface_mapping_\${logical_interface}=\${available_logical_interface}"
- break
- fi
- done
- done
-fi
-unset_logical_interfaces=""
-sorted_unset_logical_interfaces=""
-
-echo "finish mapping ramaining unmapped logical interfaces" >> /tmp/network_log
-for key in \${logical_interfaces}; do
- eval "physical_interface=\\${logical_interface_mapping_\${key}}"
- echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log
-done
-for key in \${physical_interfaces}; do
- eval "logical_interface=\\${physical_interface_mapping_\${key}}"
- echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log
-done
-
-# map remaining unmapped physical interfaces
-echo "map remaining unmapped physical interfaces" >> /tmp/network_log
-if [ ! -z "\${sorted_unset_physical_interfaces}" ]; then
- # get all available physical interfaces which the same name logical interface is not used
- available_physical_interfaces=""
- for physical_interface in \${physical_interfaces}; do
- eval "mapped_physical_interface=\\${logical_interface_mapping_\${physical_interface}}"
- if [ -z "\${mapped_physical_interface}" ]; then
- eval "available_physical_interface_\${physical_interface}=\${physical_interface}"
- if [ -z "\${available_physical_interfaces}" ]; then
- available_physical_interfaces="\${physical_interface}"
- else
- available_physical_interfaces="\${available_physical_interfaces} \${physical_interface}"
- fi
- else
- echo "ignore physical interface \${physical_interface} since the same name logical interface mapped to physical interface \${mapped_physical_interface}" >> /tmp/network_log
- fi
- done
-
- # add extra physical interfaces name to logical interfaces
- if [ -z "\${logical_interfaces}" ]; then
- logical_interfaces="\${available_physical_interfaces}"
- else
- logical_interfaces="\${logical_interfaces} \${available_physical_interfaces}"
- fi
- echo "updated logical interfaces: \${logical_interfaces}" >> /tmp/network_log
-
- #first map physical interface to the same name logical interface if that logical interface name is not used
- unset_physical_interfaces=""
- for physical_interface in \${sorted_unset_physical_interfaces}; do
- eval "available_physical_interface=\\${available_physical_interface_\${physical_interface}}"
- if [ ! -z "\${available_physical_interface}" ]; then
- eval "logical_interface_mapping_\${available_physical_interface}=\${physical_interface}"
- eval "physical_interface_mapping_\${physical_interface}=\${available_physical_interface}"
- else
- if [ -z "\${unset_physical_interfaces}" ]; then
- unset_physical_interfaces="\${physical_interface}"
- else
- unset_physical_interfaces="\${unset_physical_interfaces} \${physical_interface}"
- fi
- fi
- done
- sorted_unset_physical_interfaces=\${unset_physical_interfaces}
-
- # map remain unset physical interfaces to logical interface name as available physical interface names
- for physical_interface in \${sorted_unset_physical_interfaces}; do
- for available_physical_interface in \${available_physical_interfaces}; do
- eval "mapped_physical_interface=\\${logical_interface_mapping_\${available_physical_interface}}"
- if [ -z "\${mapped_physical_interface}" ]; then
- eval "logical_interface_mapping_\${available_physical_interface}=\${physical_interface}"
- eval "physical_interface_mapping_\${physical_interface}=\${available_physical_interface}"
- break
- fi
- done
- done
-fi
-unset_physical_interfaces=""
-sorted_unset_physical_interfaces=""
-
-echo "finish mapping ramaining unmapped physical interfaces" >> /tmp/network_log
-for key in \${logical_interfaces}; do
- eval "physical_interface=\\${logical_interface_mapping_\${key}}"
- echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log
-done
-for key in \${physical_interfaces}; do
- eval "logical_interface=\\${physical_interface_mapping_\${key}}"
- echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log
-done
-
-for key in \${logical_interfaces}; do
- eval "physical_interface=\\${logical_interface_mapping_\${key}}"
- if [ ! -z "\${physical_interface}" ]; then
- eval "physical_mac=\\${physical_interface_mac_\${physical_interface}}"
- else
- physical_mac=""
- fi
- if [ ! -z "\${physical_mac}" ]; then
- physical_mac=\$(echo \${physical_mac} | tr 'A-Z' 'a-z')
- echo "SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", ATTR{address}==\"\${physical_mac}\", ATTR{type}==\"1\", KERNEL==\"eth*\", NAME=\"\$key\"" >> /etc/udev/rules.d/70-persistent-net.rules.new
- echo "add network interface \$key mac \${physical_mac} into udev rules" >> /tmp/network_log
- else
- echo "network interface \$key does not find mac address to add to udev rules" >> /tmp/network_log
- fi
-done
-
-#if $numbondingdevs > 0
-# we have bonded interfaces, so set max_bonds
-if [ -f "/etc/modprobe.conf" ]; then
- echo "options bonding max_bonds=$numbondingdevs" >> /etc/modprobe.conf
-fi
-#end if
-
-## =============================================================================
-## Rewrite the interfaces file and make sure we preserve the loopback device
-echo "auto lo" > /etc/network/interfaces
-echo " iface lo inet loopback" >> /etc/network/interfaces
-echo "" >> /etc/network/interfaces
-
-#set $nameserver_set = 0
-
-#for $iname in $ikeys
- #set $idata = $interfaces[$iname]
- #set $mac = $idata.get("mac_address", "").upper()
- #set $iface_type = $idata.get("interface_type", "").lower()
- #set $mtu = $idata.get("mtu", "")
- #set $static = $idata.get("static", "")
- #set $management = $idata.get("management", "")
- #set $ip = $idata.get("ip_address", "")
- #set $netmask = $idata.get("netmask", "")
- #set $if_gateway = $idata.get("if_gateway", "")
- #set $static_routes = $idata.get("static_routes", "")
- #set $iface_master = $idata.get("interface_master", "")
- #set $bonding_opts = $idata.get("bonding_opts", "")
- #set $bridge_opts = $idata.get("bridge_opts", "")
-
-used_logical_interface_$iname=$iname
-
- #if $iface_type in ("slave","bond_slave","bridge_slave","bonded_bridge_slave")
- #set $static = 1
- #end if
-echo "auto $iname" >> /etc/network/interfaces
-
- #if $static
-echo "iface $iname inet static" >> /etc/network/interfaces
- #else
-echo "iface $iname inet dhcp" >> /etc/network/interfaces
- #end if
-
- #if $iface_type not in ("master","bond","bridge","bonded_bridge_slave")
- #if $vlanpattern.match($iname)
- #pass
- #else
- #set $interface_matched = $subinterfacepattern.match($iname)
- #if $interface_matched
- #set $interface_name = $interface_matched.group(1)
-logical_interface=$interface_name
- #else
-logical_interface=$iname
- #end if
-eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}"
-if [ ! -z "\${physical_interface}" ]; then
- eval "physical_mac=\\${physical_interface_mac_\${physical_interface}}"
-fi
-if [ ! -z "\${physical_mac}" ]; then
- echo " hwaddress ether \${physical_mac}" >> /etc/network/interfaces
-fi
- #if not $subinterfacepattern.match($iname)
-if [ -f "/etc/modprobe.conf" ] && [ ! -z "\${physical_interface}" ]; then
- grep \${physical_interface} /etc/modprobe.conf | sed "s/\${physical_interface}/$iname/" >> /etc/modprobe.conf.cobbler
- grep -v \${physical_interface} /etc/modprobe.conf >> /etc/modprobe.conf.new
- rm -f /etc/modprobe.conf
- mv /etc/modprobe.conf.new /etc/modprobe.conf
-fi
- #end if
- #end if
- #end if
-
- #if $iface_type in ("master","bond","bonded_bridge_slave")
- ## if this is a bonded interface, configure it in modprobe.conf
-if [ -f "/etc/modprobe.conf" ]; then
- #if $osversion == "rhel4"
- echo "install $iname /sbin/modprobe bonding -o $iname $bonding_opts" >> /etc/modprobe.conf.cobbler
- #else
- echo "alias $iname bonding" >> /etc/modprobe.conf.cobbler
- #end if
-fi
- #set $bondslaves = ""
- #for $bondiname in $ikeys
- #set $bondidata = $interfaces[$bondiname]
- #set $bondiface_type = $bondidata.get("interface_type", "").lower()
- #set $bondiface_master = $bondidata.get("interface_master", "")
- #if $bondiface_master == $iname
- #set $bondslaves += $bondiname + " "
- #end if
- #end for
-echo " bond-slaves $bondslaves" >> /etc/network/interfaces
-
- #if $bonding_opts != ""
- #for $bondopts in $bonding_opts.split(" ")
- #set [$bondkey, $bondvalue] = $bondopts.split("=")
-echo " bond-$bondkey $bondvalue" >> /etc/network/interfaces
- #end for
- #end if
- #elif $iface_type in ("slave","bond_slave") and $iface_master != ""
-echo " bond-master $iface_master" >> /etc/network/interfaces
- #end if
-
- #if $iface_type == "bridge"
- #set $bridgeslaves = ""
- #for $bridgeiname in $ikeys
- #set $bridgeidata = $interfaces[$bridgeiname]
- #set $bridgeiface_type = $bridgeidata.get("interface_type", "").lower()
- #set $bridgeiface_master = $bridgeidata.get("interface_master", "")
- #if $bridgeiface_master == $iname
- #set $bridgeslaves += $bridgeiname + " "
- #end if
- #end for
-echo " bridge_ports $bridgeslaves" >> /etc/network/interfaces
- #if $bridge_opts != ""
- #for $bridgeopts in $bridge_opts.split(" ")
- #set [$bridgekey, $bridgevalue] = $bridgeopts.split("=")
-echo " bridge_$bridgekey $bridgevalue" >> /etc/network/interfaces
- #end for
- #end if
- #elif $iface_type in ["bridge_slave", "bonded_bridge_slave"] and $iface_master != ""
- #pass
- #end if
-
- #if $static
- #if $iname in $promisc_interfaces
-echo " address 0.0.0.0" >> /etc/network/interfaces
-echo " up ip link set $iname up" >> /etc/network/interfaces
-echo " up ip link set $iname promisc on" >> /etc/network/interfaces
-echo " down ip link set $iname promisc off" >> /etc/network/interfaces
-echo " down ip link set $iname down" >> /etc/network/interfaces
- #elif $ip != ""
-echo " address $ip" >> /etc/network/interfaces
- #if $netmask == ""
- ## Default to 255.255.255.0?
- #set $netmask = "255.255.255.0"
- #end if
-echo " netmask $netmask" >> /etc/network/interfaces
- #import netaddr
- #set interface_network = $netaddr.IPNetwork('%s/%s' % ($ip, $netmask))
- #set interface_network_str = $str($interface_network)
- #if $if_gateway != ""
-echo " gateway $if_gateway" >> /etc/network/interfaces
- #elif $gateway != ""
- #set gateway_address = $netaddr.IPAddress($gateway)
- #if $gateway_address in $interface_network
-echo " gateway $gateway" >> /etc/network/interfaces
- #end if
- #end if
- #end if
- #else
- #pass
- #end if
-
- #if $mtu != ""
-echo " mtu $mtu" >> /etc/network/interfaces
- #end if
-
- #if not $nameserver_set
- #if $iface_type not in ("slave","bond_slave","bridge_slave","bonded_bridge_slave")
- #set $nameservers = ' '.join($name_servers)
- #set $nameserver_search = ' '.join($name_servers_search)
- #if $nameservers != ""
-echo " dns-nameservers $nameservers" >> /etc/network/interfaces
- #end if
- #if $nameserver_search != ""
-echo " dns-search $nameserver_search" >> /etc/network/interfaces
- #end if
- #set $nameserver_set = 1
- #end if
- #end if
-
- #for $route in $static_routes
- #set routepattern = $re.compile("[0-9/.]+:[0-9.]+")
- #if $routepattern.match($route)
- #set [$network, $router] = $route.split(":")
-echo " up ip route add $network via $router dev $iname" >> /etc/network/interfaces
- #else
-echo " # Warning: invalid route: $route" >> /etc/network/interfaces
- #end if
- #end for
-
-echo "" >> /etc/network/interfaces
-#end for
-
-for logical_interface in \${logical_interfaces}; do
- eval "used_logical_interface=\\${used_logical_interface_\${logical_interface}}"
- if [ ! -z "\${used_logical_interface}" ]; then
- # ignore logical interface that is already generated in above
- echo "ignore used logical interface \${logical_interface}" >> /tmp/network_log
- continue
- fi
- echo "add logical interface \${logical_interface} into network config since it is not set above" >> /tmp/network_log
- eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}"
- if [ ! -z "\${physical_interface}" ]; then
- echo "auto \${logical_interface}" >> /etc/network/interfaces
- echo "iface \${logical_interface} inet static" >> /etc/network/interfaces
- eval "mac=\\${physical_interface_mac_\${physical_interface}}"
- if [ ! -z "\$mac" ]; then
- echo " hwaddress ether \${mac}" >> /etc/network/interfaces
- fi
- echo "" >> /etc/network/interfaces
- if [ -f "/etc/modprobe.conf" ] && [ ! -z "\${physical_interface}" ]; then
- grep \${physical_interface} /etc/modprobe.conf | sed "s/\${physical_interface}/\${logical_interface}/" >> /etc/modprobe.conf.cobbler
- grep -v \${physical_interface} /etc/modprobe.conf >> /etc/modprobe.conf.new
- rm -f /etc/modprobe.conf
- mv /etc/modprobe.conf.new /etc/modprobe.conf
- fi
- fi
-done
-
-if [ -f "/etc/modprobe.conf" ]; then
- cat /etc/modprobe.conf.cobbler >> /etc/modprobe.conf
- rm -f /etc/modprobe.conf.cobbler
-fi
-if [ -f "/etc/udev/rules.d/70-persistent-net.rules" ]; then
- rm -f /etc/udev/rules.d/70-persistent-net.rules
-fi
-if [ -f "/etc/udev/rules.d/70-persistent-net.rules.new" ]; then
- mv /etc/udev/rules.d/70-persistent-net.rules.new /etc/udev/rules.d/70-persistent-net.rules
-fi
-## End post_install_network_config generated code
+## Start post_install_network_config generated code +#if $getVar('promisc_nics', '') != "" + #set promisc_interfaces = [promisc.strip() for promisc in $promisc_nics.split(',') if promisc.strip()] +#else + #set promisc_interfaces = [] +#end if +#if $hostname != "" +# set the hostname +echo "$hostname" > /etc/hostname +/bin/hostname $hostname +#end if + +#set osversion = $getVar("os_version","") + +$SNIPPET('preseed_hosts') + +#set $num_ns_search = $len($name_servers_search) +#if $num_ns_search > 0 +sed -i -e "/^search /d" /etc/resolv.conf +echo -n "search " >>/etc/resolv.conf + #for $nameserversearch in $name_servers_search +echo -n "$nameserversearch " >>/etc/resolv.conf + #end for +echo "" >>/etc/resolv.conf +#end if + +#set $num_ns = $len($name_servers) +#if $num_ns > 0 +sed -i -e "/^nameserver /d" /etc/resolv.conf + #for $nameserver in $name_servers +echo "nameserver $nameserver" >>/etc/resolv.conf + #end for +#end if + +echo '' > /tmp/network_log + +# get physical interfaces +physical_interfaces="" +for physical_interface in \$(ip -o link | cut -d: -f2 | grep -v lo); do + echo "processing physical interface \${physical_interface}" >> /tmp/network_log + if [ -z "\${physical_interfaces}" ]; then + physical_interfaces="\${physical_interface}" + else + physical_interfaces="\${physical_interfaces} \${physical_interface}" + fi + eval "physical_interface_\${physical_interface}=\${physical_interface}" +done +echo "physical interfaces: \${physical_interfaces}" >> /tmp/network_log + +# map physical interface to mac address +mac_names="" +for physical_interface in \${physical_interfaces}; do + set \$(ip link show \${physical_interface}) +#if $osversion == "trusty" + mac=\$(echo \$@ | cut -d' ' -f17) +#else + mac=\$(echo \$@ | cut -d' ' -f13) +#end if + mac_name=\$(echo \${mac} |tr 'a-z' 'A-Z' | tr ':' '_') + if [ -z "\${mac_name}" ]; then + mac_names="\${mac_name}" + else + mac_names="\${mac_names} \${mac_name}" + fi + echo "mapping physical interface \${physical_interface} to mac \${mac}" >> /tmp/network_log + eval "physical_interface_mac_\${physical_interface}=\$mac" + eval "physical_mac_interface_\${mac_name}=\${physical_interface}" + eval "mac_name_\${mac_name}=\$mac" +done + +echo "list physical interfaces to mac" >> /tmp/network_log +for physical_interface in \${physical_interfaces}; do + eval "mac=\\${physical_interface_mac_\${physical_interface}}" + echo "physical interface to mac: \${physical_interface} => \${mac}" >> /tmp/network_log +done + +echo "list mac to physical interface mapping" >> /tmp/network_log +for mac_name in \${mac_names}; do + eval "mac=\\${mac_name_\${mac_name}}" + eval "physical_interface=\\${physical_mac_interface_\${mac_name}}" + echo "mac to physical interface: \${mac} => \${physical_interface}" >> /tmp/network_log +done + +logical_interfaces="" +#set ikeys = $interfaces.keys() +#import re +#set $vlanpattern = $re.compile("([a-zA-Z0-9]+)[\.][0-9]+") +#set $subinterfacepattern = $re.compile("([a-zA-Z0-9]+)[:][0-9]+") +#set $numbondingdevs = 0 +#for $iname in $ikeys + #set $idata = $interfaces[$iname] + #set $mac = $idata.get("mac_address", "").upper() + #set $interface_type = $idata.get("interface_type", "").lower() + #if $interface_type in ("master","bond","bonded_bridge_slave") + #set $numbondingdevs += 1 + #end if + #if $interface_type in ("master","bond","bridge","bonded_bridge_slave") + #continue + #end if + #if $vlanpattern.match($iname) + #set $interface_matched = $vlanpattern.match($iname) + #set $interface_name = $interface_matched.group(1) +logical_interface=${interface_name} + #elif $subinterfacepattern.match($iname) + #set $interface_matched = $subinterfacepattern.match($iname) + #set $interface_name = $interface_matched.group(1) +logical_interface=${interface_name} + #else +logical_interface=$iname + #end if +if [ -z "\${logical_interfaces}" ]; then + logical_interfaces="\${logical_interface}" +else + logical_interfaces="\${logical_interfaces} \${logical_interface}" +fi +eval "logical_interface_\${logical_interface}=\${logical_interface}" + #if $mac != "" + #set mac_name = $mac.replace(':', '_') +physical_interface=\${physical_mac_interface_${mac_name}} +eval "logical_interface_mapping_\${logical_interface}=\${physical_interface}" +if [ ! -z "\${physical_interface}" ]; then + eval "physical_interface_mapping_\${physical_interface}=\${logical_interface}" +fi + #else +eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}" +if [ -z "\${physical_interface}" ]; then + eval "logical_interface_mapping_\${logical_interface}=" +fi + #end if +#end for + +echo "logical interfaces: \${logical_interfaces}" >> /tmp/network_log + +echo "finish mapping logical interfaces in network config to physical interfaces" >> /tmp/network_log +for key in \${logical_interfaces}; do + eval "physical_interface=\\${logical_interface_mapping_\${key}}" + echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log +done +for key in \${physical_interfaces}; do + eval "logical_interface=\\${physical_interface_mapping_\${key}}" + echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log +done + +# map unmapped logical interface to the same name physical interface +echo "mapping unmapped logical interfaces to the same name physical interfaces" >> /tmp/network_log +for logical_interface in \${logical_interfaces}; do + eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}" + if [ ! -z "\${physical_interface}" ]; then + echo "ignore logical interface \${logical_interface} where its physical interface is \${physical_interface}" >> /tmp/network_log + continue + fi + # check if the same name physical interface is mapped + eval "mapped_logical_interface=\\${physical_interface_mapping_\${logical_interface}}" + if [ ! -z "\${mapped_logical_interface}" ]; then + echo "ignore logical interface \${logical_interface} since the same name physical interface is mapped by logical interface \${mapped_logical_interface}" >> /tmp/network_log + continue + fi + # check if the same name physical interface exists + eval "mapped_logical_interface=\\${physical_interface_\${logical_interface}}" + if [ -z "\${mapped_logical_interface}" ]; then + echo "ignore logical interface \${logical_interface} since the same name physical interface does not exist" >> /tmp/network_log + continue + fi + eval "logical_interface_mapping_\${logical_interface}=\${logical_interface}" + eval "physical_interface_mapping_\${logical_interface}=\${logical_interface}" + echo "set logical interface \${logical_interface} to the same physical interface" >> /tmp/network_log +done + +echo "finish mapping unmapped logical interfaces in network config to the same name physical interfaces" >> /tmp/network_log +for key in \${logical_interfaces}; do + eval "physical_interface=\\${logical_interface_mapping_\${key}}" + echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log +done +for key in \${physical_interfaces}; do + eval "logical_interface=\\${physical_interface_mapping_\${key}}" + echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log +done + + +unset_physical_interfaces="" +echo "get unset physical interfaces from \${physical_interfaces}" >> /tmp/network_log +for physical_interface in \${physical_interfaces}; do + eval "logical_interface=\\${physical_interface_mapping_\${physical_interface}}" + if [ ! -z "\${logical_interface}" ]; then + echo "physical interface \${physical_interface} is already set to \${logical_interface}" >> /tmp/network_log + continue + fi + if [ -z "\${unset_physical_interfaces}" ]; then + unset_physical_interfaces="\${physical_interface}" + else + unset_physical_interfaces="\${unset_physical_interfaces} \${physical_interface}" + fi + eval "unset_physical_interface_\${physical_interface}=\${physical_interface}" +done +echo "unset physical interfaces \${unset_physical_interfaces}" >> /tmp/network_log + +unset_logical_interfaces="" +echo "get unset logical interfaces from \${logical_interfaces}" >> /tmp/network_log +for logical_interface in \${logical_interfaces}; do + eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}" + if [ ! -z "\${physical_interface}" ]; then + echo "logical interface \${logical_interface} is already set to \${physical_interface}" >> /tmp/network_log + continue + fi + if [ -z "\${unset_logical_interfaces}" ]; then + unset_logical_interfaces="\${logical_interface}" + else + unset_logical_interfaces="\${unset_logical_interfaces} \${logical_interface}" + fi +done +echo "unset logical interfaces \${unset_logical_interfaces}" >> /tmp/network_log + +sorted_unset_physical_interfaces=\$(printf '%s\n' \${unset_physical_interfaces} | sort | xargs) +echo "sorted unset physical interfaces \${sorted_unset_physical_interfaces}" >> /tmp/network_log +sorted_unset_logical_interfaces=\$(printf '%s\n' \${unset_logical_interfaces} | sort | xargs) +echo "sorted unset logical interfaces \${sorted_unset_logical_interfaces}" >> /tmp/network_log + +# map unset logical interface to unset physical interface +echo "map unset logical interfaces \${sorted_unset_logical_interfaces} to unset physical interfaces \${sorted_unset_physical_interfaces}" >> /tmp/network_log +unset_logical_interfaces="" +for logical_interface in \${sorted_unset_logical_interfaces}; do + set \${sorted_unset_physical_interfaces} + physical_interface_num=\$#; + if [ \${physical_interface_num} -gt 0 ]; then + physical_interface=\$1 + shift 1 + sorted_unset_physical_interfaces="\$@" + echo "map unset logical interface \${logical_interface} to unset physical interface \${physical_interface}" >> /tmp/network_log + eval "physical_interface_mapping_\${physical_interface}=\${logical_interface}" + eval "logical_interface_mapping_\${logical_interface}=\${physical_interface}" + else + echo "remain unset logical interface \${logical_interface} since there is no remain unset physical interfaces" >> /tmp/network_log + if [ -z "\${unset_logical_interfaces}" ]; then + unset_logical_interfaces="\${logical_interface}" + else + unset_logical_interfaces="\${unset_logical_interfaces} \${logical_interface}" + fi + fi +done +sorted_unset_logical_interfaces=\${unset_logical_interfaces} +unset_physical_interfaces=\${sorted_unset_physical_interfaces} + +echo "finish mapping unmapped logical interfaces in network config to unmapped physical interfaces" >> /tmp/network_log +for key in \${logical_interfaces}; do + eval "physical_interface=\\${logical_interface_mapping_\${key}}" + echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log +done +for key in \${physical_interfaces}; do + eval "logical_interface=\\${physical_interface_mapping_\${key}}" + echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log +done + +echo "unset physical interfaces \${sorted_unset_physical_interfaces}" >> /tmp/network_log +echo "unset logical interfaces \${sorted_unset_logical_interfaces}" >> /tmp/network_log + +# map remaining unmapped logical interfaces +echo "map remaining unmapped logical interfaces" >> /tmp/network_log +if [ ! -z "\${sorted_unset_logical_interfaces}" ]; then + # get all available logical interfaces which the same name physical interface is not used + available_logical_interfaces="" + for logical_interface in \${logical_interfaces}; do + eval "mapped_logical_interface=\\${physical_interface_mapping_\${logical_interface}}" + if [ -z "\${mapped_logical_interface}" ]; then + eval "available_logical_interface_\${logical_interface}=\${logical_interface}" + if [ -z "\${available_logical_interfaces}" ]; then + available_logical_interfaces="\${logical_interface}" + else + available_logical_interfaces="\${available_logical_interfaces} \${logical_interface}" + fi + else + echo "ignore logical interface \${logical_interface} since the same name physical interface mapped to logical interface \${mapped_logical_interface}" >> /tmp/network_log + fi + done + + # add extra logical interfaces name to physical interfaces + if [ -z "\${physical_interfaces}" ]; then + physical_interfaces="\${available_logical_interfaces}" + else + physical_interfaces="\${physical_interfaces} \${available_logical_interfaces}" + fi + echo "updated physical interfaces: \${physical_interfaces}" >> /tmp/network_log + + #first map logical interface to the same name physical interface if that physical interface name is not used + unset_logical_interfaces="" + for logical_interface in \${sorted_unset_logical_interfaces}; do + eval "available_logical_interface=\\${available_logical_interface_\${logical_interface}}" + if [ ! -z "\${available_logical_interface}" ]; then + eval "physical_interface_mapping_\${available_logical_interface}=\${logical_interface}" + eval "logical_interface_mapping_\${logical_interface}=\${available_logical_interface}" + else + if [ -z "\${unset_logical_interfaces}" ]; then + unset_logical_interfaces="\${logical_interface}" + else + unset_logical_interfaces="\${unset_logical_interfaces} \${logical_interface}" + fi + fi + done + sorted_unset_logical_interfaces=\${unset_logical_interfaces} + + # map remain unset logical interfaces to available logical interface names + for logical_interface in \${sorted_unset_logical_interfaces}; do + for available_logical_interface in \${available_logical_interfaces}; do + eval "mapped_logical_interface=\\${physical_interface_mapping_\${available_logical_interface}}" + if [ -z "\${mapped_logical_interface}" ]; then + eval "physical_interface_mapping_\${available_logical_interface}=\${logical_interface}" + eval "logical_interface_mapping_\${logical_interface}=\${available_logical_interface}" + break + fi + done + done +fi +unset_logical_interfaces="" +sorted_unset_logical_interfaces="" + +echo "finish mapping ramaining unmapped logical interfaces" >> /tmp/network_log +for key in \${logical_interfaces}; do + eval "physical_interface=\\${logical_interface_mapping_\${key}}" + echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log +done +for key in \${physical_interfaces}; do + eval "logical_interface=\\${physical_interface_mapping_\${key}}" + echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log +done + +# map remaining unmapped physical interfaces +echo "map remaining unmapped physical interfaces" >> /tmp/network_log +if [ ! -z "\${sorted_unset_physical_interfaces}" ]; then + # get all available physical interfaces which the same name logical interface is not used + available_physical_interfaces="" + for physical_interface in \${physical_interfaces}; do + eval "mapped_physical_interface=\\${logical_interface_mapping_\${physical_interface}}" + if [ -z "\${mapped_physical_interface}" ]; then + eval "available_physical_interface_\${physical_interface}=\${physical_interface}" + if [ -z "\${available_physical_interfaces}" ]; then + available_physical_interfaces="\${physical_interface}" + else + available_physical_interfaces="\${available_physical_interfaces} \${physical_interface}" + fi + else + echo "ignore physical interface \${physical_interface} since the same name logical interface mapped to physical interface \${mapped_physical_interface}" >> /tmp/network_log + fi + done + + # add extra physical interfaces name to logical interfaces + if [ -z "\${logical_interfaces}" ]; then + logical_interfaces="\${available_physical_interfaces}" + else + logical_interfaces="\${logical_interfaces} \${available_physical_interfaces}" + fi + echo "updated logical interfaces: \${logical_interfaces}" >> /tmp/network_log + + #first map physical interface to the same name logical interface if that logical interface name is not used + unset_physical_interfaces="" + for physical_interface in \${sorted_unset_physical_interfaces}; do + eval "available_physical_interface=\\${available_physical_interface_\${physical_interface}}" + if [ ! -z "\${available_physical_interface}" ]; then + eval "logical_interface_mapping_\${available_physical_interface}=\${physical_interface}" + eval "physical_interface_mapping_\${physical_interface}=\${available_physical_interface}" + else + if [ -z "\${unset_physical_interfaces}" ]; then + unset_physical_interfaces="\${physical_interface}" + else + unset_physical_interfaces="\${unset_physical_interfaces} \${physical_interface}" + fi + fi + done + sorted_unset_physical_interfaces=\${unset_physical_interfaces} + + # map remain unset physical interfaces to logical interface name as available physical interface names + for physical_interface in \${sorted_unset_physical_interfaces}; do + for available_physical_interface in \${available_physical_interfaces}; do + eval "mapped_physical_interface=\\${logical_interface_mapping_\${available_physical_interface}}" + if [ -z "\${mapped_physical_interface}" ]; then + eval "logical_interface_mapping_\${available_physical_interface}=\${physical_interface}" + eval "physical_interface_mapping_\${physical_interface}=\${available_physical_interface}" + break + fi + done + done +fi +unset_physical_interfaces="" +sorted_unset_physical_interfaces="" + +echo "finish mapping ramaining unmapped physical interfaces" >> /tmp/network_log +for key in \${logical_interfaces}; do + eval "physical_interface=\\${logical_interface_mapping_\${key}}" + echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log +done +for key in \${physical_interfaces}; do + eval "logical_interface=\\${physical_interface_mapping_\${key}}" + echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log +done + +for key in \${logical_interfaces}; do + eval "physical_interface=\\${logical_interface_mapping_\${key}}" + if [ ! -z "\${physical_interface}" ]; then + eval "physical_mac=\\${physical_interface_mac_\${physical_interface}}" + else + physical_mac="" + fi + if [ ! -z "\${physical_mac}" ]; then + physical_mac=\$(echo \${physical_mac} | tr 'A-Z' 'a-z') + echo "SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", ATTR{address}==\"\${physical_mac}\", ATTR{type}==\"1\", KERNEL==\"eth*\", NAME=\"\$key\"" >> /etc/udev/rules.d/70-persistent-net.rules.new + echo "add network interface \$key mac \${physical_mac} into udev rules" >> /tmp/network_log + else + echo "network interface \$key does not find mac address to add to udev rules" >> /tmp/network_log + fi +done + +#if $numbondingdevs > 0 +# we have bonded interfaces, so set max_bonds +if [ -f "/etc/modprobe.conf" ]; then + echo "options bonding max_bonds=$numbondingdevs" >> /etc/modprobe.conf +fi +#end if + +## ============================================================================= +## Rewrite the interfaces file and make sure we preserve the loopback device +echo "auto lo" > /etc/network/interfaces +echo " iface lo inet loopback" >> /etc/network/interfaces +echo "" >> /etc/network/interfaces + +#set $nameserver_set = 0 + +#for $iname in $ikeys + #set $idata = $interfaces[$iname] + #set $mac = $idata.get("mac_address", "").upper() + #set $iface_type = $idata.get("interface_type", "").lower() + #set $mtu = $idata.get("mtu", "") + #set $static = $idata.get("static", "") + #set $management = $idata.get("management", "") + #set $ip = $idata.get("ip_address", "") + #set $netmask = $idata.get("netmask", "") + #set $if_gateway = $idata.get("if_gateway", "") + #set $static_routes = $idata.get("static_routes", "") + #set $iface_master = $idata.get("interface_master", "") + #set $bonding_opts = $idata.get("bonding_opts", "") + #set $bridge_opts = $idata.get("bridge_opts", "") + +used_logical_interface_$iname=$iname + + #if $iface_type in ("slave","bond_slave","bridge_slave","bonded_bridge_slave") + #set $static = 1 + #end if +echo "auto $iname" >> /etc/network/interfaces + + #if $static +echo "iface $iname inet static" >> /etc/network/interfaces + #else +echo "iface $iname inet dhcp" >> /etc/network/interfaces + #end if + + #if $iface_type not in ("master","bond","bridge","bonded_bridge_slave") + #if $vlanpattern.match($iname) + #pass + #else + #set $interface_matched = $subinterfacepattern.match($iname) + #if $interface_matched + #set $interface_name = $interface_matched.group(1) +logical_interface=$interface_name + #else +logical_interface=$iname + #end if +eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}" +if [ ! -z "\${physical_interface}" ]; then + eval "physical_mac=\\${physical_interface_mac_\${physical_interface}}" +fi +if [ ! -z "\${physical_mac}" ]; then + echo " hwaddress ether \${physical_mac}" >> /etc/network/interfaces +fi + #if not $subinterfacepattern.match($iname) +if [ -f "/etc/modprobe.conf" ] && [ ! -z "\${physical_interface}" ]; then + grep \${physical_interface} /etc/modprobe.conf | sed "s/\${physical_interface}/$iname/" >> /etc/modprobe.conf.cobbler + grep -v \${physical_interface} /etc/modprobe.conf >> /etc/modprobe.conf.new + rm -f /etc/modprobe.conf + mv /etc/modprobe.conf.new /etc/modprobe.conf +fi + #end if + #end if + #end if + + #if $iface_type in ("master","bond","bonded_bridge_slave") + ## if this is a bonded interface, configure it in modprobe.conf +if [ -f "/etc/modprobe.conf" ]; then + #if $osversion == "rhel4" + echo "install $iname /sbin/modprobe bonding -o $iname $bonding_opts" >> /etc/modprobe.conf.cobbler + #else + echo "alias $iname bonding" >> /etc/modprobe.conf.cobbler + #end if +fi + #set $bondslaves = "" + #for $bondiname in $ikeys + #set $bondidata = $interfaces[$bondiname] + #set $bondiface_type = $bondidata.get("interface_type", "").lower() + #set $bondiface_master = $bondidata.get("interface_master", "") + #if $bondiface_master == $iname + #set $bondslaves += $bondiname + " " + #end if + #end for +echo " bond-slaves $bondslaves" >> /etc/network/interfaces + + #if $bonding_opts != "" + #for $bondopts in $bonding_opts.split(" ") + #set [$bondkey, $bondvalue] = $bondopts.split("=") +echo " bond-$bondkey $bondvalue" >> /etc/network/interfaces + #end for + #end if + #elif $iface_type in ("slave","bond_slave") and $iface_master != "" +echo " bond-master $iface_master" >> /etc/network/interfaces + #end if + + #if $iface_type == "bridge" + #set $bridgeslaves = "" + #for $bridgeiname in $ikeys + #set $bridgeidata = $interfaces[$bridgeiname] + #set $bridgeiface_type = $bridgeidata.get("interface_type", "").lower() + #set $bridgeiface_master = $bridgeidata.get("interface_master", "") + #if $bridgeiface_master == $iname + #set $bridgeslaves += $bridgeiname + " " + #end if + #end for +echo " bridge_ports $bridgeslaves" >> /etc/network/interfaces + #if $bridge_opts != "" + #for $bridgeopts in $bridge_opts.split(" ") + #set [$bridgekey, $bridgevalue] = $bridgeopts.split("=") +echo " bridge_$bridgekey $bridgevalue" >> /etc/network/interfaces + #end for + #end if + #elif $iface_type in ["bridge_slave", "bonded_bridge_slave"] and $iface_master != "" + #pass + #end if + + #if $static + #if $iname in $promisc_interfaces +echo " address 0.0.0.0" >> /etc/network/interfaces +echo " up ip link set $iname up" >> /etc/network/interfaces +echo " up ip link set $iname promisc on" >> /etc/network/interfaces +echo " down ip link set $iname promisc off" >> /etc/network/interfaces +echo " down ip link set $iname down" >> /etc/network/interfaces + #elif $ip != "" +echo " address $ip" >> /etc/network/interfaces + #if $netmask == "" + ## Default to 255.255.255.0? + #set $netmask = "255.255.255.0" + #end if +echo " netmask $netmask" >> /etc/network/interfaces + #import netaddr + #set interface_network = $netaddr.IPNetwork('%s/%s' % ($ip, $netmask)) + #set interface_network_str = $str($interface_network) + #if $if_gateway != "" +echo " gateway $if_gateway" >> /etc/network/interfaces + #elif $gateway != "" + #set gateway_address = $netaddr.IPAddress($gateway) + #if $gateway_address in $interface_network +echo " gateway $gateway" >> /etc/network/interfaces + #end if + #end if + #end if + #else + #pass + #end if + + #if $mtu != "" +echo " mtu $mtu" >> /etc/network/interfaces + #end if + + #if not $nameserver_set + #if $iface_type not in ("slave","bond_slave","bridge_slave","bonded_bridge_slave") + #set $nameservers = ' '.join($name_servers) + #set $nameserver_search = ' '.join($name_servers_search) + #if $nameservers != "" +echo " dns-nameservers $nameservers" >> /etc/network/interfaces + #end if + #if $nameserver_search != "" +echo " dns-search $nameserver_search" >> /etc/network/interfaces + #end if + #set $nameserver_set = 1 + #end if + #end if + + #for $route in $static_routes + #set routepattern = $re.compile("[0-9/.]+:[0-9.]+") + #if $routepattern.match($route) + #set [$network, $router] = $route.split(":") +echo " up ip route add $network via $router dev $iname" >> /etc/network/interfaces + #else +echo " # Warning: invalid route: $route" >> /etc/network/interfaces + #end if + #end for + +echo "" >> /etc/network/interfaces +#end for + +for logical_interface in \${logical_interfaces}; do + eval "used_logical_interface=\\${used_logical_interface_\${logical_interface}}" + if [ ! -z "\${used_logical_interface}" ]; then + # ignore logical interface that is already generated in above + echo "ignore used logical interface \${logical_interface}" >> /tmp/network_log + continue + fi + echo "add logical interface \${logical_interface} into network config since it is not set above" >> /tmp/network_log + eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}" + if [ ! -z "\${physical_interface}" ]; then + echo "auto \${logical_interface}" >> /etc/network/interfaces + echo "iface \${logical_interface} inet static" >> /etc/network/interfaces + eval "mac=\\${physical_interface_mac_\${physical_interface}}" + if [ ! -z "\$mac" ]; then + echo " hwaddress ether \${mac}" >> /etc/network/interfaces + fi + echo "" >> /etc/network/interfaces + if [ -f "/etc/modprobe.conf" ] && [ ! -z "\${physical_interface}" ]; then + grep \${physical_interface} /etc/modprobe.conf | sed "s/\${physical_interface}/\${logical_interface}/" >> /etc/modprobe.conf.cobbler + grep -v \${physical_interface} /etc/modprobe.conf >> /etc/modprobe.conf.new + rm -f /etc/modprobe.conf + mv /etc/modprobe.conf.new /etc/modprobe.conf + fi + fi +done + +if [ -f "/etc/modprobe.conf" ]; then + cat /etc/modprobe.conf.cobbler >> /etc/modprobe.conf + rm -f /etc/modprobe.conf.cobbler +fi +if [ -f "/etc/udev/rules.d/70-persistent-net.rules" ]; then + rm -f /etc/udev/rules.d/70-persistent-net.rules +fi +if [ -f "/etc/udev/rules.d/70-persistent-net.rules.new" ]; then + mv /etc/udev/rules.d/70-persistent-net.rules.new /etc/udev/rules.d/70-persistent-net.rules +fi +## End post_install_network_config generated code diff --git a/deploy/adapters/cobbler/snippets/preseed_post_partition_disks b/deploy/adapters/cobbler/snippets/preseed_post_partition_disks index ed058c73..4770e2af 100644 --- a/deploy/adapters/cobbler/snippets/preseed_post_partition_disks +++ b/deploy/adapters/cobbler/snippets/preseed_post_partition_disks @@ -1,39 +1,39 @@ -partitions=\$(pvs --noheadings --separator :| cut -d: -f1,2)
-vg_remove=0
-remove_partitions=''
-echo "partitions \$partitions" >> /tmp/post_partition.log
-
-for partition in \$partitions; do
- set \$(echo \$partition | tr ':' ' ')
- partition=\$1
- vg=\$2
- if [ "\$vg" = "reserved" ]; then
- echo "prepare remove partition \$partition" >> /tmp/post_partition.log
- remove_partitions="\${remove_partitions} \$partition"
- vg_remove=1
- else
- echo "ignore \$vg since it is not reserved" >> /tmp/post_partition.log
- fi
-done
-
-if [ "\${vg_remove}" != "0" ]; then
- vgremove -f reserved
-fi
-
-for remove_partition in \${remove_partitions}; do
- echo "remove pv \${remove_partition}" >> /tmp/post_partition.log
- pvremove -ff -y \${remove_partition}
- set \$(echo \${remove_partition} | sed -e 's/^\(.*\)\([0-9]\+\)\$/\1 \2/g')
- partition_disk=\$1
- partition_number=\$2
- if [ ! -z "\${partition_disk}" ]; then
- if [ ! -z "\${partition_number}" ]; then
- echo "remove partition \${remove_partition} on \${partition_disk} number \${partition_number}" >> /tmp/post_partition.log
- parted \${partition_disk} --script -- rm \${partition_number}
- else
- echo "no partition number found for \${remove_partition}" >> /tmp/post_partition.log
- fi
- else
- echo "no partition disk found for \${remove_partition}" >> /tmp/post_partition.log
- fi
-done
+partitions=\$(pvs --noheadings --separator :| cut -d: -f1,2) +vg_remove=0 +remove_partitions='' +echo "partitions \$partitions" >> /tmp/post_partition.log + +for partition in \$partitions; do + set \$(echo \$partition | tr ':' ' ') + partition=\$1 + vg=\$2 + if [ "\$vg" = "reserved" ]; then + echo "prepare remove partition \$partition" >> /tmp/post_partition.log + remove_partitions="\${remove_partitions} \$partition" + vg_remove=1 + else + echo "ignore \$vg since it is not reserved" >> /tmp/post_partition.log + fi +done + +if [ "\${vg_remove}" != "0" ]; then + vgremove -f reserved +fi + +for remove_partition in \${remove_partitions}; do + echo "remove pv \${remove_partition}" >> /tmp/post_partition.log + pvremove -ff -y \${remove_partition} + set \$(echo \${remove_partition} | sed -e 's/^\(.*\)\([0-9]\+\)\$/\1 \2/g') + partition_disk=\$1 + partition_number=\$2 + if [ ! -z "\${partition_disk}" ]; then + if [ ! -z "\${partition_number}" ]; then + echo "remove partition \${remove_partition} on \${partition_disk} number \${partition_number}" >> /tmp/post_partition.log + parted \${partition_disk} --script -- rm \${partition_number} + else + echo "no partition number found for \${remove_partition}" >> /tmp/post_partition.log + fi + else + echo "no partition disk found for \${remove_partition}" >> /tmp/post_partition.log + fi +done diff --git a/deploy/adapters/cobbler/snippets/preseed_pre_anamon b/deploy/adapters/cobbler/snippets/preseed_pre_anamon index 01091c60..aeda8e22 100644 --- a/deploy/adapters/cobbler/snippets/preseed_pre_anamon +++ b/deploy/adapters/cobbler/snippets/preseed_pre_anamon @@ -1,4 +1,4 @@ -#if $str($getVar('anamon_enabled','')) == "1"
-wget -O /tmp/anamon "http://$server:$http_port/cobbler/aux/anamon"
-## python /tmp/anamon --name "$name" --watchfiles "/var/log/syslog /var/log/partman /var/log/hareware_summary /var/log/status /tmp/preseed.log" --server "$server" --port "$http_port"
-#end if
+#if $str($getVar('anamon_enabled','')) == "1" +wget -O /tmp/anamon "http://$server:$http_port/cobbler/aux/anamon" +## python /tmp/anamon --name "$name" --watchfiles "/var/log/syslog /var/log/partman /var/log/hareware_summary /var/log/status /tmp/preseed.log" --server "$server" --port "$http_port" +#end if diff --git a/deploy/adapters/cobbler/snippets/preseed_pre_install_network_config b/deploy/adapters/cobbler/snippets/preseed_pre_install_network_config index ef210a0b..2ea74799 100644 --- a/deploy/adapters/cobbler/snippets/preseed_pre_install_network_config +++ b/deploy/adapters/cobbler/snippets/preseed_pre_install_network_config @@ -1,75 +1,75 @@ -#if $getVar("system_name","") != ""
- #if $getVar('management_nic', '') == ""
- #set $management_nic=''
- #end if
-echo "generate pre network config" > /tmp/network_log
-# Start pre_install_network_config generated code
-#raw
-# generic functions to be used later for discovering NICs
-mac_exists() {
- if type ip; then
- ip -o link | grep -i "$1" 2>/dev/null >/dev/null
- return $?
- elif type esxcfg-nics; then
- esxcfg-nics -l | grep -i "$1" 2>/dev/null >/dev/null
- return $?
- else
- ifconfig -a | grep -i "$1" 2>/dev/null >/dev/null
- return $?
- fi
-}
-get_ifname() {
- if type ip; then
- IFNAME=$(ip -o link | grep -i "$1" | sed -e 's/^[0-9]*: //' -e 's/:.*//')
- elif type esxcfg-nics; then
- IFNAME=$(esxcfg-nics -l | grep -i "$1" | cut -d " " -f 1)
- else
- IFNAME=$(ifconfig -a | grep -i "$1" | cut -d " " -f 1)
- if [ -z "$IFNAME" ]; then
- IFNAME=$(ifconfig -a | grep -i -B 2 "$1" | sed -n '/flags/s/:.*$//p')
- fi
- fi
-}
-#end raw
- #set ikeys = $interfaces.keys()
- #for $iname in $ikeys
- #set $idata = $interfaces[$iname]
- #set $management = $idata["management"]
- #if $management
- #set $management_nic = $iname
- #end if
- #end for
- #for $iname in $ikeys
- #set $idata = $interfaces[$iname]
- #set $mac = $idata["mac_address"]
- #set $static = $idata["static"]
- #set $management = $idata["management"]
- #set $ip = $idata["ip_address"]
- #set $netmask = $idata["netmask"]
- #set $iface_type = $idata["interface_type"]
- #set $iface_master = $idata["interface_master"]
- #set $static_routes = $idata["static_routes"]
- #if $management_nic != ''
- #if $iname != $management_nic
- #continue
- #end if
- #end if
- #if $mac == ""
- #continue
- #end if
-# Configuring $iname ($mac)
-if mac_exists $mac; then
- get_ifname $mac
- echo "d-i netcfg/choose_interface string \$IFNAME" >> /tmp/pre_install_network_config
- #if $static and $ip != ""
- echo "d-i netcfg/get_ipaddress string $ip" >> /tmp/pre_install_network_config
- #if $netmask == ""
- #set $netmask = "255.255.255.0"
- #end if
- echo "d-i netcfg/get_netmask string $netmask" >> /tmp/pre_install_network_config
- #else
- #continue
- #end if
-fi
- #end for
-#end if
+#if $getVar("system_name","") != "" + #if $getVar('management_nic', '') == "" + #set $management_nic='' + #end if +echo "generate pre network config" > /tmp/network_log +# Start pre_install_network_config generated code +#raw +# generic functions to be used later for discovering NICs +mac_exists() { + if type ip; then + ip -o link | grep -i "$1" 2>/dev/null >/dev/null + return $? + elif type esxcfg-nics; then + esxcfg-nics -l | grep -i "$1" 2>/dev/null >/dev/null + return $? + else + ifconfig -a | grep -i "$1" 2>/dev/null >/dev/null + return $? + fi +} +get_ifname() { + if type ip; then + IFNAME=$(ip -o link | grep -i "$1" | sed -e 's/^[0-9]*: //' -e 's/:.*//') + elif type esxcfg-nics; then + IFNAME=$(esxcfg-nics -l | grep -i "$1" | cut -d " " -f 1) + else + IFNAME=$(ifconfig -a | grep -i "$1" | cut -d " " -f 1) + if [ -z "$IFNAME" ]; then + IFNAME=$(ifconfig -a | grep -i -B 2 "$1" | sed -n '/flags/s/:.*$//p') + fi + fi +} +#end raw + #set ikeys = $interfaces.keys() + #for $iname in $ikeys + #set $idata = $interfaces[$iname] + #set $management = $idata["management"] + #if $management + #set $management_nic = $iname + #end if + #end for + #for $iname in $ikeys + #set $idata = $interfaces[$iname] + #set $mac = $idata["mac_address"] + #set $static = $idata["static"] + #set $management = $idata["management"] + #set $ip = $idata["ip_address"] + #set $netmask = $idata["netmask"] + #set $iface_type = $idata["interface_type"] + #set $iface_master = $idata["interface_master"] + #set $static_routes = $idata["static_routes"] + #if $management_nic != '' + #if $iname != $management_nic + #continue + #end if + #end if + #if $mac == "" + #continue + #end if +# Configuring $iname ($mac) +if mac_exists $mac; then + get_ifname $mac + echo "d-i netcfg/choose_interface string \$IFNAME" >> /tmp/pre_install_network_config + #if $static and $ip != "" + echo "d-i netcfg/get_ipaddress string $ip" >> /tmp/pre_install_network_config + #if $netmask == "" + #set $netmask = "255.255.255.0" + #end if + echo "d-i netcfg/get_netmask string $netmask" >> /tmp/pre_install_network_config + #else + #continue + #end if +fi + #end for +#end if diff --git a/deploy/adapters/cobbler/snippets/preseed_pre_partition_disks b/deploy/adapters/cobbler/snippets/preseed_pre_partition_disks index 7575b2aa..b31d8841 100644 --- a/deploy/adapters/cobbler/snippets/preseed_pre_partition_disks +++ b/deploy/adapters/cobbler/snippets/preseed_pre_partition_disks @@ -1,673 +1,673 @@ -#set hostname=$getVar('hostname',None)
-#set partition = $getVar('partition', None)
-#set partition_size = $getVar('partition_size', None)
-#set partition_maxsize = $getVar('partition_maxsize', None)
-#set disk_reserve_size = $getVar('disk_reserve_size', None)
-#set disk_max_size = $getVar('disk_max_size', None)
-#set default_disk_reserve_size = $getVar('default_disk_reserve_size', '0')
-#set default_disk_max_size = $getVar('default_disk_max_size', '0')
-
-#if $hostname == None
-#set $vgname = "VolGroup00"
-#else
-#set $vgname = $hostname.split('.')[0]
-#end if
-
-echo "partman early script" >> /tmp/preseed.log
-if [ -e /dev/disk/by-path ]; then
- set \$(ls -s -l /dev/disk/by-path | tr -s '\t' ' ' | cut -d' ' -f11,13)
- disk_mapping_nums=\$((\$#/2))
- disk_mapping_offset=0
- echo "disk_mapping_nums: \$disk_mapping_nums" >> /tmp/preseed.log
- echo "disk_mapping: \$@" >> /tmp/preseed.log
- disk_mapping=""
- disk_path_mapping=""
- while [ \$disk_mapping_offset -lt \$disk_mapping_nums ]; do
- found_disk_type=0
-#if $getVar('disk_type_only','') != ""
- if expr match "\$1" ".*-${disk_type_only}-.*"; then
- found_disk_type=1
- fi
-#else
- found_disk_type=1
-#end if
- path_name=\$(basename \$1)
- disk_path_name=\$(echo \${path_name} | tr '-' '_' | tr ':' '_' | tr '.' '_')
- disk_name=\$(basename \$2)
- disk_mapping_offset=\$((\${disk_mapping_offset}+1))
- shift 2
-
- if [ \$found_disk_type -gt 0 ]; then
- if [ -z "\${disk_mapping}" ]; then
- disk_mapping="\${disk_name}"
- else
- disk_mapping="\${disk_mapping} \${disk_name}"
- fi
- if [ -z "\${disk_path_mapping}" ]; then
- disk_path_mapping="\${disk_path_name}"
- else
- disk_path_mapping="\${disk_path_mapping} \${disk_path_name}"
- fi
- eval "disk_\${disk_name}=/dev/disk/by-path/\${path_name}"
- eval "disk_\${disk_path_name}=/dev/disk/by-path/\${path_name}"
- eval "disk_path_\${disk_path_name}=/dev/\${disk_name}"
- eval "disk_path_\${disk_name}=/dev/\${disk_name}"
- else
- eval "ignore_disk_\${disk_name}=/dev/disk/by-path/\${path_name}"
- eval "ignore_disk_\${disk_path_name}=/dev/disk/by-path/\${path_name}"
- eval "ignore_disk_path_\${disk_path_name}=/dev/\${disk_name}"
- eval "ignore_disk_path_\${disk_name}=/dev/\${disk_name}"
- fi
- done
-
- for key in \${disk_mapping}; do
- eval "disk_path=\\${disk_\$key}"
- echo "disk_mapping \$key => \${disk_path}" >> /tmp/preseed.log
- done
-
- for key in \${disk_path_mapping}; do
- eval "disk=\\${disk_path_\$key}"
- echo "disk path mapping \$key => \${disk}" >> /tmp/preseed.log
- done
-else
- echo "/dev/disk/by-path does not exist" >> /tmp/preseed.log
-fi
-
-partition_disks=""
-disks=""
-for disk in \$(list-devices disk); do
- disk_name=\$(basename \$disk)
- eval "disk_path=\\${disk_\${disk_name}}"
- if [ -z "\${disk_path}" ]; then
- eval "ignore_disk_path=\\${ignore_disk_\${disk_name}}"
- if [ ! -z "\${ignore_disk_path}" ]; then
- echo "ignore disk \${disk_name} since it is not in disk_mapping" >> /tmp/preseed.log
- continue
- else
- echo "did not found disk path for \$disk but it is not ignored" >> /tmp/preseed.log
- eval "disk_\${disk_name}=/dev/\${disk_name}"
- eval "disk_path_\${disk_name}=/dev/\${disk_name}"
- fi
- fi
- found_disk=0
-
-#if $getVar('partitions_only','') != ""
- #for $partition_only in $partitions_only.split(',')
- #if not $partition_only
- #continue
- #end if
- if expr match "\${disk_name}" "$partition_only"; then
- found_disk=1
- else
- echo "disk \${disk_name} does not match $partition_only" >> /tmp/preseed.log
- fi
- #end for
-#else
- found_disk=1
-#end if
-
-#if $getVar('partition_by_path', '0') != "0"
- eval "disk=\\${disk_\${disk_name}}"
-#end if
-
- if [ \$found_disk -gt 0 ]; then
- echo "add disk \${disk} in partitioning list" >> /tmp/preseed.log
- if [ -z "\${partition_disks}" ]; then
- partition_disks="\${disk}"
- else
- partition_disks="\${partition_disks} \${disk}"
- fi
- fi
- if [ -z "\$disks" ]; then
- disks="\${disk}"
- else
- disks="\${disks} \${disk}"
- fi
-done
-echo "partition disks: \${partition_disks}" >> /tmp/preseed.log
-echo "disks \${disks}" >> /tmp/preseed.log
-
-#if $getVar('sort_disks', '0') != "0"
-sorted_disks=\$(printf '%s\n' \${partition_disks} | sort)
-#else
-sorted_disks=\${partition_disks}
-#end if
-echo "sorted disks \${sorted_disks}" >> /tmp/preseed.log
-
-#if $getVar('start_from_disk', '') != ""
- #set $start_from_disk = $int($start_from_disk)
- #if $start_from_disk > 0
- #set $disk_start_offset = $start_from_disk - 1
- #else
- #set $disk_start_offset = 0
- #end if
-set \${sorted_disks}
-shift $disk_start_offset
-sorted_disks=\$@
-echo "sorted disks begin from the $start_from_disk: \${sorted_disks}" >> /tmp/preseed.log
-#end if
-
-#if $getVar('disk_num', '') != ""
-set \${sorted_disks}
-sorted_disks=\$(printf '%s\n' \$@ | head -n${disk_num})
-echo "sorted disks for $disk_num disks: \${sorted_disks}" >> /tmp/preseed.log
-#end if
-
-first_disk=""
-for disk in \${sorted_disks}; do
- if [ -z "\${first_disk}" ]; then
- first_disk=\${disk}
- break
- fi
-done
-echo "first disk \${first_disk}" >> /tmp/preseed.log
-
-#if $getVar('keep_old_partitions', '0') != "0"
-for disk in \${sorted_disks}; do
- dd if=/dev/zero of=\${disk} bs=512 count=1
-done
-remove_disks=\${sorted_disks}
-#else
-for disk in \$disks; do
- dd if=/dev/zero of=\$disk bs=512 count=1
-done
-remove_disks=\${disks}
-#end if
-echo "remove disks \${remove_disks}" >> /tmp/preseed.log
-
-disk_partitions=\$(pvs --noheadings --separator :| cut -d: -f1)
-remove_partitions=""
-remove_vgs=""
-for disk_partition in \${disk_partitions}; do
- vg=\$(pvs --noheadings --separator : \${disk_partition} | cut -d: -f2)
- remove_vg=""
- remove_partition=""
- for remove_disk in \${remove_disks}; do
-#if $getVar('partition_by_path', '0') != "0"
- path_name=\$(basename \${remove_disk})
- disk_path_name=\$(echo \${path_name} | tr '-' '_' | tr ':' '_' | tr '.' '_')
- remove_disk_path=\${remove_disk}
- eval "remove_disk=\\${disk_path_\${disk_path_name}}"
-#else
- disk_name=\$(basename \${remove_disk})
- eval "remove_disk_path=\\${disk_\${disk_name}}"
-#end if
- if [ -z "\${remove_disk}" ]; then
- continue
- fi
- if [ -z "\${remove_disk_path}" ]; then
- continue
- fi
- if expr match "\${disk_partition}" "\${remove_disk_path}.*"; then
- remove_vg="\$vg"
- remove_partition="\${disk_partition}"
- else
- echo "partition \${disk_partition} does not match \${remove_disk_path}.*" >> /tmp/preseed.log
- fi
- if expr match "\${disk_partition}" "\${remove_disk}.*"; then
- remove_vg="\$vg"
- remove_partition="\${disk_partition}"
- else
- echo "partition \${disk_partition} does not match \${remove_disk}.*" >> /tmp/preseed.log
- fi
- if [[ "\$vg" == "$vgname" ]]; then
- remove_vg="\$vg"
- remove_partition="\${disk_partition}"
- fi
- done
- if [ ! -z "\${remove_vg}" ]; then
- if [ -z "\${remove_vgs}" ]; then
- remove_vgs="\${remove_vg}"
- else
- vg_removed=0
- for vg in \${remove_vgs}; do
- if [[ "\$vg" == "\${remove_vg}" ]]; then
- vg_removed=1
- fi
- done
- if [ \${vg_removed} -eq 0 ]; then
- remove_vgs="\${remove_vgs} \${remove_vg}"
- fi
- fi
- fi
- if [ ! -z "\${remove_partition}" ]; then
- if [ -z "\${remove_partitions}" ]; then
- remove_partitions="\${remove_partition}"
- else
- pv_removed=0
- for pv in ${remove_partitions}; do
- if [[ "\$pv" == "\${remove_partition}" ]]; then
- pv_removed=1
- fi
- done
- if [ \${pv_removed} -eq 0 ]; then
- remove_partitions="\${remove_partitions} \${remove_partition}"
- fi
- fi
- fi
-done
-
-echo "remove vgs \${remove_vgs}" >> /tmp/preseed.log
-for remove_vg in \${remove_vgs}; do
- vgremove -f \${remove_vg}
-done
-
-echo "remove partitions \${remove_partitions} from \${remove_vgs}" >> /tmp/preseed.log
-for remove_partition in \${remove_partitions}; do
- pvremove -ff -y \${remove_partition}
-done
-
-echo "remove disks \${remove_disks}" >> /tmp/preseed.log
-
-partition_disks=""
-#if $getVar('keep_old_partitions', '0') != "0"
-for disk in \${sorted_disks}; do
-#else
-for disk in \${disks}; do
-#end if
- if [ -z "\${partition_disks}" ]; then
- partition_disks="\${disk}"
- else
- partition_disks="\${partition_disks} \${disk}"
- fi
-done
-
-partition_disks_str=\$(echo \${partition_disks} | tr ' ' ',')
-echo "d-i partman-auto/select_disks multiselect \${partition_disks_str}" >> /tmp/part-include
-echo "d-i partman-auto/disk string \${partition_disks}" >> /tmp/part-include
-echo "disks \${partition_disks}" >> /tmp/preseed.log
-
-default_partition=$getVar('default_partition', '/')
-partition_fstype=$getVar('partition_fstype', 'ext3')
-
-echo "default partition \${default_partition}" >> /tmp/preseed.log
-echo "partition fstype \${partition_fstype}" >> /tmp/preseed.log
-
-#if $disk_reserve_size != None
- #set disk_sizes = [disk_size.strip() for disk_size in $disk_reserve_size.split(';') if disk_size.strip()]
- #for disk_and_size in $disk_sizes
- #set disk_name, size = $disk_and_size.split(' ', 1)
- #set disk_name = $disk_name.strip()
- #if $size.endswith('K')
- #set disk_size = $int($size[:-1]) / 1000
- #elif $size.endswith('M')
- #set disk_size = $int($size[:-1])
- #elif $size.endswith('G')
- #set disk_size = $int($size[:-1]) * 1000
- #elif $size.endswith('T')
- #set disk_size = $int($size[:-1]) * 1000000
- #else
- #set disk_size = $int($size)
- #end if
-reserve_disk_size_${disk_name}=${disk_size}
- #end for
-#end if
-
-#if $default_disk_reserve_size.endswith('K')
- #set disk_size = $int($default_disk_reserve_size[:-1]) / 1000
-#elif $default_disk_reserve_size.endswith('M')
- #set disk_size = $int($default_disk_reserve_size[:-1])
-#elif $default_disk_reserve_size.endswith('G')
- #set disk_size = $int($default_disk_reserve_size[:-1]) * 1000
-#elif $default_disk_reserve_size.endswith('T')
- #set disk_size = $int($default_disk_reserve_size[:-1]) * 1000000
-#else
- #set disk_size = $int($default_disk_reserve_size)
-#end if
-default_reserve_disk_size=${disk_size}
-
-#if $disk_max_size != None
- #set disk_sizes = [disk_size.strip() for disk_size in $disk_max_size.split(';') if disk_size.strip()]
- #for disk_and_size in $disk_sizes
- #set disk_name, size = $disk_and_size.split(' ', 1)
- #set disk_name = $disk_name.strip()
- #if $size.endswith('K')
- #set disk_size = $int($size[:-1]) / 1000
- #elif $size.endswith('M')
- #set disk_size = $int($size[:-1])
- #elif $size.endswith('G')
- #set disk_size = $int($size[:-1]) * 1000
- #elif $size.endswith('T')
- #set disk_size = $int($size[:-1]) * 1000000
- #else
- #set disk_size = $int($size)
- #end if
-max_disk_size_${disk_name}=${disk_size}
- #end for
-#end if
-
-#if $default_disk_max_size.endswith('K')
- #set disk_size = $int($default_disk_max_size[:-1]) / 1000
-#elif $default_disk_max_size.endswith('M')
- #set disk_size = $int($default_disk_max_size[:-1])
-#elif $default_disk_max_size.endswith('G')
- #set disk_size = $int($default_disk_max_size[:-1]) * 1000
-#elif $default_disk_max_size.endswith('T')
- #set disk_size = $int($default_disk_max_size[:-1]) * 1000000
-#else
- #set disk_size = $int($default_disk_max_size)
-#end if
-default_max_disk_size=${disk_size}
-
-partition_names=""
-default_partition_name=""
-#if $partition != None
- #set vol_sizes = [part.strip() for part in $partition.split(';') if part.strip()]
- #for vol_and_size in vol_sizes
- #set vol, vol_size = $vol_and_size.split(' ', 1)
- #set vol = $vol.strip()
- #if $vol == '/'
- #set volname = 'root'
- #elif $vol == 'swap'
- #set volname = 'swap'
- #elif $vol.startswith('/')
- #set volname = $vol[1:].replace('/', '_')
- #else
-# $vol is not starts with /
- #continue
- #end if
-if [ -z "\${partition_names}" ]; then
- partition_names="$volname"
-else
- partition_names="\$partition_names $volname"
-fi
-if [[ "$vol" == "\$default_partition" ]]; then
- default_partition_name=$volname
-fi
-partition_point_$volname=$vol
- #set vol_size = $vol_size.strip()
- #if $vol_size.endswith('%')
- #set vol_percent = $vol_size[:-1]
-partition_percentage_$volname=$vol_percent
- #else
- #if $vol_size.endswith('K')
- #set vol_min_size = $int($vol_size[:-1]) / 1000
- #elif $vol_size.endswith('M')
- #set vol_min_size = $int($vol_size[:-1])
- #elif $vol_size.endswith('G')
- #set vol_min_size = $int($vol_size[:-1]) * 1000
- #elif $vol_size.endswith('T')
- #set vol_min_size = $int($vol_size[:-1]) * 1000000
- #else
- #set vol_min_size = $int($vol_size)
- #end if
-partition_size_$volname=$vol_min_size
- #end if
- #end for
-#end if
-
-#if $partition_size != None
- #set vol_sizes = [part.strip() for part in $partition_size.split(';') if part.strip()]
- #for vol_and_size in $vol_sizes
- #set vol, vol_size = $vol_and_size.split(' ', 1)
- #set vol = $vol.strip()
- #if $vol == '/'
- #set volname = 'root'
- #elif $vol == 'swap'
- #set volname = 'swap'
- #elif $vol.startswith('/')
- #set volname = $vol[1:].replace('/', '_')
- #else
-# $vol is not starts with /
- #continue
- #end if
- #if $vol_size.endswith('K')
- #set vol_min_size = $int($vol_size[:-1]) / 1000
- #elif $vol_size.endswith('M')
- #set vol_min_size = $int($vol_size[:-1])
- #elif $vol_size.endswith('G')
- #set vol_min_size = $int($vol_size[:-1]) * 1000
- #elif $vol_size.endswith('T')
- #set vol_min_size = $int($vol_size[:-1]) * 1000000
- #else
- #set vol_min_size = $int($vol_size)
- #end if
-partitions_size_$volname=${vol_min_size}
- #end for
-#end if
-
-#if $partition_maxsize != None
- #set vol_sizes = [part.strip() for part in $partition_maxsize.split(';') if part.strip()]
- #for vol_and_size in $vol_sizes
- #set vol, vol_size = $vol_and_size.split(' ', 1)
- #set vol = $vol.strip()
- #if $vol == '/'
- #set volname = 'root'
- #elif $vol == 'swap'
- #set volname = 'swap'
- #elif $vol.startswith('/')
- #set volname = $vol[1:].replace('/', '_')
- #else
-# $vol is not starts with /
- #continue
- #end if
- #if $vol_size.endswith('K')
- #set vol_max_size = $int($vol_size[:-1]) / 1000
- #elif $vol_size.endswith('M')
- #set vol_max_size = $int($vol_size[:-1])
- #elif $vol_size.endswith('G')
- #set vol_max_size = $int($vol_size[:-1]) * 1000
- #elif $vol_size.endswith('T')
- #set vol_max_size = $int($vol_size[:-1]) * 1000000
- #else
- #set vol_max_size = $int($vol_size)
- #end if
-partition_maxsize_$volname=${vol_max_size}
- #end for
-#end if
-
-echo "finish partition mapping" >> /tmp/preseed.log
-for key in \${partition_names}; do
- eval "mountpoint=\\${partition_point_\$key}"
- echo "partition names \$key => \${mountpoint}" >> /tmp/preseed.log
- eval "partition_percentage=\\${partition_percentage_\$key}"
- echo "partition percentage \$key => \${partition_percentage}" >> /tmp/preseed.log
- eval "partition_size=\\${partition_size_\$key}"
- echo "partition size \$key => \${partition_size}" >> /tmp/preseed.log
- eval "partition_max_size=\\${partition_max_size_\$key}"
- echo "partition max size \$key => \${partition_max_size}" >> /tmp/preseed.log
-done
-
-
-if [ -z "\${default_partition_name}" ]; then
- default_partition_name=root
-fi
-
-default_partition_percentage=100
-for key in \${partition_names}; do
- if [[ "\$key" == "\${default_partition_name}" ]]; then
- continue
- fi
- if [[ "\$key" == "swap" ]]; then
- continue
- fi
- eval "partition_percentage=\\${partition_percentage_\$key}"
- if [ ! -z "\${partition_percentage}" ]; then
- if [ \${default_partition_percentage} -gt \${partition_percentage} ]; then
- default_partition_percentage=\$((\${default_partition_percentage}-\${partition_percentage}))
- else
- default_partition_percentage=0
- fi
- fi
-done
-eval "partition_percentage_\${default_partition_name}=\${default_partition_percentage}"
-
-if [ -z "\${partition_point_boot}" ]; then
- partition_point_boot="/boot"
- if [ -z "\${partition_names}" ]; then
- partition_names="boot"
- else
- partition_names="\${partition_names} boot"
- fi
-fi
-
-if [ -z "\${partition_size_boot}" ]; then
- partition_size_boot=500
-fi
-
-if [ -z "\${partition_maxsize_boot}" ]; then
- partition_maxsize_boot=\$partition_size_boot
-fi
-
-if [ -z "\${first_disk}" ]; then
- first_disk=/dev/sda
-fi
-
-#if $getVar('keep_old_partitions', '0') != "0"
-echo "d-i grub-installer/with_other_os boolean true" >> /tmp/part-include
-#else
-echo "d-i grub-installer/only_debian boolean true" >> /tmp/part-include
-#end if
-
-echo "d-i grub-installer/bootdev string \${first_disk}" >> /tmp/part-include
-echo "setup bootloader on disk \${first_disk}" >> /tmp/preseed.log
-
-partition_param_boot="\${partition_fstype} \
-\\$primary{ } \\$bootable{ } method{ format } \
-format{ } use_filesystem{ } filesystem{ \${partition_fstype} } \
-mountpoint{ /boot } device{ \${first_disk} } \
-"
-
-if [ -z "\${partition_point_swap}" ]; then
- partition_point_swap="swap"
- if [ -z "\${partition_names}" ]; then
- partition_names="swap"
- else
- partition_names="\${partition_names} swap"
- fi
-fi
-
-if [ -z "\${partition_size_swap}" ]; then
- partition_size_swap=256
-fi
-
-if [ -z "\${partition_percentage_swap}" ]; then
- partition_percentage_swap=10
-fi
-
-if [ -z "\${partition_maxsize_swap}" ]; then
- partition_maxsize_swap=200%
-fi
-
-partition_param_swap="linux-swap \
-\\$primary{ } method{ swap } format{ } \
-device{ \${first_disk} } \
-"
-
-if [ -z "\${partition_point_root}" ]; then
- partition_point_root="/"
- if [ -z "\${partition_names}" ]; then
- partition_names="root"
- else
- partition_names="\$partition_names root"
- fi
-fi
-
-recipe="boot-root ::"
-bios_partition_param="free method{ biosgrub } \
-\\$primary{ } device{ \${first_disk} } \
-"
-recipe="\$recipe 1 1 1 \${bios_partition_param} ."
-
-for key in \${partition_names}; do
- eval "partition=\\${partition_point_\$key}"
- echo "partition \$partition => \$key" >> /tmp/preseed.log
- eval "partition_percentage=\\${partition_percentage_\$key}"
- if [ -z "\${partition_percentage}" ]; then
- partition_percentage=0
- fi
- echo "partition percentage \$partition => \${partition_percentage}" >> /tmp/preseed.log
- eval "partition_size=\\${partition_size_\$key}"
- if [ -z "\${partition_size}" ]; then
- partition_size=1
- fi
- echo "partition size \$partition => \${partition_size}" >> /tmp/preseed.log
- if [ \${partition_percentage} -ne 0 ]; then
- partition_factor="\${partition_size}+\${partition_percentage}%"
- else
- partition_factor="\${partition_size}"
- fi
- echo "partition factor \$partition => \${partition_factor}" >> /tmp/preseed.log
- eval "partition_maxsize=\\${partition_maxsize_\$key}"
- if [ -z \${partition_maxsize} ]; then
- partition_maxsize=-1
- fi
- echo "partition maxsize \$partition => \${partition_maxsize}" >> /tmp/preseed.log
- eval "partition_param=\\${partition_param_\$key}"
- if [ -z "\${partition_param}" ]; then
- partition_param="\${partition_fstype} \
-\\$lvmok{ } method{ format } format{ } \
-use_filesystem{ } filesystem{ \${partition_fstype} } \
-in_vg{ $vgname } lv_name{ \${key}vol } \
-mountpoint{ \$partition }"
- fi
- echo "partition param \$partition => \${partition_param}" >> /tmp/preseed.log
- recipe="\$recipe \${partition_size} \${partition_factor} \${partition_maxsize} \${partition_param} ."
-done
-
-for disk in \${sorted_disks}; do
-#if $getVar('partition_by_path', '0') != "0"
- path_name=\$(basename \${disk})
- disk_path_name=\$(echo \${path_name} | tr '-' '_' | tr ':' '_' | tr '.' '_')
- eval "path_disk=\\${disk_path_\${disk_path_name}}"
- disk_name=\$(basename \${path_disk})
-#else
- disk_name=\$(basename \$disk)
-#end if
- eval "used_disk_\${disk_name}=\$disk"
- echo "add disk \$disk into disks" >> /tmp/preseed.log
- eval "max_disk_size=\\${max_disk_size_\${disk_name}}"
- if [ -z "\${max_disk_size}" ]; then
- max_disk_size=\${default_max_disk_size}
- fi
- echo "disk \${disk} max disk size \${max_disk_size}" >> /tmp/preseed.log
- if [ \${max_disk_size} -gt 0 ]; then
- maxsize_param=\${max_disk_size}
- else
- maxsize_param=-1
- fi
- disk_param="\${partition_fstype} \
-\\$defaultignore{ } device{ \${disk} } \
-method{ lvm } vg_name{ $vgname }"
- recipe="\$recipe 512 512+100% \${maxsize_param} \${disk_param} ."
- echo "partition param \${disk_name} => \${disk_param}" >> /tmp/preseed.log
- eval "reserve_disk_size=\\${reserve_disk_size_\${disk_name}}"
- if [ -z "\${reserve_disk_size}" ]; then
- reserve_disk_size=\${default_reserve_disk_size}
- fi
- echo "disk \${disk} reserve disk size \${reserve_disk_size}" >> /tmp/preseed.log
- if [ \${reserve_disk_size} -gt 0 ]; then
- reserve_disk_param="\${partition_fstype} \
-\\$defaultignore{ } device{ \${disk} } \
-method{ lvm } vg_name{ reserved }"
- recipe="\$recipe \${reserve_disk_size} \${reserve_disk_size} \${reserve_disk_size} \${reserve_disk_param} ."
- echo "reserve partition param \${disk_name} => \${reserve_disk_param}" >> /tmp/preseed.log
- fi
-done
-
-
-#if $getVar('keep_old_partitions', '0') == "0"
-for disk in \$disks; do
-#if $getVar('partition_by_path', '0') != "0"
- path_name=\$(basename \${disk})
- disk_path_name=\$(echo \${path_name} | tr '-' '_' | tr ':' '_' | tr '.' '_')
- eval "path_disk=\\${disk_path_\${disk_path_name}}"
- disk_name=\$(basename \${path_disk})
-#else
- disk_name=\$(basename \$disk)
-#end if
- eval "used_disk=\\${used_disk_\${disk_name}}"
- if [ -z "\${used_disk}" ]; then
- reserve_disk_param="\${partition_fstype} \
-\\$defaultignore{ } device{ \${disk} } \
-method{ lvm } vg_name{ reserved }"
- recipe="\$recipe 512 512+100% -1 \${reserve_disk_param} ."
- echo "reserve partition param \${disk_name} => \${reserve_disk_param}" >> /tmp/preseed.log
- fi
-done
-#end if
-
-echo "d-i partman-auto/expert_recipe string \$recipe" >> /tmp/part-include
-echo "d-i partman-auto/choose_recipe select boot-root" >> /tmp/part-include
-## echo "d-i partman-lvm/vgcreate string $vgname" >> /tmp/part-include
-## echo "d-i partman-auto-lvm/new_vg_name string $vgname" >> /tmp/part-include
+#set hostname=$getVar('hostname',None) +#set partition = $getVar('partition', None) +#set partition_size = $getVar('partition_size', None) +#set partition_maxsize = $getVar('partition_maxsize', None) +#set disk_reserve_size = $getVar('disk_reserve_size', None) +#set disk_max_size = $getVar('disk_max_size', None) +#set default_disk_reserve_size = $getVar('default_disk_reserve_size', '0') +#set default_disk_max_size = $getVar('default_disk_max_size', '0') + +#if $hostname == None +#set $vgname = "VolGroup00" +#else +#set $vgname = $hostname.split('.')[0] +#end if + +echo "partman early script" >> /tmp/preseed.log +if [ -e /dev/disk/by-path ]; then + set \$(ls -s -l /dev/disk/by-path | tr -s '\t' ' ' | cut -d' ' -f11,13) + disk_mapping_nums=\$((\$#/2)) + disk_mapping_offset=0 + echo "disk_mapping_nums: \$disk_mapping_nums" >> /tmp/preseed.log + echo "disk_mapping: \$@" >> /tmp/preseed.log + disk_mapping="" + disk_path_mapping="" + while [ \$disk_mapping_offset -lt \$disk_mapping_nums ]; do + found_disk_type=0 +#if $getVar('disk_type_only','') != "" + if expr match "\$1" ".*-${disk_type_only}-.*"; then + found_disk_type=1 + fi +#else + found_disk_type=1 +#end if + path_name=\$(basename \$1) + disk_path_name=\$(echo \${path_name} | tr '-' '_' | tr ':' '_' | tr '.' '_') + disk_name=\$(basename \$2) + disk_mapping_offset=\$((\${disk_mapping_offset}+1)) + shift 2 + + if [ \$found_disk_type -gt 0 ]; then + if [ -z "\${disk_mapping}" ]; then + disk_mapping="\${disk_name}" + else + disk_mapping="\${disk_mapping} \${disk_name}" + fi + if [ -z "\${disk_path_mapping}" ]; then + disk_path_mapping="\${disk_path_name}" + else + disk_path_mapping="\${disk_path_mapping} \${disk_path_name}" + fi + eval "disk_\${disk_name}=/dev/disk/by-path/\${path_name}" + eval "disk_\${disk_path_name}=/dev/disk/by-path/\${path_name}" + eval "disk_path_\${disk_path_name}=/dev/\${disk_name}" + eval "disk_path_\${disk_name}=/dev/\${disk_name}" + else + eval "ignore_disk_\${disk_name}=/dev/disk/by-path/\${path_name}" + eval "ignore_disk_\${disk_path_name}=/dev/disk/by-path/\${path_name}" + eval "ignore_disk_path_\${disk_path_name}=/dev/\${disk_name}" + eval "ignore_disk_path_\${disk_name}=/dev/\${disk_name}" + fi + done + + for key in \${disk_mapping}; do + eval "disk_path=\\${disk_\$key}" + echo "disk_mapping \$key => \${disk_path}" >> /tmp/preseed.log + done + + for key in \${disk_path_mapping}; do + eval "disk=\\${disk_path_\$key}" + echo "disk path mapping \$key => \${disk}" >> /tmp/preseed.log + done +else + echo "/dev/disk/by-path does not exist" >> /tmp/preseed.log +fi + +partition_disks="" +disks="" +for disk in \$(list-devices disk); do + disk_name=\$(basename \$disk) + eval "disk_path=\\${disk_\${disk_name}}" + if [ -z "\${disk_path}" ]; then + eval "ignore_disk_path=\\${ignore_disk_\${disk_name}}" + if [ ! -z "\${ignore_disk_path}" ]; then + echo "ignore disk \${disk_name} since it is not in disk_mapping" >> /tmp/preseed.log + continue + else + echo "did not found disk path for \$disk but it is not ignored" >> /tmp/preseed.log + eval "disk_\${disk_name}=/dev/\${disk_name}" + eval "disk_path_\${disk_name}=/dev/\${disk_name}" + fi + fi + found_disk=0 + +#if $getVar('partitions_only','') != "" + #for $partition_only in $partitions_only.split(',') + #if not $partition_only + #continue + #end if + if expr match "\${disk_name}" "$partition_only"; then + found_disk=1 + else + echo "disk \${disk_name} does not match $partition_only" >> /tmp/preseed.log + fi + #end for +#else + found_disk=1 +#end if + +#if $getVar('partition_by_path', '0') != "0" + eval "disk=\\${disk_\${disk_name}}" +#end if + + if [ \$found_disk -gt 0 ]; then + echo "add disk \${disk} in partitioning list" >> /tmp/preseed.log + if [ -z "\${partition_disks}" ]; then + partition_disks="\${disk}" + else + partition_disks="\${partition_disks} \${disk}" + fi + fi + if [ -z "\$disks" ]; then + disks="\${disk}" + else + disks="\${disks} \${disk}" + fi +done +echo "partition disks: \${partition_disks}" >> /tmp/preseed.log +echo "disks \${disks}" >> /tmp/preseed.log + +#if $getVar('sort_disks', '0') != "0" +sorted_disks=\$(printf '%s\n' \${partition_disks} | sort) +#else +sorted_disks=\${partition_disks} +#end if +echo "sorted disks \${sorted_disks}" >> /tmp/preseed.log + +#if $getVar('start_from_disk', '') != "" + #set $start_from_disk = $int($start_from_disk) + #if $start_from_disk > 0 + #set $disk_start_offset = $start_from_disk - 1 + #else + #set $disk_start_offset = 0 + #end if +set \${sorted_disks} +shift $disk_start_offset +sorted_disks=\$@ +echo "sorted disks begin from the $start_from_disk: \${sorted_disks}" >> /tmp/preseed.log +#end if + +#if $getVar('disk_num', '') != "" +set \${sorted_disks} +sorted_disks=\$(printf '%s\n' \$@ | head -n${disk_num}) +echo "sorted disks for $disk_num disks: \${sorted_disks}" >> /tmp/preseed.log +#end if + +first_disk="" +for disk in \${sorted_disks}; do + if [ -z "\${first_disk}" ]; then + first_disk=\${disk} + break + fi +done +echo "first disk \${first_disk}" >> /tmp/preseed.log + +#if $getVar('keep_old_partitions', '0') != "0" +for disk in \${sorted_disks}; do + dd if=/dev/zero of=\${disk} bs=512 count=1 +done +remove_disks=\${sorted_disks} +#else +for disk in \$disks; do + dd if=/dev/zero of=\$disk bs=512 count=1 +done +remove_disks=\${disks} +#end if +echo "remove disks \${remove_disks}" >> /tmp/preseed.log + +disk_partitions=\$(pvs --noheadings --separator :| cut -d: -f1) +remove_partitions="" +remove_vgs="" +for disk_partition in \${disk_partitions}; do + vg=\$(pvs --noheadings --separator : \${disk_partition} | cut -d: -f2) + remove_vg="" + remove_partition="" + for remove_disk in \${remove_disks}; do +#if $getVar('partition_by_path', '0') != "0" + path_name=\$(basename \${remove_disk}) + disk_path_name=\$(echo \${path_name} | tr '-' '_' | tr ':' '_' | tr '.' '_') + remove_disk_path=\${remove_disk} + eval "remove_disk=\\${disk_path_\${disk_path_name}}" +#else + disk_name=\$(basename \${remove_disk}) + eval "remove_disk_path=\\${disk_\${disk_name}}" +#end if + if [ -z "\${remove_disk}" ]; then + continue + fi + if [ -z "\${remove_disk_path}" ]; then + continue + fi + if expr match "\${disk_partition}" "\${remove_disk_path}.*"; then + remove_vg="\$vg" + remove_partition="\${disk_partition}" + else + echo "partition \${disk_partition} does not match \${remove_disk_path}.*" >> /tmp/preseed.log + fi + if expr match "\${disk_partition}" "\${remove_disk}.*"; then + remove_vg="\$vg" + remove_partition="\${disk_partition}" + else + echo "partition \${disk_partition} does not match \${remove_disk}.*" >> /tmp/preseed.log + fi + if [[ "\$vg" == "$vgname" ]]; then + remove_vg="\$vg" + remove_partition="\${disk_partition}" + fi + done + if [ ! -z "\${remove_vg}" ]; then + if [ -z "\${remove_vgs}" ]; then + remove_vgs="\${remove_vg}" + else + vg_removed=0 + for vg in \${remove_vgs}; do + if [[ "\$vg" == "\${remove_vg}" ]]; then + vg_removed=1 + fi + done + if [ \${vg_removed} -eq 0 ]; then + remove_vgs="\${remove_vgs} \${remove_vg}" + fi + fi + fi + if [ ! -z "\${remove_partition}" ]; then + if [ -z "\${remove_partitions}" ]; then + remove_partitions="\${remove_partition}" + else + pv_removed=0 + for pv in ${remove_partitions}; do + if [[ "\$pv" == "\${remove_partition}" ]]; then + pv_removed=1 + fi + done + if [ \${pv_removed} -eq 0 ]; then + remove_partitions="\${remove_partitions} \${remove_partition}" + fi + fi + fi +done + +echo "remove vgs \${remove_vgs}" >> /tmp/preseed.log +for remove_vg in \${remove_vgs}; do + vgremove -f \${remove_vg} +done + +echo "remove partitions \${remove_partitions} from \${remove_vgs}" >> /tmp/preseed.log +for remove_partition in \${remove_partitions}; do + pvremove -ff -y \${remove_partition} +done + +echo "remove disks \${remove_disks}" >> /tmp/preseed.log + +partition_disks="" +#if $getVar('keep_old_partitions', '0') != "0" +for disk in \${sorted_disks}; do +#else +for disk in \${disks}; do +#end if + if [ -z "\${partition_disks}" ]; then + partition_disks="\${disk}" + else + partition_disks="\${partition_disks} \${disk}" + fi +done + +partition_disks_str=\$(echo \${partition_disks} | tr ' ' ',') +echo "d-i partman-auto/select_disks multiselect \${partition_disks_str}" >> /tmp/part-include +echo "d-i partman-auto/disk string \${partition_disks}" >> /tmp/part-include +echo "disks \${partition_disks}" >> /tmp/preseed.log + +default_partition=$getVar('default_partition', '/') +partition_fstype=$getVar('partition_fstype', 'ext3') + +echo "default partition \${default_partition}" >> /tmp/preseed.log +echo "partition fstype \${partition_fstype}" >> /tmp/preseed.log + +#if $disk_reserve_size != None + #set disk_sizes = [disk_size.strip() for disk_size in $disk_reserve_size.split(';') if disk_size.strip()] + #for disk_and_size in $disk_sizes + #set disk_name, size = $disk_and_size.split(' ', 1) + #set disk_name = $disk_name.strip() + #if $size.endswith('K') + #set disk_size = $int($size[:-1]) / 1000 + #elif $size.endswith('M') + #set disk_size = $int($size[:-1]) + #elif $size.endswith('G') + #set disk_size = $int($size[:-1]) * 1000 + #elif $size.endswith('T') + #set disk_size = $int($size[:-1]) * 1000000 + #else + #set disk_size = $int($size) + #end if +reserve_disk_size_${disk_name}=${disk_size} + #end for +#end if + +#if $default_disk_reserve_size.endswith('K') + #set disk_size = $int($default_disk_reserve_size[:-1]) / 1000 +#elif $default_disk_reserve_size.endswith('M') + #set disk_size = $int($default_disk_reserve_size[:-1]) +#elif $default_disk_reserve_size.endswith('G') + #set disk_size = $int($default_disk_reserve_size[:-1]) * 1000 +#elif $default_disk_reserve_size.endswith('T') + #set disk_size = $int($default_disk_reserve_size[:-1]) * 1000000 +#else + #set disk_size = $int($default_disk_reserve_size) +#end if +default_reserve_disk_size=${disk_size} + +#if $disk_max_size != None + #set disk_sizes = [disk_size.strip() for disk_size in $disk_max_size.split(';') if disk_size.strip()] + #for disk_and_size in $disk_sizes + #set disk_name, size = $disk_and_size.split(' ', 1) + #set disk_name = $disk_name.strip() + #if $size.endswith('K') + #set disk_size = $int($size[:-1]) / 1000 + #elif $size.endswith('M') + #set disk_size = $int($size[:-1]) + #elif $size.endswith('G') + #set disk_size = $int($size[:-1]) * 1000 + #elif $size.endswith('T') + #set disk_size = $int($size[:-1]) * 1000000 + #else + #set disk_size = $int($size) + #end if +max_disk_size_${disk_name}=${disk_size} + #end for +#end if + +#if $default_disk_max_size.endswith('K') + #set disk_size = $int($default_disk_max_size[:-1]) / 1000 +#elif $default_disk_max_size.endswith('M') + #set disk_size = $int($default_disk_max_size[:-1]) +#elif $default_disk_max_size.endswith('G') + #set disk_size = $int($default_disk_max_size[:-1]) * 1000 +#elif $default_disk_max_size.endswith('T') + #set disk_size = $int($default_disk_max_size[:-1]) * 1000000 +#else + #set disk_size = $int($default_disk_max_size) +#end if +default_max_disk_size=${disk_size} + +partition_names="" +default_partition_name="" +#if $partition != None + #set vol_sizes = [part.strip() for part in $partition.split(';') if part.strip()] + #for vol_and_size in vol_sizes + #set vol, vol_size = $vol_and_size.split(' ', 1) + #set vol = $vol.strip() + #if $vol == '/' + #set volname = 'root' + #elif $vol == 'swap' + #set volname = 'swap' + #elif $vol.startswith('/') + #set volname = $vol[1:].replace('/', '_') + #else +# $vol is not starts with / + #continue + #end if +if [ -z "\${partition_names}" ]; then + partition_names="$volname" +else + partition_names="\$partition_names $volname" +fi +if [[ "$vol" == "\$default_partition" ]]; then + default_partition_name=$volname +fi +partition_point_$volname=$vol + #set vol_size = $vol_size.strip() + #if $vol_size.endswith('%') + #set vol_percent = $vol_size[:-1] +partition_percentage_$volname=$vol_percent + #else + #if $vol_size.endswith('K') + #set vol_min_size = $int($vol_size[:-1]) / 1000 + #elif $vol_size.endswith('M') + #set vol_min_size = $int($vol_size[:-1]) + #elif $vol_size.endswith('G') + #set vol_min_size = $int($vol_size[:-1]) * 1000 + #elif $vol_size.endswith('T') + #set vol_min_size = $int($vol_size[:-1]) * 1000000 + #else + #set vol_min_size = $int($vol_size) + #end if +partition_size_$volname=$vol_min_size + #end if + #end for +#end if + +#if $partition_size != None + #set vol_sizes = [part.strip() for part in $partition_size.split(';') if part.strip()] + #for vol_and_size in $vol_sizes + #set vol, vol_size = $vol_and_size.split(' ', 1) + #set vol = $vol.strip() + #if $vol == '/' + #set volname = 'root' + #elif $vol == 'swap' + #set volname = 'swap' + #elif $vol.startswith('/') + #set volname = $vol[1:].replace('/', '_') + #else +# $vol is not starts with / + #continue + #end if + #if $vol_size.endswith('K') + #set vol_min_size = $int($vol_size[:-1]) / 1000 + #elif $vol_size.endswith('M') + #set vol_min_size = $int($vol_size[:-1]) + #elif $vol_size.endswith('G') + #set vol_min_size = $int($vol_size[:-1]) * 1000 + #elif $vol_size.endswith('T') + #set vol_min_size = $int($vol_size[:-1]) * 1000000 + #else + #set vol_min_size = $int($vol_size) + #end if +partitions_size_$volname=${vol_min_size} + #end for +#end if + +#if $partition_maxsize != None + #set vol_sizes = [part.strip() for part in $partition_maxsize.split(';') if part.strip()] + #for vol_and_size in $vol_sizes + #set vol, vol_size = $vol_and_size.split(' ', 1) + #set vol = $vol.strip() + #if $vol == '/' + #set volname = 'root' + #elif $vol == 'swap' + #set volname = 'swap' + #elif $vol.startswith('/') + #set volname = $vol[1:].replace('/', '_') + #else +# $vol is not starts with / + #continue + #end if + #if $vol_size.endswith('K') + #set vol_max_size = $int($vol_size[:-1]) / 1000 + #elif $vol_size.endswith('M') + #set vol_max_size = $int($vol_size[:-1]) + #elif $vol_size.endswith('G') + #set vol_max_size = $int($vol_size[:-1]) * 1000 + #elif $vol_size.endswith('T') + #set vol_max_size = $int($vol_size[:-1]) * 1000000 + #else + #set vol_max_size = $int($vol_size) + #end if +partition_maxsize_$volname=${vol_max_size} + #end for +#end if + +echo "finish partition mapping" >> /tmp/preseed.log +for key in \${partition_names}; do + eval "mountpoint=\\${partition_point_\$key}" + echo "partition names \$key => \${mountpoint}" >> /tmp/preseed.log + eval "partition_percentage=\\${partition_percentage_\$key}" + echo "partition percentage \$key => \${partition_percentage}" >> /tmp/preseed.log + eval "partition_size=\\${partition_size_\$key}" + echo "partition size \$key => \${partition_size}" >> /tmp/preseed.log + eval "partition_max_size=\\${partition_max_size_\$key}" + echo "partition max size \$key => \${partition_max_size}" >> /tmp/preseed.log +done + + +if [ -z "\${default_partition_name}" ]; then + default_partition_name=root +fi + +default_partition_percentage=100 +for key in \${partition_names}; do + if [[ "\$key" == "\${default_partition_name}" ]]; then + continue + fi + if [[ "\$key" == "swap" ]]; then + continue + fi + eval "partition_percentage=\\${partition_percentage_\$key}" + if [ ! -z "\${partition_percentage}" ]; then + if [ \${default_partition_percentage} -gt \${partition_percentage} ]; then + default_partition_percentage=\$((\${default_partition_percentage}-\${partition_percentage})) + else + default_partition_percentage=0 + fi + fi +done +eval "partition_percentage_\${default_partition_name}=\${default_partition_percentage}" + +if [ -z "\${partition_point_boot}" ]; then + partition_point_boot="/boot" + if [ -z "\${partition_names}" ]; then + partition_names="boot" + else + partition_names="\${partition_names} boot" + fi +fi + +if [ -z "\${partition_size_boot}" ]; then + partition_size_boot=500 +fi + +if [ -z "\${partition_maxsize_boot}" ]; then + partition_maxsize_boot=\$partition_size_boot +fi + +if [ -z "\${first_disk}" ]; then + first_disk=/dev/sda +fi + +#if $getVar('keep_old_partitions', '0') != "0" +echo "d-i grub-installer/with_other_os boolean true" >> /tmp/part-include +#else +echo "d-i grub-installer/only_debian boolean true" >> /tmp/part-include +#end if + +echo "d-i grub-installer/bootdev string \${first_disk}" >> /tmp/part-include +echo "setup bootloader on disk \${first_disk}" >> /tmp/preseed.log + +partition_param_boot="\${partition_fstype} \ +\\$primary{ } \\$bootable{ } method{ format } \ +format{ } use_filesystem{ } filesystem{ \${partition_fstype} } \ +mountpoint{ /boot } device{ \${first_disk} } \ +" + +if [ -z "\${partition_point_swap}" ]; then + partition_point_swap="swap" + if [ -z "\${partition_names}" ]; then + partition_names="swap" + else + partition_names="\${partition_names} swap" + fi +fi + +if [ -z "\${partition_size_swap}" ]; then + partition_size_swap=256 +fi + +if [ -z "\${partition_percentage_swap}" ]; then + partition_percentage_swap=10 +fi + +if [ -z "\${partition_maxsize_swap}" ]; then + partition_maxsize_swap=200% +fi + +partition_param_swap="linux-swap \ +\\$primary{ } method{ swap } format{ } \ +device{ \${first_disk} } \ +" + +if [ -z "\${partition_point_root}" ]; then + partition_point_root="/" + if [ -z "\${partition_names}" ]; then + partition_names="root" + else + partition_names="\$partition_names root" + fi +fi + +recipe="boot-root ::" +bios_partition_param="free method{ biosgrub } \ +\\$primary{ } device{ \${first_disk} } \ +" +recipe="\$recipe 1 1 1 \${bios_partition_param} ." + +for key in \${partition_names}; do + eval "partition=\\${partition_point_\$key}" + echo "partition \$partition => \$key" >> /tmp/preseed.log + eval "partition_percentage=\\${partition_percentage_\$key}" + if [ -z "\${partition_percentage}" ]; then + partition_percentage=0 + fi + echo "partition percentage \$partition => \${partition_percentage}" >> /tmp/preseed.log + eval "partition_size=\\${partition_size_\$key}" + if [ -z "\${partition_size}" ]; then + partition_size=1 + fi + echo "partition size \$partition => \${partition_size}" >> /tmp/preseed.log + if [ \${partition_percentage} -ne 0 ]; then + partition_factor="\${partition_size}+\${partition_percentage}%" + else + partition_factor="\${partition_size}" + fi + echo "partition factor \$partition => \${partition_factor}" >> /tmp/preseed.log + eval "partition_maxsize=\\${partition_maxsize_\$key}" + if [ -z \${partition_maxsize} ]; then + partition_maxsize=-1 + fi + echo "partition maxsize \$partition => \${partition_maxsize}" >> /tmp/preseed.log + eval "partition_param=\\${partition_param_\$key}" + if [ -z "\${partition_param}" ]; then + partition_param="\${partition_fstype} \ +\\$lvmok{ } method{ format } format{ } \ +use_filesystem{ } filesystem{ \${partition_fstype} } \ +in_vg{ $vgname } lv_name{ \${key}vol } \ +mountpoint{ \$partition }" + fi + echo "partition param \$partition => \${partition_param}" >> /tmp/preseed.log + recipe="\$recipe \${partition_size} \${partition_factor} \${partition_maxsize} \${partition_param} ." +done + +for disk in \${sorted_disks}; do +#if $getVar('partition_by_path', '0') != "0" + path_name=\$(basename \${disk}) + disk_path_name=\$(echo \${path_name} | tr '-' '_' | tr ':' '_' | tr '.' '_') + eval "path_disk=\\${disk_path_\${disk_path_name}}" + disk_name=\$(basename \${path_disk}) +#else + disk_name=\$(basename \$disk) +#end if + eval "used_disk_\${disk_name}=\$disk" + echo "add disk \$disk into disks" >> /tmp/preseed.log + eval "max_disk_size=\\${max_disk_size_\${disk_name}}" + if [ -z "\${max_disk_size}" ]; then + max_disk_size=\${default_max_disk_size} + fi + echo "disk \${disk} max disk size \${max_disk_size}" >> /tmp/preseed.log + if [ \${max_disk_size} -gt 0 ]; then + maxsize_param=\${max_disk_size} + else + maxsize_param=-1 + fi + disk_param="\${partition_fstype} \ +\\$defaultignore{ } device{ \${disk} } \ +method{ lvm } vg_name{ $vgname }" + recipe="\$recipe 512 512+100% \${maxsize_param} \${disk_param} ." + echo "partition param \${disk_name} => \${disk_param}" >> /tmp/preseed.log + eval "reserve_disk_size=\\${reserve_disk_size_\${disk_name}}" + if [ -z "\${reserve_disk_size}" ]; then + reserve_disk_size=\${default_reserve_disk_size} + fi + echo "disk \${disk} reserve disk size \${reserve_disk_size}" >> /tmp/preseed.log + if [ \${reserve_disk_size} -gt 0 ]; then + reserve_disk_param="\${partition_fstype} \ +\\$defaultignore{ } device{ \${disk} } \ +method{ lvm } vg_name{ reserved }" + recipe="\$recipe \${reserve_disk_size} \${reserve_disk_size} \${reserve_disk_size} \${reserve_disk_param} ." + echo "reserve partition param \${disk_name} => \${reserve_disk_param}" >> /tmp/preseed.log + fi +done + + +#if $getVar('keep_old_partitions', '0') == "0" +for disk in \$disks; do +#if $getVar('partition_by_path', '0') != "0" + path_name=\$(basename \${disk}) + disk_path_name=\$(echo \${path_name} | tr '-' '_' | tr ':' '_' | tr '.' '_') + eval "path_disk=\\${disk_path_\${disk_path_name}}" + disk_name=\$(basename \${path_disk}) +#else + disk_name=\$(basename \$disk) +#end if + eval "used_disk=\\${used_disk_\${disk_name}}" + if [ -z "\${used_disk}" ]; then + reserve_disk_param="\${partition_fstype} \ +\\$defaultignore{ } device{ \${disk} } \ +method{ lvm } vg_name{ reserved }" + recipe="\$recipe 512 512+100% -1 \${reserve_disk_param} ." + echo "reserve partition param \${disk_name} => \${reserve_disk_param}" >> /tmp/preseed.log + fi +done +#end if + +echo "d-i partman-auto/expert_recipe string \$recipe" >> /tmp/part-include +echo "d-i partman-auto/choose_recipe select boot-root" >> /tmp/part-include +## echo "d-i partman-lvm/vgcreate string $vgname" >> /tmp/part-include +## echo "d-i partman-auto-lvm/new_vg_name string $vgname" >> /tmp/part-include diff --git a/deploy/adapters/cobbler/snippets/preseed_rsyslog.conf b/deploy/adapters/cobbler/snippets/preseed_rsyslog.conf index a772279c..11e77227 100644 --- a/deploy/adapters/cobbler/snippets/preseed_rsyslog.conf +++ b/deploy/adapters/cobbler/snippets/preseed_rsyslog.conf @@ -1,67 +1,67 @@ -cat << EOL > /etc/rsyslog.conf
-\#\#\#\# MODULES \#\#\#\##
-
-\\$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
-\\$ModLoad imfile
-
-\\$WorkDirectory /var/spool/rsyslog
-\\$ActionQueueType LinkedList
-\\$ActionQueueFileName srvrfwd
-\\$ActionResumeRetryCount -1
-\\$ActionQueueSaveOnShutDown on
-#if $getVar("compass_server", "") != ""
-\# *.* @@$compass_server:514
-#else
-\# *.* @@$server:514
-#end if
-
-\# Provides UDP syslog reception
-\#\\$ModLoad imudp
-\#\\$UDPServerRun 514
-
-\# Provides TCP syslog reception
-\\$ModLoad imtcp
-\\$InputTCPServerRun 514
-#set system_name = $getVar('system_name','')
-\\$LocalHostName $system_name
-
-\#\#\#\# GLOBAL DIRECTIVES \#\#\#\##
-
-\# Use default timestamp format
-\\$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
-
-\# File syncing capability is disabled by default. This feature is usually not required,
-\# not useful and an extreme performance hit
-\#\\$ActionFileEnableSync on
-
-\# Include all config files in /etc/rsyslog.d/
-\\$IncludeConfig /etc/rsyslog.d/*.conf
-
-
-\#\#\#\# RULES \#\#\#\##
-
-\# Log anything (except mail) of level info or higher.
-\# Don't log private authentication messages!
-syslog.*,daemon.* /var/log/messages
-
-\# The authpriv file has restricted access.
-authpriv.* /var/log/secure
-
-\# Log all the mail messages in one place.
-mail.* -/var/log/maillog
-
-\# Log cron stuff
-cron.* /var/log/cron
-
-\# Everybody gets emergency messages
-*.emerg *
-
-\# Save news errors of level crit and higher in a special file.
-uucp,news.crit /var/log/spooler
-
-\# Save boot messages also to boot.log
-local7.* /var/log/boot.log
-
-EOL
-
-update-rc.d rsyslog defaults 12 88
+cat << EOL > /etc/rsyslog.conf +\#\#\#\# MODULES \#\#\#\## + +\\$ModLoad imuxsock # provides support for local system logging (e.g. via logger command) +\\$ModLoad imfile + +\\$WorkDirectory /var/spool/rsyslog +\\$ActionQueueType LinkedList +\\$ActionQueueFileName srvrfwd +\\$ActionResumeRetryCount -1 +\\$ActionQueueSaveOnShutDown on +#if $getVar("compass_server", "") != "" +\# *.* @@$compass_server:514 +#else +\# *.* @@$server:514 +#end if + +\# Provides UDP syslog reception +\#\\$ModLoad imudp +\#\\$UDPServerRun 514 + +\# Provides TCP syslog reception +\\$ModLoad imtcp +\\$InputTCPServerRun 514 +#set system_name = $getVar('system_name','') +\\$LocalHostName $system_name + +\#\#\#\# GLOBAL DIRECTIVES \#\#\#\## + +\# Use default timestamp format +\\$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +\# File syncing capability is disabled by default. This feature is usually not required, +\# not useful and an extreme performance hit +\#\\$ActionFileEnableSync on + +\# Include all config files in /etc/rsyslog.d/ +\\$IncludeConfig /etc/rsyslog.d/*.conf + + +\#\#\#\# RULES \#\#\#\## + +\# Log anything (except mail) of level info or higher. +\# Don't log private authentication messages! +syslog.*,daemon.* /var/log/messages + +\# The authpriv file has restricted access. +authpriv.* /var/log/secure + +\# Log all the mail messages in one place. +mail.* -/var/log/maillog + +\# Log cron stuff +cron.* /var/log/cron + +\# Everybody gets emergency messages +*.emerg * + +\# Save news errors of level crit and higher in a special file. +uucp,news.crit /var/log/spooler + +\# Save boot messages also to boot.log +local7.* /var/log/boot.log + +EOL + +update-rc.d rsyslog defaults 12 88 diff --git a/deploy/adapters/cobbler/snippets/preseed_software_ansible b/deploy/adapters/cobbler/snippets/preseed_software_ansible index 744eced6..cde79356 100644 --- a/deploy/adapters/cobbler/snippets/preseed_software_ansible +++ b/deploy/adapters/cobbler/snippets/preseed_software_ansible @@ -1 +1 @@ -d-i pkgsel/include string ntp ssh openssh-server wget vim
+d-i pkgsel/include string ntp ssh openssh-server wget vim diff --git a/deploy/adapters/cobbler/snippets/preseed_software_chef b/deploy/adapters/cobbler/snippets/preseed_software_chef index 65b7a83e..febb68bc 100644 --- a/deploy/adapters/cobbler/snippets/preseed_software_chef +++ b/deploy/adapters/cobbler/snippets/preseed_software_chef @@ -1 +1 @@ -d-i pkgsel/include string ntp ssh wget chef
+d-i pkgsel/include string ntp ssh wget chef diff --git a/deploy/adapters/cobbler/snippets/preseed_ssh b/deploy/adapters/cobbler/snippets/preseed_ssh index 3ec4466b..1a4ff391 100644 --- a/deploy/adapters/cobbler/snippets/preseed_ssh +++ b/deploy/adapters/cobbler/snippets/preseed_ssh @@ -1,36 +1,36 @@ -sed -i 's/PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config
-#set ssh_keys = $getVar("push_ssh_keys", "/root/.ssh/id_rsa.pub")
-#if $ssh_keys != ""
- #set user_name = $getVar("username", "root")
- #if $user_name == "root"
- #set home = "/root"
- #else
- #set home = "/home/%s" % $user_name
- #end if
-mkdir -p $home/.ssh
-
-chmod 700 -R $home/.ssh
- #set $firstline = True
- #for $ssh_key in $ssh_keys.split(',')
- #if not $ssh_key
- #continue
- #end if
- #try
- #set $f = $open($ssh_key)
- #if firstline
-cat << EOF > $home/.ssh/authorized_keys
- #echo $f.read()
-EOF
- #else
-cat << EOF >> $home/.ssh/authorized_keys
- #echo $f.read()
-EOF
- #end if
- #set $firstline = False
- #silent $f.close()
- #except
-# failed to read from $ssh_key
- #end try
- #end for
-chmod 600 $home/.ssh/authorized_keys
-#end if
+sed -i 's/PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config +#set ssh_keys = $getVar("push_ssh_keys", "/root/.ssh/id_rsa.pub") +#if $ssh_keys != "" + #set user_name = $getVar("username", "root") + #if $user_name == "root" + #set home = "/root" + #else + #set home = "/home/%s" % $user_name + #end if +mkdir -p $home/.ssh + +chmod 700 -R $home/.ssh + #set $firstline = True + #for $ssh_key in $ssh_keys.split(',') + #if not $ssh_key + #continue + #end if + #try + #set $f = $open($ssh_key) + #if firstline +cat << EOF > $home/.ssh/authorized_keys + #echo $f.read() +EOF + #else +cat << EOF >> $home/.ssh/authorized_keys + #echo $f.read() +EOF + #end if + #set $firstline = False + #silent $f.close() + #except +# failed to read from $ssh_key + #end try + #end for +chmod 600 $home/.ssh/authorized_keys +#end if diff --git a/deploy/adapters/cobbler/snippets/preseed_sysctl.conf b/deploy/adapters/cobbler/snippets/preseed_sysctl.conf index e2e4c3b3..c227ecfa 100644 --- a/deploy/adapters/cobbler/snippets/preseed_sysctl.conf +++ b/deploy/adapters/cobbler/snippets/preseed_sysctl.conf @@ -1,72 +1,72 @@ -cat << EOF > /etc/sysctl.conf
-#raw
-# Kernel sysctl configuration file for Red Hat Linux
-#
-# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
-# sysctl.conf(5) for more details.
-
-# Controls IP packet forwarding
-net.ipv4.ip_forward = 0
-
-# Controls source route verification
-net.ipv4.conf.default.rp_filter = 1
-
-# Do not accept source routing
-net.ipv4.conf.default.accept_source_route = 0
-
-# Controls the System Request debugging functionality of the kernel
-kernel.sysrq = 0
-
-# Controls whether core dumps will append the PID to the core filename.
-# Useful for debugging multi-threaded applications.
-kernel.core_uses_pid = 1
-
-# Controls the use of TCP syncookies
-net.ipv4.tcp_syncookies = 1
-
-# Controls the default maxmimum size of a mesage queue
-kernel.msgmnb = 65536
-
-# Controls the maximum size of a message, in bytes
-kernel.msgmax = 65536
-
-# Controls the maximum shared segment size, in bytes
-kernel.shmmax = 68719476736
-
-# Controls the maximum number of shared memory segments, in pages
-kernel.shmall = 4294967296
-
-# increase TCP max buffer size settable using setsockopt()
-net.core.rmem_max = 16777216
-net.core.wmem_max = 16777216
-
-# increase Linux autotuning TCP buffer limit
-net.ipv4.tcp_rmem = 4096 87380 16777216
-net.ipv4.tcp_wmem = 4096 65536 16777216
-
-# increase the length of the processor input queue
-net.core.netdev_max_backlog = 30000
-net.ipv4.tcp_max_syn_backlog = 4096
-
-# recommended default congestion control is htcp
-net.ipv4.tcp_congestion_control=htcp
-
-# recommended for hosts with jumbo frames enabled
-net.ipv4.tcp_mtu_probing=1
-
-# increase client parallel connections
-net.ipv4.ip_local_port_range = 15000 61000
-net.ipv4.tcp_fin_timeout=30
-
-# fast cycling of sockets in time_wait state and re-using them
-net.ipv4.tcp_tw_recycle = 1
-net.ipv4.tcp_tw_reuse = 1
-
-# increase the maximum number of requests queued to a listen socket
-net.core.somaxconn = 8192
-
-# avoid caching tcp network transfer statistics
-net.ipv4.route.flush=1
-#end raw
-EOF
-sysctl -p
+cat << EOF > /etc/sysctl.conf +#raw +# Kernel sysctl configuration file for Red Hat Linux +# +# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and +# sysctl.conf(5) for more details. + +# Controls IP packet forwarding +net.ipv4.ip_forward = 0 + +# Controls source route verification +net.ipv4.conf.default.rp_filter = 1 + +# Do not accept source routing +net.ipv4.conf.default.accept_source_route = 0 + +# Controls the System Request debugging functionality of the kernel +kernel.sysrq = 0 + +# Controls whether core dumps will append the PID to the core filename. +# Useful for debugging multi-threaded applications. +kernel.core_uses_pid = 1 + +# Controls the use of TCP syncookies +net.ipv4.tcp_syncookies = 1 + +# Controls the default maxmimum size of a mesage queue +kernel.msgmnb = 65536 + +# Controls the maximum size of a message, in bytes +kernel.msgmax = 65536 + +# Controls the maximum shared segment size, in bytes +kernel.shmmax = 68719476736 + +# Controls the maximum number of shared memory segments, in pages +kernel.shmall = 4294967296 + +# increase TCP max buffer size settable using setsockopt() +net.core.rmem_max = 16777216 +net.core.wmem_max = 16777216 + +# increase Linux autotuning TCP buffer limit +net.ipv4.tcp_rmem = 4096 87380 16777216 +net.ipv4.tcp_wmem = 4096 65536 16777216 + +# increase the length of the processor input queue +net.core.netdev_max_backlog = 30000 +net.ipv4.tcp_max_syn_backlog = 4096 + +# recommended default congestion control is htcp +net.ipv4.tcp_congestion_control=htcp + +# recommended for hosts with jumbo frames enabled +net.ipv4.tcp_mtu_probing=1 + +# increase client parallel connections +net.ipv4.ip_local_port_range = 15000 61000 +net.ipv4.tcp_fin_timeout=30 + +# fast cycling of sockets in time_wait state and re-using them +net.ipv4.tcp_tw_recycle = 1 +net.ipv4.tcp_tw_reuse = 1 + +# increase the maximum number of requests queued to a listen socket +net.core.somaxconn = 8192 + +# avoid caching tcp network transfer statistics +net.ipv4.route.flush=1 +#end raw +EOF +sysctl -p diff --git a/deploy/adapters/cobbler/snippets/proxy.xml b/deploy/adapters/cobbler/snippets/proxy.xml index 52285837..766cbb4c 100644 --- a/deploy/adapters/cobbler/snippets/proxy.xml +++ b/deploy/adapters/cobbler/snippets/proxy.xml @@ -1,9 +1,9 @@ -<proxy>
- <enabled config:type="boolean">true</enabled>
- <ftp_proxy></ftp_proxy>
- <http_proxy>$proxy</http_proxy>
- <https_proxy></https_proxy>
- <no_proxy>localhost, 127.0.0.1</no_proxy>
- <proxy_password></proxy_password>
- <proxy_user></proxy_user>
-</proxy>
+<proxy> + <enabled config:type="boolean">true</enabled> + <ftp_proxy></ftp_proxy> + <http_proxy>$proxy</http_proxy> + <https_proxy></https_proxy> + <no_proxy>localhost, 127.0.0.1</no_proxy> + <proxy_password></proxy_password> + <proxy_user></proxy_user> +</proxy> diff --git a/deploy/adapters/cobbler/snippets/puppet_install_if_enabled b/deploy/adapters/cobbler/snippets/puppet_install_if_enabled index 10ad5112..f554b8de 100644 --- a/deploy/adapters/cobbler/snippets/puppet_install_if_enabled +++ b/deploy/adapters/cobbler/snippets/puppet_install_if_enabled @@ -1,4 +1,4 @@ -#if $str($getVar('puppet_auto_setup','')) == "1"
-puppet
-#end if
-
+#if $str($getVar('puppet_auto_setup','')) == "1" +puppet +#end if + diff --git a/deploy/adapters/cobbler/snippets/puppet_register_if_enabled b/deploy/adapters/cobbler/snippets/puppet_register_if_enabled index f42cc4a3..439345a4 100644 --- a/deploy/adapters/cobbler/snippets/puppet_register_if_enabled +++ b/deploy/adapters/cobbler/snippets/puppet_register_if_enabled @@ -1,15 +1,15 @@ -# start puppet registration
-#if $str($getVar('puppet_auto_setup','')) == "1"
-# generate puppet certificates and trigger a signing request, but
-# don't wait for signing to complete
-#if $int($getVar('puppet_version',2)) >= 3
-/usr/bin/puppet agent --test --waitforcert 0 #echo (($str($getVar('puppet_server','')) != '') and "--server '"+$str($getVar('puppet_server',''))+"'" or '')
-#else
-/usr/sbin/puppetd --test --waitforcert 0 #echo (($str($getVar('puppet_server','')) != '') and "--server '"+$str($getVar('puppet_server',''))+"'" or '')
-#end if
-
-# turn puppet service on for reboot
-/sbin/chkconfig puppet on
-
-#end if
-# end puppet registration
+# start puppet registration +#if $str($getVar('puppet_auto_setup','')) == "1" +# generate puppet certificates and trigger a signing request, but +# don't wait for signing to complete +#if $int($getVar('puppet_version',2)) >= 3 +/usr/bin/puppet agent --test --waitforcert 0 #echo (($str($getVar('puppet_server','')) != '') and "--server '"+$str($getVar('puppet_server',''))+"'" or '') +#else +/usr/sbin/puppetd --test --waitforcert 0 #echo (($str($getVar('puppet_server','')) != '') and "--server '"+$str($getVar('puppet_server',''))+"'" or '') +#end if + +# turn puppet service on for reboot +/sbin/chkconfig puppet on + +#end if +# end puppet registration diff --git a/deploy/adapters/cobbler/snippets/redhat_register b/deploy/adapters/cobbler/snippets/redhat_register index 966e44f8..3ac0d070 100644 --- a/deploy/adapters/cobbler/snippets/redhat_register +++ b/deploy/adapters/cobbler/snippets/redhat_register @@ -1,18 +1,18 @@ -# begin Red Hat management server registration
-#if $redhat_management_type != "off" and $redhat_management_key != ""
-mkdir -p /usr/share/rhn/
- #if $redhat_management_type == "site"
- #set $mycert_file = "RHN-ORG-TRUSTED-SSL-CERT"
- #set $mycert = "/usr/share/rhn/" + $mycert_file
-wget http://$redhat_management_server/pub/RHN-ORG-TRUSTED-SSL-CERT -O $mycert
-perl -npe 's/RHNS-CA-CERT/$mycert_file/g' -i /etc/sysconfig/rhn/*
- #end if
- #if $redhat_management_type == "hosted"
- #set $mycert = "/usr/share/rhn/RHNS-CA-CERT"
- #end if
- #set $endpoint = "https://%s/XMLRPC" % $redhat_management_server
-rhnreg_ks --serverUrl=$endpoint --sslCACert=$mycert --activationkey=$redhat_management_key
-#else
-# not configured to register to any Red Hat management server (ok)
-#end if
-# end Red Hat management server registration
+# begin Red Hat management server registration +#if $redhat_management_type != "off" and $redhat_management_key != "" +mkdir -p /usr/share/rhn/ + #if $redhat_management_type == "site" + #set $mycert_file = "RHN-ORG-TRUSTED-SSL-CERT" + #set $mycert = "/usr/share/rhn/" + $mycert_file +wget http://$redhat_management_server/pub/RHN-ORG-TRUSTED-SSL-CERT -O $mycert +perl -npe 's/RHNS-CA-CERT/$mycert_file/g' -i /etc/sysconfig/rhn/* + #end if + #if $redhat_management_type == "hosted" + #set $mycert = "/usr/share/rhn/RHNS-CA-CERT" + #end if + #set $endpoint = "https://%s/XMLRPC" % $redhat_management_server +rhnreg_ks --serverUrl=$endpoint --sslCACert=$mycert --activationkey=$redhat_management_key +#else +# not configured to register to any Red Hat management server (ok) +#end if +# end Red Hat management server registration diff --git a/deploy/adapters/cobbler/snippets/repo_config.xml b/deploy/adapters/cobbler/snippets/repo_config.xml index b3143346..dbdd5d25 100644 --- a/deploy/adapters/cobbler/snippets/repo_config.xml +++ b/deploy/adapters/cobbler/snippets/repo_config.xml @@ -1,17 +1,17 @@ -# Repository Config
-#set $repo_data = $getVar("repo_data",[])
-#for $repo in $repo_data
-<listentry>
- #if $repo.mirror_locally
- <media_url>http://$http_server/cobbler/repo_mirror/${repo.name}</media_url>
- #else
- <media_url>${repo.mirror}</media_url>
- #end if
- <product>${repo.name}</product>
- <product_dir>/</product_dir>
- <ask_on_error config:type="boolean">false</ask_on_error>
- <name>${repo.name}</name>
-</listentry>
-#end for
-
-
+# Repository Config +#set $repo_data = $getVar("repo_data",[]) +#for $repo in $repo_data +<listentry> + #if $repo.mirror_locally + <media_url>http://$http_server/cobbler/repo_mirror/${repo.name}</media_url> + #else + <media_url>${repo.mirror}</media_url> + #end if + <product>${repo.name}</product> + <product_dir>/</product_dir> + <ask_on_error config:type="boolean">false</ask_on_error> + <name>${repo.name}</name> +</listentry> +#end for + + diff --git a/deploy/adapters/cobbler/snippets/restore_boot_device b/deploy/adapters/cobbler/snippets/restore_boot_device index 5baa801e..1b54e1f4 100644 --- a/deploy/adapters/cobbler/snippets/restore_boot_device +++ b/deploy/adapters/cobbler/snippets/restore_boot_device @@ -1,6 +1,6 @@ -if [ "$os_version" == "sles11" ]; then
- nvsetenv boot-device "$(cat /root/inst-sys/boot-device.bak)"
-elif [ "$os_version" == "fedora17" ]; then
- # must be run from a %post --nochroot section
- nvsetenv boot-device "$(cat /tmp/boot-device.bak)"
-fi
+if [ "$os_version" == "sles11" ]; then + nvsetenv boot-device "$(cat /root/inst-sys/boot-device.bak)" +elif [ "$os_version" == "fedora17" ]; then + # must be run from a %post --nochroot section + nvsetenv boot-device "$(cat /tmp/boot-device.bak)" +fi diff --git a/deploy/adapters/cobbler/snippets/rhn_certificate_based_register b/deploy/adapters/cobbler/snippets/rhn_certificate_based_register index 22c2aa19..29ad1935 100644 --- a/deploy/adapters/cobbler/snippets/rhn_certificate_based_register +++ b/deploy/adapters/cobbler/snippets/rhn_certificate_based_register @@ -1,12 +1,12 @@ -# begin Red Hat Network certificate-based server registration
-#if $redhat_management_type == "cert" and $redhat_register_user != "" and $redhat_register_password != ""
-# Subscribe (register) the system
-subscription-manager register --autosubscribe --username=$redhat_register_user --password=$redhat_register_password
-# Add what used to be called channels
-yum -y install yum-utils
-yum-config-manager --enable rhel-6-server-optional-rpms
-yum-config-manager --enable rhel-6-server-supplementary
-#else
-# not configured to use Certificate-based RHN (ok)
-#end if
-# end Red Hat Network certificate-based server registration
+# begin Red Hat Network certificate-based server registration +#if $redhat_management_type == "cert" and $redhat_register_user != "" and $redhat_register_password != "" +# Subscribe (register) the system +subscription-manager register --autosubscribe --username=$redhat_register_user --password=$redhat_register_password +# Add what used to be called channels +yum -y install yum-utils +yum-config-manager --enable rhel-6-server-optional-rpms +yum-config-manager --enable rhel-6-server-supplementary +#else +# not configured to use Certificate-based RHN (ok) +#end if +# end Red Hat Network certificate-based server registration diff --git a/deploy/adapters/cobbler/snippets/rsyslog.xml b/deploy/adapters/cobbler/snippets/rsyslog.xml index 9267c34d..63eacfee 100644 --- a/deploy/adapters/cobbler/snippets/rsyslog.xml +++ b/deploy/adapters/cobbler/snippets/rsyslog.xml @@ -1,71 +1,71 @@ -<file>
- <file_path>/etc/rsyslog.conf</file_path>
- <file_contents>
-<![CDATA[
-\#\#\#\# MODULES \#\#\#\##
-
-\$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
-\$ModLoad imfile
-
-\$WorkDirectory /var/spool/rsyslog
-\$ActionQueueType LinkedList
-\$ActionQueueFileName srvrfwd
-\$ActionResumeRetryCount -1
-\$ActionQueueSaveOnShutDown on
-#if $getVar("compass_server", "") != ""
-\# *.* @@$compass_server:514
-#else
-\# *.* @@$server:514
-#end if
-
-\# Provides UDP syslog reception
-\#\$ModLoad imudp
-\#\$UDPServerRun 514
-
-\# Provides TCP syslog reception
-\$ModLoad imtcp
-\$InputTCPServerRun 514
-#set system_name = $getVar('system_name','')
-\$LocalHostName $system_name
-
-\#\#\#\# GLOBAL DIRECTIVES \#\#\#\##
-
-\# Use default timestamp format
-\$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
-
-\# File syncing capability is disabled by default. This feature is usually not required,
-\# not useful and an extreme performance hit
-\#\$ActionFileEnableSync on
-
-\# Include all config files in /etc/rsyslog.d/
-\$IncludeConfig /etc/rsyslog.d/*.conf
-
-
-\#\#\#\# RULES \#\#\#\##
-
-\# Log anything (except mail) of level info or higher.
-\# Don't log private authentication messages!
-syslog.*,daemon.* /var/log/messages
-
-\# The authpriv file has restricted access.
-authpriv.* /var/log/secure
-
-\# Log all the mail messages in one place.
-mail.* -/var/log/maillog
-
-\# Log cron stuff
-cron.* /var/log/cron
-
-\# Everybody gets emergency messages
-*.emerg *
-
-\# Save news errors of level crit and higher in a special file.
-uucp,news.crit /var/log/spooler
-
-\# Save boot messages also to boot.log
-local7.* /var/log/boot.log
-]]>
- </file_contents>
- <file_owner>root.root</file_owner>
- <file_permissions>600</file_permissions>
-</file>
+<file> + <file_path>/etc/rsyslog.conf</file_path> + <file_contents> +<![CDATA[ +\#\#\#\# MODULES \#\#\#\## + +\$ModLoad imuxsock # provides support for local system logging (e.g. via logger command) +\$ModLoad imfile + +\$WorkDirectory /var/spool/rsyslog +\$ActionQueueType LinkedList +\$ActionQueueFileName srvrfwd +\$ActionResumeRetryCount -1 +\$ActionQueueSaveOnShutDown on +#if $getVar("compass_server", "") != "" +\# *.* @@$compass_server:514 +#else +\# *.* @@$server:514 +#end if + +\# Provides UDP syslog reception +\#\$ModLoad imudp +\#\$UDPServerRun 514 + +\# Provides TCP syslog reception +\$ModLoad imtcp +\$InputTCPServerRun 514 +#set system_name = $getVar('system_name','') +\$LocalHostName $system_name + +\#\#\#\# GLOBAL DIRECTIVES \#\#\#\## + +\# Use default timestamp format +\$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +\# File syncing capability is disabled by default. This feature is usually not required, +\# not useful and an extreme performance hit +\#\$ActionFileEnableSync on + +\# Include all config files in /etc/rsyslog.d/ +\$IncludeConfig /etc/rsyslog.d/*.conf + + +\#\#\#\# RULES \#\#\#\## + +\# Log anything (except mail) of level info or higher. +\# Don't log private authentication messages! +syslog.*,daemon.* /var/log/messages + +\# The authpriv file has restricted access. +authpriv.* /var/log/secure + +\# Log all the mail messages in one place. +mail.* -/var/log/maillog + +\# Log cron stuff +cron.* /var/log/cron + +\# Everybody gets emergency messages +*.emerg * + +\# Save news errors of level crit and higher in a special file. +uucp,news.crit /var/log/spooler + +\# Save boot messages also to boot.log +local7.* /var/log/boot.log +]]> + </file_contents> + <file_owner>root.root</file_owner> + <file_permissions>600</file_permissions> +</file> diff --git a/deploy/adapters/cobbler/snippets/save_boot_device b/deploy/adapters/cobbler/snippets/save_boot_device index 72f97d2e..2afb63f0 100644 --- a/deploy/adapters/cobbler/snippets/save_boot_device +++ b/deploy/adapters/cobbler/snippets/save_boot_device @@ -1,5 +1,5 @@ -if [ "$os_version" == "sles11" ]; then
- nvram --print-config=boot-device > /root/boot-device.bak
-elif [ "$os_version" == "fedora17" ]; then
- nvram --print-config=boot-device > /tmp/boot-device.bak
-fi
+if [ "$os_version" == "sles11" ]; then + nvram --print-config=boot-device > /root/boot-device.bak +elif [ "$os_version" == "fedora17" ]; then + nvram --print-config=boot-device > /tmp/boot-device.bak +fi diff --git a/deploy/adapters/cobbler/snippets/software_chef.xml b/deploy/adapters/cobbler/snippets/software_chef.xml index 2f732bd4..07677090 100644 --- a/deploy/adapters/cobbler/snippets/software_chef.xml +++ b/deploy/adapters/cobbler/snippets/software_chef.xml @@ -1,2 +1,2 @@ - <package>chef</package>
-
+ <package>chef</package> + diff --git a/deploy/adapters/cobbler/snippets/ssh.xml b/deploy/adapters/cobbler/snippets/ssh.xml index 58ad98b9..96fe8bb0 100644 --- a/deploy/adapters/cobbler/snippets/ssh.xml +++ b/deploy/adapters/cobbler/snippets/ssh.xml @@ -1,46 +1,46 @@ -#set ssh_keys = $getVar("push_ssh_keys", "/root/.ssh/id_rsa.pub")
-#if $ssh_keys != ""
- #set user_name = $getVar("username", "root")
- #if $user_name == "root"
- #set home = "/root"
- #else
- #set home = "/home/%s" % $user_name
- #end if
-<file>
- <file_path>$home/.ssh/authorized_keys</file_path>
- <file_owner>${user_name}.${user_name}</file_owner>
- <file_permissions>600</file_permissions>
- <file_script>
- <interpreter>shell</interpreter>
- <source>
-<![CDATA[
-\#!/bin/bash
-mkdir -p $home/.ssh
-chmod 700 -R $home/.ssh
- #set $firstline = True
- #for $ssh_key in $ssh_keys.split(',')
- #if not $ssh_key
- #continue
- #end if
- #try
- #set f = $open($ssh_key)
- #if $firstline
-cat << EOL > $home/.ssh/authorized_keys
- #echo $f.read()
-EOL
- #else
-cat << EOL >> $home/.ssh/authorized_keys
- #echo $f.read()
-EOL
- #end if
- #set $firstline = False
- #silent $f.close()
- #except
-# failed to read from $ssh_key
- #end try
- #end for
-]]>
- </source>
- </file_script>
-</file>
-#end if
+#set ssh_keys = $getVar("push_ssh_keys", "/root/.ssh/id_rsa.pub") +#if $ssh_keys != "" + #set user_name = $getVar("username", "root") + #if $user_name == "root" + #set home = "/root" + #else + #set home = "/home/%s" % $user_name + #end if +<file> + <file_path>$home/.ssh/authorized_keys</file_path> + <file_owner>${user_name}.${user_name}</file_owner> + <file_permissions>600</file_permissions> + <file_script> + <interpreter>shell</interpreter> + <source> +<![CDATA[ +\#!/bin/bash +mkdir -p $home/.ssh +chmod 700 -R $home/.ssh + #set $firstline = True + #for $ssh_key in $ssh_keys.split(',') + #if not $ssh_key + #continue + #end if + #try + #set f = $open($ssh_key) + #if $firstline +cat << EOL > $home/.ssh/authorized_keys + #echo $f.read() +EOL + #else +cat << EOL >> $home/.ssh/authorized_keys + #echo $f.read() +EOL + #end if + #set $firstline = False + #silent $f.close() + #except +# failed to read from $ssh_key + #end try + #end for +]]> + </source> + </file_script> +</file> +#end if diff --git a/deploy/adapters/cobbler/snippets/sshd.xml b/deploy/adapters/cobbler/snippets/sshd.xml index 4eb97e32..91d56f21 100644 --- a/deploy/adapters/cobbler/snippets/sshd.xml +++ b/deploy/adapters/cobbler/snippets/sshd.xml @@ -1,142 +1,142 @@ -<file>
- <file_path>/etc/ssh/sshd_config</file_path>
- <file_contents>
-<![CDATA[
-#raw
-# The strategy used for options in the default sshd_config shipped with
-# OpenSSH is to specify options with their default value where
-# possible, but leave them commented. Uncommented options override the
-# default value.
-
-#Port 22
-#AddressFamily any
-#ListenAddress 0.0.0.0
-#ListenAddress ::
-
-# The default requires explicit activation of protocol 1
-#Protocol 2
-
-# HostKey for protocol version 1
-#HostKey /etc/ssh/ssh_host_key
-# HostKeys for protocol version 2
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_dsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-
-# Lifetime and size of ephemeral version 1 server key
-#KeyRegenerationInterval 1h
-#ServerKeyBits 1024
-
-# Logging
-# obsoletes QuietMode and FascistLogging
-#SyslogFacility AUTH
-#LogLevel INFO
-
-# Authentication:
-
-#LoginGraceTime 2m
-#PermitRootLogin yes
-#StrictModes yes
-#MaxAuthTries 6
-#MaxSessions 10
-
-RSAAuthentication yes
-PubkeyAuthentication yes
-
-# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
-# but this is overridden so installations will only check .ssh/authorized_keys
-AuthorizedKeysFile .ssh/authorized_keys
-
-#AuthorizedPrincipalsFile none
-
-#AuthorizedKeysCommand none
-#AuthorizedKeysCommandUser nobody
-
-# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#RhostsRSAAuthentication no
-# similar for protocol version 2
-#HostbasedAuthentication no
-# Change to yes if you don't trust ~/.ssh/known_hosts for
-# RhostsRSAAuthentication and HostbasedAuthentication
-#IgnoreUserKnownHosts no
-# Don't read the user's ~/.rhosts and ~/.shosts files
-#IgnoreRhosts yes
-
-# To disable tunneled clear text passwords, change to no here!
-PasswordAuthentication yes
-#PermitEmptyPasswords no
-
-# Change to no to disable s/key passwords
-#ChallengeResponseAuthentication yes
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-#KerberosGetAFSToken no
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-
-# Set this to 'yes' to enable support for the deprecated 'gssapi' authentication
-# mechanism to OpenSSH 3.8p1. The newer 'gssapi-with-mic' mechanism is included
-# in this release. The use of 'gssapi' is deprecated due to the presence of
-# potential man-in-the-middle attacks, which 'gssapi-with-mic' is not susceptible to.
-#GSSAPIEnableMITMAttack no
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
-# PasswordAuthentication. Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
-# the setting of "PermitRootLogin without-password".
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
-UsePAM yes
-
-#AllowAgentForwarding yes
-#AllowTcpForwarding yes
-#GatewayPorts no
-X11Forwarding yes
-#X11DisplayOffset 10
-#X11UseLocalhost yes
-#PrintMotd yes
-#PrintLastLog yes
-#TCPKeepAlive yes
-#UseLogin no
-UsePrivilegeSeparation sandbox # Default for new installations.
-#PermitUserEnvironment no
-#Compression delayed
-#ClientAliveInterval 0
-#ClientAliveCountMax 3
-#UseDNS yes
-#PidFile /run/sshd.pid
-#MaxStartups 10:30:100
-#PermitTunnel no
-#ChrootDirectory none
-#VersionAddendum none
-
-# no default banner path
-#Banner none
-
-# override default of no subsystems
-Subsystem sftp /usr/lib/ssh/sftp-server
-
-# This enables accepting locale enviroment variables LC_* LANG, see sshd_config(5).
-AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
-AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
-AcceptEnv LC_IDENTIFICATION LC_ALL
-
-# Example of overriding settings on a per-user basis
-#Match User anoncvs
-# X11Forwarding no
-# AllowTcpForwarding no
-# ForceCommand cvs server
-#end raw
-]]>
- </file_contents>
- <file_owner>root.root</file_owner>
- <file_permissions>640</file_permissions>
-</file>
+<file> + <file_path>/etc/ssh/sshd_config</file_path> + <file_contents> +<![CDATA[ +#raw +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +# The default requires explicit activation of protocol 1 +#Protocol 2 + +# HostKey for protocol version 1 +#HostKey /etc/ssh/ssh_host_key +# HostKeys for protocol version 2 +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_dsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key + +# Lifetime and size of ephemeral version 1 server key +#KeyRegenerationInterval 1h +#ServerKeyBits 1024 + +# Logging +# obsoletes QuietMode and FascistLogging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +#PermitRootLogin yes +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +RSAAuthentication yes +PubkeyAuthentication yes + +# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 +# but this is overridden so installations will only check .ssh/authorized_keys +AuthorizedKeysFile .ssh/authorized_keys + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#RhostsRSAAuthentication no +# similar for protocol version 2 +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# RhostsRSAAuthentication and HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +PasswordAuthentication yes +#PermitEmptyPasswords no + +# Change to no to disable s/key passwords +#ChallengeResponseAuthentication yes + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes + +# Set this to 'yes' to enable support for the deprecated 'gssapi' authentication +# mechanism to OpenSSH 3.8p1. The newer 'gssapi-with-mic' mechanism is included +# in this release. The use of 'gssapi' is deprecated due to the presence of +# potential man-in-the-middle attacks, which 'gssapi-with-mic' is not susceptible to. +#GSSAPIEnableMITMAttack no + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PrintMotd yes +#PrintLastLog yes +#TCPKeepAlive yes +#UseLogin no +UsePrivilegeSeparation sandbox # Default for new installations. +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS yes +#PidFile /run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# override default of no subsystems +Subsystem sftp /usr/lib/ssh/sftp-server + +# This enables accepting locale enviroment variables LC_* LANG, see sshd_config(5). +AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES +AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT +AcceptEnv LC_IDENTIFICATION LC_ALL + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# ForceCommand cvs server +#end raw +]]> + </file_contents> + <file_owner>root.root</file_owner> + <file_permissions>640</file_permissions> +</file> diff --git a/deploy/adapters/cobbler/triggers/sync/post/migrate_ks.py b/deploy/adapters/cobbler/triggers/sync/post/migrate_ks.py index ac30c532..9ef8a26c 100644 --- a/deploy/adapters/cobbler/triggers/sync/post/migrate_ks.py +++ b/deploy/adapters/cobbler/triggers/sync/post/migrate_ks.py @@ -1,29 +1,29 @@ -#!/usr/bin/python
-"""script to migrate rendered kickstart files from cobbler to outside."""
-import logging
-
-from cobbler import api
-
-
-def main():
- """main entry"""
- cobbler_api = api.BootAPI()
- for system in cobbler_api.systems():
- cobbler_api.kickgen.generate_kickstart_for_system(system.name)
- try:
- with open(
- '/var/www/cblr_ks/%s' % system.name, 'w'
- ) as kickstart_file:
- logging.info("Migrating kickstart for %s", system.name)
- data = cobbler_api.kickgen.generate_kickstart_for_system(
- system.name)
- kickstart_file.write(data)
- except Exception as error:
- logging.error("Directory /var/www/cblr_ks/ does not exist.")
- logging.exception(error)
- raise error
-
-
-if __name__ == '__main__':
- logging.info("Running kickstart migration")
- main()
+#!/usr/bin/python +"""script to migrate rendered kickstart files from cobbler to outside.""" +import logging + +from cobbler import api + + +def main(): + """main entry""" + cobbler_api = api.BootAPI() + for system in cobbler_api.systems(): + cobbler_api.kickgen.generate_kickstart_for_system(system.name) + try: + with open( + '/var/www/cblr_ks/%s' % system.name, 'w' + ) as kickstart_file: + logging.info("Migrating kickstart for %s", system.name) + data = cobbler_api.kickgen.generate_kickstart_for_system( + system.name) + kickstart_file.write(data) + except Exception as error: + logging.error("Directory /var/www/cblr_ks/ does not exist.") + logging.exception(error) + raise error + + +if __name__ == '__main__': + logging.info("Running kickstart migration") + main() |