Last active
January 2, 2018 16:44
-
-
Save JosiahKerley/050825601b97f9012945dd5c9e953474 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Onboard SD Card is --------> /dev/disk/by-path/pci-0000:00:1d.0-usb-0:1.3.1:1.0-scsi-0:0:0:0 | |
## Leftmost disk is ----------> /dev/disk/by-path/pci-0000:00:1f.2-ata-1.0 | |
## Center-leftmost disk is ---> /dev/disk/by-path/pci-0000:00:1f.2-ata-1.1 | |
## Center-rightmost disk is --> /dev/disk/by-path/pci-0000:00:1f.2-ata-2.0 | |
## Rightmost disk is ---------> /dev/disk/by-path/pci-0000:00:1f.2-ata-2.1 | |
auth --enableshadow --passalgo=sha512 | |
url --url=http://mirror.centos.org/centos/7/os/x86_64/ | |
#url --url=http://192.168.1.254:8080/CentOS-7-x86_64-Everything-1708.iso | |
repo --name="epel" --baseurl=http://download.fedoraproject.org/pub/epel/7/x86_64 | |
repo --name="mariadb" --baseurl=http://yum.mariadb.org/10.1/centos7-amd64 | |
repo --name="gluster" --baseurl=http://mirror.centos.org/centos/7/storage/x86_64/gluster-3.13 | |
repo --name="bareos" --baseurl=http://download.bareos.org/bareos/release/latest/RHEL_7 | |
text | |
firstboot --enable | |
keyboard --vckeymap=us --xlayouts='us' | |
lang en_US.UTF-8 | |
rootpw --iscrypted $1$changeme$Gc5uJM96SM5XUZNUcieKS/ | |
services --enabled="chronyd" | |
timezone America/Denver --isUtc | |
reboot | |
## Networking | |
network --bootproto=dhcp --device=bond0 --ipv6=auto --bondslaves=eno1,eno2 --bondopts=miimon=1,updelay=0,downdelay=0,mode=balance-rr --no-activate | |
network --hostname=nas.kerley.io | |
## Raid | |
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=/dev/disk/by-path/pci-0000:00:1f.2-ata-1.0 | |
clearpart --all | |
part /boot --fstype="ext3" --size=512 | |
part biosboot --fstype="biosboot" --size=2 | |
part raid.1 --fstype="mdmember" --ondisk=/dev/disk/by-path/pci-0000:00:1f.2-ata-1.0 --size=16384 --grow | |
part raid.2 --fstype="mdmember" --ondisk=/dev/disk/by-path/pci-0000:00:1f.2-ata-1.1 --size=16384 --grow | |
part raid.3 --fstype="mdmember" --ondisk=/dev/disk/by-path/pci-0000:00:1f.2-ata-2.0 --size=16384 --grow | |
part raid.4 --fstype="mdmember" --ondisk=/dev/disk/by-path/pci-0000:00:1f.2-ata-2.1 --size=16384 --grow | |
raid pv.1 --fstype="lvmpv" --device=pv00 --level=RAID6 --chunksize=512 raid.1 raid.2 raid.3 raid.4 | |
volgroup raid pv.1 | |
logvol none --fstype="None" --size=16384 --thinpool --name=raidpool --vgname=raid --grow | |
logvol / --fstype="xfs" --size=16000 --thin --poolname=raidpool --name=root --vgname=raid | |
logvol /var --fstype="xfs" --percent=10 --thin --poolname=raidpool --name=var --vgname=raid | |
## Packages | |
%packages | |
@^minimal | |
@core | |
chrony | |
kexec-tools | |
tmux | |
nano | |
vim | |
iftop | |
htop | |
iotop | |
wget | |
bash | |
tree | |
python-pip | |
xz | |
aria2 | |
parallel | |
ansible | |
nmap | |
iperf3 | |
deltarpm | |
inotify-tools | |
yum-utils | |
MariaDB-server | |
MariaDB-shared | |
MariaDB-backup | |
MariaDB-compat | |
MariaDB-connect-engine | |
MariaDB-cracklib-password-check | |
MariaDB-devel | |
MariaDB-gssapi-client | |
MariaDB-gssapi-server | |
MariaDB-oqgraph-engine | |
MariaDB-test | |
xinetd | |
percona-xtrabackup | |
percona-xtrabackup-test | |
rsync | |
lsof | |
socat | |
jemalloc | |
MySQL-python | |
xfsprogs | |
mdadm | |
glusterfs-coreutils | |
glusterfs-geo-replication | |
glusterfs-resource-agents | |
pcs | |
ipmitool | |
pacemaker | |
resource-agents | |
fence-agents-all | |
pacemaker-remote | |
pacemaker-nagios-plugins-metadata | |
libvirt | |
libvirt-python | |
libguestfs-tools | |
libguestfs-xfs | |
httpd | |
php | |
php-cli | |
php-common | |
syslinux-tftpboot | |
syslinux | |
dnsmasq | |
p7zip | |
nginx | |
createrepo | |
python-crypto | |
libselinux-python | |
python-yaml | |
bareos-client | |
bareos-database-mysql | |
bareos-director | |
bareos-director-python-plugin | |
bareos-webui | |
bareos-filedaemon | |
bareos-storage-fifo | |
bareos-storage-glusterfs | |
bareos-storage-python-plugin | |
bareos-storage-tape | |
%end | |
%addon com_redhat_kdump --enable --reserve-mb='auto' | |
%end | |
## Anaconda | |
%anaconda | |
pwpolicy root --minlen=6 --minquality=50 --notstrict --nochanges --notempty | |
pwpolicy user --minlen=6 --minquality=50 --notstrict --nochanges --notempty | |
pwpolicy luks --minlen=6 --minquality=50 --notstrict --nochanges --notempty | |
%end | |
##-->Post scripts<--## | |
%post | |
## Add password checker | |
cat > /etc/profile.d/passwdcheck.sh << 'BASH' | |
#!/bin/bash | |
if cat /etc/shadow | grep -E 'changeme' | |
then | |
echo 'CHANGE YOUR PASSWORD!!!' | |
sleep 5 | |
echo 'run `echo YOURPASSWORDHERE|passwd --stdin`' | |
else | |
rm -f /etc/profile.d/passwdcheck.sh | |
fi | |
BASH | |
cat >> /etc/profile.d/disks.sh << 'BASH' | |
function disk-health(){ | |
cat /var/log/smart.status | |
} | |
BASH | |
## Install webmin - http://www.webmin.com/rpm.html | |
cat > /opt/bootstrap-webmin.sh << BASH | |
#!/bin/bash | |
yum install -y perl perl-Net-SSLeay openssl perl-IO-Tty | |
yum install -y http://prdownloads.sourceforge.net/webadmin/webmin-1.870-1.noarch.rpm | |
chkconfig webmin on | |
service webmin start | |
firewall-cmd --add-port=10000/tcp --permanent | |
BASH | |
## Setup scripts | |
chmod +x /opt/*.sh /etc/profile.d/* | |
#bash /opt/*.sh | |
## Keys | |
mkdir -m 0700 /root/.ssh/ | |
cat <<EOF >/root/.ssh/authorized_keys | |
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZ6Ubo++mO7+alt9gS4p5iOZ4n8IxvSiRxQhBCOg2/A7Lg8YrdWzGH2Y2ljApZoYSsn6EvU0++4NwEOfDUFJ+qHIO2LFMSwxC5WWTY2cbAAS01qjQ021mmKDxhrfouOF/gBfs0hAsyr7VLyxwZfi77ztD1TEYno41SAXC52AkSjZlRCUCdmg98506XQ097hj+UE/Spi24tQodrIeD/AskIoOsu/Nk1Z1JgM4Q9QL+8SRAFR/CBdii/XFg6EQUiteljfq0L2/taBG2qSz0QN6bXz3DoSMUGEWD5EBQmPrEmEoUnn6HKT0oxIHmHFA4zExI30Khm6SLRm/r9dXCcnDL7 | |
EOF | |
chmod 0600 /root/.ssh/authorized_keys | |
restorecon -R /root/.ssh/ | |
## Cron jobs | |
cat > /etc/cron.d/smart.cron << 'CRON' | |
@hourly root "rm -rf /var/log/smart.status; for i in `lsblk | awk '/disk/{print $1}'`; do if ! smartctl -H /dev/${i} | grep PASSED > /dev/null; then echo /dev/${i} is unhealthy > /var/log/smart.status; fi; done" | |
CRON | |
## Setup grub | |
sed -i 's/quiet/net.ifnames=0 console=ttyS1 quiet/g' /etc/default/grub | |
grub2-mkconfig -o /boot/grub2/grub.cfg && touch /boot/.grub-setup.flag | |
## Update | |
yum update -y | |
package-cleanup --oldkernels --count=1 | |
%end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment