diff --git a/centos-bareon/README.rst b/centos-bareon/README.rst
new file mode 100644
index 0000000..d80d5c9
--- /dev/null
+++ b/centos-bareon/README.rst
@@ -0,0 +1,4 @@
+======
+bareon
+======
+Builds a ramdisk with bareon. Centos element as OS is mandatory.
diff --git a/centos-bareon/cleanup.d/10-remove-repos b/centos-bareon/cleanup.d/10-remove-repos
new file mode 100755
index 0000000..14e4cab
--- /dev/null
+++ b/centos-bareon/cleanup.d/10-remove-repos
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
+    set -x
+fi
+
+set -e
+
+[[ -n "$TARGET_ROOT" ]] || exit 1
+
+sudo rm -f $TARGET_ROOT/etc/yum.repos.d/var_*.repo
+sudo rm -rf $TARGET_ROOT/var/cache/yum/*
diff --git a/centos-bareon/cleanup.d/99-ramdisk-create b/centos-bareon/cleanup.d/99-ramdisk-create
new file mode 100755
index 0000000..a13f949
--- /dev/null
+++ b/centos-bareon/cleanup.d/99-ramdisk-create
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -e
+set -o pipefail
+
+
+[ -n "$TARGET_ROOT" ]
+
+source $_LIB/img-functions
+
+IMAGE_PATH=$(readlink -f $IMAGE_NAME)
+cd $TARGET_ROOT
+
+echo "#disabled" > ./tmp/fstab.new
+sudo mv ./tmp/fstab.new ./etc/fstab
+sudo ln -s ./sbin/init ./
+
+
+if [ ! -n ${DIB_MAKE_SQUASHFS-""} ] ; then
+    sudo find . -path './sys/*' -prune -o -path './proc/*' -prune -o -path './dev/*' -prune -o -path './tmp/*' -prune -o -path './usr/share/icons/*' -prune -o -path './usr/share/locale/*' -prune -o -print | sudo cpio -o -H newc | gzip > ${IMAGE_PATH}.initramfs
+
+    select_boot_kernel_initrd $TARGET_ROOT
+    sudo cp $BOOTDIR/$KERNEL ${IMAGE_PATH}.vmlinuz
+else
+    wget http://mirror.centos.org/centos/7/os/x86_64/images/pxeboot/initrd.img -O ${IMAGE_PATH}.initramfs
+    wget http://mirror.centos.org/centos/7/os/x86_64/images/pxeboot/vmlinuz -O ${IMAGE_PATH}.vmlinuz
+
+    sudo rm -f ./boot/initrd*
+    sudo rm -f ./boot/vmlinuz*
+
+    mkdir -p $TMP_BUILD_DIR/workdir/LiveOS
+    cp $TMP_IMAGE_PATH $TMP_BUILD_DIR/workdir/LiveOS/ext3fs.img
+    sudo mksquashfs $TMP_BUILD_DIR/workdir/ ${IMAGE_PATH}.squashfs
+fi
+
diff --git a/centos-bareon/element-deps b/centos-bareon/element-deps
new file mode 100644
index 0000000..d7b7e04
--- /dev/null
+++ b/centos-bareon/element-deps
@@ -0,0 +1,2 @@
+package-installs
+
diff --git a/centos-bareon/element-provides b/centos-bareon/element-provides
new file mode 100644
index 0000000..d28ec9b
--- /dev/null
+++ b/centos-bareon/element-provides
@@ -0,0 +1 @@
+bareon
diff --git a/centos-bareon/install.d/60-bareon-install b/centos-bareon/install.d/60-bareon-install
new file mode 100755
index 0000000..6df323c
--- /dev/null
+++ b/centos-bareon/install.d/60-bareon-install
@@ -0,0 +1,44 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+RELEASE_FILE=/etc/bareon-release
+
+SCRIPTDIR=$(dirname $0)
+install-packages python-setuptools python-pip python-dev
+
+if [ -n ${BAREON_SRC-""} ] ; then
+    cd /tmp/bareon
+    pip install --upgrade setuptools
+    pip install -r requirements.txt && python setup.py install
+
+    pip freeze | grep bareon > $RELEASE_FILE
+    echo "Source-based bareon installation. Git log:" >> $RELEASE_FILE
+    cat changelog >> $RELEASE_FILE
+
+    cd /
+else
+    install-packages bareon
+
+    pip freeze | grep bareon > $RELEASE_FILE
+    echo "RPM-based bareon installation. RPM info:" >> $RELEASE_FILE
+    rpm -qi bareon >> $RELEASE_FILE
+fi
+
+if [ ! -f /usr/bin/ironic_callback ]; then
+    ln -s /usr/local/bin/ironic_callback /usr/bin/ironic_callback
+fi
+
+# TODO(lobur): generate this key and publish together with image
+install -D -g root -o root -m 0600 ${SCRIPTDIR}/files.ironic/root/.ssh/authorized_keys /root/.ssh/authorized_keys
+chmod 0700 /root/.ssh/
+install -D -g root -o root -m 0600 ${SCRIPTDIR}/files.ironic/etc/ssh/sshd_config /etc/ssh/sshd_config
+install -D -g root -o root -m 0664 ${SCRIPTDIR}/files.ironic/etc/network /etc/sysconfig/network
+install -D -g root -o root -m 0755 ${SCRIPTDIR}/files.ironic/usr/lib/systemd/system/ironic-callback.service /usr/lib/systemd/system/ironic-callback.service
+install -D -g root -o root -m 0755 ${SCRIPTDIR}/files.ironic/etc/bareon/bareon.conf /etc/bareon/bareon.conf
+
+systemctl enable ironic-callback.service
diff --git a/centos-bareon/install.d/files.ironic/etc/bareon/bareon.conf b/centos-bareon/install.d/files.ironic/etc/bareon/bareon.conf
new file mode 100644
index 0000000..154d9c5
--- /dev/null
+++ b/centos-bareon/install.d/files.ironic/etc/bareon/bareon.conf
@@ -0,0 +1,211 @@
+[DEFAULT]
+
+#
+# Options defined in bareon.manager
+#
+
+# Data driver (string value)
+#data_driver=nailgun
+
+# Directory where the image is supposed to be built (string
+# value)
+#image_build_dir=/tmp
+
+# Path to directory with cloud init templates (string value)
+#nc_template_path=/usr/share/bareon/cloud-init-templates
+
+# Temporary directory for file manipulations (string value)
+#tmp_path=/tmp
+
+# Path where to store generated config drive image (string
+# value)
+#config_drive_path=/tmp/config-drive.img
+
+# Path where to store actual rules for udev daemon (string
+# value)
+#udev_rules_dir=/etc/udev/rules.d
+
+# Path where to store default rules for udev daemon (string
+# value)
+#udev_rules_lib_dir=/lib/udev/rules.d
+
+# Substring to which file extension .rules be renamed (string
+# value)
+#udev_rename_substr=.renamedrule
+
+# Correct empty rule for udev daemon (string value)
+#udev_empty_rule=empty_rule
+
+# Suffix which is used while creating temporary files (string
+# value)
+#image_build_suffix=.bareon-image
+
+# Timeout in secs for GRUB (integer value)
+#grub_timeout=5
+
+# Maximum allowed loop devices count to use (integer value)
+#max_loop_devices_count=255
+
+# Size of sparse file in MiBs (integer value)
+#sparse_file_size=8192
+
+# System-wide major number for loop device (integer value)
+#loop_device_major_number=7
+
+# Maximum allowed debootstrap/apt-get attempts to execute
+# (integer value)
+#fetch_packages_attempts=10
+
+# File where to store apt setting for unsigned packages
+# (string value)
+#allow_unsigned_file=allow_unsigned_packages
+
+# File where to store apt setting for forcing IPv4 usage
+# (string value)
+#force_ipv4_file=force_ipv4
+
+# Create configdrive file, use pre-builded if set to False
+# (boolean value)
+prepare_configdrive=false
+
+# Add udev rules for NIC remapping (boolean value)
+fix_udev_net_rules=true
+
+
+#
+# Options defined in bareon.cmd.agent
+#
+
+# Input data file (string value)
+#input_data_file=/tmp/provision.json
+
+# Input data (json string) (string value)
+#input_data=
+
+
+#
+# Options defined in bareon.openstack.common.log
+#
+
+# Print debugging output (set logging level to DEBUG instead
+# of default WARNING level). (boolean value)
+debug=true
+
+# Print more verbose output (set logging level to INFO instead
+# of default WARNING level). (boolean value)
+#verbose=false
+
+# Log output to standard error. (boolean value)
+use_stderr=false
+
+# Format string to use for log messages with context. (string
+# value)
+#logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
+
+# Format string to use for log messages without context.
+# (string value)
+#logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
+
+# Data to append to log format when level is DEBUG. (string
+# value)
+logging_debug_format_suffix=
+
+# Prefix each line of exception output with this format.
+# (string value)
+#logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s
+
+# List of logger=LEVEL pairs. (list value)
+#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN
+
+# Enables or disables publication of error events. (boolean
+# value)
+#publish_errors=false
+
+# Enables or disables fatal status of deprecations. (boolean
+# value)
+#fatal_deprecations=false
+
+# The format for an instance that is passed with the log
+# message.  (string value)
+#instance_format="[instance: %(uuid)s] "
+
+# The format for an instance UUID that is passed with the log
+# message.  (string value)
+#instance_uuid_format="[instance: %(uuid)s] "
+
+# The name of a logging configuration file. This file is
+# appended to any existing logging configuration files. For
+# details about logging configuration files, see the Python
+# logging module documentation. (string value)
+# Deprecated group/name - [DEFAULT]/log_config
+#log_config_append=<None>
+
+# DEPRECATED. A logging.Formatter log message format string
+# which may use any of the available logging.LogRecord
+# attributes. This option is deprecated.  Please use
+# logging_context_format_string and
+# logging_default_format_string instead. (string value)
+#log_format=<None>
+
+# Format string for %%(asctime)s in log records. Default:
+# %(default)s . (string value)
+#log_date_format=%Y-%m-%d %H:%M:%S
+
+# (Optional) Name of log file to output to. If no default is
+# set, logging will go to stdout. (string value)
+# Deprecated group/name - [DEFAULT]/logfile
+log_file=/var/log/bareon.log
+
+# (Optional) The base directory used for relative --log-file
+# paths. (string value)
+# Deprecated group/name - [DEFAULT]/logdir
+#log_dir=<None>
+
+# Use syslog for logging. Existing syslog format is DEPRECATED
+# during I, and will change in J to honor RFC5424. (boolean
+# value)
+#use_syslog=false
+
+# (Optional) Enables or disables syslog rfc5424 format for
+# logging. If enabled, prefixes the MSG part of the syslog
+# message with APP-NAME (RFC5424). The format without the APP-
+# NAME is deprecated in I, and will be removed in J. (boolean
+# value)
+#use_syslog_rfc_format=false
+
+# Syslog facility to receive log lines. (string value)
+#syslog_log_facility=LOG_USER
+
+
+#
+# Options defined in bareon.utils.artifact
+#
+
+# Size of data chunk to operate with images (integer value)
+#data_chunk_size=1048576
+
+
+#
+# Options defined in bareon.utils.utils
+#
+
+# Maximum retries count for http requests. 0 means infinite
+# (integer value)
+#http_max_retries=30
+
+# Http request timeout in seconds (floating point value)
+#http_request_timeout=10.0
+
+# Delay in seconds before the next http request retry
+# (floating point value)
+#http_retry_delay=2.0
+
+# Block size of data to read for calculating checksum (integer
+# value)
+#read_chunk_size=1048576
+
+# Delay in seconds before the next exectuion will retry
+# (floating point value)
+#execute_retry_delay=2.0
+
+
diff --git a/centos-bareon/install.d/files.ironic/etc/network b/centos-bareon/install.d/files.ironic/etc/network
new file mode 100644
index 0000000..86ac14e
--- /dev/null
+++ b/centos-bareon/install.d/files.ironic/etc/network
@@ -0,0 +1,3 @@
+NETWORKING=yes
+HOSTNAME=bootstrap
+VLAN=yes
diff --git a/centos-bareon/install.d/files.ironic/etc/ssh/sshd_config b/centos-bareon/install.d/files.ironic/etc/ssh/sshd_config
new file mode 100644
index 0000000..3f34e9d
--- /dev/null
+++ b/centos-bareon/install.d/files.ironic/etc/ssh/sshd_config
@@ -0,0 +1,20 @@
+Protocol 2
+SyslogFacility AUTHPRIV
+PasswordAuthentication no
+PubkeyAuthentication yes
+ChallengeResponseAuthentication no
+GSSAPIAuthentication no
+UsePAM yes
+UseDNS no
+
+# Accept locale-related environment variables
+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
+AcceptEnv XMODIFIERS
+
+Subsystem sftp /usr/libexec/openssh/sftp-server
+
+# Secure Ciphers and MACs
+Ciphers aes256-ctr,aes192-ctr,aes128-ctr,arcfour256,arcfour128
+MACs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,hmac-sha1
diff --git a/centos-bareon/install.d/files.ironic/root/.ssh/authorized_keys b/centos-bareon/install.d/files.ironic/root/.ssh/authorized_keys
new file mode 100644
index 0000000..4a91b0c
--- /dev/null
+++ b/centos-bareon/install.d/files.ironic/root/.ssh/authorized_keys
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDtrVTSM8tGd4E8khJn2gfN/2fymnX/0YKAGSVZTWDNIcYL5zXTlSwrccn/8EgmnNsJNxucJRT+oWqrDGaFaehuwlY/IBqm50KJVaUr5QYzOUpqVpFIpoX3UwETCxcSB1LiQYbCvrJcqOPQ4Zu9fMhMGKaAX1ohzOumn4czuLDYIvCnPnoU5RDWt7g1GaFFlzGU3JFooj7/aWFJMqJLinvay3vr2vFpBvO1y29nKu+zgpZkzzJCc0ndoVqvB+W9DY6QtgTSWfd3ZE/8vg4h8QV8H+xxqL/uWCxDkv2Y3rviAHivR/V+1YCSQH0NBJrNSkRjd+1roLhcEGT7/YEnbgVV nailgun@bootstrap
diff --git a/centos-bareon/install.d/files.ironic/usr/lib/systemd/system/ironic-callback.service b/centos-bareon/install.d/files.ironic/usr/lib/systemd/system/ironic-callback.service
new file mode 100644
index 0000000..dbe1000
--- /dev/null
+++ b/centos-bareon/install.d/files.ironic/usr/lib/systemd/system/ironic-callback.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Ironic Callback
+Requires=sshd.service
+Wants=network-online.target
+After=network-online.target sshd.service
+
+[Service]
+Type=oneshot
+User=root
+ExecStart=/usr/bin/bareon-ironic-callback
+
+[Install]
+WantedBy=multi-user.target
diff --git a/centos-bareon/package-installs.yaml b/centos-bareon/package-installs.yaml
new file mode 100644
index 0000000..465c69a
--- /dev/null
+++ b/centos-bareon/package-installs.yaml
@@ -0,0 +1,21 @@
+curl:
+dhclient:
+policycoreutils:
+selinux-policy:
+selinux-policy-targeted:
+setroubleshoot:
+openssh-server:
+openssh-client:
+qemu-utils:
+parted:
+hdparm:
+util-linux:
+gcc:
+lvm2:
+e2fsprogs:
+xfsprogs:
+btrfs-progs:
+dosfstools:
+rsync:
+grub2:
+
diff --git a/centos-bareon/pkg-map b/centos-bareon/pkg-map
new file mode 100644
index 0000000..2c63c08
--- /dev/null
+++ b/centos-bareon/pkg-map
@@ -0,0 +1,2 @@
+{
+}
diff --git a/centos-bareon/post-install.d/10-disable-selinux b/centos-bareon/post-install.d/10-disable-selinux
new file mode 100755
index 0000000..7aecb11
--- /dev/null
+++ b/centos-bareon/post-install.d/10-disable-selinux
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
+    set -x
+fi
+
+set -e
+
+sed -i.bak \
+    -e 's/^SELINUX=.*/SELINUX=disabled/' \
+    /etc/sysconfig/selinux
+
+sed -i.bak \
+    -e 's/^SELINUX=.*/SELINUX=disabled/' \
+    /etc/selinux/config
diff --git a/centos-bareon/post-install.d/10-disable-udev-iface-rename b/centos-bareon/post-install.d/10-disable-udev-iface-rename
new file mode 100755
index 0000000..8b733f9
--- /dev/null
+++ b/centos-bareon/post-install.d/10-disable-udev-iface-rename
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
+    set -x
+fi
+
+set -e
+
+# Disabling this rule prevents inconsistent iface renames done by udev. This
+# were conflicting with prebuilt dhcp scripts (ifcfg-eth0, ifcfg-eth1) as well
+# as with dhcp-all-interfaces which was not able to generate scripts according
+# to new names (because it runs concurrently with renaming).
+# Using old schema (ethN) + pre-built dhcp scripts allows to have stable DHCP
+# even if eth interfaces are randomly swapped.
+ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
+
+# Configs for additional interfaces
+SYSCONFIG_PATH=/etc/sysconfig/network-scripts
+for IFACE_NUM in 1 2 3
+do
+    cp $SYSCONFIG_PATH/ifcfg-eth0 $SYSCONFIG_PATH/ifcfg-eth$IFACE_NUM
+    sed -i "s/eth0/eth$IFACE_NUM/g" $SYSCONFIG_PATH/ifcfg-eth$IFACE_NUM
+done
+
diff --git a/centos-bareon/post-install.d/80-bareon b/centos-bareon/post-install.d/80-bareon
new file mode 100755
index 0000000..af16172
--- /dev/null
+++ b/centos-bareon/post-install.d/80-bareon
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+rm -rf /tmp/bareon
diff --git a/centos-bareon/root.d/10-create-repo b/centos-bareon/root.d/10-create-repo
new file mode 100755
index 0000000..bd97b81
--- /dev/null
+++ b/centos-bareon/root.d/10-create-repo
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
+    set -x
+fi
+
+set -e
+
+[[ -n "$TARGET_ROOT" ]] || exit 1
+
+sudo mkdir -p $TARGET_ROOT/etc/yum.repos.d
+sudo cp /etc/yum.repos.d/*.repo $TARGET_ROOT/etc/yum.repos.d/
+sudo cp /etc/pki/rpm-gpg/* $TARGET_ROOT/etc/pki/rpm-gpg/
+
diff --git a/centos-bareon/root.d/60-bareon-src b/centos-bareon/root.d/60-bareon-src
new file mode 100755
index 0000000..77f6232
--- /dev/null
+++ b/centos-bareon/root.d/60-bareon-src
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+if [ -n ${BAREON_SRC-""} ] ; then
+    git clone -b $BAREON_BRANCH $BAREON_SRC $TARGET_ROOT/tmp/bareon
+
+    cd $TARGET_ROOT/tmp/bareon
+    git log -25 --oneline > changelog
+    cd -
+fi
+
diff --git a/debian-bareon/README.rst b/debian-bareon/README.rst
new file mode 100644
index 0000000..4be85c8
--- /dev/null
+++ b/debian-bareon/README.rst
@@ -0,0 +1,8 @@
+======
+bareon
+======
+Builds a debian ramdisk with bareon.
+
+Note: This element has not been maintained along with centos-bareon, so
+might not work out of the box.
+
diff --git a/debian-bareon/cleanup.d/99-ramdisk-create b/debian-bareon/cleanup.d/99-ramdisk-create
new file mode 100755
index 0000000..402f9f3
--- /dev/null
+++ b/debian-bareon/cleanup.d/99-ramdisk-create
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+
+[ -n "$TARGET_ROOT" ]
+
+source $_LIB/img-functions
+
+IMAGE_PATH=$(readlink -f $IMAGE_NAME)
+cd $TARGET_ROOT
+
+echo "#disabled" > ./tmp/fstab.new
+sudo mv ./tmp/fstab.new ./etc/fstab
+sudo ln -s ./sbin/init ./
+
+if [ ! -n ${DIB_MAKE_SQUASHFS-""} ] ; then
+	sudo find . -path './sys/*' -prune -o -path './proc/*' -prune -o -path './dev/*' -prune -o -path './tmp/*' -prune -o -print | sudo cpio -o -H newc | gzip > ${IMAGE_PATH}.initramfs
+
+	select_boot_kernel_initrd $TARGET_ROOT
+	sudo cp $BOOTDIR/$KERNEL ${IMAGE_PATH}.vmlinuz
+else
+	select_boot_kernel_initrd $TARGET_ROOT
+	sudo cp -a ./boot/initrd* ${IMAGE_PATH}.initramfs
+	sudo cp -a ./boot/vmlinuz* ${IMAGE_PATH}.vmlinuz
+	sudo rm -f ./boot/initrd*
+	sudo rm -f ./boot/vmlinuz*
+
+	if sudo mountpoint -q ./proc ; then
+		sudo umount ./proc
+	fi
+
+	sudo mksquashfs . ${IMAGE_PATH}.squashfs -noappend -e proc/* dev/* sys/* tmp/*
+fi
diff --git a/debian-bareon/element-deps b/debian-bareon/element-deps
new file mode 100644
index 0000000..715c11e
--- /dev/null
+++ b/debian-bareon/element-deps
@@ -0,0 +1 @@
+source-repositories
diff --git a/debian-bareon/element-provides b/debian-bareon/element-provides
new file mode 100644
index 0000000..8ba5c33
--- /dev/null
+++ b/debian-bareon/element-provides
@@ -0,0 +1,2 @@
+bareon
+
diff --git a/debian-bareon/install.d/60-bareon-install b/debian-bareon/install.d/60-bareon-install
new file mode 100755
index 0000000..6bcee5a
--- /dev/null
+++ b/debian-bareon/install.d/60-bareon-install
@@ -0,0 +1,42 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+SCRIPTDIR=$(dirname $0)
+
+install-packages openssh-server isc-dhcp-client rsync lvm2 parted ifupdown iproute2 gcc python-dev python-pip python-wheel
+
+if [ -n ${DIB_MAKE_SQUASHFS-""} ] ; then
+    install-packages live-boot live-boot-initramfs-tools
+fi
+
+# TODO(max_lobur): sync this with a way how we do for CentOS
+cd /tmp/bareon
+python2 setup.py bdist_wheel
+whl_name=$(ls -1rv dist/bareon*.whl 2>/dev/null | head -1)
+pip install $whl_name
+cd /
+
+if [ ! -f /usr/bin/ironic_callback ]; then
+    ln -s /usr/local/bin/ironic_callback /usr/bin/ironic_callback
+fi
+
+echo $'md-mod' >> /etc/modules
+
+install -D -g root -o root -m 0600 ${SCRIPTDIR}/files.ironic/root/.ssh/authorized_keys /root/.ssh/authorized_keys
+chmod 0700 /root/.ssh/
+install -D -g root -o root -m 0600 ${SCRIPTDIR}/files.ironic/etc/ssh/sshd_config /etc/ssh/sshd_config
+install -D -g root -o root -m 0644 ${SCRIPTDIR}/files.ironic/etc/hostname /etc/hostname
+install -D -g root -o root -m 0644 ${SCRIPTDIR}/files.ironic/etc/modprobe.d/blacklist-i2c-piix4.conf /etc/modprobe.d/blacklist-i2c-piix4.conf
+install -D -g root -o root -m 0644 ${SCRIPTDIR}/files.ironic/etc/modprobe.d/mlnx4_core.conf /etc/modprobe.d/mlnx4_core.conf
+install -D -g root -o root -m 0755 ${SCRIPTDIR}/files.ironic/etc/bareon/bareon.conf /etc/bareon/bareon.conf
+install -D -g root -o root -m 0644 ${SCRIPTDIR}/files.ironic/lib/systemd/system/ironic-callback.service /lib/systemd/system/ironic-callback.service
+
+# TODO(lobur): sync service definition with CentOS
+systemctl enable ironic-callback.service
+
+update-initramfs -u -k all
diff --git a/debian-bareon/install.d/files.ironic/etc/bareon/bareon.conf b/debian-bareon/install.d/files.ironic/etc/bareon/bareon.conf
new file mode 100644
index 0000000..154d9c5
--- /dev/null
+++ b/debian-bareon/install.d/files.ironic/etc/bareon/bareon.conf
@@ -0,0 +1,211 @@
+[DEFAULT]
+
+#
+# Options defined in bareon.manager
+#
+
+# Data driver (string value)
+#data_driver=nailgun
+
+# Directory where the image is supposed to be built (string
+# value)
+#image_build_dir=/tmp
+
+# Path to directory with cloud init templates (string value)
+#nc_template_path=/usr/share/bareon/cloud-init-templates
+
+# Temporary directory for file manipulations (string value)
+#tmp_path=/tmp
+
+# Path where to store generated config drive image (string
+# value)
+#config_drive_path=/tmp/config-drive.img
+
+# Path where to store actual rules for udev daemon (string
+# value)
+#udev_rules_dir=/etc/udev/rules.d
+
+# Path where to store default rules for udev daemon (string
+# value)
+#udev_rules_lib_dir=/lib/udev/rules.d
+
+# Substring to which file extension .rules be renamed (string
+# value)
+#udev_rename_substr=.renamedrule
+
+# Correct empty rule for udev daemon (string value)
+#udev_empty_rule=empty_rule
+
+# Suffix which is used while creating temporary files (string
+# value)
+#image_build_suffix=.bareon-image
+
+# Timeout in secs for GRUB (integer value)
+#grub_timeout=5
+
+# Maximum allowed loop devices count to use (integer value)
+#max_loop_devices_count=255
+
+# Size of sparse file in MiBs (integer value)
+#sparse_file_size=8192
+
+# System-wide major number for loop device (integer value)
+#loop_device_major_number=7
+
+# Maximum allowed debootstrap/apt-get attempts to execute
+# (integer value)
+#fetch_packages_attempts=10
+
+# File where to store apt setting for unsigned packages
+# (string value)
+#allow_unsigned_file=allow_unsigned_packages
+
+# File where to store apt setting for forcing IPv4 usage
+# (string value)
+#force_ipv4_file=force_ipv4
+
+# Create configdrive file, use pre-builded if set to False
+# (boolean value)
+prepare_configdrive=false
+
+# Add udev rules for NIC remapping (boolean value)
+fix_udev_net_rules=true
+
+
+#
+# Options defined in bareon.cmd.agent
+#
+
+# Input data file (string value)
+#input_data_file=/tmp/provision.json
+
+# Input data (json string) (string value)
+#input_data=
+
+
+#
+# Options defined in bareon.openstack.common.log
+#
+
+# Print debugging output (set logging level to DEBUG instead
+# of default WARNING level). (boolean value)
+debug=true
+
+# Print more verbose output (set logging level to INFO instead
+# of default WARNING level). (boolean value)
+#verbose=false
+
+# Log output to standard error. (boolean value)
+use_stderr=false
+
+# Format string to use for log messages with context. (string
+# value)
+#logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
+
+# Format string to use for log messages without context.
+# (string value)
+#logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
+
+# Data to append to log format when level is DEBUG. (string
+# value)
+logging_debug_format_suffix=
+
+# Prefix each line of exception output with this format.
+# (string value)
+#logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s
+
+# List of logger=LEVEL pairs. (list value)
+#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN
+
+# Enables or disables publication of error events. (boolean
+# value)
+#publish_errors=false
+
+# Enables or disables fatal status of deprecations. (boolean
+# value)
+#fatal_deprecations=false
+
+# The format for an instance that is passed with the log
+# message.  (string value)
+#instance_format="[instance: %(uuid)s] "
+
+# The format for an instance UUID that is passed with the log
+# message.  (string value)
+#instance_uuid_format="[instance: %(uuid)s] "
+
+# The name of a logging configuration file. This file is
+# appended to any existing logging configuration files. For
+# details about logging configuration files, see the Python
+# logging module documentation. (string value)
+# Deprecated group/name - [DEFAULT]/log_config
+#log_config_append=<None>
+
+# DEPRECATED. A logging.Formatter log message format string
+# which may use any of the available logging.LogRecord
+# attributes. This option is deprecated.  Please use
+# logging_context_format_string and
+# logging_default_format_string instead. (string value)
+#log_format=<None>
+
+# Format string for %%(asctime)s in log records. Default:
+# %(default)s . (string value)
+#log_date_format=%Y-%m-%d %H:%M:%S
+
+# (Optional) Name of log file to output to. If no default is
+# set, logging will go to stdout. (string value)
+# Deprecated group/name - [DEFAULT]/logfile
+log_file=/var/log/bareon.log
+
+# (Optional) The base directory used for relative --log-file
+# paths. (string value)
+# Deprecated group/name - [DEFAULT]/logdir
+#log_dir=<None>
+
+# Use syslog for logging. Existing syslog format is DEPRECATED
+# during I, and will change in J to honor RFC5424. (boolean
+# value)
+#use_syslog=false
+
+# (Optional) Enables or disables syslog rfc5424 format for
+# logging. If enabled, prefixes the MSG part of the syslog
+# message with APP-NAME (RFC5424). The format without the APP-
+# NAME is deprecated in I, and will be removed in J. (boolean
+# value)
+#use_syslog_rfc_format=false
+
+# Syslog facility to receive log lines. (string value)
+#syslog_log_facility=LOG_USER
+
+
+#
+# Options defined in bareon.utils.artifact
+#
+
+# Size of data chunk to operate with images (integer value)
+#data_chunk_size=1048576
+
+
+#
+# Options defined in bareon.utils.utils
+#
+
+# Maximum retries count for http requests. 0 means infinite
+# (integer value)
+#http_max_retries=30
+
+# Http request timeout in seconds (floating point value)
+#http_request_timeout=10.0
+
+# Delay in seconds before the next http request retry
+# (floating point value)
+#http_retry_delay=2.0
+
+# Block size of data to read for calculating checksum (integer
+# value)
+#read_chunk_size=1048576
+
+# Delay in seconds before the next exectuion will retry
+# (floating point value)
+#execute_retry_delay=2.0
+
+
diff --git a/debian-bareon/install.d/files.ironic/etc/hostname b/debian-bareon/install.d/files.ironic/etc/hostname
new file mode 100644
index 0000000..b7c200a
--- /dev/null
+++ b/debian-bareon/install.d/files.ironic/etc/hostname
@@ -0,0 +1 @@
+bootstrap
diff --git a/debian-bareon/install.d/files.ironic/etc/modprobe.d/blacklist-i2c-piix4.conf b/debian-bareon/install.d/files.ironic/etc/modprobe.d/blacklist-i2c-piix4.conf
new file mode 100644
index 0000000..a4339cc
--- /dev/null
+++ b/debian-bareon/install.d/files.ironic/etc/modprobe.d/blacklist-i2c-piix4.conf
@@ -0,0 +1 @@
+blacklist i2c_piix4
diff --git a/debian-bareon/install.d/files.ironic/etc/modprobe.d/mlnx4_core.conf b/debian-bareon/install.d/files.ironic/etc/modprobe.d/mlnx4_core.conf
new file mode 100644
index 0000000..1b6f5af
--- /dev/null
+++ b/debian-bareon/install.d/files.ironic/etc/modprobe.d/mlnx4_core.conf
@@ -0,0 +1 @@
+options mlx4_core port_type_array=2,2
diff --git a/debian-bareon/install.d/files.ironic/etc/ssh/sshd_config b/debian-bareon/install.d/files.ironic/etc/ssh/sshd_config
new file mode 100644
index 0000000..4b984fc
--- /dev/null
+++ b/debian-bareon/install.d/files.ironic/etc/ssh/sshd_config
@@ -0,0 +1,20 @@
+Protocol 2
+SyslogFacility AUTHPRIV
+PasswordAuthentication no
+PubkeyAuthentication yes
+ChallengeResponseAuthentication no
+GSSAPIAuthentication no
+UsePAM no
+UseDNS no
+
+# Accept locale-related environment variables
+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
+AcceptEnv XMODIFIERS
+
+Subsystem sftp /usr/lib/openssh/sftp-server
+
+# Secure Ciphers and MACs
+Ciphers aes256-ctr,aes192-ctr,aes128-ctr,arcfour256,arcfour128
+MACs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,hmac-sha1
diff --git a/debian-bareon/install.d/files.ironic/lib/systemd/system/ironic-callback.service b/debian-bareon/install.d/files.ironic/lib/systemd/system/ironic-callback.service
new file mode 100644
index 0000000..9653502
--- /dev/null
+++ b/debian-bareon/install.d/files.ironic/lib/systemd/system/ironic-callback.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Ironic Callback
+Requires=ssh.service
+
+[Service]
+Type=oneshot
+User=root
+ExecStart=/usr/bin/bareon-ironic-callback
+
+[Install]
+WantedBy=multi-user.target
diff --git a/debian-bareon/install.d/files.ironic/root/.ssh/authorized_keys b/debian-bareon/install.d/files.ironic/root/.ssh/authorized_keys
new file mode 100644
index 0000000..4a91b0c
--- /dev/null
+++ b/debian-bareon/install.d/files.ironic/root/.ssh/authorized_keys
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDtrVTSM8tGd4E8khJn2gfN/2fymnX/0YKAGSVZTWDNIcYL5zXTlSwrccn/8EgmnNsJNxucJRT+oWqrDGaFaehuwlY/IBqm50KJVaUr5QYzOUpqVpFIpoX3UwETCxcSB1LiQYbCvrJcqOPQ4Zu9fMhMGKaAX1ohzOumn4czuLDYIvCnPnoU5RDWt7g1GaFFlzGU3JFooj7/aWFJMqJLinvay3vr2vFpBvO1y29nKu+zgpZkzzJCc0ndoVqvB+W9DY6QtgTSWfd3ZE/8vg4h8QV8H+xxqL/uWCxDkv2Y3rviAHivR/V+1YCSQH0NBJrNSkRjd+1roLhcEGT7/YEnbgVV nailgun@bootstrap
diff --git a/debian-bareon/post-install.d/80-bareon b/debian-bareon/post-install.d/80-bareon
new file mode 100755
index 0000000..8759a24
--- /dev/null
+++ b/debian-bareon/post-install.d/80-bareon
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+install-packages -e git
+rm -rf /tmp/bareon
+apt-get -y autoremove
diff --git a/debian-bareon/source-repository-bareon b/debian-bareon/source-repository-bareon
new file mode 100644
index 0000000..fbdd56e
--- /dev/null
+++ b/debian-bareon/source-repository-bareon
@@ -0,0 +1 @@
+agent git /tmp/bareon git@github.com:openstack/bareon.git