x
/
compass-adapters
Code Issues Proposed changes

update snippet to support preseed 

Change-Id: I8442758ffaf3a55ec4773bf820bc4cdefb2e6452
This commit is contained in:
xiaodongwang 2014-05-06 11:31:00 -07:00
parent a8aa336541
commit ae44332c69
65 changed files with 1651 additions and 446 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
chef/cookbooks/mysql/templates/default/grants.sql.erb
View File

@ -17,8 +17,9 @@ GRANT ALL ON *.* TO 'root'@'%' IDENTIFIED BY '<%= node['mysql']['server_root_pas
# remove remote access for root user and set password for local root user
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
UPDATE mysql.user SET Password=PASSWORD('<%= node['mysql']['server_root_password'] %>') WHERE User='root';
<% end %>
UPDATE mysql.user SET Password=PASSWORD('<%= node['mysql']['server_root_password'] %>') WHERE User='root';
<% if node['mysql']['remove_anonymous_users'] -%>
# Remove anonymous users

2
chef/cookbooks/openstack-block-storage/providers/volume.rb
View File

@ -93,7 +93,7 @@ def select_loop_device resource
output = %x{losetup -a|grep "/mnt/cinder-volumes"}.split(':')
if output.empty?
used_loop_device = %x{losetup -a |cut -f 1 -d ':'}.split
total_loop_device = %x{ls /dev/loop*}.split
total_loop_device = %x{ls /dev/loop* | egrep 'loop[0-9]+'}.split
available_loop = total_loop_device - used_loop_device
if available_loop.nil?
resource.partition = nil

2
chef/cookbooks/openstack-dashboard/attributes/default.rb
View File

@ -83,7 +83,7 @@ when "ubuntu"
default["openstack"]["dashboard"]["local_settings_path"] = "/etc/openstack-dashboard/local_settings.py"
default["openstack"]["dashboard"]["static_path"] = "/usr/share/openstack-dashboard/openstack_dashboard/static"
default["openstack"]["dashboard"]["platform"] = {
"horizon_packages" => ["lessc", "openstack-dashboard"],
"horizon_packages" => ["node-less", "openstack-dashboard"],
"mysql_python_packages" => ["python-mysqldb"],
"postgresql_python_packages" => ["python-psycopg2"],
"memcache_python_packages" => ["python-memcache"],

2
chef/cookbooks/openstack-dashboard/spec/server_spec.rb
View File

@ -37,7 +37,7 @@ describe "openstack-dashboard::server" do
end
it "installs packages" do
expect(@chef_run).to upgrade_package "lessc"
expect(@chef_run).to upgrade_package "node-less"
expect(@chef_run).to upgrade_package "openstack-dashboard"
expect(@chef_run).to upgrade_package "python-mysqldb"
end

2
chef/databags/openstack/openstack.json
View File

@ -295,7 +295,7 @@
}
}
},
"support_oses": [ "CentOS*" ],
"support_oses": [ "CentOS*", "Ubuntu*" ],
"services" : { "compute" : { "name" : "nova",
"status" : "enable"
},

56
cobbler/kickstarts/default.ks
View File

@ -10,12 +10,8 @@ bootloader --location=mbr
# Clear MBR
zerombr
# Pre-clear Partition
clearpart --all --initlabel
# Use Text Mode
text
# cmdline
# Disable Firewall
firewall --disabled
@ -36,10 +32,9 @@ logging --level=info
url --url=$tree
$SNIPPET('network_config')
# Repository Config
repo --name=ppa_repo --baseurl=http://$server:$http_port/cobbler/repo_mirror/ppa_repo/
$SNIPPET('kickstart_network_config')
$SNIPPET('kickstart_partition_disks')
$SNIPPET('kickstart_yum_repo_config')
# Root Password
#if $getVar('password', '') != ""
@ -67,21 +62,14 @@ install
# Reboot After Installation
reboot
%include /tmp/part-include
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
$SNIPPET('kickstart_pre_install_network_config')
$SNIPPET('kickstart_pre_partition_disks')
# Enable installation monitoring
$SNIPPET('pre_anamon')
# useful to debug pre/post
# chvt 3
# exec < /dev/tty3 > /dev/tty3 2>/dev/tty3
# get the number of hard disks and their names
$SNIPPET('partition_disks')
$SNIPPET('kickstart_pre_anamon')
# Packages
%packages --nobase
@ -98,29 +86,19 @@ liblogging
rsyslog
%post --log=/var/log/post_install.log
$SNIPPET('post_install_network_config')
cat << EOF > /etc/yum.conf
$SNIPPET('yum.conf')
EOF
$SNIPPET('ssh')
$SNIPPET('ntp')
$SNIPPET('kickstart_post_install_network_config')
chkconfig iptables off
chkconfig ip6tables off
cat << EOF > /etc/security/limits.conf
$SNIPPET('limits.conf')
EOF
$SNIPPET('kickstart_yum.conf')
$SNIPPET('kickstart_ssh')
$SNIPPET('kickstart_ntp')
$SNIPPET('kickstart_limits.conf')
$SNIPPET('kickstart_sysctl.conf')
$SNIPPET('kickstart_rsyslog.conf')
#set $kickstart_tool = "kickstart_%s" % $tool
$SNIPPET($kickstart_tool)
cat << EOF > /etc/sysctl.conf
$SNIPPET('sysctl.conf')
EOF
sysctl -p
$SNIPPET($tool)
$SNIPPET('post_anamon')
$SNIPPET('kickstart_post_anamon')
$SNIPPET('kickstart_done')

115
cobbler/kickstarts/default.seed Normal file
View File

@ -0,0 +1,115 @@
# Mostly based on the Ubuntu installation guide
# https://help.ubuntu.com/12.04/installation-guide/
## Figure out if we're kickstarting a system or a profile
#if $getVar('system_name','') != ''
#set $what = "system"
#else
#set $what = "profile"
#end if
# Preseeding only locale sets language, country and locale.
d-i debian-installer/locale string en_US
d-i debian-installer/country string US
d-i debian-installer/language string en
# Keyboard selection.
# Disable automatic (interactive) keymap detection.
d-i console-setup/ask_detect boolean false
d-i console-setup/layoutcode string us
d-i console-setup/modelcode string SKIP
d-i keyboard-configuration/variantcode string us
d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/model select Generic 105-key (Intl) PC
d-i console-keymaps-at/keymap select us
d-i keyboard-configuration/xkb-keymap select us
d-i preseed/early_command string \
$SNIPPET('preseed_pre_anamon') echo "processed preseed_pre_anamon" >> /tmp/preseed.log; \
$SNIPPET('preseed_pre_install_network_config') echo "processed preseed_pre_install_network_config" >> /tmp/preseed.log; \
wget -O- \
http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_early_default | /bin/sh -s
d-i partman/early_command string \
$SNIPPET('preseed_pre_partition_disks') echo "processed preseed_pre_partition_disks" >> /tmp/preseed.log; \
wget -O- \
http://$http_server/cblr/svc/op/script/$what/$name/?script=partman_early_default | /bin/sh -s
$SNIPPET('preseed_network_config')
$SNIPPET('preseed_partition_disks')
# NTP/Time Setup
#if $getVar('timezone', '') != ""
d-i time/zone string $timezone
#else
d-i time/zone string US/Pacific
#end if
d-i clock-setup/utc boolean true
d-i clock-setup/ntp boolean true
d-i clock-setup/ntp-server string ntp.ubuntu.com
# Setup the installation source
d-i mirror/country string manual
d-i mirror/http/hostname string $http_server
d-i mirror/http/directory string $install_source_directory
#if $getVar('proxy', '') != ""
d-i mirror/http/proxy string $proxy
#end if
#set $os_v = $getVar('os_version','')
#if $os_v and $os_v.lower()[0] > 'p'
# Required at least for 12.10+
d-i live-installer/net-image string http://$http_server/cobbler/ks_mirror/$distro_name/install/filesystem.squashfs
#end if
# root account and password
d-i passwd/root-login boolean true
d-i passwd/make-user boolean false
#if $getVar('password', '') != ""
d-i passwd/root-password-crypted password $password
#else
d-i passwd/root-password password root
d-i passwd/root-password-again password root
#end if
$SNIPPET('preseed_apt_repo_config')
# Individual additional packages to install
# wget is REQUIRED otherwise quite a few things won't work
# later in the build (like late-command scripts)
d-i pkgsel/include string ntp ssh wget chef
# Whether to upgrade packages after debootstrap.
# Allowed values: none, safe-upgrade, full-upgrade
d-i pkgsel/upgrade select none
d-i popularity-contest/participate boolean false
d-i lilo-installer/skip boolean true
d-i grub-installer/only_debian boolean true
# Use the following option to add additional boot parameters for the
# installed system (if supported by the bootloader installer).
# Note: options passed to the installer will be added automatically.
d-i debian-installer/add-kernel-opts string $kernel_options_post
d-i debian-installer/allow_unauthenticated string true
# Avoid that last message about the install being complete.
d-i finish-install/reboot_in_progress note
# This command is run just before the install finishes, but when there is
# still a usable /target directory. You can chroot to /target and use it
# directly, or use the apt-install and in-target commands to easily install
# packages and run commands in the target system.
# d-i preseed/late_command string [command]
d-i preseed/late_command string \
$SNIPPET('preseed_post_install_network_config') echo "processed preseed_post_install_network_config" >> /tmp/preseed.log; \
$SNIPPET('preseed_ssh') echo "processed preseed_ssh" >> /tmp/preseed.log; \
$SNIPPET('preseed_ntp') echo "processed preseed_ntp" >> /tmp/preseed.log; \
$SNIPPET('preseed_post_apt_repo_config') echo "processed preseed_post_apt_repo_config" >> /tmp/preseed.log; \
#set $preseed_tool = "preseed_%s" % $tool
$SNIPPET($preseed_tool) echo "processed $preseed_tool" >> /tmp/preseed.log; \
$SNIPPET('preseed_limits.conf') echo "processed preseed_limits.conf" >> /tmp/preseed.log; \
$SNIPPET('preseed_sysctl.conf') echo "processed preseed_sysctl.conf" >> /tmp/preseed.log; \
$SNIPPET('preseed_rsyslog.conf') echo "processed preseed_rsyslog.conf" >> /tmp/preseed.log; \
$SNIPPET('preseed_post_anamon') echo "processed preseed_post_anamon" >> /tmp/preseed.log; \
wget -O- \
http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_late_default | \
chroot /target /bin/sh -s

61
cobbler/snippets/chef
View File

@ -11,6 +11,11 @@ cat << EOL > /etc/chef/client.rb
$SNIPPET('client.rb')
EOL
## Generate first-boot.json
cat << EOL > /etc/chef/first-boot.json
$SNIPPET('first-boot.json')
EOL
## Register Server in Rsyslog
@ -25,50 +30,17 @@ EOL
service rsyslog restart
cat << EOF > /etc/chef/firstrun.sh
#raw
#!/bin/bash
touch /tmp/chef.log
while true; do
echo "firstrun chef-client on `date`" &>> /tmp/chef.log
clients=\$(pgrep chef-client)
if [ "\$?" == "0" ]; then
echo "there are chef-clients '\$clients' running" &>> /tmp/chef.log
sleep 1m
else
chef-client -L /var/log/chef-client.log &>> /tmp/chef.log
if [ "\$?" != "0" ]; then
echo "chef-client run failed" &>> /tmp/chef.log
sleep 1m
else
echo "chef-client run success" &>> /tmp/chef.log
break
fi
fi
done
#end raw
EOF
cat << EOF > /etc/chef/rerun.sh
#raw
#!/bin/bash
echo "rerun chef-client on `date`" &>> /tmp/chef.log
clients=\$(pgrep chef-client)
if [ "\$?" == "0" ]; then
echo "there are chef-clients '\$clients' running" &>> /tmp/chef.log
exit 1
fi
chef-client &>> /tmp/chef.log
pgrep chef-client
if [ "\$?" != "0" ]; then
echo "chef-client run failed" &>> /tmp/chef.log
else
echo "chef-client run success" &>> /tmp/chef.log
chef-client -p /var/run/chef-client.pid -j /etc/chef/first-boot.json &> /tmp/chef.log
fi
#end raw
EOF
chmod +x /etc/chef/firstrun.sh
chmod +x /etc/chef/rerun.sh
## A self-destruct service to boot chef client and register cron job
cat << EOF > /etc/init.d/chef
@ -76,15 +48,26 @@ cat << EOF > /etc/init.d/chef
# chkconfig: 2345 95 20
# description: Description of the script
# processname: chef-agent
/etc/chef/firstrun.sh
#if $getVar('ntp_server', '') != ""
echo "old date is: \`date\`" 2>&1 > /tmp/ntp.log
echo "path: \$PATH" 2>71 >> /tmp/ntp.log
/sbin/service ntpd stop 2>&1 >> /tmp/ntp.log
/usr/sbin/ntpdate $server 2>&1 >> /tmp/ntp.log
/sbin/service ntpd start 2>&1 >> /tmp/ntp.log
echo "new date is: \`date\`" 2>&1 >> /tmp/ntp.log
#end if
/etc/chef/rerun.sh
chmod +x /etc/chef/rerun.sh
crontab -l > mycron
echo "*/30 * * * * /etc/chef/rerun.sh" >> mycron
echo "*/1 * * * * /etc/chef/rerun.sh" >> mycron
crontab mycron
rm mycron
chkconfig chef off
mv /etc/init.d/chef /tmp/chef
rm -rf /etc/init.d/chef
EOF
chmod +x /etc/init.d/chef
chkconfig --level 2345 chef on

15
cobbler/snippets/client.rb
View File

@ -1,26 +1,15 @@
log_level :info
log_location '/dev/null'
log_location '/var/log/chef-client.log'
#if $getVar('chef_url', '') != ""
chef_server_url '$chef_url'
#end if
#if $getVar('proxy', '') != ""
http_proxy '$proxy'
https_proxy '$proxy'
ENV['http_proxy'] = '$proxy'
ENV['https_proxy'] = '$proxy'
ENV['HTTP_PROXY'] = '$proxy'
ENV['HTTPS_PROXY'] = '$proxy'
#end if
#if $getVar('ignore_proxy', '') != ""
no_proxy '$ignore_proxy'
ENV['no_proxy'] = '$ignore_proxy'
ENV['NO_PROXY'] = '$ignore_proxy'
#end if
#if $getVar('chef_node_name', '') != ""
node_name '$chef_node_name'
#end if
validation_client_name 'chef-validator'
json_attribs nil
pid_file '/var/run/chef-client.pid'
# Using default node name (fqdn)
no_lazy_load true

9
cobbler/snippets/hosts
View File

@ -1,9 +0,0 @@
127.0.0.1 $system_name localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 $system_name localhost localhost.localdomain localhost6 localhost6.localdomain6
# #for $iname, $idata in $interfaces.items()
# #set $ip = $idata.get("ip_address", "")
# #if $hostname != "" and $ip != ""
# $ip $hostname
# #end if
# #end for
# # $compass_ip $compass_hostname

12
cobbler/snippets/kickstart_chef Normal file
View File

@ -0,0 +1,12 @@
mkdir -p /etc/chef
## Generate chef rsyslog conf
$SNIPPET('kickstart_chef_rsyslog.conf')
## Generate validation.pem
$SNIPPET('kickstart_chef-validator.pem')
## Generate client.rb
$SNIPPET('kickstart_client.rb')
$SNIPPET('kickstart_chef_firstrun.sh')
$SNIPPET('kickstart_chef_rerun.sh')
$SNIPPET('kickstart_chef_init')

8
cobbler/snippets/kickstart_chef-validator.pem Normal file
View File

@ -0,0 +1,8 @@
#if $getVar('chef_validation_file', '') == ""
#set chef_validation_file = '/etc/chef-server/chef-validator.pem'
#end if
#set f = $open($chef_validation_file)
cat << EOL > /etc/chef/validation.pem
#echo $f.read()
EOL
#silent $f.close()

25
cobbler/snippets/kickstart_chef_firstrun.sh Normal file
View File

@ -0,0 +1,25 @@
cat << EOF > /etc/chef/firstrun.sh
#raw
#!/bin/bash
touch /tmp/chef.log
while true; do
echo "firstrun chef-client on \`date\`" &>> /tmp/chef.log
clients=\$(pgrep chef-client)
if [ "\$?" == "0" ]; then
echo "there are chef-clients '\$clients' running" &>> /tmp/chef.log
sleep 1m
else
chef-client -L /var/log/chef-client.log &>> /tmp/chef.log
if [ "\$?" != "0" ]; then
echo "chef-client run failed" &>> /tmp/chef.log
sleep 1m
else
echo "chef-client run success" &>> /tmp/chef.log
break
fi
fi
done
#end raw
EOF
chmod +x /etc/chef/firstrun.sh

22
cobbler/snippets/kickstart_chef_init Normal file
View File

@ -0,0 +1,22 @@
## A self-destruct service to boot chef client and register cron job
cat << EOF > /etc/init.d/chef
#raw
#!/bin/bash
# chkconfig: 2345 99 20
# description: Description of the script
# processname: chef-agent
rm -rf /var/lib/rsyslog/firstboot_log
service rsyslog restart
/etc/chef/firstrun.sh
crontab -l > /tmp/mycron
echo "*/30 * * * * /etc/chef/rerun.sh" >> /tmp/mycron
crontab /tmp/mycron
rm /tmp/mycron
chkconfig chef off
mv /etc/init.d/chef /tmp/chef
#end raw
EOF
chmod +x /etc/init.d/chef
chkconfig chef on

19
cobbler/snippets/kickstart_chef_rerun.sh Normal file
View File

@ -0,0 +1,19 @@
cat << EOF > /etc/chef/rerun.sh
#raw
#!/bin/bash
echo "rerun chef-client on \`date\`" &>> /tmp/chef.log
clients=\$(pgrep chef-client)
if [ "\$?" == "0" ]; then
echo "there are chef-clients '\$clients' running" &>> /tmp/chef.log
exit 1
fi
chef-client &>> /tmp/chef.log
if [ "\$?" != "0" ]; then
echo "chef-client run failed" &>> /tmp/chef.log
else
echo "chef-client run success" &>> /tmp/chef.log
fi
#end raw
EOF
chmod +x /etc/chef/rerun.sh

12
cobbler/snippets/kickstart_chef_rsyslog.conf Normal file
View File

@ -0,0 +1,12 @@
cat << EOL > /etc/rsyslog.d/chef.conf
\\$ModLoad imfile
\\$InputFileName /var/log/chef-client.log
\\$InputFileReadMode 0
\\$InputFileTag
\\$InputFileStateFile firstboot_log
\\$InputFileSeverity notice
\\$InputFileFacility local3
\\$InputRunFileMonitor
\\$InputFilePollInterval 1
local3.info @$server:514
EOL

28
cobbler/snippets/kickstart_client.rb Normal file
View File

@ -0,0 +1,28 @@
cat << EOL > /etc/chef/client.rb
log_level :info
log_location '/dev/null'
#if $getVar('chef_url', '') != ""
chef_server_url '$chef_url'
#end if
#if $getVar('proxy', '') != ""
http_proxy '$proxy'
https_proxy '$proxy'
ENV['http_proxy'] = '$proxy'
ENV['https_proxy'] = '$proxy'
ENV['HTTP_PROXY'] = '$proxy'
ENV['HTTPS_PROXY'] = '$proxy'
#end if
#if $getVar('ignore_proxy', '') != ""
no_proxy '$ignore_proxy'
ENV['no_proxy'] = '$ignore_proxy'
ENV['NO_PROXY'] = '$ignore_proxy'
#end if
#if $getVar('chef_node_name', '') != ""
node_name '$chef_node_name'
#end if
validation_client_name 'chef-validator'
json_attribs nil
pid_file '/var/run/chef-client.pid'
# Using default node name (fqdn)
no_lazy_load true
EOL

12
cobbler/snippets/kickstart_hosts Normal file
View File

@ -0,0 +1,12 @@
cat << EOL > /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
#for $iname, $idata in $interfaces.items()
#if $hostname and $idata["management"] and $idata["static"] and $idata.get("ip_address", "") != ""
$idata["ip_address"] $hostname
#end if
#end for
#import os
#set $server_name = $os.uname[1]
$server $server_name
EOL

9
cobbler/snippets/limits.conf → cobbler/snippets/kickstart_limits.conf
View File

@ -1,6 +1,8 @@
cat << EOF > /etc/security/limits.conf
#raw
# /etc/security/limits.conf
#
#Each line describes a limit for a user in the form:
# Each line describes a limit for a user in the form:
#
#<domain> <type> <item> <value>
#
@ -39,7 +41,6 @@
#<domain> <type> <item> <value>
#
#raw
#* soft core 0
#* hard rss 10000
#@student hard nproc 20
@ -48,6 +49,6 @@
#ftp hard nproc 0
#@student - maxlogins 4
* - nofile 100000
#end raw
# End of file
#end raw
EOF

7
cobbler/snippets/kickstart_network_config Normal file
View File

@ -0,0 +1,7 @@
## start of cobbler network_config generated code
#if $getVar("system_name","") != ""
# Using "new" style networking config, by matching networking information to the physical interface's
# MAC-address
%include /tmp/pre_install_network_config
#end if
## end of cobbler network_config generated code

80
cobbler/snippets/kickstart_ntp Normal file
View File

@ -0,0 +1,80 @@
#if $getVar('ntp_server', '') != ""
chkconfig ntpd on
cat << EOF > /etc/ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
# Include the option tinker panic 0 at the top of your ntp.conf file.
# By default, the NTP daemon sometimes panics and exits if the underlying clock
# appears to be behaving erratically. This option causes the daemon to keep
# running instead of panicking.
tinker panic 0
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1
# Hosts on local network are less restricted.
# restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
# server 0.centos.pool.ntp.org
# server 1.centos.pool.ntp.org
# server 2.centos.pool.ntp.org
#if $getVar('ntp_server', '') != ""
server $ntp_server
#end if
# broadcast 192.168.1.255 autokey # broadcast server
# broadcastclient # broadcast client
# broadcast 224.0.1.1 autokey # multicast server
# multicastclient 224.0.1.1 # multicast client
# manycastserver 239.255.254.254 # manycast server
# manycastclient 239.255.254.254 autokey # manycast client
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.
server 127.127.1.0 # local clock
# Enable public key cryptography.
# crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
# trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
# requestkey 8
# Specify the key identifier to use with the ntpq utility.
# controlkey 8
# Enable writing of statistics records.
# statistics clockstats cryptostats loopstats peerstats
EOF
chkconfig ntpd on
echo "old date is: `date`" 2>&1 > /tmp/ntp.log
echo "path: \$PATH" 2>&1 >> /tmp/ntp.log
/sbin/service ntpd stop 2>&1 >> /tmp/ntp.log
/usr/sbin/ntpdate $ntp_server 2>&1 >> /tmp/ntp.log
/sbin/service ntpd start 2>&1 >> /tmp/ntp.log
echo "new date is: `date`" 2>&1 >> /tmp/ntp.log
#end if

5
cobbler/snippets/kickstart_partition_disks Normal file
View File

@ -0,0 +1,5 @@
## start of cobbler network_config generated code
#if $getVar("system_name","") != ""
%include /tmp/part-include
#end if
## end of cobbler network_config generated code

41
cobbler/snippets/kickstart_post_anamon Normal file
View File

@ -0,0 +1,41 @@
#if $str($getVar('anamon_enabled','')) == "1"
## install anamon script
wget -O /usr/local/sbin/anamon "http://$server:$http_port/cobbler/aux/anamon"
## install anamon system service
cat << EOF > /etc/init.d/anamon.init
#raw
#!/bin/bash
## BEGIN INIT INFO
# Provides: anamon.init
# Default-Start: 3 5
# Default-Stop: 0 1 2 4 6
# Required-Start:
# Should-Start: $network
# Short-Description: Starts the cobbler anamon boot notification program
# Description: anamon runs the first time a machine is booted after
# installation.
## END INIT INFO
#
# anamon.init: Starts the cobbler post-install boot notification program
#
# chkconfig: 35 95 95
#
# description: anamon runs the first time a machine is booted after
# installation.
#
#end raw
/usr/local/sbin/anamon --watchfile "/var/log/boot.log /var/log/messages /var/log/dmesg" --name $name --server $server --port $http_port --exit
chkconfig anamon.init off
mv /etc/init.d/anamon.init /tmp/anamon.init
EOF
## adjust permissions
chmod 755 /etc/init.d/anamon.init /usr/local/sbin/anamon
test -d /selinux && restorecon /etc/init.d/anamon.init /usr/local/sbin/anamon
## enable the script
chkconfig anamon.init on
#end if

350
cobbler/snippets/kickstart_post_install_network_config Normal file
View File

@ -0,0 +1,350 @@
# Start post_install_network_config generated code
#if $getVar('promisc_nics', '') != ""
#set promisc_interfaces = [promisc.strip() for promisc in $promisc_nics.split(',') if promisc.strip()]
#else
#set promisc_interfaces = []
#end if
#if $getVar("system_name","") != ""
## this is being provisioned by system records, not profile records
## so we can do the more complex stuff
## get the list of interface names
#set ikeys = $interfaces.keys()
#set osversion = $getVar("os_version","")
#import re
#set $vlanpattern = $re.compile("[a-zA-Z0-9]+[\.:][0-9]+")
## Determine if we should use the MAC address to configure the interfaces first
## Only physical interfaces are required to have a MAC address
## Also determine the number of bonding devices we have, so we can set the
## max-bonds option in modprobe.conf accordingly. -- jcapel
#set $configbymac = True
#set $numbondingdevs = 0
#set $enableipv6 = False
## =============================================================================
#for $iname in $ikeys
## look at the interface hash data for the specific interface
#set $idata = $interfaces[$iname]
## do not configure by mac address if we don't have one AND it's not for bonding/vlans
## as opposed to a "real" physical interface
#if $idata.get("mac_address", "") == "" and not $vlanpattern.match($iname) and not $idata.get("interface_type", "").lower() in ("master","bond","bridge"):
## we have to globally turn off the config by mac feature as we can't
## use it now
#set $configbymac = False
#end if
## count the number of bonding devices we have.
#if $idata.get("interface_type", "").lower() in ("master","bond","bonded_bridge_slave")
#set $numbondingdevs += 1
#end if
## enable IPv6 networking if we set an ipv6 address or turn on autoconfiguration
#if $idata.get("ipv6_address", "") != "" or $ipv6_autoconfiguration == True
#set $enableipv6 = True
#end if
#end for
## end looping through the interfaces to see which ones we need to configure.
## =============================================================================
#set $i = 0
## setup bonding if we have to
#if $numbondingdevs > 0
# we have bonded interfaces, so set max_bonds
if [ -f "/etc/modprobe.conf" ]; then
echo "options bonding max_bonds=$numbondingdevs" >> /etc/modprobe.conf
fi
#end if
## =============================================================================
## create a staging directory to build out our network scripts into
## make sure we preserve the loopback device
# create a working directory for interface scripts
mkdir /etc/sysconfig/network-scripts/cobbler
cp /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/cobbler/
## =============================================================================
## configure the gateway if set up (this is global, not a per-interface setting)
#if $gateway != ""
# set the gateway in the network configuration file
grep -v GATEWAY /etc/sysconfig/network > /etc/sysconfig/network.cobbler
echo "GATEWAY=$gateway" >> /etc/sysconfig/network.cobbler
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
#end if
## =============================================================================
## Configure the system's primary hostname. This is also passed to anaconda, but
## anaconda doesn't seem to honour it in DHCP-setups.
#if $hostname != ""
# set the hostname in the network configuration file
grep -v HOSTNAME /etc/sysconfig/network > /etc/sysconfig/network.cobbler
echo "HOSTNAME=$hostname" >> /etc/sysconfig/network.cobbler
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
# Also set the hostname now, some applications require it
# (e.g.: if we're connecting to Puppet before a reboot).
/bin/hostname $hostname
#end if
$SNIPPET('kickstart_hosts')
#if $enableipv6 == True
grep -v NETWORKING_IPV6 /etc/sysconfig/network > /etc/sysconfig/network.cobbler
echo "NETWORKING_IPV6=yes" >> /etc/sysconfig/network.cobbler
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
#if $ipv6_autoconfiguration != ""
grep -v IPV6_AUTOCONF /etc/sysconfig/network > /etc/sysconfig/network.cobbler
#if $ipv6_autoconfiguration == True
echo "IPV6_AUTOCONF=yes" >> /etc/sysconfig/network.cobbler
#else
echo "IPV6_AUTOCONF=no" >> /etc/sysconfig/network.cobbler
#end if
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
#end if
#if $ipv6_default_device != ""
grep -v IPV6_DEFAULTDEV /etc/sysconfig/network > /etc/sysconfig/network.cobbler
echo "IPV6_DEFAULTDEV=$ipv6_default_device" >> /etc/sysconfig/network.cobbler
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
#end if
#end if
## =============================================================================
## now create the config file for each interface
#for $iname in $ikeys
# Start configuration for $iname
## create lots of variables to use later
#set $idata = $interfaces[$iname]
#set $mac = $idata.get("mac_address", "").upper()
#set $mtu = $idata.get("mtu", "")
#set $static = $idata.get("static", "")
#set $ip = $idata.get("ip_address", "")
#set $netmask = $idata.get("netmask", "")
#set $if_gateway = $idata.get("if_gateway", "")
#set $static_routes = $idata.get("static_routes", "")
#set $iface_type = $idata.get("interface_type", "").lower()
#set $iface_master = $idata.get("interface_master", "")
#set $bonding_opts = $idata.get("bonding_opts", "")
#set $bridge_opts = $idata.get("bridge_opts", "").split(" ")
#set $ipv6_address = $idata.get("ipv6_address", "")
#set $ipv6_secondaries = $idata.get("ipv6_secondaries", "")
#set $ipv6_mtu = $idata.get("ipv6_mtu", "")
#set $ipv6_default_gateway = $idata.get("ipv6_default_gateway", "")
#set $ipv6_static_routes = $idata.get("ipv6_static_routes", "")
#set $devfile = "/etc/sysconfig/network-scripts/cobbler/ifcfg-" + $iname
#set $routesfile = "/etc/sysconfig/network-scripts/cobbler/route-" + $iname
#set $ipv6_routesfile = "/etc/sysconfig/network-scripts/cobbler/route6-" + $iname
## determine if this interface is for a VLAN
#if $vlanpattern.match($iname)
#set $is_vlan = "true"
#else
#set $is_vlan = "false"
#end if
## slave interfaces are assumed to be static
#if $iface_type in ("slave","bond_slave","bridge_slave","bonded_bridge_slave")
#set $static = 1
#end if
## ===================================================================
## Things every interface get, no matter what
## ===================================================================
echo "DEVICE=$iname" > $devfile
echo "ONBOOT=yes" >> $devfile
#if $mac != "" and $iface_type not in ("master","bond","bridge","bonded_bridge_slave")
## virtual interfaces don't get MACs
echo "HWADDR=$mac" >> $devfile
IFNAME=\$(ip -o link | grep -i '$mac' | sed -e 's/^[0-9]*: //' -e 's/:.*//')
## Rename this interface in modprobe.conf
## FIXME: if both interfaces startwith eth this is wrong
if [ -f "/etc/modprobe.conf" ] && [ \$IFNAME ]; then
grep \$IFNAME /etc/modprobe.conf | sed "s/\$IFNAME/$iname/" >> /etc/modprobe.conf.cobbler
grep -v \$IFNAME /etc/modprobe.conf >> /etc/modprobe.conf.new
rm -f /etc/modprobe.conf
mv /etc/modprobe.conf.new /etc/modprobe.conf
fi
#end if
## ===================================================================
## Actions based on interface_type
## ===================================================================
#if $iface_type in ("master","bond","bonded_bridge_slave")
## if this is a bonded interface, configure it in modprobe.conf
#if $osversion == "rhel4"
if [ -f "/etc/modprobe.conf" ]; then
echo "install $iname /sbin/modprobe bonding -o $iname $bonding_opts" >> /etc/modprobe.conf.cobbler
fi
#else
## Add required entry to modprobe.conf
if [ -f "/etc/modprobe.conf" ]; then
echo "alias $iname bonding" >> /etc/modprobe.conf.cobbler
fi
#end if
#if $bonding_opts != ""
cat >> $devfile << EOF
BONDING_OPTS="$bonding_opts"
EOF
#end if
#elif $iface_type in ("slave","bond_slave") and $iface_master != ""
echo "SLAVE=yes" >> $devfile
echo "MASTER=$iface_master" >> $devfile
echo "HOTPLUG=no" >> $devfile
#end if
#if $iface_type == "bridge"
echo "TYPE=Bridge" >> $devfile
#for $bridge_opt in $bridge_opts
#if $bridge_opt.strip() != ""
echo "$bridge_opt" >> $devfile
#end if
#end for
#elif ($iface_type == "bridge_slave" or $iface_type == "bonded_bridge_slave") and $iface_master != ""
echo "BRIDGE=$iface_master" >> $devfile
echo "HOTPLUG=no" >> $devfile
#end if
#if $iface_type != "bridge"
echo "TYPE=Ethernet" >> $devfile
#end if
## ===================================================================
## Actions based on static/dynamic configuration
## ===================================================================
#if $static
#if $mac == "" and $iface_type == ""
# WARNING! Configuring interfaces by their names only
# is error-prone, and can cause issues if and when
# the kernel gives an interface a different name
# following a reboot/hardware changes.
#end if
echo "BOOTPROTO=static" >> $devfile
#if $ip != "" and $iface_type not in ("slave","bond_slave","bridge_slave","bonded_bridge_slave")
## Only configure static networking if an IP-address is configured
## and if the interface isn't slaved to another interface (bridging or bonding)
#if $iname in $promisc_interfaces
echo "PROMISC=yes" >> $devfile
#else
#if $ip != ""
echo "IPADDR=$ip" >> $devfile
#end if
#if $if_gateway != ""
echo "GATEWAY=$if_gateway" >> $devfile
#end if
#if $netmask == ""
## Default to 255.255.255.0?
#set $netmask = "255.255.255.0"
#end if
echo "NETMASK=$netmask" >> $devfile
#end if
#end if
#if $enableipv6 == True and $ipv6_autoconfiguration == False
#if $ipv6_address != ""
echo "IPV6INIT=yes" >> $devfile
echo "IPV6ADDR=$ipv6_address" >> $devfile
#end if
#if $ipv6_secondaries != ""
#set ipv6_secondaries = ' '.join(ipv6_secondaries)
## The quotes around the ipv6 ip's need to be here
echo "IPV6ADDR_SECONDARIES=\"$ipv6_secondaries\"" >> $devfile
#end if
#if $ipv6_mtu != ""
echo "IPV6MTU=$ipv6_mtu" >> $devfile
#end if
#if $ipv6_default_gateway != ""
echo "IPV6_DEFAULTGW=$ipv6_default_gateway" >> $devfile
#end if
#end if
#else
## this is a DHCP interface, much less work to do
echo "BOOTPROTO=dhcp" >> $devfile
#if $len($name_servers) > 0
echo "PEERDNS=no" >> $devfile
#end if
#end if
## ===================================================================
## VLAN configuration
## ===================================================================
#if $is_vlan == "true"
echo "VLAN=yes" >> $devfile
echo "ONPARENT=yes" >> $devfile
#end if
## ===================================================================
## Optional configuration stuff
## ===================================================================
#if $mtu != ""
echo "MTU=$mtu" >> $devfile
#end if
## ===================================================================
## Non-slave DNS configuration, when applicable
## ===================================================================
## If the interface is anything but a slave then add DNSn entry
#if $iface_type.lower() not in ("slave","bond_slave","bridge_slave","bonded_bridge_slave")
#set $nct = 0
#for $nameserver in $name_servers
#set $nct = $nct + 1
echo "DNS$nct=$nameserver" >> $devfile
#end for
#end if
## ===================================================================
## Interface route configuration
## ===================================================================
#for $route in $static_routes
#set routepattern = $re.compile("[0-9/.]+:[0-9.]+")
#if $routepattern.match($route)
#set $routebits = $route.split(":")
#set [$network, $router] = $route.split(":")
echo "$network via $router" >> $routesfile
#else
# Warning: invalid route "$route"
#end if
#end for
#if $enableipv6 == True
#for $route in $ipv6_static_routes
#set routepattern = $re.compile("[0-9a-fA-F:/]+,[0-9a-fA-F:]+")
#if $routepattern.match($route)
#set $routebits = $route.split(",")
#set [$network, $router] = $route.split(",")
echo "$network via $router dev $iname" >> $ipv6_routesfile
#else
# Warning: invalid ipv6 route "$route"
#end if
#end for
#end if
## ===================================================================
## Done with this interface
## ===================================================================
#set $i = $i + 1
# End configuration for $iname
#end for
## =============================================================================
## Configure name server search path in /etc/resolv.conf
#set $num_ns = $len($name_servers)
#set $num_ns_search = $len($name_servers_search)
#if $num_ns_search > 0
sed -i -e "/^search /d" /etc/resolv.conf
echo -n "search " >>/etc/resolv.conf
#for $nameserversearch in $name_servers_search
echo -n "$nameserversearch " >>/etc/resolv.conf
#end for
echo "" >>/etc/resolv.conf
#end if
## =============================================================================
## Configure name servers in /etc/resolv.conf
#if $num_ns > 0
sed -i -e "/^nameserver /d" /etc/resolv.conf
#for $nameserver in $name_servers
echo "nameserver $nameserver" >>/etc/resolv.conf
#end for
#end if
## Disable all eth interfaces by default before overwriting
## the old files with the new ones in the working directory
## This stops unneccesary (and time consuming) DHCP queries
## during the network initialization
sed -i 's/ONBOOT=yes/ONBOOT=no/g' /etc/sysconfig/network-scripts/ifcfg-eth*
## Move all staged files to their final location
rm -f /etc/sysconfig/network-scripts/ifcfg-*
mv /etc/sysconfig/network-scripts/cobbler/* /etc/sysconfig/network-scripts/
rm -r /etc/sysconfig/network-scripts/cobbler
if [ -f "/etc/modprobe.conf" ]; then
cat /etc/modprobe.conf.cobbler >> /etc/modprobe.conf
rm -f /etc/modprobe.conf.cobbler
fi
#end if
# End post_install_network_config generated code

4
cobbler/snippets/kickstart_pre_anamon Normal file
View File

@ -0,0 +1,4 @@
#if $str($getVar('anamon_enabled','')) == "1"
wget -O /tmp/anamon "http://$server:$http_port/cobbler/aux/anamon"
python /tmp/anamon --name "$name" --server "$server" --port "$http_port"
#end if

89
cobbler/snippets/kickstart_pre_install_network_config Normal file
View File

@ -0,0 +1,89 @@
#if $getVar("system_name","") != ""
# Start pre_install_network_config generated code
#raw
# generic functions to be used later for discovering NICs
mac_exists() {
if which ip 2>/dev/null >/dev/null; then
ip -o link | grep -i "$1" 2>/dev/null >/dev/null
return $?
elif which esxcfg-nics 2>/dev/null >/dev/null; then
esxcfg-nics -l | grep -i "$1" 2>/dev/null >/dev/null
return $?
else
ifconfig -a | grep -i "$1" 2>/dev/null >/dev/null
return $?
fi
}
get_ifname() {
if which ip 2>/dev/null >/dev/null; then
IFNAME=$(ip -o link | grep -i "$1" | sed -e 's/^[0-9]*: //' -e 's/:.*//')
elif which esxcfg-nics 2>/dev/null >/dev/null; then
IFNAME=$(esxcfg-nics -l | grep -i "$1" | cut -d " " -f 1)
else
IFNAME=$(ifconfig -a | grep -i "$1" | cut -d " " -f 1)
if [ -z $IFNAME ]; then
IFNAME=$(ifconfig -a | grep -i -B 2 "$1" | sed -n '/flags/s/:.*$//p')
fi
fi
}
#end raw
#set ikeys = $interfaces.keys()
#import re
#set $vlanpattern = $re.compile("[a-zA-Z0-9]+[\.:][0-9]+")
#set $routepattern = $re.compile("[0-9/.]+:[0-9.]+")
##
#for $iname in $ikeys
# Start $iname
#set $idata = $interfaces[$iname]
#set $mac = $idata["mac_address"]
#set $static = $idata["static"]
#set $management = $idata["management"]
#set $ip = $idata["ip_address"]
#set $netmask = $idata["netmask"]
#set $iface_type = $idata["interface_type"]
#set $iface_master = $idata["interface_master"]
#set $static_routes = $idata["static_routes"]
#if not $management or $mac == ""
#continue
#end if
# Configuring $iname ($mac)
if mac_exists $mac
then
get_ifname $mac
#if $static and $ip != ""
#if $netmask == ""
## Netmask not provided, default to /24.
#set $netmask = "255.255.255.0"
#end if
#set $netinfo = "--bootproto=static --ip=%s --netmask=%s" % ($ip, $netmask)
#if $gateway != ""
#set $netinfo = "%s --gateway=%s" % ($netinfo, $gateway)
#end if
#if $len($name_servers) > 0
#set $netinfo = "%s --nameserver=%s" % ($netinfo, $name_servers[0])
#end if
#else if not $static
#set $netinfo = "--bootproto=dhcp"
#else
## Skip this interface, it's set as static, but without
## networking info.
# Skipping (no configuration)...
#continue
#end if
#if $hostname != ""
#set $netinfo = "%s --hostname=%s" % ($netinfo, $hostname)
#end if
echo "network --device=\$IFNAME $netinfo" >> /tmp/pre_install_network_config
#for $route in $static_routes
#if $routepattern.match($route)
#set $routebits = $route.split(":")
#set [$network, $router] = $route.split(":")
ip route add $network via $router dev \$IFNAME
#else
# Warning: invalid route "$route"
#end if
#end for
fi
#end for
# End pre_install_network_config generated code
#end if

80
cobbler/snippets/kickstart_pre_partition_disks Normal file
View File

@ -0,0 +1,80 @@
#set hostname=$getVar('hostname',None)
#set partition = $getVar('partition', None)
#if $hostname == None
#set $vgname = "VolGroup00"
#else
#set $vgname = $hostname.split('.')[0]
#end if
set \$(list-harddrives)
let disk_nums=\$#/2
let disk_offset=0
let found_disk_offset=0
while [ \$disk_offset -lt \$disk_nums ];
do
#if $getVar('partitions_only','') != ""
let found_disk=0
#for $partition_only in $partitions_only.split(',')
if expr match "\$1" "$partition_only"; then
disks[found_disk_offset]=\$1
let found_disk=1
fi
#end for
if [ \$found_disk -gt 0 ]; then
let found_disk_offset=\$found_disk_offset+1
fi
#else
disks[found_disk_offset]=\$1
let found_disk_offset=\$found_disk_offset+1
#end if
let disk_offset=\$disk_offset+1
shift 2
done
let disk_nums=\$found_disk_offset
echo "clearpart --all --initlabel" > /tmp/part-include
#if $getVar('keep_old_partitions', '0') != "0"
#if $getVar('partitions_only','') != ""
echo "ignoredisk --only-use=$partitions_only" >> /tmp/part-include
#end if
#end if
echo "part /boot --fstype ext3 --size=100 --ondisk=\${disks[0]} --asprimary" >> /tmp/part-include
echo "part swap --recommended --maxsize=128000 --ondisk=\${disks[0]}" >> /tmp/part-include
vggroup=''
let disk_offset=0
while [ \$disk_offset -lt \$disk_nums ];
do
let pv_id=\$disk_offset+1
partname="pv.0\$pv_id"
echo "part \$partname --size=1 --grow --ondisk=\${disks[\$disk_offset]}" >> /tmp/part-include
vggroup="\$vggroup \$partname"
let disk_offset=\$disk_offset+1;
done
echo "volgroup $vgname \$vggroup" >> /tmp/part-include
echo "logvol / --fstype ext3 --vgname=$vgname --size=1 --grow --name=rootvol" >> /tmp/part-include
#if $partition != None
#set vol_sizes = [part.strip() for part in $partition.split(';') if part.strip()]
#for vol_and_size in vol_sizes
#set vol, vol_size = $vol_and_size.split(' ', 1)
#set vol = $vol.strip()
#set vol_size = $vol_size.strip()
#if $vol.startswith('/')
#set volname = $vol[1:]
#if $vol_size.endswith('%'):
#set vol_percent = vol_size[:-1]
echo "logvol $vol --fstype ext3 --vgname=$vgname --size=1 --grow --percent=$vol_percent --name=${volname}vol" >> /tmp/part-include
#else
echo "logvol $vol --vgname=$vgname --fstype ext3 --size=$vol_size --name=${volname}vol" >> /tmp/part-include
#end if
#else
# $vol is not starts with /
#end if
#end for
#end if

53
cobbler/snippets/kickstart_rsyslog.conf Normal file
View File

@ -0,0 +1,53 @@
cat << EOL > /etc/rsyslog.conf
#### MODULES ####
\\$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
\\$ModLoad imfile
\\$WorkDirectory /var/lib/rsyslog
\\$ActionQueueType LinkedList
\\$ActionQueueFileName srvrfwd
\\$ActionResumeRetryCount -1
\\$ActionQueueSaveOnShutDown on
*.* @@$server:514
# Provides UDP syslog reception
\\$ModLoad imudp
\\$UDPServerRun 514
# Provides TCP syslog reception
\\$ModLoad imtcp
\\$InputTCPServerRun 514
#set system_name = $getVar('system_name','')
\\$LocalHostName $system_name
#### GLOBAL DIRECTIVES ####
# Use default timestamp format
\\$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# File syncing capability is disabled by default. This feature is usually not required,
# not useful and an extreme performance hit
#$ActionFileEnableSync on
# Include all config files in /etc/rsyslog.d/
\\$IncludeConfig /etc/rsyslog.d/*.conf
#### RULES ####
mail.* -/var/log/maillog
# Log cron stuff
cron.* /var/log/cron
# Everybody gets emergency messages
*.emerg *
# Save news errors of level crit and higher in a special file.
uucp,news.crit /var/log/spooler
# Save boot messages also to boot.log
local7.* /var/log/boot.log
EOL
chkconfig rsyslog on

24
cobbler/snippets/kickstart_ssh Normal file
View File

@ -0,0 +1,24 @@
mkdir -p /root/.ssh
chmod 700 -R /root/.ssh
#if $getVar("push_ssh_keys", "") != ""
#set $ssh_keys = $push_ssh_keys.split(',')
set $firstline = True
#for $ssh_key in $ssh_keys
#if not $ssh_key
#continue
#end if
#set f = open($ssh_key)
#if $firstline
cat << EOL > /root/.ssh/authorized_keys
#echo $f.read()
EOL
#else
cat << EOL >> /root/.ssh/authorized_keys
#echo $f.read()
EOL
#end if
#silent $f.close()
#set $firstline = False
#end for
chmod 600 /root/.ssh/authorized_keys
#end if

5
cobbler/snippets/sysctl.conf → cobbler/snippets/kickstart_sysctl.conf
View File

@ -1,3 +1,5 @@
cat << EOF > /etc/sysctl.conf
#raw
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
@ -65,3 +67,6 @@ net.core.somaxconn = 8192
# avoid caching tcp network transfer statistics
net.ipv4.route.flush=1
#end raw
EOF
sysctl -p

30
cobbler/snippets/kickstart_yum.conf Normal file
View File

@ -0,0 +1,30 @@
cat << EOF > /etc/yum.conf
[main]
cachedir=/var/cache/yum/$basearch/$releasever
#if $getVar('proxy', '') != ""
proxy=$proxy
#end if
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=5
bugtracker_url=http://bugs.centos.org/set_project.php?project_id=16&ref=http://bugs.centos.org/bug_report_page.php?category=yum
distroverpkg=centos-release
# This is the default, if you make this bigger yum won't see if the metadata
# is newer on the remote and so you'll "gain" the bandwidth of not having to
# download the new metadata and "pay" for it by yum not having correct
# information.
# It is esp. important, to have correct metadata, for distributions like
# Fedora which don't keep old packages around. If you don't like this checking
# interupting your command line usage, it's much better to have something
# manually check the metadata once an hour (yum-updatesd will do this).
# metadata_expire=90m
# PUT YOUR REPOS HERE OR IN separate files named file.repo
# in /etc/yum.repos.d
EOF

11
cobbler/snippets/kickstart_yum_repo_config Normal file
View File

@ -0,0 +1,11 @@
# Repository Config
#set $repo_data = $getVar("repo_data",[])
#for $repo in $repo_data
#if $repo.mirror_locally
repo --name=${repo.name} --baseurl=http://$http_server/cobbler/repo_mirror/${repo.name}/
#else
repo --name=${repo.name} --baseurl=${repo.mirror}
#end if
#end for

24
cobbler/snippets/late_apt_repo_config
View File

@ -1,24 +0,0 @@
# start late_apt_repo_config
cat<<EOF>/etc/apt/sources.list
deb http://$http_server/cblr/links/$distro_name $os_version main
#set $repo_data = $getVar("repo_data",[])
#for $repo in $repo_data
#for $dist in $repo.apt_dists
#set $comps = " ".join($repo.apt_components)
#if $repo.comment != ""
# ${repo.comment}
#end if
#if $repo.arch == "x86_64"
#set $rarch = "[arch=amd64]"
#else
#set $rarch = "[arch=%s]" % $repo.arch
#end if
#if $repo.mirror_locally
deb ${rarch} http://$http_server/cblr/repo_mirror/${repo.name} $dist $comps
#else
deb ${rarch} ${repo.mirror} $dist $comps
#end if
#end for
#end for
EOF
# end late_apt_repo_config

3
cobbler/snippets/main_partition_select
View File

@ -1,3 +0,0 @@
# partition selection
%include /tmp/partinfo

47
cobbler/snippets/network_config_esx
View File

@ -1,47 +0,0 @@
#import re
#if $getVar("system_name","") != ""
#set ikeys = $interfaces.keys()
#set $vlanpattern = $re.compile("[a-zA-Z0-9]+[\.:][0-9]+")
#for $iname in $ikeys
#set $idata = $interfaces[$iname]
#set $mac = $idata["mac_address"]
#set $static = $idata["static"]
#set $ip = $idata["ip_address"]
#set $netmask = $idata["netmask"]
#set $type = $idata["interface_type"]
#if $vlanpattern.match($iname) or $type in ("master","bond","bridge")
## If this is a VLAN interface, skip it, anaconda doesn't know
## about VLANs.
#set $is_vlan = "true"
#else
#set $is_vlan = "false"
#end if
#if $mac != "" or $ip != "" and $is_vlan == "false"
#if $static == True:
#set $network_str = "--bootproto=static"
#if $ip != "":
#set $network_str = $network_str + " --ip=" + $ip
#if $netmask != "":
#set $network_str = $network_str + " --netmask=" + $netmask
#end if
#if $gateway != "":
#set $network_str = $network_str + " --gateway=" + $gateway
#end if
#if $name_servers and $name_servers[0] != "":
## Anaconda only allows one nameserver
#set $network_str = $network_str + " --nameserver=" + $name_servers[0]
#end if
#end if
#else
#set $network_str = "--bootproto=dhcp"
#end if
#if $hostname != ""
#set $network_str = $network_str + " --hostname=" + $hostname
#end if
#else
#set $network_str = "--bootproto=dhcp"
#end if
network $network_str --device=$mac
#end for
#end if

56
cobbler/snippets/network_config_esxi
View File

@ -1,56 +0,0 @@
#import re
#if $getVar("system_name","") != ""
#set ikeys = $interfaces.keys()
#set $vlanpattern = $re.compile("[a-zA-Z0-9]+[\.:][0-9]+")
#for $iname in $ikeys
#set $idata = $interfaces[$iname]
#set $mac = $idata["mac_address"]
#set $static = $idata["static"]
#set $ip = $idata["ip_address"]
#set $netmask = $idata["netmask"]
#set $type = $idata["interface_type"]
#set $vlanid = ""
#if $vlanpattern.match($iname) or $type in ("master","bond","bridge")
## If this is a VLAN interface, skip it, anaconda doesn't know
## about VLANs.
#set $is_vlan = "true"
#set $vlanid = " --vlanid=" + $iname.split('.')[1]
#set $iname = $iname.split('.')[0]
#else
#set $is_vlan = "false"
#end if
#if $mac != "" or $ip != "" and $is_vlan == "false"
#if $static == True:
#set $network_str = "--bootproto=static"
#if $ip != "":
#set $network_str = $network_str + " --ip=" + $ip
#if $netmask != "":
#set $network_str = $network_str + " --netmask=" + $netmask
#end if
#if $gateway != "":
#set $network_str = $network_str + " --gateway=" + $gateway
#end if
#if $name_servers and $name_servers[0] != "":
#set $network_str = $network_str + " --nameserver=" + $name_servers[0]
#if len($name_servers) > 1 and $name_servers[1] != "":
#set $network_str += "," + $name_servers[1]
#end if
#end if
#end if
#else
#set $network_str = "--bootproto=dhcp"
#end if
#if $hostname != ""
#set $network_str = $network_str + " --hostname=" + $hostname
#end if
#else
#set $network_str = "--bootproto=dhcp"
#end if
#if $vlanid != ""
#set $network_str = $network_str + $vlanid
#end if
network $network_str --device=$iname
#end for
#end if

14
cobbler/snippets/ntp
View File

@ -1,14 +0,0 @@
chkconfig ntpd on
cat << EOF > /etc/ntp.conf
$SNIPPET('ntp.conf')
EOF
#if $getVar('ntp_server', '') != ""
echo "old date is: \`date\`" 2>&1 > /tmp/ntp.log
echo "path: \$PATH" 2>&1 >> /tmp/ntp.log
/sbin/service ntpd stop 2>&1 >> /tmp/ntp.log
/usr/sbin/ntpdate $ntp_server 2>&1 >> /tmp/ntp.log
/sbin/service ntpd start 2>&1 >> /tmp/ntp.log
echo "new date is: \`date\`" 2>&1 >> /tmp/ntp.log
#end if

9
cobbler/snippets/ntp.conf
View File

@ -1,12 +1,6 @@
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
# Include the option tinker panic 0 at the top of your ntp.conf file.
# By default, the NTP daemon sometimes panics and exits if the underlying clock
# appears to be behaving erratically. This option causes the daemon to keep
# running instead of panicking.
tinker panic 0
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
@ -42,6 +36,7 @@ server $ntp_server
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10
# Enable public key cryptography.
# crypto
@ -64,3 +59,5 @@ keys /etc/ntp/keys
# Enable writing of statistics records.
# statistics clockstats cryptostats loopstats peerstats
# make ntpdate using the server in conf to update the system time.
NTPDATE_USE_NTP_CONF=yes

64
cobbler/snippets/partition_disks
View File

@ -1,5 +1,5 @@
#set hostname=$getVar('hostname',None)
#set partition = $getVar('partition', None)
#set hostname=$getVar('$hostname',None)
#set partition = $getVar('$partition', None)
#if $hostname == None
#set $vgname = "VolGroup00"
@ -8,56 +8,22 @@
#end if
set \$(list-harddrives)
let disk_nums=\$#/2
let disk_offset=0
let found_disk_offset=0
while [ \$disk_offset -lt \$disk_nums ];
do
#if $getVar('partitions_only','') != ""
let found_disk=0
#for $partition_only in $partitions_only.split(',')
if [[ "\$1" =~ "$partition_only" ]]; then
disks[found_disk_offset]=\$1
let found_disk=1
fi
#end for
if [ \$found_disk -gt 0 ]; then
let found_disk_offset=\$found_disk_offset+1
fi
#else
disks[found_disk_offset]=\$1
let found_disk_offset=\$found_disk_offset+1
#end if
let disk_offset=\$disk_offset+1
shift 2
done
let disk_nums=\$found_disk_offset
let numd=\$#/2
d1=\$1
d2=\$3
echo "clearpart --all --initlabel" > /tmp/part-include
echo "part /boot --fstype ext3 --size=100 --ondisk=\$d1 --asprimary" >> /tmp/part-include
echo "part swap --recommended --ondisk=\$d1" >> /tmp/part-include
echo "part pv.01 --size=1 --grow --ondisk=\$d1" >> /tmp/part-include
# if [ "$numd" == "2" ]
# echo "part pv.02 --size=1 --glow --ondisk=\$d2" >> /tmp/part-include
# echo "volgroup $vgname pv.01 pv.02" >> /tmp/part-include
# else
echo "volgroup $vgname pv.01" >> /tmp/part-include
# fi
#if $getVar('keep_old_partitions', '0') != "0"
#if $getVar('partitions_only','') != ""
echo "ignoredisk --only-use=$partitions_only" >> /tmp/part-include
#end if
#end if
echo "part /boot --fstype ext3 --size=100 --ondisk=\${disks[0]} --asprimary" >> /tmp/part-include
echo "part swap --recommended --maxsize=128000 --ondisk=\${disks[0]}" >> /tmp/part-include
vggroup=''
let disk_offset=0
while [ \$disk_offset -lt \$disk_nums ];
do
let pv_id=\$disk_offset+1
partname="pv.0\$pv_id"
echo "part \$partname --size=1 --grow --ondisk=\${disks[\$disk_offset]}" >> /tmp/part-include
vggroup="\$vggroup \$partname"
let disk_offset=\$disk_offset+1;
done
echo "volgroup $vgname \$vggroup" >> /tmp/part-include
echo "logvol / --fstype ext3 --vgname=$vgname --size=1 --grow --name=rootvol" >> /tmp/part-include
echo "logvol / --fstype ext3 --vgname=$vgname --size=1 --grow --percent=30 --name=rootvol" >> /tmp/part-include
#if $partition != None
#set vol_sizes = [part.strip() for part in $partition.split(';') if part.strip()]

7
cobbler/snippets/post_install_network_config
View File

@ -82,11 +82,6 @@ mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
# (e.g.: if we're connecting to Puppet before a reboot).
/bin/hostname $hostname
#end if
cat << EOL > /etc/hosts
$SNIPPET('hosts')
EOL
#if $enableipv6 == True
grep -v NETWORKING_IPV6 /etc/sysconfig/network > /etc/sysconfig/network.cobbler
echo "NETWORKING_IPV6=yes" >> /etc/sysconfig/network.cobbler
@ -212,7 +207,7 @@ echo "TYPE=Ethernet" >> $devfile
# the kernel gives an interface a different name
# following a reboot/hardware changes.
#end if
echo "BOOTPROTO=static" >> $devfile
echo "BOOTPROTO=none" >> $devfile
#if $ip != "" and $iface_type not in ("slave","bond_slave","bridge_slave","bonded_bridge_slave")
## Only configure static networking if an IP-address is configured
## and if the interface isn't slaved to another interface (bridging or bonding)

33
cobbler/snippets/pre_partition_select
View File

@ -1,33 +0,0 @@
# partition details calculation
# Determine how many drives we have
set \$(list-harddrives)
let numd=\$#/2
d1=\$1
d2=\$3
# Determine architecture-specific partitioning needs
EFI_PART=""
PPC_PREP_PART=""
BOOT_PART=""
case \$(uname -m) in
ia64)
EFI_PART="part /boot/efi --fstype vfat --size 200 --recommended"
;;
ppc*)
PPC_PREP_PART="part None --fstype 'PPC PReP Boot' --size 8"
BOOT_PART="part /boot --fstype ext3 --size 200 --recommended"
;;
*)
BOOT_PART="part /boot --fstype ext3 --size 200 --recommended"
;;
esac
cat << EOF > /tmp/partinfo
\$EFI_PART
\$PPC_PREP_PART
\$BOOT_PART
part / --fstype ext3 --size=1024 --grow --ondisk=\$d1 --asprimary
part swap --recommended --ondisk=\$d1 --asprimary
EOF

5
cobbler/snippets/preseed_apt_repo_config
View File

@ -1,3 +1,6 @@
# Uncomment this if you don't want to use a network mirror
d-i apt-setup/use_mirror boolean false
# Additional repositories, local[0-9] available
#set $cur=0
#set $repo_data = $getVar("repo_data",[])
@ -6,7 +9,7 @@
#set $comps = " ".join($repo.apt_components)
d-i apt-setup/local${cur}/repository string \
#if $repo.mirror_locally
http://$http_server/cblr/repo_mirror/${repo.name} $dist $comps
http://$http_server/cobbler/repo_mirror/${repo.name} $dist $comps
#else
${repo.mirror} $dist $comps
#end if

10
cobbler/snippets/preseed_chef Normal file
View File

@ -0,0 +1,10 @@
mkdir -p /target/etc/chef; \
## Generate validation.pem
$SNIPPET('preseed_chef-validator.pem') echo "processed preseed_chef-validator.pem" >> /tmp/preseed.log; \
## Generate client.rb
$SNIPPET('preseed_client.rb') echo "processed preseed_client.rb" >> /tmp/preseed.log; \
## Generate chef rsyslog conf
$SNIPPET('preseed_chef_rsyslog.conf') echo "processed preseed_chef_rsyslog.conf" >> /tmp/preseed.log; \
$SNIPPET('preseed_chef_firstrun.sh') echo "processed preseed_chef_firstrun.sh" >> /tmp/preseed.log; \
$SNIPPET('preseed_chef_rerun.sh') echo "processed preseed_chef_rerun.sh" >> /tmp/preseed.log; \
$SNIPPET('preseed_chef_init') echo "processed preseed_chef_init" >> /tmp/preseed.log; \

15
cobbler/snippets/preseed_chef-validator.pem Normal file
View File

@ -0,0 +1,15 @@
#if $getVar('chef_validation_file', '') == ""
#set chef_validation_file = '/etc/chef-server/chef-validator.pem'
#end if
#set $firstline = True
#set $f = $open($chef_validation_file)
#for $line in $f
#set $line = $line.rstrip('\n')
#if $firstline
echo "$line" > /target/etc/chef/validation.pem; \
#else
echo "$line" >> /target/etc/chef/validation.pem; \
#end if
#set $firstline = False
#end for
#silent $f.close()

20
cobbler/snippets/preseed_chef_firstrun.sh Normal file
View File

@ -0,0 +1,20 @@
echo "#!/bin/bash" > /target/etc/chef/firstrun.sh; \
echo "touch /tmp/chef.log" >> /target/etc/chef/firstrun.sh; \
echo "while true; do" >> /target/etc/chef/firstrun.sh; \
echo " echo \"firstrun.sh chef-client on \`date\`\" &>> /tmp/chef.log" >> /target/etc/chef/firstrun.sh; \
echo " clients=\\$(pgrep chef-client)" >> /target/etc/chef/firstrun.sh; \
echo " if [ \"\\$?\" == \"0\" ]; then" >> /target/etc/chef/firstrun.sh; \
echo " echo \"there are chef-clients '\\$clients' running\" &>> /tmp/chef.log" >> /target/etc/chef/firstrun.sh; \
echo " sleep 1m" >> /target/etc/chef/firstrun.sh; \
echo " else" >> /target/etc/chef/firstrun.sh; \
echo " chef-client -L /var/log/chef-client.log &>> /tmp/chef.log" >> /target/etc/chef/firstrun.sh; \
echo " if [ \"\\$?\" != \"0\" ]; then" >> /target/etc/chef/firstrun.sh; \
echo " echo \"chef-client run failed\" &>> /tmp/chef.log" >> /target/etc/chef/firstrun.sh; \
echo " sleep 1m" >> /target/etc/chef/firstrun.sh; \
echo " else" >> /target/etc/chef/firstrun.sh; \
echo " echo \"chef-client run success\" &>> /tmp/chef.log" >> /target/etc/chef/firstrun.sh; \
echo " break" >> /target/etc/chef/firstrun.sh; \
echo " fi" >> /target/etc/chef/firstrun.sh; \
echo " fi" >> /target/etc/chef/firstrun.sh; \
echo "done" >> /target/etc/chef/firstrun.sh; \
chmod +x /target/etc/chef/firstrun.sh; \

13
cobbler/snippets/preseed_chef_init Normal file
View File

@ -0,0 +1,13 @@
## A self-destruct service to boot chef client and register cron job
echo "#!/bin/bash" > /target/etc/init.d/chef; \
echo "rm -rf /var/lib/rsyslog/firstboot_log" >> /target/etc/init.d/chef; \
echo "service rsyslog restart" >> /target/etc/init.d/chef; \
echo "/etc/chef/firstrun.sh" >> /target/etc/init.d/chef; \
echo "crontab -l > /tmp/mycron" >> /target/etc/init.d/chef; \
echo "echo \"*/30 * * * * /etc/chef/rerun.sh\" >> /tmp/mycron" >> /target/etc/init.d/chef; \
echo "crontab /tmp/mycron" >> /target/etc/init.d/chef; \
echo "rm /tmp/mycron" >> /target/etc/init.d/chef; \
echo "update-rc.d -f chef remove" >> /target/etc/init.d/chef; \
echo "mv /etc/init.d/chef /tmp/chef" >> /target/etc/init.d/chef; \
chmod +x /target/etc/init.d/chef; \
chroot /target update-rc.d chef defaults 99 20; \

14
cobbler/snippets/preseed_chef_rerun.sh Normal file
View File

@ -0,0 +1,14 @@
echo "#!/bin/bash" > /target/etc/chef/rerun.sh; \
echo "echo \"rerun chef-client on \`date\`\" &>> /tmp/chef.log" >> /target/etc/chef/rerun.sh; \
echo "clients=\\$(pgrep chef-client)" >> /target/etc/chef/rerun.sh; \
echo "if [ \"\\$?\" == \"0\" ]; then" >> /target/etc/chef/rerun.sh; \
echo " echo \"there are chef-clients '\\$clients' running\" &>> /tmp/chef.log" >> /target/etc/chef/rerun.sh; \
echo " exit 1" >> /target/etc/chef/rerun.sh; \
echo "fi" >> /target/etc/chef/rerun.sh; \
echo "chef-client &>> /tmp/chef.log" >> /target/etc/chef/rerun.sh; \
echo "if [ \"\\$?\" != \"0\" ]; then" >> /target/etc/chef/rerun.sh; \
echo " echo \"chef-client run failed\" &>> /tmp/chef.log" >> /target/etc/chef/rerun.sh; \
echo "else" >> /target/etc/chef/rerun.sh; \
echo " echo \"chef-client run success\" &>> /tmp/chef.log" >> /target/etc/chef/rerun.sh; \
echo "fi" >> /target/etc/chef/rerun.sh; \
chmod +x /target/etc/chef/rerun.sh; \

10
cobbler/snippets/preseed_chef_rsyslog.conf Normal file
View File

@ -0,0 +1,10 @@
echo "\\$ModLoad imfile" > /target/etc/rsyslog.d/chef.conf; \
echo "\\$InputFileName /var/log/chef-client.log" >> /target/etc/rsyslog.d/chef.conf; \
echo "\\$InputFileReadMode 0" >> /target/etc/rsyslog.d/chef.conf; \
echo "\\$InputFileTag" >> /target/etc/rsyslog.d/chef.conf; \
echo "\\$InputFileStateFile firstboot_log" >> /target/etc/rsyslog.d/chef.conf; \
echo "\\$InputFileSeverity notice" >> /target/etc/rsyslog.d/chef.conf; \
echo "\\$InputFileFacility local3" >> /target/etc/rsyslog.d/chef.conf; \
echo "\\$InputRunFileMonitor" >> /target/etc/rsyslog.d/chef.conf; \
echo "\\$InputFilePollInterval 1" >> /target/etc/rsyslog.d/chef.conf; \
echo "local3.info @$server:514" >> /target/etc/rsyslog.d/chef.conf; \

26
cobbler/snippets/preseed_client.rb Normal file
View File

@ -0,0 +1,26 @@
echo "log_level :info" > /target/etc/chef/client.rb; \
echo "log_location '/dev/null'" >> /target/etc/chef/client.rb; \
#if $getVar('chef_url', '') != ""
echo "chef_server_url '$chef_url'" >> /target/etc/chef/client.rb; \
#end if
#if $getVar('proxy', '') != ""
echo "http_proxy '$proxy'" >> /target/etc/chef/client.rb; \
echo "https_proxy '$proxy'" >> /target/etc/chef/client.rb; \
echo "ENV['http_proxy'] = '$proxy'" >> /target/etc/chef/client.rb; \
echo "ENV['https_proxy'] = '$proxy'" >> /target/etc/chef/client.rb; \
echo "ENV['HTTP_PROXY'] = '$proxy'" >> /target/etc/chef/client.rb; \
echo "ENV['HTTPS_PROXY'] = '$proxy'" >> /target/etc/chef/client.rb; \
#end if
#if $getVar('ignore_proxy', '') != ""
echo "no_proxy '$ignore_proxy'" >> /target/etc/chef/client.rb; \
echo "ENV['no_proxy'] = '$ignore_proxy'" >> /target/etc/chef/client.rb; \
echo "ENV['NO_PROXY'] = '$ignore_proxy'" >> /target/etc/chef/client.rb; \
#end if
#if $getVar('chef_node_name', '') != ""
echo "node_name '$chef_node_name'" >> /target/etc/chef/client.rb; \
#end if
echo "validation_client_name 'chef-validator'" >> /target/etc/chef/client.rb; \
echo "json_attribs nil" >> /target/etc/chef/client.rb; \
echo "pid_file '/var/run/chef-client.pid'" >> /target/etc/chef/client.rb; \
echo "# Using default node name (fqdn)" >> /target/etc/chef/client.rb; \
echo "no_lazy_load true" >> /target/etc/chef/client.rb; \

10
cobbler/snippets/preseed_hosts Normal file
View File

@ -0,0 +1,10 @@
echo "127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4" > /target/etc/hosts; \
echo "::1 localhost localhost.localdomain localhost6 localhost6.localdomain6" >> /target/etc/hosts; \
#for $iname, $idata in $interfaces.items()
#if $hostname and $idata["management"] and $idata["static"] and $idata.get("ip_address", "") != ""
echo "$idata["ip_address"] $hostname" >> /target/etc/hosts; \
#end if
#end for
#import os
#set $server_name = $os.uname[1]
echo "$server $server_name" >> /target/etc/hosts; \

1
cobbler/snippets/preseed_limits.conf Normal file
View File

@ -0,0 +1 @@
echo "* - nofile 100000" > /target/etc/security/limits.conf; \

21
cobbler/snippets/preseed_network_config Normal file
View File

@ -0,0 +1,21 @@
#if $getVar("system_name","") != ""
d-i netcfg/link_detection_timeout string 0
d-i netcfg/dhcp_timeout string 0
d-i netcfg/dhcpv6_timeout string 0
d-i netcfg/enable boolean true
d-i netcfg/disable_autoconfig boolean true
d-i netcfg/dhcp_failed note
d-i netcfg/dhcp_options select Configure network manually
d-i hw-detect/load_firmware boolean true
d-i netcfg/confirm_static boolean true
#if $hostname != ""
d-i netcfg/get_hostname string $hostname
d-i netcfg/hostname string $hostname
#end if
#if $gateway != ""
d-i netcfg/get_gateway string $gateway
#end if
#if $len($name_servers) > 0
d-i netcfg/get_nameservers string $name_servers[0]
#end if
#end if

18
cobbler/snippets/preseed_ntp Normal file
View File

@ -0,0 +1,18 @@
#if $getVar('ntp_server', '') != ""
echo "driftfile /var/lib/ntp/ntp.drift" > /target/etc/ntp.conf; \
echo "#statsdir /var/log/ntpstats/" >> /target/etc/ntp.conf; \
echo "statistics loopstats peerstats clockstats" >> /target/etc/ntp.conf; \
echo "filegen loopstats file loopstats type day enable" >> /target/etc/ntp.conf; \
echo "filegen peerstats file peerstats type day enable" >> /target/etc/ntp.conf; \
echo "filegen clockstats file clockstats type day enable" >> /target/etc/ntp.conf; \
echo "server $ntp_server" >> /target/etc/ntp.conf; \
echo "restrict -4 default kod notrap nomodify nopeer noquery" >> /target/etc/ntp.conf; \
echo "restrict -6 default kod notrap nomodify nopeer noquery" >> /target/etc/ntp.conf; \
echo "restrict 127.0.0.1" >> /target/etc/ntp.conf; \
echo "restrict ::1" >> /target/etc/ntp.conf; \
echo "server 127.127.1.0 # local clock" >> /target/etc/ntp.conf; \
chroot /target update-rc.d ntp defaults 58 74; \
chroot /target service ntp stop 2>&1 >> /tmp/ntp.log; \
chroot /target ntpdate $ntp_server 2>&1 >> /tmp/ntp.log; \
chroot /target service ntp start 2>&1 >> /tmp/ntp.log; \
#end if

32
cobbler/snippets/preseed_partition_disks Normal file
View File

@ -0,0 +1,32 @@
#set hostname=$getVar('hostname',None)
#set partition = $getVar('partition', None)
#if $hostname == None
#set $vgname = "VolGroup00"
#else
#set $vgname = $hostname.split('.')[0]
#end if
#if $getVar("system_name","") != ""
d-i partman-auto/init_automatically_partition string custom
d-i partman-auto/automatically_partition string custom
d-i partman-auto/method string lvm
d-i partman-auto/purge_lvm_from_device boolean true
d-i partman-auto-lvm/new_vg_name string $vgname
d-i partman-auto-lvm/guided_size string max
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-lvm/device_remove_lvm_span boolean true
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-md/confirm boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman/default_filesystem string ext3
d-i partman/mount_style select uuid
d-i partman/confirm_write_changes_to_disks_and_configure_lvm boolean true
d-i partman/choose_partition select Finish partitioning and write changes to disk
d-i partman-auto/choose_recipe select boot-root
d-i mdadm/boot_degraded boolean true
d-i partman-auto-lvm/no_boot boolean true
d-i partman-lvm/vgcreate string $vgname
#end if

13
cobbler/snippets/preseed_post_anamon Normal file
View File

@ -0,0 +1,13 @@
#if $str($getVar('anamon_enabled','')) == "1"
wget -O /target/usr/local/sbin/anamon "http://$server:$http_port/cobbler/aux/anamon"; \
## A self-destruct service to boot anamon
echo "#!/bin/bash" > /target/etc/init.d/anamon.init; \
echo "cd /var/log/installer" >> /target/etc/init.d/anamon.init; \
echo "gunzip initial-status.gz" >> /target/etc/init.d/anamon.init; \
echo "/usr/local/sbin/anamon --watchfile \"/var/log/installer/syslog /var/log/installer/hardware-summary /var/log/installer/initial-status /var/log/installer/status /var/log/messages /var/log/dmesg\" --name $name --server $server --port $http_port --exit" >> /target/etc/init.d/anamon.init; \
echo "update-rc.d -f anamon remove" >> /target/etc/init.d/anamon.init; \
echo "mv /etc/init.d/anamon.init /tmp/anamon.init" >> /target/etc/init.d/anamon.init; \
chmod 755 /target/etc/init.d/anamon.init /target/usr/local/sbin/anamon; \
chroot /target update-rc.d anamon.init defaults 95 95; \
#end if

24
cobbler/snippets/preseed_post_apt_repo_config Normal file
View File

@ -0,0 +1,24 @@
echo "deb http://archive.ubuntu.com/ubuntu/ raring main restricted universe multiverse" > /target/etc/apt/sources.list; \
echo "deb http://archive.ubuntu.com/ubuntu/ raring-security main restricted universe multiverse" >> /target/etc/apt/sources.list; \
echo "deb http://archive.ubuntu.com/ubuntu/ raring-updates main restricted universe multiverse" >> /target/etc/apt/sources.list; \
echo "deb http://archive.ubuntu.com/ubuntu/ raring-proposed main restricted universe multiverse" >> /target/etc/apt/sources.list; \
echo "deb http://archive.ubuntu.com/ubuntu/ raring-backports main restricted universe multiverse" >> /target/etc/apt/sources.list; \
#set $repo_data = $getVar("repo_data",[])
#for $repo in $repo_data
#for $dist in $repo.apt_dists
#set $comps = " ".join($repo.apt_components)
#if $repo.comment != ""
echo "# ${repo.comment}" >> /target/etc/apt/sources.list; \
#end if
#if $repo.arch == "x86_64"
#set $rarch = "[arch=amd64]"
#else
#set $rarch = "[arch=%s]" % $repo.arch
#end if
#if $repo.mirror_locally
echo "deb ${rarch} http://$http_server/cblr/repo_mirror/${repo.name} $dist $comps" >> /target/etc/apt/sources.list; \
#else
echo "deb ${rarch} ${repo.mirror} $dist $comps" >> /target/etc/apt/sources.list; \
#end if
#end for
#end for

153
cobbler/snippets/post_install_network_config_deb → cobbler/snippets/preseed_post_install_network_config
View File

@ -1,4 +1,9 @@
# Start post_install_network_config generated code
## Start post_install_network_config generated code
#if $getVar('promisc_nics', '') != ""
#set promisc_interfaces = [promisc.strip() for promisc in $promisc_nics.split(',') if promisc.strip()]
#else
#set promisc_interfaces = []
#end if
#if $getVar("system_name","") != ""
## this is being provisioned by system records, not profile records
## so we can do the more complex stuff
@ -47,11 +52,9 @@
## end looping through the interfaces to see which ones we need to configure.
## =============================================================================
## Rewrite the interfaces file and make sure we preserve the loopback device
rm -f /etc/network/interfaces
touch /etc/network/interfaces
echo "auto lo" >> /etc/network/interfaces
echo "iface lo inet loopback" >> /etc/network/interfaces
echo "" >> /etc/network/interfaces
echo "auto lo" > /target/etc/network/interfaces; \
echo " iface lo inet loopback" >> /target/etc/network/interfaces; \
echo "" >> /target/etc/network/interfaces; \
## =============================================================================
## now create the config file for each interface
#for $iname in $ikeys
@ -60,6 +63,7 @@ echo "" >> /etc/network/interfaces
#set $mac = $idata.get("mac_address", "").upper()
#set $mtu = $idata.get("mtu", "")
#set $static = $idata.get("static", "")
#set $management = $idata.get("management", "")
#set $ip = $idata.get("ip_address", "")
#set $netmask = $idata.get("netmask", "")
#set $if_gateway = $idata.get("if_gateway", "")
@ -73,9 +77,9 @@ echo "" >> /etc/network/interfaces
#set $ipv6_mtu = $idata.get("ipv6_mtu", "")
#set $ipv6_default_gateway = $idata.get("ipv6_default_gateway", "")
#set $ipv6_static_routes = $idata.get("ipv6_static_routes", "")
#set $devfile = "/etc/sysconfig/network-scripts/cobbler/ifcfg-" + $iname
#set $routesfile = "/etc/sysconfig/network-scripts/cobbler/route-" + $iname
#set $ipv6_routesfile = "/etc/sysconfig/network-scripts/cobbler/route6-" + $iname
#set $devfile = "/target/etc/sysconfig/network-scripts/cobbler/ifcfg-" + $iname
#set $routesfile = "/target/etc/sysconfig/network-scripts/cobbler/route-" + $iname
#set $ipv6_routesfile = "/target/etc/sysconfig/network-scripts/cobbler/route6-" + $iname
## determine if this interface is for a VLAN
#if $vlanpattern.match($iname)
#set $is_vlan = "true"
@ -89,35 +93,31 @@ echo "" >> /etc/network/interfaces
## ===================================================================
## Things every interface get, no matter what
## ===================================================================
echo "auto $iname" >> /etc/network/interfaces
## ===================================================================
## Actions based on interface_type
## ===================================================================
#if $iface_type in ("master","bond","bonded_bridge_slave")
#pass
#elif $iface_type in ("slave","bond_slave") and $iface_master != ""
#pass
#elif $iface_type == "bridge"
#set $slave_ports = " ".join($bridge_slaves.get($iname,[]))
#if $slave_ports != ""
echo " bridge_ports $slave_ports" >> /etc/network/interfaces
#end if
#for $bridge_opt in $bridge_opts
#if $bridge_opt.strip() != ""
echo " $bridge_opt" >> /etc/network/interfaces
#end if
#end for
#end if
echo "auto $iname" >> /target/etc/network/interfaces; \
## ===================================================================
## Actions based on static configuration
## ===================================================================
#if $static
#if $ip != "" and $iface_type not in ("slave","bond_slave","bridge_slave","bonded_bridge_slave")
echo "iface $iname inet static" >> /etc/network/interfaces
echo " hwaddress $mac" >> /etc/network/interfaces
echo " address $ip" >> /etc/network/interfaces
#if $netmask != ""
echo " netmask $netmask" >> /etc/network/interfaces
#if $iface_type not in ("slave","bond_slave","bridge_slave","bonded_bridge_slave")
echo "iface $iname inet static" >> /target/etc/network/interfaces; \
#if $mac != ""
echo " hwaddress $mac" >> /target/etc/network/interfaces; \
#end if
#if $iname in $promisc_interfaces
echo " up ifconfig $iname promisc up" >> /target/etc/network/interfaces; \
echo " down ifconfig $iname promisc down" >> /target/etc/network/interfaces; \
#else
#if $ip != ""
echo " address $ip" >> /target/etc/network/interfaces; \
#end if
#if $if_gateway != ""
echo " gateway $if_gateway" >> /target/etc/network/interfaces; \
#end if
#if $netmask == ""
## Default to 255.255.255.0?
#set $netmask = "255.255.255.0"
#end if
echo " netmask $netmask" >> /target/etc/network/interfaces; \
#end if
#if $iface_type in ("master","bond")
#set $bondslaves = ""
@ -129,34 +129,20 @@ echo " netmask $netmask" >> /etc/network/interfaces
#set $bondslaves += $bondiname + " "
#end if
#end for
echo " bond-slaves $bondslaves" >> /etc/network/interfaces
#for $bondopts in $bonding_opts.split(" ")
#set [$bondkey, $bondvalue] = $bondopts.split("=")
echo " bond-$bondkey $bondvalue" >> /etc/network/interfaces
#end for
echo " bond-slaves $bondslaves" >> /target/etc/network/interfaces; \
#for $bondopts in $bonding_opts.split(" ")
#set [$bondkey, $bondvalue] = $bondopts.split("=")
echo " bond-$bondkey $bondvalue" >> /target/etc/network/interfaces; \
#end for
#end if
#else
echo "iface $iname inet manual" >> /etc/network/interfaces
echo "iface $iname inet manual" >> /target/etc/network/interfaces; \
#end if
#if $iface_type in ("slave","bond_slave") and $iface_master != ""
echo "bond-master $iface_master" >> /etc/network/interfaces
#end if
#if $enableipv6 == True and $ipv6_autoconfiguration == False
#if $ipv6_address != ""
#pass
#end if
#if $ipv6_secondaries != ""
#set ipv6_secondaries = ' '.join(ipv6_secondaries)
#end if
#if $ipv6_mtu != ""
#pass
#end if
#if $ipv6_default_gateway != ""
#pass
#end if
echo "bond-master $iface_master" >> /target/etc/network/interfaces; \
#end if
#else
echo "iface $iname inet dhcp" >> /etc/network/interfaces
echo "iface $iname inet dhcp" >> /target/etc/network/interfaces; \
#end if
## ===================================================================
## VLAN configuration
@ -167,11 +153,8 @@ echo "iface $iname inet dhcp" >> /etc/network/interfaces
## ===================================================================
## Optional configuration stuff
## ===================================================================
#if $if_gateway != ""
echo " gateway $if_gateway" >> /etc/network/interfaces
#end if
#if $mtu != ""
echo " mtu $mtu" >> /etc/network/interfaces
echo " mtu $mtu" >> /target/etc/network/interfaces; \
#end if
## ===================================================================
## Interface route configuration
@ -180,9 +163,9 @@ echo " mtu $mtu" >> /etc/network/interfaces
#set routepattern = $re.compile("[0-9/.]+:[0-9.]+")
#if $routepattern.match($route)
#set [$network, $router] = $route.split(":")
echo " up ip route add $network via $router dev $iname || true" >> /etc/network/interfaces
echo " up ip route add $network via $router dev $iname || true" >> /target/etc/network/interfaces; \
#else
echo " # Warning: invalid route: $route" >> /etc/network/interfaces
echo " # Warning: invalid route: $route" >> /target/etc/network/interfaces; \
#end if
#end for
#if $enableipv6 == True
@ -190,12 +173,28 @@ echo " # Warning: invalid route: $route" >> /etc/network/interfaces
#set routepattern = $re.compile("[0-9a-fA-F:/]+,[0-9a-fA-F:]+")
#if $routepattern.match($route)
#set [$network, $router] = $route.split(",")
echo " up ip -6 route add $network via $router dev $iname || true" >> /etc/network/interfaces
echo " up ip -6 route add $network via $router dev $iname || true" >> /target/etc/network/interfaces; \
#else
echo " # Warning: invalid route: $route" >> /etc/network/interfaces
echo " # Warning: invalid route: $route" >> /target/etc/network/interfaces; \
#end if
#end for
#end if
#if $management
#if $gateway != "" and $if_gateway == ""
echo " gateway $gateway" >> /target/etc/network/interfaces; \
#end if
## =============================================================================
## Configure name server search path in /target/etc/resolv.conf
#set $nameservers = ' '.join($name_servers)
#set $nameserver_search = ' '.join($name_servers_search)
#if $nameservers != ""
echo " dns-nameservers $nameservers" >> /target/etc/network/interfaces; \
#end if
#if $nameserver_search != ""
echo " dns-search $nameserver_search" >> /target/etc/network/interfaces; \
#end if
#end if
echo "" >> /target/etc/network/interfaces; \
## ===================================================================
## Done with this interface
## ===================================================================
@ -204,28 +203,8 @@ echo " # Warning: invalid route: $route" >> /etc/network/interfaces
## Configure the system's primary hostname. This is also passed to anaconda, but
## anaconda doesn't seem to honour it in DHCP-setups.
#if $hostname != ""
echo "$hostname" > /etc/hostname
/bin/hostname $hostname
#end if
## =============================================================================
## Configure name server search path in /etc/resolv.conf
#set $num_ns = $len($name_servers)
#set $num_ns_search = $len($name_servers_search)
#if $num_ns_search > 0
sed -i -e "/^search /d" /etc/resolv.conf
echo -n "search " >>/etc/resolv.conf
#for $nameserversearch in $name_servers_search
echo -n "$nameserversearch " >>/etc/resolv.conf
#end for
echo "" >>/etc/resolv.conf
#end if
## =============================================================================
## Configure name servers in /etc/resolv.conf
#if $num_ns > 0
sed -i -e "/^nameserver /d" /etc/resolv.conf
#for $nameserver in $name_servers
echo "nameserver $nameserver" >>/etc/resolv.conf
#end for
echo "$hostname" > /target/etc/hostname; \
#end if
$SNIPPET('preseed_hosts') echo "processed preseed_hosts" >> /tmp/preseed.log; \
#end if
# End post_install_network_config generated code
## End post_install_network_config generated code

4
cobbler/snippets/preseed_pre_anamon Normal file
View File

@ -0,0 +1,4 @@
#if $str($getVar('anamon_enabled','')) == "1"
wget -O /tmp/anamon "http://$server:$http_port/cobbler/aux/anamon" ; \
python /tmp/anamon --name "$name" --watchfiles "/var/log/syslog /var/log/partman /var/log/hareware_summary /var/log/status /tmp/preseed.log" --server "$server" --port "$http_port"; \
#end if

41
cobbler/snippets/preseed_pre_install_network_config Normal file
View File

@ -0,0 +1,41 @@
#if $getVar("system_name","") != ""
mac_exists() { \
ip -o link | grep -i "$1" 2>/dev/null >/dev/null; \
return $?; \
}; \
get_ifname() { \
IFNAME=\$(ip -o link | grep -i "$1" | sed -e 's/^[0-9]*: //' -e 's/:.*//'); \
}; \
#set ikeys = $interfaces.keys()
#import re
#set $vlanpattern = $re.compile("[a-zA-Z0-9]+[\.:][0-9]+")
#set $routepattern = $re.compile("[0-9/.]+:[0-9.]+")
#for $iname in $ikeys
#set $idata = $interfaces[$iname]
#set $mac = $idata["mac_address"]
#set $static = $idata["static"]
#set $management = $idata["management"]
#set $ip = $idata["ip_address"]
#set $netmask = $idata["netmask"]
#set $iface_type = $idata["interface_type"]
#set $iface_master = $idata["interface_master"]
#set $static_routes = $idata["static_routes"]
#if not $management or $mac == ""
#continue
#end if
if mac_exists $mac; then \
get_ifname $mac; \
echo "d-i netcfg/choose_interface string \$IFNAME" >> /tmp/pre_install_network_config; \
#if $static and $ip != ""
echo "d-i netcfg/get_ipaddress string $ip" >> /tmp/pre_install_network_config; \
#if $netmask == ""
#set $netmask = "255.255.255.0"
#end if
echo "d-i netcfg/get_netmask string $netmask" >> /tmp/pre_install_network_config; \
#else
#continue
#end if
fi; \
#end for
#end if
debconf-set-selections /tmp/pre_install_network_config; \

136
cobbler/snippets/preseed_pre_partition_disks Normal file
View File

@ -0,0 +1,136 @@
#set hostname=$getVar('hostname',None)
#set partition = $getVar('partition', None)
#if $hostname == None
#set $vgname = "VolGroup00"
#else
#set $vgname = $hostname.split('.')[0]
#end if
#if $getVar("system_name","") != ""
first_found_disk=""; \
disks_str=""; \
found_disks_str=""; \
for disk in \$(list-devices disk); do \
if [[ x"\$disk" == x"" ]]; then \
continue; \
fi; \
#if $getVar('partitions_only','') != ""
let found_disk=0; \
#for $partition_only in $partitions_only.split(',')
#if not $partition_only
#continue
#end if
if expr match "\$disk" "$partition_only"; then \
let found_disk=1; \
fi; \
#end for
#else
let found_disk=1; \
#end if
if [ \$found_disk -gt 0 ]; then \
if [ -z \$found_disks_str ]; then \
found_disks_str="\$disk"; \
first_found_disk="\$disk"; \
else \
found_disks_str="\${found_disks_str} \$disk"; \
fi; \
fi; \
if [ -z \$disks_str ]; then \
disks_str="\$disk"; \
else \
disks_str="\${disks_str} \$disk"; \
fi; \
done; \
logger "partition disks: \${found_disks_str}"; \
#if $getVar('keep_old_partitions', '0') != "0"
remove_disks_str=\${found_disks_str}; \
#else
remove_disks_str=\${disks_str}; \
#end if
logger "remove disks \${remove_disks_str}"; \
## vgremove -f $vgname; \
## logger "vgremove $vgname"; \
disk_partitions=\$(pvs --noheadings --rows | head -n1); \
for disk_partition in \${disk_partitions}; do \
if [[ x"\$disk_partition" == x"" ]]; then \
continue; \
fi; \
vg=\$(pvs --noheadings --separator : \${disk_partition} | cut -d: -f2); \
remove_vg=""; \
for remove_disk in \${remove_disks_str}; do \
if [[ x"\$remove_disk" == x"" ]]; then \
continue; \
fi; \
if expr match "\${disk_partition}" "\${remove_disk}.*"; then \
remove_vg="\$vg"; \
logger "partition \${disk_partition} matches \${remove_disk}.*"; \
logger "set remove_vg to \$vg"; \
else \
logger "partition \${disk_partition} does not match \${remove_disk}.*"; \
fi; \
done; \
if [[ x"\$remove_vg" != x"" ]]; then \
vgremove -f \$remove_vg; \
logger "vgremove \${remove_vg} for \${disk_partition}"; \
else \
logger "\${disk_partition} is not in vgremove list"; \
fi; \
done; \
for remove_disk in \${remove_disks_str}; do \
if [[ x"\$remove_disk" == x"" ]]; then \
continue; \
fi; \
pvremove -ff -y \${remove_disk}*; \
logger "pvremove \${remove_disk}*"; \
done; \
remove_disks=\$(echo \${remove_disks_str} | sed -e 's/ /,/g'); \
echo "d-i partman-auto/select_disks multiselect \${remove_disks}" >> /tmp/part-include; \
echo "d-i partman-auto/disk string \${found_disks_str}" >> /tmp/part-include; \
recipe="boot-root :: \
100 100 100 ext3 \
\\$primary{ } \\$bootable{ } method{ format } \
format{ } use_filesystem{ } filesystem{ ext3 } \
mountpoint{ /boot } device{ \$first_found_disk } \
. \
200% 200% 200% linux-swap \
\\$primary{ } method{ swap } format{ } \
device{ \$first_found_disk } \
. \
#if $partition != None
#set vol_sizes = [part.strip() for part in $partition.split(';') if part.strip()]
#for vol_and_size in vol_sizes
#set vol, vol_size = $vol_and_size.split(' ', 1)
#set vol = $vol.strip()
#set vol_size = $vol_size.strip()
#if $vol.startswith('/')
#set volname = $vol[1:]
${vol_size} ${vol_size} ${vol_size} ext3 \
\\$lvmok{ } method{ format } format{ } \
use_filesystem{ } filesystem{ ext3 } \
in_vg{ $vgname } lv_name{ ${volname}vol } \
mountpoint{ $vol } \
. \
#else
#continue
#end if
#end for
#end if
1 2 100% ext3 \
\\$lvmok{ } method{ format } \
format{ } use_filesystem{ } filesystem{ ext3 } \
in_vg{ $vgname } lv_name{ rootvol } \
mountpoint{ / } \
. \
"; \
pv_offset=1; \
for found_disk in \${found_disks_str}; do \
recipe="\$recipe \
1 1 -1 ext3 \
\\$defaultignore{ } \\$primary{ } device{ \${found_disk} } \
method{ lvm } vg_name{ $vgname } \
. \
"; \
let pv_offset=\${pv_offset}+1; \
done; \
echo "d-i partman-auto/expert_recipe string \$recipe" >> /tmp/part-include; \
debconf-set-selections /tmp/part-include; \
#end if

24
cobbler/snippets/preseed_rsyslog.conf Normal file
View File

@ -0,0 +1,24 @@
echo "\\$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)" > /target/etc/rsyslog.conf; \
echo "\\$ModLoad imklog # provides kernel logging support (previously done by rklogd)" >> /target/etc/rsyslog.conf; \
echo "\\$ModLoad immark # provides --MARK-- message capability" >> /target/etc/rsyslog.conf; \
echo "\\$WorkDirectory /var/spool/rsyslog" >> /target/etc/rsyslog.conf; \
echo "\\$ActionQueueType LinkedList" >> /target/etc/rsyslog.conf; \
echo "\\$ActionQueueFileName srvrfwd" >> /target/etc/rsyslog.conf; \
echo "\\$ActionResumeRetryCount -1" >> /target/etc/rsyslog.conf; \
echo "\\$ActionQueueSaveOnShutDown on" >> /target/etc/rsyslog.conf; \
echo "*.* @@$server:514" >> /target/etc/rsyslog.conf; \
echo "\\$ModLoad imudp" >> /target/etc/rsyslog.conf; \
echo "\\$UDPServerRun 514" >> /target/etc/rsyslog.conf; \
echo "\\$ModLoad imtcp" >> /target/etc/rsyslog.conf; \
echo "\\$InputTCPServerRun 514" >> /target/etc/rsyslog.conf; \
#set system_name = $getVar('system_name','')
echo "\\$LocalHostName $system_name" >> /target/etc/rsyslog.conf; \
echo "\\$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat" >> /target/etc/rsyslog.conf; \
echo "\\$IncludeConfig /etc/rsyslog.d/*.conf" >> /target/etc/rsyslog.conf; \
echo "*.info;mail.none;authpriv.none;cron.none /var/log/messages" >> /target/etc/rsyslog.conf; \
echo "mail.* -/var/log/maillog" >> /target/etc/rsyslog.conf; \
echo "cron.* /var/log/cron" >> /target/etc/rsyslog.conf; \
echo "*.emerg *" >> /target/etc/rsyslog.conf; \
echo "uucp,news.crit /var/log/spooler" >> /target/etc/rsyslog.conf; \
echo "local7.* /var/log/boot.log" >> /target/etc/rsyslog.conf; \
chroot /target update-rc.d rsyslog defaults 12 88; \

23
cobbler/snippets/preseed_ssh Normal file
View File

@ -0,0 +1,23 @@
mkdir -p /target/root/.ssh; \
chmod 700 -R /target/root/.ssh; \
#if $getVar("push_ssh_keys", "") != ""
#set $ssh_keys = $push_ssh_keys.split(',')
#set $firstline = True
#for $ssh_key in $ssh_keys
#if not $ssh_key
#continue
#end if
#set $f = open($ssh_keys)
#for $line in $f
#set $line = $line.rstrip('\n')
#if $firstline
echo "$line" > /target/root/.ssh/authorized_keys; \
#else
echo "$line" >> /target/root/.ssh/authorized_keys; \
#end if
#set $firstline = False
#end for
#silent $f.close()
#end for
chmod 600 /target/root/.ssh/authorized_keys; \
#end if

22
cobbler/snippets/preseed_sysctl.conf Normal file
View File

@ -0,0 +1,22 @@
echo "net.ipv4.ip_forward = 0" > /target/etc/sysctl.conf; \
echo "net.ipv4.conf.default.rp_filter = 1" >> /target/etc/sysctl.conf; \
echo "net.ipv4.conf.default.accept_source_route = 1" >> /target/etc/sysctl.conf; \
echo "kernel.sysrq = 0" >> /target/etc/sysctl.conf; \
echo "kernel.core_uses_pid = 1" >> /target/etc/sysctl.conf; \
echo "net.ipv4.tcp_syncookies = 1" >> /target/etc/sysctl.conf; \
echo "kernel.msgmnb = 65536" >> /target/etc/sysctl.conf; \
echo "kernel.msgmax = 65536" >> /target/etc/sysctl.conf; \
echo "kernel.shmmax = 68719476736" >> /target/etc/sysctl.conf; \
echo "kernel.shmall = 4294967296" >> /target/etc/sysctl.conf; \
echo "net.core.rmem_max = 16777216" >> /target/etc/sysctl.conf; \
echo "net.core.wmem_max = 16777216" >> /target/etc/sysctl.conf; \
echo "net.core.netdev_max_backlog = 30000" >> /target/etc/sysctl.conf; \
echo "net.ipv4.tcp_max_syn_backlog = 4096" >> /target/etc/sysctl.conf; \
echo "net.ipv4.tcp_congestion_control=htcp" >> /target/etc/sysctl.conf; \
echo "net.ipv4.tcp_mtu_probing=1" >> /target/etc/sysctl.conf; \
echo "net.ipv4.ip_local_port_range = 15000 61000" >> /target/etc/sysctl.conf; \
echo "net.ipv4.tcp_fin_timeout=30" >> /target/etc/sysctl.conf; \
echo "net.ipv4.tcp_tw_recycle = 1" >> /target/etc/sysctl.conf; \
echo "net.ipv4.tcp_tw_reuse = 1" >> /target/etc/sysctl.conf; \
echo "net.core.somaxconn = 8192" >> /target/etc/sysctl.conf; \
echo "net.ipv4.route.flush=1" >> /target/etc/sysctl.conf; \

3
cobbler/snippets/rsyslogconf
View File

@ -23,8 +23,7 @@
# Provides TCP syslog reception
\\$ModLoad imtcp
\\$InputTCPServerRun 514
#set system_name = $getVar('system_name','')
\\$LocalHostName $system_name
#### GLOBAL DIRECTIVES ####

9
cobbler/snippets/ssh
View File

@ -1,9 +0,0 @@
mkdir -p /root/.ssh
chmod 700 -R /root/.ssh
touch /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
#if $getVar("push_ssh_keys", "") != ""
cat << EOL >> /root/.ssh/authorized_keys
$SNIPPET('id_rsa.pub')
EOL
#end if