rocky-linux-generic-images/includes/post-install.ksi

%post

# User setup
DEFAULT_USERNAME='rocky'
DEFAULT_PASSWORD='rockylinux'
DEFAULT_GROUPS='wheel'

useradd --comment "Rocky Linux" \
    --uid 1000 \
    --create-home \
    --user-group "${DEFAULT_USERNAME}" \
    --groups "${DEFAULT_GROUPS}"

echo -e "${DEFAULT_PASSWORD}\n${DEFAULT_PASSWORD}" | passwd "${DEFAULT_USERNAME}"
passwd -e "${DEFAULT_USERNAME}"

# Lock the root account
passwd -l root

# U-Boot binaries for 32-bit and 64-bit Raspberry Pi models
# (these are loaded by /boot/efi/config.txt)
cp -f /usr/share/uboot/rpi_3/u-boot.bin /boot/efi/rpi3-u-boot.bin
cp -f /usr/share/uboot/rpi_4/u-boot.bin /boot/efi/rpi4-u-boot.bin

# Remove the 'dracut-config-generic' package if found installed
dnf list installed | grep 'dracut-config-generic' > /dev/null && \
    rpm -e dracut-config-generic

# TODO: Add a comment to show what this is doing
if [ -x /lib/kernel/install.d/10-devicetree.install ]; then
    /lib/kernel/install.d/10-devicetree.install remove
fi

# remove '/boot/dtb' because the kernel should use '/boot/dtb'
if [ -d /boot/dtb ]; then
    rm -rf /boot/dtb
fi

# Kernel selection at boot
cat << EOF > /etc/sysconfig/kernel
# This file was generated by the Kickstart repository used to create this disk image
# PLEASE DO NOT MODIFY THIS UNLESS EITHER
# 1. You know what you are doing
# 2. You are told to modify this file by a Rocky Linux support member

# The 'UPDATEDEFAULT' option makes a newly installed kernel as the default in the boot entry selection
UPDATEDEFAULT=yes

# The 'DEFAULTKERNEL' options specifies what package type will be used as the default
DEFAULTKERNEL=kernel-core
EOF
chmod 644 /etc/sysconfig/kernel

# GRUB setup
if [ -d /boot/efi/EFI/rocky ] && [ -f /boot/efi/EFI/rocky/grubaa64.efi ]; then
    mv -f /boot/grub2/grub.cfg /boot/efi/EFI/rocky/grub.cfg
    ln -s ../efi/EFI/rocky/grub.cfg /boot/grub2/grub.cfg

    [ -d /boot/efi/EFI/BOOT ] || mkdir -p /boot/efi/EFI/BOOT
    cp -f /boot/efi/EFI/rocky/grubaa64.efi /boot/efi/EFI/BOOT/BOOTAA64.EFI
fi

# Write GRUB defaults
cat << EOF > /etc/default/grub
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console serial"
GRUB_CMDLINE_LINUX="console=tty0 console=ttyS0,115200"
GRUB_DISABLE_RECOVERY="true"
GRUB_DISABLE_OS_PROBER="true"
GRUB_ENABLE_BLSCFG="false"
EOF
chmod 644 /etc/default/grub

# The script that expands root partition
mkdir -v /usr/local/bin
cat << EOF > /usr/local/bin/expand-rootfs.sh
#!/usr/bin/env bash

ROOT_DEVICE=$(mount | grep '/ ' | awk '{print $1}') # "/dev/sda3"
DISK_NAME="/dev/$(lsblk -ls "${ROOT_DEVICE}" | tail -n 1 | awk '{print $1}')" # "/dev/sda"
CUT_LENGTH=$(( ${#DISK_NAME} + 1 )) # how much to cut from "/dev/sda3" to get "3"
if [[ "${DISK_NAME}" =~ "nvme" || "${DISK_NAME}" =~ "mmcblk" ]]; then
    # Add an extra character to cut since NVMe and MMC-block devices
    # have a partition number _after_ a 'p'
    CUT_LENGTH=$(( CUT_LENGTH + 1 ))
fi
PARTITION_NUMBER=$(echo "${ROOT_DEVICE}" | cut -c "${CUT_LENGTH}-") # get "3" from "/dev/sda3"

if [[ -z "${ROOT_DEVICE}" || -z "${DISK_NAME}" || -z "${CUT_LENGTH}" || -z "${PARTITION_NUMBER}" ]]; then
    >&2 echo "$0: error: unable to detect root device"
    exit 1
fi

if ! command -v growpart > /dev/null; then
    >&2 echo "$0: error: unable to find command 'growpart'"
    exit 1
fi

if ! command -v resize2fs > /dev/null; then
    >&2 echo "$0: error: unable to find command 'resize2fs'"
    exit 1
fi

if [[ ${EUID} -ne 0 || ${UID} -ne 0 ]]; then
    >&2 echo "$0: error: please run this script as root"
    exit 1
fi

set -x
growpart "${DISK_NAME}" "${PARTITION_NUMBER}"
resize2fs "${ROOT_DEVICE}"
EOF
chmod +x /usr/local/bin/expand-rootfs.sh

# Rebuild the RPM database
rpm --rebuilddb

# Remove 'ifcfg-link' on generated images
rm -f /etc/sysconfig/network-scripts/ifcfg-link

# The 'machine-id' needs to be unique for each machine so remove ours to prevent duplication
rm -f /etc/machine-id
touch /etc/machine-id

%end