sig_core
/
rocky-kiwi-descriptions
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: sig_core:main
Branches Tags
sig_core:main
sig_core:r9
sig_core:oracle
...
pull from: sig_core:oracle
Branches Tags
sig_core:r9
sig_core:oracle
sig_core:main

No commits in common. "main" and "oracle" have entirely different histories.
main ... oracle

57 changed files with 3360 additions and 6 deletions
Show Stats Expand all files Collapse all files

96
README.md
View File

@ -1,9 +1,93 @@
## rocky-kiwi-descriptions
This repo is an attempt to translate our kickstarts into kiwi descriptions. The
idea is to keep both the kickstarts up to date, as well as the kiwi descriptions
as changes happen. This way, users can choose how they want to build and
customize their own images as they see fit, away from the images that we build
normally.
Kiwi descriptions for Rocky Linux 9.
Please go to the relevant branch for your needs.
`config.xml` is a symlink to `rocky.xml`. this way the symlink can just be
changed to deal with live images (as kiwi doesn't seem to support using the
--kiwi-file option for iso).
### Can't you use the same config.xml? Why are you symlinking?
Yes and the reason why we're symlinking is that "name" and "displayname" are
not flexible. They are only set/read at the very top level `<image>` (at least
from testing at the time of this writing). As our images and volume names (at
least for live images) have a very specific format, and we want it to be easy
to rename them, we did it this way.
Cloud, container, vagrant images can all use the first config, likely just fine.
The live images were the problematic ones, thus, symlinks with a default to the
`rocky.xml` config.
### I found an issue...
Please fork and make a PR! We're still learning how this tool works ourselves.
### How to try it out
You can actually do this in mock pretty easily. You could also probably get
this running in a podman container or otherwise. As of this writing, we
haven't tried it yet. Theory says it should work.
**Note**: SELinux must be set to permissive.
**Note**: There may be cases where a build will fail in mock. If this is the
case, you will need to use `--isolation=simple`.
#### Live Image Example (EPEL)
The below makes an XFCE live image using SIG/Core packages.
```
# Use SIG/Core
% git clone https://git.resf.org/sig_core/mock-rocky-configs
% bash deploy.sh
% mock -r rl-9-x86_64-core-infra --init
% mock -r rl-9-x86_64-core-infra --install kiwi-cli git \
dracut-kiwi-live \
kiwi-systemdeps-{bootloaders,containers,core,disk-images,filesystems,image-validation,iso-media} \
epel-release \
rocky-release-core
% sudo setenforce 0
% mock -r rl-9-x86_64-core-infra --shell --enable-network
% git clone https://git.resf.org/sig_core/rocky-kiwi-descriptions -b r9
% cd rocky-kiwi-descriptions
% ln -sf configs/live-xfce.xml config.xml
% kiwi-ng --debug --type="iso" \
--profile="XFCE-Live" \
--color-output system \
build \
--description="./" \
--target-dir /builddir/lmc
```
The below uses EPEL instead if you do not wish to use SIG/Core.
```
# Use EPEL
% mock -r rocky+epel-9-x86_64 --init
% mock -r rocky+epel-9-x86_64 --install kiwi-cli git \
dracut-kiwi-live \
kiwi-systemdeps-{bootloaders,containers,core,disk-images,filesystems,image-validation,iso-media} \
distribution-gpg-keys \
epel-release
% sudo setenforce 0
% mock -r rocky+epel-9-x86_64 --shell --enable-network
% git clone https://git.resf.org/sig_core/rocky-kiwi-descriptions -b r9
% cd rocky-kiwi-descriptions
% ln -sf configs/live-xfce.xml config.xml
% kiwi-ng --debug --type="iso" \
--profile="XFCE-Live" \
--color-output system \
build \
--description="./" \
--target-dir /builddir/lmc
```
On the other hand, you can run the live-build.sh script after setting up your
mock environment.
```
% bash live-build.sh --live-image XFCE --output-dir /builddir/xfce
```

99
cloud-build.sh Executable file
View File

@ -0,0 +1,99 @@
#!/bin/bash
# helps build a quick cloud image. that way a user doesn't have to use emapandas
# nor some other method. mock is probably not necessary, but it's up to you.
# label@resf.org
set -o errexit
set -o pipefail
SCRNAME="$(basename "$0")"
SCRDIR="$(dirname "${BASH_SOURCE[0]}")"
export __usage
__usage="
usage: $SCRNAME [OPTIONS]
Options:
-o, --output-dir DIR
-c, --cloud-image NAME
-p, --peridot ID # optional. will use peridot repos.
-d, --debug # optional
"
OPTS=$(getopt -a -n cloud-build -o c:,o:,p:,d,h \
-l cloud-image:,output-dir:,peridot:,debug,help -- "$@")
function is_in_path() {
builtin type -P "${1}"
}
function usage() {
echo "$__usage"
}
eval set -- "$OPTS"
while :; do
case "$1" in
-c | --cloud-image) CLOUD="$2" ; shift 2 ;;
-o | --output-dir) OUTPUTDIR="$2" ; shift 2 ;;
-p | --peridot) PERIDOTID="$2" ; shift 2 ;;
-d | --debug) DEBUG="--debug" ; shift ;;
-h | --help) usage ;;
--) shift ; break ;;
esac
done
if [ -z "$CLOUD" ] || [ -z "$OUTPUTDIR" ]; then
echo "Options are not set properly."
usage
exit 12
fi
if [ -e "/sys/fs/selinux/enforce" ]; then
enforce_check="$(cat /sys/fs/selinux/enforce)"
if [ "$enforce_check" -eq "1" ]; then
echo "Running with selinux enforcing is not recommended."
exit 22
fi
fi
is_in_path kiwi-ng &> /dev/null
ret_val=$?
if [ "$ret_val" -ne "0" ]; then
echo "kiwi-ng not found. kiwi packages are likely not installed on this system."
exit 32
fi
function switch_repo_to_peridot() {
ID="$1"
# https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/
pushd repositories || { echo "not found"; exit 1; }
sed -i "s;ZZ_INTERNAL_BaseOS_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/BaseOS/\$basearch;g" core-peridot.xml
sed -i "s;ZZ_INTERNAL_AppStream_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/AppStream/\$basearch;g" core-peridot.xml
sed -i "s;ZZ_INTERNAL_CRB_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/CRB/\$basearch;g" core-peridot.xml
sed -i "s;ZZ_INTERNAL_extras_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/extras/\$basearch;g" core-peridot.xml
rm core.xml
ln -sf core-peridot.xml core.xml
popd
}
function main() {
#/bin/rm config.xml
#if [ ! -f "configs/rocky-live-${LIVE,,}.xml" ]; then
# echo "${LIVE} was not found. Is it supported?"
# exit 42
#fi
#ln -sf "configs/rocky-live-${LIVE,,}.xml" config.xml
ln -sf "configs/rocky.xml" config.xml
if [ -n "$PERIDOTID" ]; then
switch_repo_to_peridot "${PERIDOTID}"
fi
# shellcheck disable=SC2086
kiwi-ng $DEBUG --type="oem" --profile="Cloud-$CLOUD" --color-output system build --description="$SCRDIR" --target-dir "$OUTPUTDIR"
}
main

257
cloud/cloud.xml Normal file
View File

@ -0,0 +1,257 @@
<image>
<profiles>
<profile name="Core-Cloud" description="Cloud Base Packages">
<requires profile="Core-Boot"/>
</profile>
<!-- Generic package set is a good starting point -->
<profile name="Cloud-GenericCloud-Base" description="GenericCloud Base Image">
<requires profile="Core-Cloud"/>
</profile>
<profile name="Cloud-GenericCloud-LVM" description="GenericCloud LVM Image">
<requires profile="Core-Cloud"/>
</profile>
<profile name="Cloud-Azure-Base" description="Azure Base Image">
<requires profile="Core-Cloud"/>
</profile>
<profile name="Cloud-Azure-LVM" description="Azure LVM Image">
<requires profile="Core-Cloud"/>
</profile>
<profile name="Cloud-EC2-Base" description="EC2 Base Image">
<requires profile="Core-Cloud"/>
</profile>
<profile name="Cloud-EC2-LVM" description="EC2 LVM Image">
<requires profile="Core-Cloud"/>
</profile>
<profile name="Cloud-OCP-Base" description="OCP Base Image">
<requires profile="Core-Cloud"/>
</profile>
</profiles>
<!-- Generic -->
<preferences profiles="Cloud-GenericCloud-Base" arch="x86_64,aarch64">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="M">10738</size>
</type>
</preferences>
<preferences profiles="Cloud-GenericCloud-LVM" arch="x86_64,aarch64">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="M">10738</size>
<systemdisk name="rocky" preferlvm="true">
<volume name="@root" size="9G" mountpoint="/" />
</systemdisk>
</type>
</preferences>
<!-- Generic specific to ppc64le -->
<preferences profiles="Cloud-GenericCloud-Base" arch="ppc64le">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" firmware="ofw"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="M">10738</size>
</type>
</preferences>
<preferences profiles="Cloud-GenericCloud-LVM" arch="ppc64le">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" firmware="ofw"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="M">10738</size>
<systemdisk name="rocky" preferlvm="true">
<volume name="@root" size="9G" mountpoint="/" />
</systemdisk>
</type>
</preferences>
<!-- Generic specific to s390x -->
<preferences profiles="Cloud-GenericCloud-Base" arch="s390x">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="zipl" targettype="CDL" timeout="1"/>
<size unit="M">10738</size>
</type>
</preferences>
<preferences profiles="Cloud-GenericCloud-LVM" arch="s390x">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="zipl" targettype="CDL" timeout="1"/>
<size unit="M">10738</size>
<systemdisk name="rocky" preferlvm="true">
<volume name="@root" size="9G" mountpoint="/" />
</systemdisk>
</type>
</preferences>
<!-- End Generic -->
<!-- Azure -->
<preferences profiles="Cloud-Azure-Base" arch="x86_64,aarch64">
<type image="oem" format="vhd-fixed" formatoptions="force_size"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="rootdelay=300 console=ttyS0 earlyprintk=ttyS0 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" console="serial" timeout="1"/>
<size unit="M">10738</size>
</type>
</preferences>
<preferences profiles="Cloud-Azure-LVM" arch="x86_64,aarch64">
<type image="oem" format="vhd-fixed" formatoptions="force_size"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="rootdelay=300 console=ttyS0 earlyprintk=ttyS0 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="M">10738</size>
<systemdisk name="rocky" preferlvm="true">
<volume name="@root" size="9G" mountpoint="/" />
</systemdisk>
</type>
</preferences>
<!-- End Azure -->
<!-- EC2 -->
<preferences profiles="Cloud-EC2-Base" arch="x86_64,aarch64">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0 nvme_core.io_timeout=4294967295 nvme_core.max_retries=10"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="M">10738</size>
</type>
</preferences>
<preferences profiles="Cloud-EC2-LVM" arch="x86_64,aarch64">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0 nvme_core.io_timeout=4294967295 nvme_core.max_retries=10"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="M">10738</size>
<systemdisk name="rocky" preferlvm="true">
<volume name="@root" size="9G" mountpoint="/" />
</systemdisk>
</type>
</preferences>
<!-- End EC2 -->
<!-- OCP -->
<preferences profiles="Cloud-OCP-Base" arch="x86_64,aarch64">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="console=ttyS0,115200n8 console=tty0 no_timer_check crashkernel=auto net.ifnames=0 LANG=en_US.UTF-8 transparent_hugepage=never rd.luks=0 rd.md=0 rd.dm=0 rd.lvm.vg=rocky rd.lvm.lv=rocky/root rd.net.timeout.dhcp=10"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="M">10738</size>
</type>
</preferences>
<!-- End OCP -->
<packages type="image" patternType="plusRecommended" profiles="Core-Cloud">
<namedCollection name="core"/>
<ignore name="*-firmware"/>
<ignore name="alsa-lib"/>
<ignore name="biosdevname"/>
<ignore name="iprutils"/>
<!--<ignore name="langpacks-*"/>
<ignore name="langpacks-en"/>-->
<ignore name="plymouth"/>
<package name="langpacks-en"/>
<package name="NetworkManager"/>
<package name="bash"/>
<package name="chrony"/>
<package name="dnf"/>
<package name="cloud-init"/>
<package name="cloud-utils-growpart"/>
<package name="dracut-config-generic"/>
<package name="firewalld"/>
<package name="gdisk"/>
<package name="grub2" arch="x86_64,aarch64,ppc64le"/>
<package name="kernel"/>
<package name="nfs-utils"/>
<package name="rsync"/>
<package name="tar"/>
<package name="dnf-utils"/>
<package name="cockpit-system"/>
<package name="cockpit-ws"/>
<package name="dhcp-client"/>
<package name="python3-jsonschema"/>
<package name="qemu-guest-agent"/>
<package name="rocky-release"/>
<package name="rng-tools"/>
</packages>
<!-- is this needed? -->
<packages type="image" patternType="plusRecommended" profiles="Cloud-GenericCloud-Base,Cloud-GenericCloud-LVM">
<package name="qemu-guest-agent"/>
</packages>
<packages type="image" patternType="plusRecommended" profiles="Cloud-Azure-Base,Cloud-Azure-LVM">
<package name="WALinuxAgent"/>
<package name="hyperv-daemons"/>
</packages>
<!-- There isn't a way to exclude packages from a certain repo -->
<!--<packages type="image" patternType="plusRecommended" profiles="Cloud-OCP-Base">
<package name="oci-utils"/>
<package name="python3-circuitbreaker"/>
<package name="python3-daemon"/>
<package name="python3-sdnotify"/>
<package name="python39-oci-sdk"/>
</packages>-->
</image>

25
components/boot.xml Normal file
View File

@ -0,0 +1,25 @@
<image>
<profiles>
<profile name="Core-Boot" description="Boot Core Packages"/>
</profiles>
<packages type="bootstrap" patternType="plusRecommended" profiles="Core-Boot">
<package name="grubby"/>
</packages>
<packages type="image" patternType="plusRecommended" profiles="Core-Boot">
<package name="grub2-efi-aa64" arch="aarch64"/>
<package name="grub2-efi-aa64-modules" arch="aarch64"/>
<package name="grub2-efi-x64" arch="x86_64"/>
<package name="grub2-efi-x64-modules" arch="x86_64"/>
<package name="grub2-pc" arch="x86_64"/>
<package name="grub2-pc-modules" arch="x86_64"/>
<package name="grub2-ppc64le" arch="ppc64le"/>
<package name="s390utils-base" arch="s390x"/>
<package name="shim-signed-aa64" arch="aarch64"/>
<package name="shim-signed-x64" arch="x86_64"/>
<package name="kernel-core"/>
</packages>
<packages type="iso" patternType="plusRecommended" profiles="Core-Boot">
<package name="grub2-efi-aa64-cdboot" arch="aarch64"/>
<package name="grub2-efi-x64-cdboot" arch="x86_64"/>
</packages>
</image>

85
components/live/cinnamon.xml Normal file
View File

@ -0,0 +1,85 @@
<image>
<profiles>
<profile name="Cinnamon-Desktop" description="Cinnamon Desktop">
<requires profile="Live-Base"/>
</profile>
</profiles>
<preferences profiles="Live-Base">
<type image="iso" publisher="Rocky Enterprise Software Foundation" volid="Rocky-9-Cinnamon" primary="true" flags="dmsquash" firmware="uefi" kernelcmdline="quiet rhgb" mediacheck="false">
<bootloader name="grub2" grub_template="grub.tmpl" console="console" timeout="10"/>
</type>
</preferences>
<packages type="image" patternType="plusRecommended" profiles="Cinnamon-Desktop">
<package name="epel-release"/>
<package name="libreoffice-calc"/>
<package name="libreoffice-emailmerge" arch="x86_64"/>
<package name="libreoffice-graphicfilter"/>
<package name="libreoffice-impress"/>
<package name="libreoffice-writer"/>
<package name="NetworkManager-adsl"/>
<package name="NetworkManager-bluetooth"/>
<package name="NetworkManager-l2tp-gnome"/>
<package name="NetworkManager-libreswan-gnome"/>
<package name="NetworkManager-openconnect-gnome"/>
<package name="NetworkManager-openvpn-gnome"/>
<package name="NetworkManager-ppp"/>
<package name="NetworkManager-pptp-gnome"/>
<package name="NetworkManager-wifi"/>
<package name="NetworkManager-wwan"/>
<package name="cinnamon"/>
<package name="cinnamon-control-center"/>
<package name="cinnamon-screensaver"/>
<package name="eom"/>
<package name="f36-backgrounds-extras-gnome"/>
<package name="f36-backgrounds-gnome"/>
<package name="f37-backgrounds-extras-gnome"/>
<package name="f37-backgrounds-gnome"/>
<package name="firefox"/>
<package name="firewall-config"/>
<package name="gjs"/>
<package name="gnome-calculator"/>
<package name="gnome-disk-utility"/>
<package name="gnome-screenshot"/>
<package name="gnome-system-monitor"/>
<package name="gnome-terminal"/>
<package name="gstreamer1-plugins-ugly-free"/>
<package name="gvfs-gphoto2"/>
<package name="gvfs-mtp"/>
<package name="gvfs-smb"/>
<package name="hexchat"/>
<package name="imsettings-systemd"/>
<package name="initial-setup-gui"/>
<package name="lightdm"/>
<package name="metacity"/>
<package name="nemo-fileroller"/>
<package name="nemo-image-converter"/>
<package name="nemo-preview"/>
<package name="nm-connection-editor"/>
<package name="parole"/>
<package name="pipewire-alsa"/>
<package name="pipewire-pulseaudio"/>
<package name="powerline"/>
<package name="redshift-gtk"/>
<package name="rocky-backgrounds"/>
<package name="sane-backends-drivers-scanners"/>
<package name="setroubleshoot"/>
<package name="slick-greeter"/>
<package name="slick-greeter-cinnamon"/>
<package name="thunderbird"/>
<package name="tmux"/>
<package name="tmux-powerline"/>
<package name="transmission"/>
<package name="vim-enhanced"/>
<package name="vim-powerline"/>
<package name="wireplumber"/>
<package name="xdg-user-dirs-gtk"/>
<package name="xed"/>
<package name="xreader"/>
<!-- ignores for space and other things -->
<ignore name="isdn4k-utils"/>
<ignore name="hplip"/>
<ignore name="mpage"/>
<ignore name="xsane"/>
<ignore name="xsane-gimp"/>
</packages>
</image>

66
components/live/common.xml Normal file
View File

@ -0,0 +1,66 @@
<image>
<profiles>
<profile name="Live-Base" description="Rocky Linux Live Install Image">
<requires profile="Core-Boot"/>
</profile>
</profiles>
<packages type="iso" patternType="plusRecommended" profiles="Live-Base">
<namedCollection name="anaconda-tools"/>
<namedCollection name="base-x"/>
<namedCollection name="core"/>
<namedCollection name="dial-up"/>
<namedCollection name="fonts"/>
<namedCollection name="guest-desktop-agents"/>
<namedCollection name="hardware-support"/>
<namedCollection name="input-methods"/>
<namedCollection name="multimedia"/>
<namedCollection name="standard"/>
<!-- SB -->
<package name="shim-x64" arch="x86_64"/>
<package name="shim-aa64" arch="aarch64"/>
<!-- Base Package Set -->
<package name="aajohan-comfortaa-fonts"/>
<package name="anaconda"/>
<package name="anaconda-install-env-deps"/>
<package name="anaconda-live"/>
<package name="chkconfig"/>
<package name="dracut-live"/>
<package name="efi-filesystem"/>
<package name="efivar-libs" arch="x86_64,aarch64"/>
<package name="efibootmgr" arch="x86_64,aarch64"/>
<package name="glibc-all-langpacks"/>
<package name="grub2-common"/>
<package name="grub2-tools"/>
<package name="grub2-tools-extra"/>
<package name="grub2-tools-minimal"/>
<package name="kernel"/>
<package name="kernel-modules"/>
<package name="kernel-modules-extra"/>
<package name="initscripts"/>
<package name="livesys-scripts"/>
<!-- x86_64 -->
<package name="grub2-efi-x64" arch="x86_64"/>
<package name="grub2-efi-x64-cdboot" arch="x86_64"/>
<package name="grub2-pc-modules" arch="x86_64"/>
<package name="grub2-tools-efi" arch="x86_64"/>
<package name="memtest86+" arch="x86_64"/>
<package name="syslinux" arch="x86_64"/>
<!-- aarch64 -->
<package name="grub2-efi-aa64" arch="aarch64"/>
<package name="grub2-efi-aa64-cdboot" arch="aarch64"/>
<!-- ppc64le -->
<package name="grub2-ppc64le" arch="ppc64le"/>
<package name="grub2-ppc64le-modules" arch="ppc64le"/>
<package name="librtas" arch="ppc64le"/>
<package name="libservicelog" arch="ppc64le"/>
<package name="libvpd" arch="ppc64le"/>
<package name="lsvpd" arch="ppc64le"/>
<package name="opal-prd" arch="ppc64le"/>
<package name="ppc64-diag" arch="ppc64le"/>
<package name="ppc64-diag-rtas" arch="ppc64le"/>
<package name="powerpc-utils" arch="ppc64le"/>
<package name="powerpc-utils-core" arch="ppc64le"/>
<!-- ignores -->
<ignore name="shim-unsigned-*64"/>
</packages>
</image>

46
components/live/kde.xml Normal file
View File

@ -0,0 +1,46 @@
<image>
<profiles>
<profile name="KDE-Desktop" description="KDE Desktop">
<requires profile="Live-Base"/>
</profile>
</profiles>
<preferences profiles="Live-Base">
<type image="iso" publisher="Rocky Enterprise Software Foundation" volid="Rocky-9-KDE" primary="true" flags="dmsquash" firmware="uefi" kernelcmdline="quiet rhgb" mediacheck="false">
<bootloader name="grub2" grub_template="grub.tmpl" console="console" timeout="10"/>
</type>
</preferences>
<packages type="image" patternType="plusRecommended" profiles="KDE-Desktop">
<package name="epel-release"/>
<namedCollection name="fuse"/>
<namedCollection name="gjs"/>
<namedCollection name="internet-browser"/>
<namedCollection name="kde-desktop-environment"/>
<namedCollection name="kde-apps"/>
<namedCollection name="kde-media"/>
<package name="libreoffice-calc"/>
<package name="libreoffice-emailmerge" arch="x86_64"/>
<package name="libreoffice-graphicfilter"/>
<package name="libreoffice-impress"/>
<package name="libreoffice-writer"/>
<package name="mariadb-embedded"/>
<package name="mariadb-connector-c"/>
<package name="mariadb-server"/>
<package name="rocky-backgrounds-kde"/>
<package name="sddm"/>
<package name="sddm-breeze"/>
<package name="sddm-themes"/>
<package name="sddm-kcm"/>
<!-- ignores for space and other things -->
<ignore name="desktop-backgrounds-basic"/>
<ignore name="gnome-disk-utility"/>
<ignore name="hplip"/>
<ignore name="iok"/>
<ignore name="isdn4k-utils"/>
<ignore name="kdeaccessibility"/>
<ignore name="mpage"/>
<ignore name="system-config-printer"/>
<ignore name="system-config-services"/>
<ignore name="system-config-users"/>
<ignore name="xsane"/>
</packages>
</image>

144
components/live/mate.xml Normal file
View File

@ -0,0 +1,144 @@
<image>
<profiles>
<profile name="MATE-Desktop" description="MATE Desktop">
<requires profile="Live-Base"/>
</profile>
</profiles>
<preferences profiles="Live-Base">
<type image="iso" publisher="Rocky Enterprise Software Foundation" volid="Rocky-9-MATE" primary="true" flags="dmsquash" firmware="uefi" kernelcmdline="quiet rhgb" mediacheck="false">
<bootloader name="grub2" grub_template="grub.tmpl" console="console" timeout="10"/>
</type>
</preferences>
<packages type="image" patternType="plusRecommended" profiles="MATE-Desktop">
<package name="NetworkManager-adsl"/>
<package name="NetworkManager-bluetooth"/>
<package name="NetworkManager-l2tp-gnome"/>
<package name="NetworkManager-libreswan-gnome"/>
<package name="NetworkManager-openconnect-gnome"/>
<package name="NetworkManager-openvpn-gnome"/>
<package name="NetworkManager-ovs"/>
<package name="NetworkManager-ppp"/>
<package name="NetworkManager-pptp-gnome"/>
<package name="NetworkManager-team"/>
<package name="NetworkManager-wifi"/>
<package name="NetworkManager-wwan"/>
<package name="atril"/>
<package name="atril-caja"/>
<package name="atril-thumbnailer"/>
<package name="caja"/>
<package name="caja-actions"/>
<package name="dconf-editor"/>
<package name="engrampa"/>
<package name="eom"/>
<package name="epel-release"/>
<package name="f36-backgrounds-extras-mate"/>
<package name="f36-backgrounds-mate"/>
<package name="f37-backgrounds-extras-mate"/>
<package name="f37-backgrounds-mate"/>
<package name="filezilla"/>
<package name="firefox"/>
<package name="firewall-applet"/>
<package name="firewall-config"/>
<package name="gjs"/>
<package name="gnome-disk-utility"/>
<package name="gnome-epub-thumbnailer"/>
<package name="gnome-themes-extra"/>
<package name="gparted"/>
<package name="gstreamer1-plugins-ugly-free"/>
<package name="gtk2-engines"/>
<package name="gucharmap"/>
<package name="gvfs-fuse"/>
<package name="gvfs-gphoto2"/>
<package name="gvfs-mtp"/>
<package name="gvfs-smb"/>
<package name="hexchat" arch="x86_64"/>
<package name="initial-setup-gui"/>
<package name="libmatekbd"/>
<package name="libmatemixer"/>
<package name="libmateweather"/>
<package name="libreoffice-calc"/>
<package name="libreoffice-emailmerge" arch="x86_64"/>
<package name="libreoffice-graphicfilter"/>
<package name="libreoffice-impress"/>
<package name="libreoffice-writer"/>
<package name="libsecret"/>
<package name="lightdm"/>
<package name="lm_sensors"/>
<package name="marco"/>
<package name="mate-applets"/>
<package name="mate-backgrounds"/>
<package name="mate-calc"/>
<package name="mate-control-center"/>
<package name="mate-desktop"/>
<package name="mate-dictionary"/>
<package name="mate-disk-usage-analyzer"/>
<package name="mate-icon-theme"/>
<package name="mate-media"/>
<package name="mate-menu"/>
<package name="mate-menus"/>
<package name="mate-menus-preferences-category-menu"/>
<package name="mate-notification-daemon"/>
<package name="mate-panel"/>
<package name="mate-polkit"/>
<package name="mate-power-manager"/>
<package name="mate-screensaver"/>
<package name="mate-screenshot"/>
<package name="mate-search-tool"/>
<package name="mate-sensors-applet"/>
<package name="mate-session-manager"/>
<package name="mate-settings-daemon"/>
<package name="mate-system-log"/>
<package name="mate-system-monitor"/>
<package name="mate-terminal"/>
<package name="mate-themes"/>
<package name="mate-user-admin"/>
<package name="mate-user-guide"/>
<package name="mate-utils"/>
<package name="mozo"/>
<package name="network-manager-applet"/>
<package name="nm-connection-editor"/>
<package name="orca"/>
<package name="p7zip"/>
<package name="p7zip-plugins"/>
<package name="parole"/>
<package name="pavucontrol"/>
<package name="pipewire-alsa"/>
<package name="pipewire-pulseaudio"/>
<package name="pluma"/>
<package name="pluma-plugins"/>
<package name="rocky-backgrounds"/>
<package name="rocky-backgrounds-compat"/>
<package name="rocky-release"/>
<package name="seahorse"/>
<package name="seahorse-caja"/>
<package name="setroubleshoot"/>
<package name="slick-greeter-mate"/>
<package name="thunderbird"/>
<package name="tigervnc"/>
<package name="usermode-gtk"/>
<package name="vim-enhanced"/>
<package name="wireplumber"/>
<package name="xdg-user-dirs-gtk"/>
<package name="xmodmap"/>
<package name="xrdb"/>
<package name="yelp"/>
<!-- ignores for space and other things -->
<ignore name="audacious"/>
<ignore name="brasero"/>
<ignore name="evolution-help"/>
<ignore name="fedora-icon-theme"/>
<ignore name="gnome-icon-theme"/>
<ignore name="gnome-icon-theme-symbolic"/>
<ignore name="gnome-logs"/>
<ignore name="gnome-software"/>
<ignore name="gnome-user-docs"/>
<ignore name="hplip"/>
<ignore name="isdn4k-utils"/>
<ignore name="mpage"/>
<ignore name="sane-backends"/>
<ignore name="systemd-oom-defaults"/>
<ignore name="telnet"/>
<ignore name="xsane"/>
<ignore name="xsane-gimp"/>
</packages>
</image>

22
components/live/workstation-lite.xml Normal file
View File

@ -0,0 +1,22 @@
<image>
<profiles>
<profile name="Workstation-Lite-Desktop" description="Workstation-Lite Desktop">
<requires profile="Live-Base"/>
</profile>
</profiles>
<preferences profiles="Live-Base">
<type image="iso" publisher="Rocky Enterprise Software Foundation" volid="Rocky-9-Workstation-Lite" primary="true" flags="dmsquash" firmware="uefi" kernelcmdline="quiet rhgb" mediacheck="false">
<bootloader name="grub2" grub_template="grub.tmpl" console="console" timeout="10"/>
</type>
</preferences>
<packages type="image" patternType="plusRecommended" profiles="Workstation-Lite-Desktop">
<namedCollection name="gnome-desktop"/>
<namedCollection name="internet-browser"/>
<namedCollection name="networkmanager-submodules"/>
<package name="libreoffice-calc"/>
<package name="libreoffice-writer"/>
<!-- ignores for space and other things -->
<ignore name="gfs2-utils"/>
<ignore name="reiserfs-utils"/>
</packages>
</image>

26
components/live/workstation.xml Normal file
View File

@ -0,0 +1,26 @@
<image>
<profiles>
<profile name="Workstation-Desktop" description="Workstation Desktop">
<requires profile="Live-Base"/>
</profile>
</profiles>
<preferences profiles="Live-Base">
<type image="iso" publisher="Rocky Enterprise Software Foundation" volid="Rocky-9-Workstation" primary="true" flags="dmsquash" firmware="uefi" kernelcmdline="quiet rhgb" mediacheck="false">
<bootloader name="grub2" grub_template="grub.tmpl" console="console" timeout="10"/>
</type>
</preferences>
<packages type="image" patternType="plusRecommended" profiles="Workstation-Desktop">
<namedCollection name="gnome-desktop"/>
<namedCollection name="internet-browser"/>
<namedCollection name="networkmanager-submodules"/>
<namedCollection name="workstation-product"/>
<package name="libreoffice-calc"/>
<package name="libreoffice-emailmerge" arch="x86_64"/>
<package name="libreoffice-graphicfilter"/>
<package name="libreoffice-impress"/>
<package name="libreoffice-writer"/>
<!-- ignores for space and other things -->
<ignore name="gfs2-utils"/>
<ignore name="reiserfs-utils"/>
</packages>
</image>

77
components/live/xfce.xml Normal file
View File

@ -0,0 +1,77 @@
<image>
<profiles>
<profile name="XFCE-Desktop" description="XFCE Desktop">
<requires profile="Live-Base"/>
</profile>
</profiles>
<preferences profiles="Live-Base">
<type image="iso" publisher="Rocky Enterprise Software Foundation" volid="Rocky-9-XFCE" primary="true" flags="dmsquash" firmware="uefi" kernelcmdline="quiet rhgb" mediacheck="false">
<bootloader name="grub2" grub_template="grub.tmpl" console="console" timeout="10"/>
</type>
</preferences>
<packages type="image" patternType="plusRecommended" profiles="XFCE-Desktop">
<!-- Equivalent to @xfce-desktop nodefaults -->
<package name="Thunar"/>
<package name="xfce4-panel"/>
<package name="xfce4-session"/>
<package name="xfce4-settings"/>
<package name="xfconf"/>
<package name="xfdesktop"/>
<package name="xfwm4"/>
<package name="epel-release"/>
<package name="firefox"/>
<package name="firewall-config"/>
<package name="gjs"/>
<package name="gparted"/>
<package name="gparted"/>
<package name="lightdm"/>
<package name="network-manager-applet"/>
<package name="openssh-askpass"/>
<package name="pavucontrol"/>
<package name="pcp-selinux"/>
<package name="rocky-backgrounds"/>
<package name="rocky-backgrounds-compat"/>
<package name="rocky-release"/>
<package name="seahorse"/>
<package name="thunar-archive-plugin"/>
<package name="thunar-volman"/>
<package name="thunderbird"/>
<package name="tumbler"/>
<package name="wget"/>
<package name="xdg-user-dirs"/>
<package name="xdg-user-dirs-gtk"/>
<package name="xfce-polkit"/>
<package name="xfce4-about"/>
<package name="xfce4-appfinder"/>
<package name="xfce4-datetime-plugin"/>
<package name="xfce4-netload-plugin"/>
<package name="xfce4-notifyd"/>
<package name="xfce4-panel-profiles"/>
<package name="xfce4-power-manager"/>
<package name="xfce4-screensaver"/>
<package name="xfce4-screenshooter-plugin"/>
<package name="xfce4-smartbookmark-plugin"/>
<package name="xfce4-systemload-plugin"/>
<package name="xfce4-taskmanager"/>
<package name="xfce4-terminal"/>
<package name="xfce4-time-out-plugin"/>
<package name="xfce4-weather-plugin"/>
<package name="xfce4-whiskermenu-plugin"/>
<!-- ignores for space and other things -->
<ignore name="acpid"/>
<ignore name="aspell-*"/>
<ignore name="autofs"/>
<ignore name="desktop-backgrounds-basic"/>
<ignore name="gdm"/>
<ignore name="gimp-help"/>
<ignore name="gnome-shell"/>
<ignore name="hplip"/>
<ignore name="isdn4k-utils"/>
<ignore name="mpage"/>
<ignore name="sane-backends"/>
<ignore name="xfce4-eyes-plugin"/>
<ignore name="xfce4-sensors-plugin"/>
<ignore name="xsane"/>
<ignore name="xsane-gimp"/>
</packages>
</image>

9
components/users.xml Normal file
View File

@ -0,0 +1,9 @@
<image>
<users profiles="Cloud-Azure-Base,Cloud-Azure-LVM,Cloud-EC2-Base,Cloud-EC2-LVM,Cloud-GenericCloud-Base,Cloud-GenericCloud-LVM,Cloud-OCP-Base,Live-Base">
<user name="root" groups="root" password="linux" home="/root" pwdformat="plain" />
</users>
<!-- Only for SBC -->
<users profiles="Core-Pi">
<user password="$6$ggstAnji$tPNhSHa/OG4UrJ0P77ZHlCunu.pueMXtXgAER51mTJ7bpXl/onDplJXd0usMSlFP4gOn/A7BM7cGoVw/WcCKS." home="/home/rocky" name="rocky" groups="rocky,wheel"/>
</users>
</image>

989
config.sh Normal file
View File

@ -0,0 +1,989 @@
#!/bin/bash
set -euxo pipefail
#======================================
# Functions...
#--------------------------------------
test -f /.kconfig && . /.kconfig
test -f /.profile && . /.profile
#======================================
# Greeting...
#--------------------------------------
echo "Configure image: [$kiwi_iname]-[$kiwi_profiles]..."
################################################################################
# ALL OF OUR FUNCTIONS
function common_live_steps() {
# this isn't needed in our testing, but we'll put it here just in case
systemctl set-default graphical.target
systemctl enable livesys.service livesys-late.service
systemctl enable tmp.mount
cat >> /etc/fstab << EOF
vartmp /var/tmp tmpfs defaults 0 0
EOF
rm -f /var/lib/rpm/__db*
majorver=$(rpm --eval '%{rhel}')
rpm --import "/etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-${majorver}"
rm -f /var/lib/rpm/__db*
/usr/bin/mandb
rm -f /core*
rm -f /boot/*-rescue*
}
function live_gnome_steps() {
sed -i 's/^livesys_session=.*/livesys_session="gnome"/' /etc/sysconfig/livesys
}
function live_kde_steps() {
sed -i 's/^livesys_session=.*/livesys_session="kde"/' /etc/sysconfig/livesys
cat > /root/.gtkrc-2.0 << EOF
include "/usr/share/themes/Adwaita/gtk-2.0/gtkrc"
include "/etc/gtk-2.0/gtkrc"
gtk-theme-name="Adwaita"
EOF
mkdir -p /root/.config/gtk-3.0
cat > /root/.config/gtk-3.0/settings.ini << EOF
[Settings]
gtk-theme-name = Adwaita
EOF
rm -f /usr/share/wallpapers/Fedora
ln -s rocky-abstract-2 /usr/share/wallpapers/Fedora
systemctl enable --force sddm.service
cat > /etc/sddm.conf.d/theme.conf <<THEMEEOF
[Theme]
Current=breeze
THEMEEOF
}
function live_cinnamon_steps() {
sed -i 's/^livesys_session=.*/livesys_session="cinnamon"/' /etc/sysconfig/livesys
cat > /etc/sysconfig/desktop <<EOF
PREFERRED=/usr/bin/cinnamon-session
DISPLAYMANAGER=/usr/sbin/lightdm
EOF
systemctl enable --force lightdm.service
}
function live_mate_steps() {
sed -i 's/^livesys_session=.*/livesys_session="mate"/' /etc/sysconfig/livesys
systemctl enable --force lightdm.service
}
function live_xfce_steps() {
sed -i 's/^livesys_session=.*/livesys_session="xfce"/' /etc/sysconfig/livesys
systemctl enable --force lightdm.service
cat > /etc/sysconfig/desktop <<EOF
PREFERRED=/usr/bin/startxfce4
DISPLAYMANAGER=/usr/sbin/lightdm
EOF
# set default background
cat > /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml <<XFCEEOF
<?xml version="1.0" encoding="UTF-8"?>
<channel name="xfce4-desktop" version="1.0">
<property name="backdrop" type="empty">
<property name="screen0" type="empty">
<property name="monitor0" type="empty">
<property name="color-style" type="int" value="0"/>
<property name="image-style" type="int" value="5"/>
<property name="last-image" type="string" value="/usr/share/backgrounds/rocky-default-9-abstract-2-day.png"/>
<property name="last-single-image" type="string" value="/usr/share/backgrounds/rocky-default-9-abstract-2-day.png"/>
<property name="image-path" type="string" value="/usr/share/backgrounds/rocky-default-9-abstract-2-day.png"/>
</property>
</property>
</property>
</channel>
XFCEEOF
}
function epel_de_steps() {
dnf config-manager --set-enabled crb
}
# live fixes if we need them
function live_fixes() {
sed -i "s/org.fedoraproject.AnacondaInstaller/anaconda/" /usr/share/applications/liveinst.desktop
}
function common_cloud_steps() {
# This can be done via systemctl set-default, but sometimes it doesn't work.
# systemctl set-default multi-user.target
rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
# chrony should already be enabled, let's make sure
systemctl enable chronyd
# make a persistent journal
mkdir -p /var/log/journal
dnf -C -y remove linux-firmware avahi\*
dnf -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
dnf -C -y remove langpacks-*
sed -i '/^#NAutoVTs=.*/ a\
NAutoVTs=0' /etc/systemd/logind.conf
truncate -s 0 /etc/resolv.conf
if [ -f /etc/tuned/active_profile ]; then
echo "virtual-guest" > /etc/tuned/active_profile
fi
rm -f /etc/udev/rules.d/70*
ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
cat > /etc/sysconfig/network << EOF
NETWORKING=yes
NOZEROCONF=yes
EOF
cat > /etc/hosts << EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
EOF
echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
systemctl mask tmp.mount
echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
sed -i '1i # Modified for cloud image' /etc/cloud/cloud.cfg
sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
}
################################################################################
# Azure
function azure_cloud_steps() {
echo 'azure' > /etc/dnf/vars/infra
cat << EOF | tee -a /etc/NetworkManager/conf.d/dhcp-timeout.conf
# Configure dhcp timeout to 300s by default
[connection]
ipv4.dhcp-timeout=300
EOF
systemctl enable waagent
sed -i 's/Provisioning.UseCloudInit=n/Provisioning.UseCloudInit=y/g' /etc/waagent.conf
sed -i 's/Provisioning.Enabled=y/Provisioning.Enabled=n/g' /etc/waagent.conf
cat << EOF | tee -a /etc/udev/rules.d/68-azure-sriov-nm-unmanaged.rules
# Accelerated Networking on Azure exposes a new SRIOV interface to the VM.
# This interface is transparently bonded to the synthetic interface,
# so NetworkManager should just ignore any SRIOV interfaces.
SUBSYSTEM=="net", DRIVERS=="hv_pci", ACTION=="add", ENV{NM_UNMANAGED}="1"
EOF
cat << EOF | tee -a /etc/udev/rules.d/98-hyperv-ptp.rules
## See: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/time-sync#check-for-ptp-clock-source
SUBSYSTEM=="ptp", ATTR{clock_name}=="hyperv", SYMLINK += "ptp_hyperv"
EOF
cat << EOF | tee -a /etc/chrony.conf
# Setup hyperv PTP device as refclock
refclock PHC /dev/ptp_hyperv poll 3 dpoll -2 offset 0 stratum 2
EOF
cat << EOF | tee -a /etc/modprobe.d/azure-blacklist.conf
blacklist amdgpu
blacklist nouveau
blacklist radeon
EOF
cat << EOF | tee /etc/cloud/cloud.cfg.d/10-azure-kvp.cfg
# Enable logging to the Hyper-V kvp in Azure
reporting:
logging:
type: log
telemetry:
type: hyperv
EOF
cat << EOF | tee -a /etc/dracut.conf.d/80-azure.conf
add_drivers+=" hv_vmbus hv_netvsc hv_storvsc "
EOF
#dracut -f -v
}
################################################################################
# EC2
function ec2_cloud_steps() {
echo 'ec2' > /etc/dnf/vars/infra
cat >> /etc/dhcp/dhclient.conf << EOF
timeout 300;
retry 60;
EOF
if [ -f /boot/grub2/grub.conf ]; then
sed -i -e 's/ rhgb quiet//' /boot/grub2/grub.conf
fi
sed -i -e 's/ rhgb quiet//' /etc/default/grub
cat > /etc/modprobe.d/blacklist-nouveau.conf << EOL
blacklist nouveau
EOL
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
DEVICE="eth0"
ONBOOT="yes"
BOOTPROTO="dhcp"
TYPE="Ethernet"
USERCTL="no"
PEERDNS="yes"
IPV6INIT="no"
PERSISTENT_DHCLIENT="1"
EOF
echo 'install_items+=" sgdisk "' > /etc/dracut.conf.d/sgdisk.conf
echo 'add_drivers+=" xen-netfront xen-blkfront "' > /etc/dracut.conf.d/xen.conf
#KERNEL_VERSION=$(rpm -q kernel --qf '%{V}-%{R}.%{arch}\n')
#dracut -f /boot/initramfs-$KERNEL_VERSION.img $KERNEL_VERSION
cat >> /etc/chrony.conf << EOF
# Amazon Time Sync Service
server 169.254.169.123 prefer iburst minpoll 4 maxpoll 4
EOF
}
################################################################################
# Generic Cloud (genclo)
function genclo_cloud_steps() {
echo 'genclo' > /etc/dnf/vars/infra
cat >> /etc/dhcp/dhclient.conf << EOF
timeout 300;
retry 60;
EOF
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
DEVICE="eth0"
ONBOOT="yes"
BOOTPROTO="dhcp"
BOOTPROTOV6="dhcp"
TYPE="Ethernet"
USERCTL="no"
PEERDNS="yes"
IPV6INIT="yes"
PERSISTENT_DHCLIENT="1"
EOF
}
################################################################################
# OCP
function ocp_cloud_steps() {
cat >> /etc/dhcp/dhclient.conf << EOF
timeout 300;
retry 60;
EOF
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
DEVICE="eth0"
ONBOOT="yes"
BOOTPROTO="dhcp"
TYPE="Ethernet"
USERCTL="no"
PEERDNS="yes"
IPV6INIT="no"
PERSISTENT_DHCLIENT="1"
EOF
# OCI - Import repo GPG key
cat <<EOF > /tmp/key
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGHncu8BEAC2dhocMZkdapnP9o/MvAnKOczaSpF4Cj9yqt49bxLPJCY57jz9
2ZkJ5iGk6kpBt4rPTh18aAl30T+nPP8VMQjMhvHJKfZmBtaJJ5RpvvpK5mj1UgRJ
4DQX7gqAbT0s/uZZcouZsJzXo3c7GNMrim1C+ScfGG6BoB6GVBK74jFeJNMsxZ2Y
BwQhpE+KG+1zD94RZCySykJjNoKj+U4W5H2XdB/mNEc8icFqxjJGZ5BN0DA2Wqxn
mwELTO3Q2ne1y9+sPn2YKhRqyihuZYaUPR/Jpdki93mk61MdaoTTxFPZ8FWAYrAW
9KVdreT8K33SaTFFpmhbpndPEYesgCqDqiZG7Ywjgbf2nqSOzBr2ZX23PX7QUCvQ
ar58bNbWENLhC3B950TK+r23kkPa3GICE9WP5TftWJdbJMWRBX3YhdNooNGGCbeB
xM7B/UV9hSRx1S/US8HvDhJezZDuKrpPXrNWJTuW9Kty2WGwUkEDT2GBbcjx9ocJ
fqyNJKhaLoYKCVlsmhJUi4xCY0CDDapekWLZOzHB2zgT49uIjawV5ex6pA7oLaPI
hQGvTcCl7GFWOP/6feazzIpnsJ4V3B2DoLnAevpZlINo/bi3Hv/YmbvE6NyYzD6c
1y90pc0+Om1trLPCAZpaO1I369ZhLl6T/mCd92hrCG1y8K3PFiRIKpEMVwARAQAB
tDVPcmFjbGUgTGludXggKHJlbGVhc2Uga2V5IDEpIDxzZWNhbGVydF91c0BvcmFj
bGUuY29tPokCVAQTAQoAPhYhBD5tgm0/urOJwvOONLxNBqCNi3VvBQJinlnsAhsD
BQklmAYABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJELxNBqCNi3Vv3LEP/2au
kXzbdA/T/7i+4AbGFfYnTWqmZy58wfteDNy1sk6cPmfOUqZQXUrJcSGqqeIDjPvl
KNExpee/Ja4NGg2YfzkwH5IK5sXmEDKObXRCXGZh9/WyYpr4TBoDU2rSYBP4sbKm
PsnVoRalt2Zb0qbQF8GilytoRabjI0gLzwhmoHBZMMc3MIO14KQ5yFbekaJZKcxE
BxaDQ1NDZV1rOVbkg0yDLS9Nw89dDYWVn1wx0foRJcD277ExvmaB4vmC5yayo4ss
cFldYLu7W9FHmh46flXQGfduORCbDFfjn92eB0jdrkuoEhVRpljAtMO15GMpuVbv
HzbImI2f1MfydOa6dHbRAlzeV37fPz+1nO9IWdXqFeRG0nrH2gB02AfeoObMkK/a
XYT9sq1mC5DaK6fbOPWlY+c2hIq0BhUpe+OBdDfmm7L+si9Ffj2sUdn4sHLN6Tj7
BrJuWmJEz42+rblDNBkrdBC6XXDaRYILKSuGD65PVV+/pVl1c2EOqcktW00iiehb
eLhj2sz6NaoO5Rhx0J3pMsaCaEBAm8P6UxQSx4iGhZ8Kh5O1SVVlqu3xOhSGOKRE
sS8gIjeV/Jl3frR4eZG/BpzdTjKZmQV7dvJ4gDuDE+X7rZBzUm7nggyE2pV6UbTD
5Qwy+ASQfYHfHK4lsHD4kbO/We6H1fEFPlzlr14UuQINBGHncu8BEADBG52gWRob
VEsQIzAfq2obFnwMroxMupXrDBka7i6cUJw8HsqyHs9maGxAuRDlAma2MBPUYcbm
DH3bmctaUR7CA1RouPkb6qbZXwSwpvgN4eh4naPX20/VEp/cd5DhKWjP9yC70weh
r4LmGWV41jBAMK0G1l6+FDw2ITgsamZP+tw0swCKqzpIY2waiygCtPHCCCFMuZ6S
7hzQpsKVFh8zqzRxMs6Mni9olk4+xwng0ahYfoe2esByR2M1kGX62Y6BOcIRX1cE
zYFCUww5GrjZdJoObBtffUSz+q2LNOBcqg5huRd8BoC+k5yrXUq8ypspfV1kNEI3
/ebFew6A8sdf2c+sOdTxTu4MI5iXM1fhCC6X4lAN8w1Ga3ML+k/kgL75mH62Yyzr
OHXNkylTDfxz9qvq6qszVfWdzVaGXRfulW5nAbAXhuX1gmgZW+M7IQ22xyWC+I60
UcaE2l9QtHFKuekdYnekTkSUA0ghVwuw+JCQZGQbq5LqbA5TkEYuibBOJD3MZYQ5
C3DK4KHs/3wxf2aq+Pkf3mpSscC4B0Ba5tlpJawUWqnUmGd208sfUwD20MFfHM+1
N+M6JYCv0tC0cyAV9Jq74bAUDXLMfkGKZyAWmlPaZBMMt4WaN0r2PAKp00T6PX6x
jTM6/aNDvNTpsaaUpMXRzH13AiJ/1SjfZwARAQABiQI8BBgBCgAmAhsMFiEEPm2C
bT+6s4nC8440vE0GoI2LdW8FAmKeWsgFCSRtulkACgkQvE0GoI2LdW/pig//Zi0a
bmFJKTxku0/LMI31ZaLn9gzXjv2ugmJumfXAce+nlaheCNBa+IMLQdAmrbislzLs
qXX2+6Eqh4Q/vqGLCkElIzT9ulkgwwEp0cVF6jnXqlWHa0a/T6oAq10jRneaQFCE
t6hweJ9KTUQufp5aAiZr/GVpBJLJ8kfOx+5eHvDj+VFlFUhpzzns/NfN5N+bthJ/
Wbt49tzmWaWoEFA0tlwMBPO3zEh/mo5lys0GqENPs4Yb4tL82qg+SG7jHSuH2lZk
XLLyLQ6p63VZysL9+UTBtafs5jxnTopQFIXtzAOwdtQ8o7/6hhsUchRoUy23EIHT
J25yA2Qtb8Z/1m/G0e3lz46xHBPIs8FKSOPToCT6E1+9lomnzJPRBCCDTZO5imfX
4N4l7BodW9nb7zEMHCi2BUM+InpSsEkQkQFs0HIRI2KHSyY30uN0pVXJLOoVQIBr
WdUzLTTkN9w43fLpkcFXGbpU+pZvK2uksC3O+eBhIpZA9E7iZDwfEaZlUKO5kFvS
V5f8ZM1jbEb0sOZNNNEaEhTFTl8pQPc2GqgZ3rYt9mqH5OwhzKftV9PDYulIbY+Y
AN6eJhHj8Eu/IlxG6iYCDmF2hOVPs9aLo9zqdxbu8B6rUyVPOwfNbOR1U7WMRCYm
4QrtLe//99hXPcFVanIxgkdslnyYf4fjdbdlmNY=
=xpaH
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGHndDkBEACieeO8U0kcUTDMLGXGKrJ3nScZ4LN5hHSzWC1zuLPpkB0YQdik
CrfSwodyp9LeEhaRsCSoGDc3cS5f5uGvsSUHMCZwEKjdT8LmZkF/dtvVDWawgaLS
KjoT+AJpss+ws0d/qmwkIHeYExdvZFNdKxvvxycCNy9fNwarT4aNySW6Ax7ERDl8
k0QSK7uvL1AaWQKSz9rX//KcLv5OXVUX3ITcwprJPD3H2yTOy4pE9gxs/qKfnP+U
Pbb3pNaHP4PnCIQrjXhJxnH9cEJ7ef0kqBdliGPN7EObrP2uPg70WnVsXovYw/TF
PrA4H2lvJ58RVhh3ocrSnR+SIne7Lgf1FRSrsE2mmNZAWD6rOxOzO4kUrcfv/pqZ
f+sDs7KTFMO0noJ1Kt7JSV6xCQzeKGdOh9JxYI0/YIsquiHTF2xva3WHrpOG1sns
xXcnrLKONisg4gEK36fjsliG4jJhcNyJaAf4sfDiTKDOE5om+BZ7kMNSrMn20wg4
AdZJm6x8Z0OfjxGOzMQ8re4Cf73H5odrpUel7HFGXiLWtk/f4P5EjxUTznlMbNED
gYi0H898Dz5Qfmtr97WQ8132fnKKtsPlXWNUNgJpYe+GvzmYOBAr4p5EZEWjB+q6
EnfLDLpkaS+PbrpLCls5AnWnHjimBmlIMoO5GEsJdYLIQvVVvfKtEDJIBQARAQAB
tDRPcmFjbGUgTGludXggKGJhY2t1cCBrZXkgMSkgPHNlY2FsZXJ0X3VzQG9yYWNs
ZS5jb20+iQJUBBMBCgA+FiEEmCIxdZx0ZwZdDOmyp90HCItO++YFAmKewpICGwMF
CSWYBgAFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQp90HCItO++bU+w//SFOe
RBqWoA5kP4BN9z716LpgkCllMRQsRZ0kZm8Enbe5S9ENn2T5/f6zZca3TNU6Wbit
ryToXuOlTsWy4BqAvQhQFeschg10Xgy6/VG3p5kCY4DIPOUjlb7/1r8k0xX6m/mH
BXBf2MCVRx/zkyeRDtD3lYHyz4cwoHEZ2NuB+CCe5WA2owVhgsRuVmjidDeOa7Q6
61eLhAJ53OVqsUt5JpQS0KrVeYVJxCiiZnKgJMqHp26Jq0WIKtgBV3sakxhUpRUf
6ap7mnSAdh6Ae4r1+pTKd7trkxjIqLXH9RI0d7Xm+blRQVZJL9GLaLUaSvw4sfd/
jfqENCBwAH7D488L1yvTqPfHC2+kRuUI3GU98RULCHveCISRGLVGwh1p88+9aok3
DoV7/BUEIGbHzg3gcx8zFO2ZKKoJ7xS+vvNLAslPvHNDFH0XOwKBqlVztJprwWtA
H33e6fti7BMRw1vgljC8yVATBTiKXj5aw+25zi70o1fIFxpwsx5mwMmqHc634ai2
hPWNZid0Lu3MYBd8pDCvMMMGimfecoyEZKJR2KbO+pNBn7suol5XS3pCmbF3ldMa
Atra+HvnxNBMxFVdxsqZhr/+ovQszYNIlWSYUDLbqk33HBmvbi3IuogAyxhLdw3T
uIjjf0acjOsSgy79ju2NpKPVtJw4BmvJRFX0Rh25Ag0EYed0OQEQAJRhf7/ZIWhZ
LpCX2vg8B4hjsEYeRvEAPUrUMHkqCuElmDaT7g76aPG0jvbMFVU/ykEt2mIi7EhW
s0SZknT5G8HoHJM2MirkyGB26yp4IlkPyNlc5H9nmMhY7iz/utxQps8jDS8dvxeG
1YAJGleGywGAet9vFfrLX9Xq9efTXozJfWOsRm+y2WklS+LblftaTUurStzLXRGT
AsBYOyVaRX/6AMu+fZt7mvoM+bOFNGxMSDIZi93wBiCKp0P2Se1YJoFHTOcQ0M6V
Fbl91ZcImPxAOX4DHfw4iuokiHCs//wV0DLZ3qtuqN2m/kV4JE9ak//BPVn4acH1
Z6DQIzQpY66dIyLumGuCdPhl7MFHyAeKhBtLc7gp4+sli+zNUfYwwp55rTdZ9JDR
G2LD/P2eNnrUXEsvOzqqQy48BmzOmTdgc2vef85Z23GczwX1PyTaGnrQKkReajN0
IxIuFpTgRQFBoPHTB1VVjSsOu7McWx4Gy2zccSrXKIskj4sOBIYBjxBAR0U4Gi5h
OAqplVGH3x3RoRb2swkc/LLb6WV6J7REmZ0+0dAE1ShBR8GmEb4wYc5BUgYXrhEn
hK3nmNx65jZXSAwJOZU8ETLaMoa/I/+QkgPvAJ8gyTLbMQ/xB2kMNRdisphz0jiy
PIXWlOf6I750VtbBNPHqfe0RHbBQJAl9ABEBAAGJAjwEGAEKACYCGwwWIQSYIjF1
nHRnBl0M6bKn3QcIi0775gUCYp7C3AUJJG4hIwAKCRCn3QcIi0775nmYD/sEI0T4
+MHIt5EzL+vBAzAbd23U2oF9KrJP49xmrLlm7qC6ghfuUVqoKwWyE24g8T4N3cxE
xQWTZ8drqvE2E2tyKqVMjJ5PfiZjK/3WOOIq9YZHpNKljv9KaAAf5alpvMxn6IBj
ZUhs775JcGWWngilBN9i3OEVFcQG9tFtfKqcYf8oRLPQlqhrH0pKOymFdqdL+NFX
G/M2LquGrvyDwnT2Cyy4p4sw639BUyA4k1hESgK9KVZTrmJPYU8hCD7kcSOY25UT
zDERLlXUsnGU9WHm/4aZ4TCs2h2qm29jHeWjfw0U/O8f4K5MV7WcJ0ZywdOk7SSf
jOKUetPH01l22I6JXiH0jLlBU5uA/zAxd8aPpvcYcWm2Ti+mkpIB6/XWbjnPoYHh
JmH8r9Pih1Z4dVR7qri/mdcsTZsKzLPuD6AITafJYuRCItCbMerhvGCwBaaR0oHS
AdpSzwKk8mrLd4BQUSM5a3E010dDeKGL4TA5ttfZJuSe7RXbi4RdDd98XHKEiU3n
N1ethSQNvEyrh0uA1U3FZvPMcbfYZa8zO85Nz9h/TGUNfmp5CyrZUHZLmvvGTOch
lUjaIhAGBVJQR/y7+4aC3zzkyzbKyLOL3hCk0xie4LLbfTQ5BtT4+GqEAtzwRQqZ
RgwnCPfIai7lLNx95bdwB8U2NpY11OXsoTLZAA==
=UWTf
-----END PGP PUBLIC KEY BLOCK-----
EOF
rpm --import /tmp/key
# Import EPEL Key
cat <<EOF > /tmp/key
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGE3mOsBEACsU+XwJWDJVkItBaugXhXIIkb9oe+7aadELuVo0kBmc3HXt/Yp
CJW9hHEiGZ6z2jwgPqyJjZhCvcAWvgzKcvqE+9i0NItV1rzfxrBe2BtUtZmVcuE6
2b+SPfxQ2Hr8llaawRjt8BCFX/ZzM4/1Qk+EzlfTcEcpkMf6wdO7kD6ulBk/tbsW
DHX2lNcxszTf+XP9HXHWJlA2xBfP+Dk4gl4DnO2Y1xR0OSywE/QtvEbN5cY94ieu
n7CBy29AleMhmbnx9pw3NyxcFIAsEZHJoU4ZW9ulAJ/ogttSyAWeacW7eJGW31/Z
39cS+I4KXJgeGRI20RmpqfH0tuT+X5Da59YpjYxkbhSK3HYBVnNPhoJFUc2j5iKy
XLgkapu1xRnEJhw05kr4LCbud0NTvfecqSqa+59kuVc+zWmfTnGTYc0PXZ6Oa3rK
44UOmE6eAT5zd/ToleDO0VesN+EO7CXfRsm7HWGpABF5wNK3vIEF2uRr2VJMvgqS
9eNwhJyOzoca4xFSwCkc6dACGGkV+CqhufdFBhmcAsUotSxe3zmrBjqA0B/nxIvH
DVgOAMnVCe+Lmv8T0mFgqZSJdIUdKjnOLu/GRFhjDKIak4jeMBMTYpVnU+HhMHLq
uDiZkNEvEEGhBQmZuI8J55F/a6UURnxUwT3piyi3Pmr2IFD7ahBxPzOBCQARAQAB
tCdGZWRvcmEgKGVwZWw5KSA8ZXBlbEBmZWRvcmFwcm9qZWN0Lm9yZz6JAk4EEwEI
ADgWIQT/itE0RZcQbs6BO5GKOHK/MihGfAUCYTeY6wIbDwULCQgHAgYVCgkICwIE
FgIDAQIeAQIXgAAKCRCKOHK/MihGfFX/EACBPWv20+ttYu1A5WvtHJPzwbj0U4yF
3zTQpBglQ2UfkRpYdipTlT3Ih6j5h2VmgRPtINCc/ZE28adrWpBoeFIS2YAKOCLC
nZYtHl2nCoLq1U7FSttUGsZ/t8uGCBgnugTfnIYcmlP1jKKA6RJAclK89evDQX5n
R9ZD+Cq3CBMlttvSTCht0qQVlwycedH8iWyYgP/mF0W35BIn7NuuZwWhgR00n/VG
4nbKPOzTWbsP45awcmivdrS74P6mL84WfkghipdmcoyVb1B8ZP4Y/Ke0RXOnLhNe
CfrXXvuW+Pvg2RTfwRDtehGQPAgXbmLmz2ZkV69RGIr54HJv84NDbqZovRTMr7gL
9k3ciCzXCiYQgM8yAyGHV0KEhFSQ1HV7gMnt9UmxbxBE2pGU7vu3CwjYga5DpwU7
w5wu1TmM5KgZtZvuWOTDnqDLf0cKoIbW8FeeCOn24elcj32bnQDuF9DPey1mqcvT
/yEo/Ushyz6CVYxN8DGgcy2M9JOsnmjDx02h6qgWGWDuKgb9jZrvRedpAQCeemEd
fhEs6ihqVxRFl16HxC4EVijybhAL76SsM2nbtIqW1apBQJQpXWtQwwdvgTVpdEtE
r4ArVJYX5LrswnWEQMOelugUG6S3ZjMfcyOa/O0364iY73vyVgaYK+2XtT2usMux
VL469Kj5m13T6w==
=Mjs/
-----END PGP PUBLIC KEY BLOCK-----
EOF
rpm --import /tmp/key
# remove these for debugging
if [ -f /boot/grub2/grub.conf ]; then
sed -i -e 's/ rhgb quiet//' /boot/grub2/grub.conf
fi
sed -i -e 's/ rhgb quiet//' /etc/default/grub
# enable resizing on copied AMIs
echo 'install_items+=" sgdisk "' > /etc/dracut.conf.d/sgdisk.conf
# OCI - Need iscsi as a dracut module
echo 'add_dracutmodules+=" iscsi "' > /etc/dracut.conf.d/iscsi.conf
# OCI - Virtio drivers
echo 'add_drivers+=" virtio virtio_blk virtio_net virtio_pci virtio_ring virtio_scsi virtio_console "' > /etc/dracut.conf.d/virtio.conf
# OCI - Dracut for iscsi bypass
mkdir -p /usr/lib/dracut/modules.d/95oci
cat << OCIMODULESETUP > /usr/lib/dracut/modules.d/95oci/module-setup.sh
#!/bin/bash
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
check() {
return 0
}
depends() {
return 0
}
install() {
inst_hook pre-udev 88 "$moddir/enable-iscsi-bypass.sh"
}
OCIMODULESETUP
cat << OCIISCSIBYPASS > /usr/lib/dracut/modules.d/95oci/enable-iscsi-bypass.sh
#!/bin/sh
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
#Patch iscsiroot to allow bail out if the root disk can already be found
#ref: Orabug: #30312004
type getarg >/dev/null 2>&1 || . /lib/dracut-lib.sh
INSERT='
r="${root#block:}"
if getargbool 0 rd.iscsi.bypass && [ -e "$r" ]; then
for nroot in $(getargs netroot); do
[ "${nroot%%:*}" = "iscsi" ] || continue
type parse_iscsi_root >/dev/null 2>&1 || . /lib/net-lib.sh
parse_iscsi_root "$nroot" || return 1
netroot_enc=$(str_replace "$nroot" "/" "\2f")
done
echo "iscsi: Skipping $netroot_enc..." >&2
echo "iscsi: Skipping $netroot_enc..." > /dev/kmsg
echo "skipped" > "/tmp/iscsistarted-$netroot_enc"
exit 0
fi
'
if getargbool 0 rd.iscsi.bypass && [ -f "/sbin/iscsiroot" ]; then
echo "Enabling ISCSI bypass option" >&2
echo "Enabling ISCSI bypass option" > /dev/kmsg
echo "$INSERT" | sed -i '/^PATH=.*$/{r /dev/stdin
h}; ${x;/PATH/{x;q0};x;q3}\ "/sbin/iscsiroot" || warn "Failed Enabling ISCSI bypass option"
fi
OCIISCSIBYPASS
cat << OCICLOUDCONFIG > /etc/cloud/cloud.cfg.d/99_oci.cfg
# OCI cloud-init configuration
datasource_list: ['Oracle', 'OpenStack']
datasource:
OpenStack:
metadata_urls: ['http://169.254.169.254']
timeout: 10
max_wait: 20
# swap file
swap:
filename: /.swapfile
size: "auto"
cloud_init_modules:
# OCI: disk_setup is disabled
#- disk_setup
- migrator
- bootcmd
- write-files
# OCI: The growpart module is disabled by default. To enable automatic boot volume resizing, uncomment
# the below entry for '- growpart' and reboot. All the dependent packages for the growpart
# module to work such as cloud-utils-growpart and gdisk are already included in the image.
#- growpart
- resizefs
# OCI: set_hostname, update_hostname, update_etc_hosts are disabled
#- set_hostname
#- update_hostname
#- update_etc_hosts
- rsyslog
- users-groups
- ssh
cloud_config_modules:
- mounts
- locale
- set-passwords
# OCI: rh_subscription is disabled
#- rh_subscription
- yum-add-repo
- package-update-upgrade-install
- timezone
- ntp
- puppet
- chef
- salt-minion
- mcollective
- disable-ec2-metadata
- runcmd
cloud_final_modules:
- rightscale_userdata
- scripts-per-once
- scripts-per-boot
- scripts-per-instance
- scripts-user
- ssh-authkey-fingerprints
- keys-to-console
- phone-home
- final-message
# OCI: power-state-change is disabled
#- power-state-change
OCICLOUDCONFIG
# Remove system.devices because Oracle does things.
rm -fv /etc/lvm/devices/system.devices
# Copyright (C) 2020 Oracle Corp., Inc. All rights reserved.
# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl
#
# /usr/lib/oci-linux-config/cloud/scripts/initramfs-mod/net.sh
#
echo "$(date) - OCI initramfs network modification script started."
# Symlink network config files where cloud-init >= 19.4 expects them
DRACUT_CFG=/run/initramfs/state/etc/sysconfig/network-scripts
CI_DIR=/run
if [ -d $DRACUT_CFG ]; then
FILE_COUNT=`ls $DRACUT_CFG | wc -l`
if [ $FILE_COUNT -eq 0 ]; then
# Create dummy file if dracut did not create network device config
dummycfg=$CI_DIR/net-dummy.conf
echo "DEVICE=\"dummy\"" > $dummycfg
echo "BOOTPROTO=dhcp" >> $dummycfg
echo "$(date) - Creating dummy config $dummycfg."
else
for dcfg in $DRACUT_CFG/*; do
filename=${dcfg##*/}
devname=${filename##ifcfg-}
cicfg=$CI_DIR/net-$devname.conf
if [ ! -e $cicfg ]; then
echo "$(date) - Creating symlink from $dcfg to $cicfg."
ln -s $dcfg $cicfg
fi
done
fi
fi
echo "$(date) - OCI initramfs network modification script done."
}
function cloud_cleanup_steps() {
truncate -c -s 0 /var/log/dnf.log
rm -rf /var/log/yum.log
rm -rf /var/lib/yum/*
rm -rf /root/install.log
rm -rf /root/install.log.syslog
rm -rf /root/anaconda-ks.cfg
rm -rf /var/log/anaconda*
rm -f /var/lib/systemd/random-seed
touch /var/log/cron
touch /var/log/boot.log
mkdir -p /var/cache/yum
# Azure Only
if [[ "$kiwi_profiles" == *"Azure"* ]]; then
rm -f /var/log/waagent.log
cloud-init clean
waagent -force -deprovision+user
fi
}
function azure_cleanup_steps() {
rm -f /var/log/waagent.log
cloud-init clean
waagent -force -deprovision+user
}
function common_container_steps() {
/bin/date +%Y-%m-%d_%H:%M:%S > /etc/BUILDTIME
echo 'container' > /etc/dnf/vars/infra
LANG="en_US"
echo "%_install_langs $LANG" > /etc/rpm/macros.image-language-conf
echo 'LANG="C.UTF-8"' > /etc/locale.conf
releasever=$(rpm --eval '%{?rocky}')
rpm --import "/etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-${releasever}"
:> /etc/machine-id
echo "# placeholder" > /etc/resolv.conf
chmod 644 /etc/resolv.conf
rm -rf /tmp/*
printf "tsflags=nodocs\n" >>/etc/dnf/dnf.conf
}
function minimal_container_steps() {
microdnf -y remove langpacks-en
rm -fv /usr/share/gnupg/help*.txt
rm /usr/lib/rpm/rpm.daily
rm -rfv /usr/lib64/nss/unsupported-tools/
rm -fv /usr/sbin/{glibc_post_upgrade.x86_64,sln}
ln /usr/bin/ln usr/sbin/sln
rm -rfv /var/lib/dnf
rm -rfv /usr/share/icons/*
rm -fv /usr/bin/pinky
rm -rfv /usr/lib/systemd
}
function toolbox_container_steps() {
rm -f /etc/rpm/macros.image-language-conf
sed -i '/tsflags=nodocs/d' /etc/dnf/dnf.conf
}
################################################################################
# Vagrant
function common_vagrant_steps() {
fallocate -l 2G /swapfile
chmod 600 /swapfile
mkswap /swapfile
echo "/swapfile none swap defaults 0 0" >> /etc/fstab
cat > /etc/sudoers.d/vagrant << EOF
Defaults:vagrant !requiretty
%vagrant ALL=(ALL) NOPASSWD: ALL
EOF
chmod 0440 /etc/sudoers.d/vagrant
# This may have to be changed for 10
sed -i 's/^\(PasswordAuthentication\) yes$/\1 no/' /etc/ssh/sshd_config
sed -i 's/^#\(UseDNS\) yes$/\r\1 no/' /etc/ssh/sshd_config
cat >>/etc/sysconfig/sshd <<EOF
# Decrease connection time by preventing reverse DNS lookups
# (see https://lists.centos.org/pipermail/centos-devel/2016-July/014981.html)
OPTIONS="-u0"
EOF
# Setup insecure key by default
mkdir -m 0700 -p /home/vagrant/.ssh
echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" >> /home/vagrant/.ssh/authorized_keys
chmod 600 /home/vagrant/.ssh/authorized_keys
chown -R vagrant:vagrant /home/vagrant/.ssh
echo 'vag' > /etc/yum/vars/infra
echo blacklist floppy > /etc/modprobe.d/nofloppy.conf
pushd /etc/dracut.conf.d
# Enable VMware PVSCSI support for VMware Fusion guests.
echo 'add_drivers+=" vmw_pvscsi "' > vmware-fusion-drivers.conf
echo 'add_drivers+=" hv_netvsc hv_storvsc hv_utils hv_vmbus hid-hyperv "' > hyperv-drivers.conf
# There's no floppy controller, but probing for it generates timeouts
echo 'omit_drivers+=" floppy "' > nofloppy.conf
popd
#echo "Regenerating kernel"
#KERNEL_VERSION=$(rpm -q kernel --qf '%{version}-%{release}.%{arch}\n')
#dracut -f -v
rm -rf /etc/ssh/ssh_host_*
# Might not be needed for 10
ex -s /etc/pam.d/su <<'EOF'
/^account\s\+sufficient\s\+pam_succeed_if.so uid = 0 use_uid quiet$/
:append
account [success=1 default=ignore] \\
pam_succeed_if.so user = vagrant use_uid quiet
account required pam_succeed_if.so user notin root:vagrant
.
:update
:quit
EOF
}
function vbox_vagrant_steps() {
# legacy stuff, we won't have this for 10
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
DEVICE="eth0"
BOOTPROTO="dhcp"
ONBOOT="yes"
TYPE="Ethernet"
PERSISTENT_DHCLIENT="yes"
EOF
# Install VBoxGuestAdditions for installed kernel.
# https://git.resf.org/sig_kernel/meta/issues/13
#kver=$(rpm -q --queryformat="%{VERSION}-%{RELEASE}.%{ARCH}" kernel)
#echo "stg/rocky" > /etc/dnf/vars/contentdir
#sed -i 's/^#baseurl/baseurl/g;s/^mirrorlist/#mirrorlist/g' /etc/yum.repos.d/rocky*repo
#dnf -y install kernel-headers-$kver kernel-devel gcc make perl elfutils-libelf-devel
#sed -i 's/^baseurl/#baseurl/g;s/^#mirrorlist/mirrorlist/g' /etc/yum.repos.d/rocky*repo
#echo "pub/rocky" > /etc/dnf/vars/contentdir
#curl -L -o /tmp/vboxadditions.iso https://download.virtualbox.org/virtualbox/7.0.16/VBoxGuestAdditions_7.0.16.iso
#mkdir -p /media/VBoxGuestAdditions
#mount -o loop,ro /tmp/vboxadditions.iso /media/VBoxGuestAdditions
#mkdir -p /tmp/VBoxGuestAdditions
#sh /media/VBoxGuestAdditions/VBoxLinuxAdditions.run --nox11 --noexec --keep --target /tmp/VBoxGuestAdditions
#pushd /tmp/VBoxGuestAdditions
#./install.sh
#/sbin/rcvboxadd quicksetup all
#popd
#ls "/lib/modules/${kver}/misc/"
#modinfo "/lib/modules/${kver}/misc/vboxsf.ko"
#rm -rf /tmp/VBoxGuestAdditions
#umount /media/VBoxGuestAdditions
#rm -f /tmp/vboxadditions.iso
#rmdir /media/VBoxGuestAdditions
#dnf -y remove kernel-devel gcc make perl elfutils-libelf-devel
}
function libvirt_vagrant_steps() {
# legacy stuff, we won't have this for 10
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
DEVICE="eth0"
BOOTPROTO="dhcp"
ONBOOT="yes"
TYPE="Ethernet"
PERSISTENT_DHCLIENT="yes"
EOF
}
################################################################################
# SBC
function common_sbc_steps() {
:> /etc/machine-id
rm -f /etc/sysconfig/network-scripts/ifcfg-link
rm -f /etc/ssh/*_key*
dnf clean all
chown -R sssd:sssd /var/lib/sss/{db,pipes,mc,pubconf,gpo_cache}
cat > /etc/sysconfig/cpupower << EOF
CPUPOWER_START_OPTS="frequency-set -g ondemand"
CPUPOWER_STOP_OPTS="frequency-set -g ondemand"
EOF
}
function raspberrypi_sbc_steps() {
cd /lib/firmware/brcm
xz -d -k brcmfmac43430-sdio.raspberrypi,3-model-b.txt.xz
cat > /boot/cmdline.txt << EOF
console=ttyAMA0,115200 console=tty1 root=LABEL=RPIROOT rootfstype=ext4 elevator=deadline rootwait
EOF
}
function genericarm_sbc_steps() {
mkdir -p /boot/efi/EFI/BOOT
if [ -d /boot/efi/EFI/rocky/ ] && [ -f /boot/efi/EFI/rocky/grubaa64.efi ];then
for j in grub.cfg grubenv;do
if [ -f "/boot/grub2/${j}" ]; then
mv -f /boot/grub2/${j} /boot/efi/EFI/rocky/
ln -s ../efi/EFI/rocky/${j} /boot/grub2/${j}
fi
done
cp -f /boot/efi/EFI/rocky/grubaa64.efi /boot/efi/EFI/BOOT/BOOTAA64.EFI
fi
if [ -f /usr/share/uboot/rpi_3/u-boot.bin ]; then
cp -f /usr/share/uboot/rpi_3/u-boot.bin /boot/efi/rpi3-u-boot.bin
fi
if [ -f /usr/share/uboot/rpi_4/u-boot.bin ]; then
cp -f /usr/share/uboot/rpi_4/u-boot.bin /boot/efi/rpi4-u-boot.bin
fi
if [ -f /usr/share/uboot/rpi_arm64/u-boot.bin ]; then
cp -f /usr/share/uboot/rpi_arm64/u-boot.bin /boot/efi/rpi-u-boot.bin
fi
rpm -e dracut-config-generic
if [ -x /lib/kernel/install.d/10-devicetree.install ]; then
/lib/kernel/install.d/10-devicetree.install remove
fi
cat << EOF > /etc/sysconfig/kernel
# Written by image installer
# UPDATEDEFAULT specifies if new-kernel-pkg should make new kernels the default
UPDATEDEFAULT=yes
# DEFAULTKERNEL specifies the default kernel package type
DEFAULTKERNEL=kernel-core
EOF
chmod 644 /etc/sysconfig/kernel
### Write grub defaults, turn off OS probing as it is always wrong for image creation
cat << EOF > /etc/default/grub
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX=""
GRUB_DISABLE_RECOVERY="true"
GRUB_DISABLE_OS_PROBER="true"
GRUB_ENABLE_BLSCFG="false"
EOF
chmod 644 /etc/default/grub
rm -f /boot/dtb
cat >/usr/local/bin/rootfs-expand << EOF
#!/bin/bash
clear
part=\$(mount |grep '^/dev.* / ' |awk '{print \$1}')
if [ -z "\$part" ];then
echo "Error detecting rootfs"
exit -1
fi
dev=\$(echo \$part|sed 's/[0-9]*\$//g')
devlen=\${#dev}
num=\${part:\$devlen}
if [[ "\$dev" =~ ^/dev/mmcblk[0-9]*p\$ ]];then
dev=\${dev:0:-1}
fi
if [ ! -x /usr/bin/growpart ];then
echo "Please install cloud-utils-growpart (sudo yum install cloud-utils-growpart)"
exit -2
fi
if [ ! -x /usr/sbin/resize2fs ];then
echo "Please install e2fsprogs (sudo yum install e2fsprogs)"
exit -3
fi
echo \$part \$dev \$num
echo "Extending partition \$num to max size ...."
growpart \$dev \$num
echo "Resizing ext4 filesystem ..."
resize2fs \$part
echo "Done."
df -h |grep \$part
EOF
chmod +x /usr/local/bin/rootfs-expand
}
#
################################################################################
cat /dev/null > /etc/machine-id
# Gets around grub-bls issue
echo "GRUB_DEFAULT=saved" >> /etc/default/grub
# All cloud and live
if [[ "$kiwi_profiles" == *"Cloud"* ]] || [[ "$kiwi_profiles" == *"Live"* ]]; then
passwd -d root
passwd -l root
fi
################################################################################
# Just about all the cloud images should do these things.
if [[ "$kiwi_profiles" == *"Cloud"* ]]; then
common_cloud_steps
fi
################################################################################
# Azure specific settings
if [[ "$kiwi_profiles" == *"Azure"* ]]; then
azure_cloud_steps
fi
################################################################################
# EC2 specific settings
if [[ "$kiwi_profiles" == *"EC2"* ]]; then
ec2_cloud_steps
fi
################################################################################
# GenClo specific settings
if [[ "$kiwi_profiles" == *"GenericCloud"* ]]; then
genclo_cloud_steps
fi
################################################################################
# OCP specific settings
if [[ "$kiwi_profiles" == *"OCP"* ]]; then
ocp_cloud_steps
EOF
fi
# cloud clean up
if [[ "$kiwi_profiles" == *"Cloud"* ]]; then
echo "cleanup time"
cloud_cleanup_steps
# Azure Only
if [[ "$kiwi_profiles" == *"Azure"* ]]; then
azure_cleanup_steps
fi
rm -f ~/.bash_history
export HISTSIZE=0
fi
# Live Images Only
if [[ "$kiwi_profiles" == *"Live"* ]]; then
common_live_steps
if [[ "$kiwi_profiles" == *"Workstation"* ]]; then
live_gnome_steps
fi
if [[ "$kiwi_profiles" == *"KDE"* ]]; then
live_kde_steps
epel_de_steps
fi
if [[ "$kiwi_profiles" == *"Cinnamon"* ]]; then
live_cinnamon_steps
epel_de_steps
fi
if [[ "$kiwi_profiles" == *"MATE"* ]]; then
live_mate_steps
epel_de_steps
fi
if [[ "$kiwi_profiles" == *"XFCE"* ]]; then
live_xfce_steps
epel_de_steps
fi
fi
# Containers only
if [[ "$kiwi_profiles" == *"Container"* ]]; then
common_container_steps
if [[ "$kiwi_profiles" == *"Container-Minimal"* ]]; then
minimal_container_steps
fi
if [[ "$kiwi_profiles" == *"Container-Toolbox"* ]]; then
toolbox_container_steps
fi
fi
# Vagrant only
if [[ "$kiwi_profiles" == *"Vagrant"* ]]; then
common_vagrant_steps
if [[ "$kiwi_profiles" == *"Vagrant-Libvirt"* ]]; then
libvirt_vagrant_steps
fi
if [[ "$kiwi_profiles" == *"Vagrant-Vbox"* ]]; then
vbox_vagrant_steps
fi
fi
# SBC Only
if [[ "$kiwi_profiles" == *"SBC"* ]]; then
common_sbc_steps
if [[ "$kiwi_profiles" == *"SBC-RaspberryPi"* ]]; then
raspberrypi_sbc_steps
fi
if [[ "$kiwi_profiles" == *"SBC-GenericArm"* ]]; then
genericarm_sbc_steps
fi
fi

1
config.xml Symbolic link
View File

@ -0,0 +1 @@
configs/rocky.xml

28
configs/rocky-live-cinnamon.xml Normal file
View File

@ -0,0 +1,28 @@
<?xml version="1.0" encoding="utf-8"?>
<image schemaversion="7.4" name="Rocky-9-Cinnamon" displayname="Rocky Linux Cinnamon 9">
<description type="system">
<author>Release Engineering (SIG/Core)</author>
<contact>releng@rockylinux.org</contact>
<specification>Rocky Linux</specification>
</description>
<preferences>
<version>9</version>
<packagemanager>dnf</packagemanager>
<locale>en_US</locale>
<keytable>us</keytable>
<timezone>UTC</timezone>
<release-version>9</release-version>
</preferences>
<include from="this://./repositories/core.xml"/>
<include from="this://./repositories/epel.xml"/>
<include from="this://./components/boot.xml"/>
<include from="this://./components/users.xml"/>
<include from="this://./components/live/common.xml"/>
<include from="this://./components/live/cinnamon.xml"/>
<include from="this://./live/cinnamon.xml"/>
<packages type="bootstrap">
<package name="basesystem"/>
<package name="filesystem"/>
</packages>
</image>

28
configs/rocky-live-kde.ks Normal file
View File

@ -0,0 +1,28 @@
<?xml version="1.0" encoding="utf-8"?>
<image schemaversion="7.4" name="Rocky-ZZVERZZ-KDE" displayname="Rocky Linux KDE ZZVERZZ">
<description type="system">
<author>Release Engineering (SIG/Core)</author>
<contact>releng@rockylinux.org</contact>
<specification>Rocky Linux</specification>
</description>
<preferences>
<version>9</version>
<packagemanager>dnf</packagemanager>
<locale>en_US</locale>
<keytable>us</keytable>
<timezone>UTC</timezone>
<release-version>9</release-version>
</preferences>
<include from="this://./repositories/core.xml"/>
<include from="this://./repositories/epel.xml"/>
<include from="this://./components/boot.xml"/>
<include from="this://./components/users.xml"/>
<include from="this://./components/live/common.xml"/>
<include from="this://./components/live/kde.xml"/>
<include from="this://./live/kde.xml"/>
<packages type="bootstrap">
<package name="basesystem"/>
<package name="filesystem"/>
</packages>
</image>

28
configs/rocky-live-mate.xml Normal file
View File

@ -0,0 +1,28 @@
<?xml version="1.0" encoding="utf-8"?>
<image schemaversion="7.4" name="Rocky-9-MATE" displayname="Rocky Linux MATE 9">
<description type="system">
<author>Release Engineering (SIG/Core)</author>
<contact>releng@rockylinux.org</contact>
<specification>Rocky Linux</specification>
</description>
<preferences>
<version>9</version>
<packagemanager>dnf</packagemanager>
<locale>en_US</locale>
<keytable>us</keytable>
<timezone>UTC</timezone>
<release-version>9</release-version>
</preferences>
<include from="this://./repositories/core.xml"/>
<include from="this://./repositories/epel.xml"/>
<include from="this://./components/boot.xml"/>
<include from="this://./components/users.xml"/>
<include from="this://./components/live/common.xml"/>
<include from="this://./components/live/mate.xml"/>
<include from="this://./live/mate.xml"/>
<packages type="bootstrap">
<package name="basesystem"/>
<package name="filesystem"/>
</packages>
</image>

27
configs/rocky-live-workstation-lite.xml Normal file
View File

@ -0,0 +1,27 @@
<?xml version="1.0" encoding="utf-8"?>
<image schemaversion="7.4" name="Rocky-9-Workstation-Lite" displayname="Rocky Linux Workstation-Lite 9">
<description type="system">
<author>Release Engineering (SIG/Core)</author>
<contact>releng@rockylinux.org</contact>
<specification>Rocky Linux</specification>
</description>
<preferences>
<version>9</version>
<packagemanager>dnf</packagemanager>
<locale>en_US</locale>
<keytable>us</keytable>
<timezone>UTC</timezone>
<release-version>9</release-version>
</preferences>
<include from="this://./repositories/core.xml"/>
<include from="this://./components/boot.xml"/>
<include from="this://./components/users.xml"/>
<include from="this://./components/live/common.xml"/>
<include from="this://./components/live/workstation-lite.xml"/>
<include from="this://./live/workstation-lite.xml"/>
<packages type="bootstrap">
<package name="basesystem"/>
<package name="filesystem"/>
</packages>
</image>

27
configs/rocky-live-workstation.xml Normal file
View File

@ -0,0 +1,27 @@
<?xml version="1.0" encoding="utf-8"?>
<image schemaversion="7.4" name="Rocky-9-Workstation" displayname="Rocky Linux Workstation 9">
<description type="system">
<author>Release Engineering (SIG/Core)</author>
<contact>releng@rockylinux.org</contact>
<specification>Rocky Linux</specification>
</description>
<preferences>
<version>9</version>
<packagemanager>dnf</packagemanager>
<locale>en_US</locale>
<keytable>us</keytable>
<timezone>UTC</timezone>
<release-version>9</release-version>
</preferences>
<include from="this://./repositories/core.xml"/>
<include from="this://./components/boot.xml"/>
<include from="this://./components/users.xml"/>
<include from="this://./components/live/common.xml"/>
<include from="this://./components/live/workstation.xml"/>
<include from="this://./live/workstation.xml"/>
<packages type="bootstrap">
<package name="basesystem"/>
<package name="filesystem"/>
</packages>
</image>

28
configs/rocky-live-xfce.xml Normal file
View File

@ -0,0 +1,28 @@
<?xml version="1.0" encoding="utf-8"?>
<image schemaversion="7.4" name="Rocky-9-XFCE" displayname="Rocky Linux XFCE 9">
<description type="system">
<author>Release Engineering (SIG/Core)</author>
<contact>releng@rockylinux.org</contact>
<specification>Rocky Linux</specification>
</description>
<preferences>
<version>9</version>
<packagemanager>dnf</packagemanager>
<locale>en_US</locale>
<keytable>us</keytable>
<timezone>UTC</timezone>
<release-version>9</release-version>
</preferences>
<include from="this://./repositories/core.xml"/>
<include from="this://./repositories/epel.xml"/>
<include from="this://./components/boot.xml"/>
<include from="this://./components/users.xml"/>
<include from="this://./components/live/common.xml"/>
<include from="this://./components/live/xfce.xml"/>
<include from="this://./live/xfce.xml"/>
<packages type="bootstrap">
<package name="basesystem"/>
<package name="filesystem"/>
</packages>
</image>

27
configs/rocky-sbc-genericarm.xml Normal file
View File

@ -0,0 +1,27 @@
<?xml version="1.0" encoding="utf-8"?>
<image schemaversion="7.4" name="Rocky">
<description type="system">
<author>Release Engineering (SIG/Core)</author>
<contact>releng@rockylinux.org</contact>
<specification>Rocky Linux</specification>
</description>
<preferences>
<version>9</version>
<packagemanager>dnf</packagemanager>
<locale>en_US</locale>
<keytable>us</keytable>
<timezone>UTC</timezone>
<release-version>9</release-version>
</preferences>
<include from="this://./repositories/core.xml"/>
<include from="this://./repositories/altarch-common.xml"/>
<include from="this://./repositories/gnulab-tmp.xml"/>
<include from="this://./components/boot.xml"/>
<include from="this://./components/users.xml"/>
<include from="this://./sbc/pi.xml"/>
<packages type="bootstrap">
<package name="basesystem"/>
<package name="filesystem"/>
</packages>
</image>

26
configs/rocky-sbc-raspberrypi.xml Normal file
View File

@ -0,0 +1,26 @@
<?xml version="1.0" encoding="utf-8"?>
<image schemaversion="7.4" name="Rocky">
<description type="system">
<author>Release Engineering (SIG/Core)</author>
<contact>releng@rockylinux.org</contact>
<specification>Rocky Linux</specification>
</description>
<preferences>
<version>9</version>
<packagemanager>dnf</packagemanager>
<locale>en_US</locale>
<keytable>us</keytable>
<timezone>UTC</timezone>
<release-version>9</release-version>
</preferences>
<include from="this://./repositories/core.xml"/>
<include from="this://./repositories/altarch-common.xml"/>
<include from="this://./components/boot.xml"/>
<include from="this://./components/users.xml"/>
<include from="this://./sbc/pi.xml"/>
<packages type="bootstrap">
<package name="basesystem"/>
<package name="filesystem"/>
</packages>
</image>

48
configs/rocky.xml Normal file
View File

@ -0,0 +1,48 @@
<?xml version="1.0" encoding="utf-8"?>
<image schemaversion="7.4" name="Rocky">
<description type="system">
<author>Release Engineering (SIG/Core)</author>
<contact>releng@rockylinux.org</contact>
<specification>Rocky Linux</specification>
</description>
<preferences>
<version>9</version>
<packagemanager>dnf</packagemanager>
<locale>en_US</locale>
<keytable>us</keytable>
<timezone>UTC</timezone>
<release-version>9</release-version>
</preferences>
<include from="this://./repositories/core.xml"/>
<include from="this://./repositories/sig-core.xml"/>
<!-- research if these should be on for everything in general
would leaving these on affect what's pulled? original kickstarts used
would stick with our repos until the OCP images.
<include from="this://./repositories/oracle.xml"/>
<include from="this://./repositories/cloud-common.xml"/>
<include from="this://./repositories/kernel-common.xml"/>
-->
<!-- Components -->
<include from="this://./components/boot.xml"/>
<include from="this://./components/users.xml"/>
<include from="this://./components/live/common.xml"/>
<include from="this://./components/live/xfce.xml"/>
<!-- Cloud -->
<include from="this://./cloud/cloud.xml"/>
<!-- Vagrant -->
<include from="this://./vagrant/vagrant.xml"/>
<!-- Containers -->
<include from="this://./container/container.xml"/>
<!-- Live -->
<include from="this://./live/workstation.xml"/>
<include from="this://./live/workstation-lite.xml"/>
<include from="this://./live/xfce.xml"/>
<include from="this://./live/mate.xml"/>
<include from="this://./live/kde.xml"/>
<include from="this://./live/cinnamon.xml"/>
<packages type="bootstrap">
<package name="basesystem"/>
<package name="filesystem"/>
</packages>
</image>

99
container-build.sh Executable file
View File

@ -0,0 +1,99 @@
#!/bin/bash
# helps build a quick container image. that way a user doesn't have to use emapandas
# nor some other method. mock is probably not necessary, but it's up to you.
# label@resf.org
set -o errexit
set -o pipefail
SCRNAME="$(basename "$0")"
SCRDIR="$(dirname "${BASH_SOURCE[0]}")"
export __usage
__usage="
usage: $SCRNAME [OPTIONS]
Options:
-o, --output-dir DIR
-c, --container NAME
-p, --peridot ID # optional. will use peridot repos.
-d, --debug # optional
"
OPTS=$(getopt -a -n container-build -o c:,o:,p:,d,h \
-l container:,output-dir:,peridot:,debug,help -- "$@")
function is_in_path() {
builtin type -P "${1}"
}
function usage() {
echo "$__usage"
}
eval set -- "$OPTS"
while :; do
case "$1" in
-c | --container) CONTAINER="$2" ; shift 2 ;;
-o | --output-dir) OUTPUTDIR="$2" ; shift 2 ;;
-p | --peridot) PERIDOTID="$2" ; shift 2 ;;
-d | --debug) DEBUG="--debug" ; shift ;;
-h | --help) usage ;;
--) shift ; break ;;
esac
done
if [ -z "$CONTAINER" ] || [ -z "$OUTPUTDIR" ]; then
echo "Options are not set properly."
usage
exit 12
fi
if [ -e "/sys/fs/selinux/enforce" ]; then
enforce_check="$(cat /sys/fs/selinux/enforce)"
if [ "$enforce_check" -eq "1" ]; then
echo "Running with selinux enforcing is not recommended."
exit 22
fi
fi
is_in_path kiwi-ng &> /dev/null
ret_val=$?
if [ "$ret_val" -ne "0" ]; then
echo "kiwi-ng not found. kiwi packages are likely not installed on this system."
exit 32
fi
function switch_repo_to_peridot() {
ID="$1"
# https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/
pushd repositories || { echo "not found"; exit 1; }
sed -i "s;ZZ_INTERNAL_BaseOS_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/BaseOS/\$basearch;g" core-peridot.xml
sed -i "s;ZZ_INTERNAL_AppStream_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/AppStream/\$basearch;g" core-peridot.xml
sed -i "s;ZZ_INTERNAL_CRB_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/CRB/\$basearch;g" core-peridot.xml
sed -i "s;ZZ_INTERNAL_extras_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/extras/\$basearch;g" core-peridot.xml
rm core.xml
ln -sf core-peridot.xml core.xml
popd
}
function main() {
#/bin/rm config.xml
#if [ ! -f "configs/rocky-live-${LIVE,,}.xml" ]; then
# echo "${LIVE} was not found. Is it supported?"
# exit 42
#fi
#ln -sf "configs/rocky-live-${LIVE,,}.xml" config.xml
ln -sf "configs/rocky.xml" config.xml
if [ -n "$PERIDOTID" ]; then
switch_repo_to_peridot "${PERIDOTID}"
fi
# shellcheck disable=SC2086
kiwi-ng $DEBUG --type="oci" --profile="Container-$CONTAINER" --color-output system build --description="$SCRDIR" --target-dir "$OUTPUTDIR"
}
main

301
container/container.xml Normal file
View File

@ -0,0 +1,301 @@
<image>
<profiles>
<profile name="Core-Container" description="Container Core Packages">
</profile>
<profile name="Container-Base" description="Container Base Image">
<requires profile="Core-Container"/>
</profile>
<profile name="Container-Minimal" description="Minimal Container Image">
<requires profile="Core-Container"/>
</profile>
<profile name="Container-UBI" description="UBI Container Image">
<requires profile="Core-Container"/>
</profile>
<!-- The base container is the starting point, but we have additional
packages to deal with. So this is a standalone profile. -->
<profile name="Container-Toolbox" description="Toolbox Container Image">
</profile>
<!-- ... -->
</profiles>
<preferences profiles="Container-Base">
<type image="oci">
<containerconfig
name="rockylinux"
tag="9"
maintainer="Release Engineering (SIG/Core)">
<subcommand execute="/bin/bash"/>
<labels>
<label name="org.opencontainers.image.vendor" value="Rocky Enterprise Software Foundation"/>
<label name="org.opencontainers.image.url" value="https://github.com/rocky-linux/rocky-toolbox-images"/>
<label name="org.opencontainers.image.license" value="BSD-3-Clause"/>
<label name="org.opencontainers.image.name" value="rockylinux"/>
<label name="org.opencontainers.image.version" value="9"/>
<label name="org.opencontainers.image.authors" value="Magauer Lukas, Neil Hanlon, Louis Abel"/>
<label name="vendor" value="Rocky Enterprise Software Foundation"/>
<label name="license" value="BSD-3-Clause"/>
<label name="name" value="rockylinux"/>
<label name="version" value="9"/>
</labels>
</containerconfig>
</type>
<timezone>Etc/UTC</timezone>
<locale>en_US</locale>
<rpm-locale-filtering>true</rpm-locale-filtering>
<rpm-excludedocs>true</rpm-excludedocs>
</preferences>
<preferences profiles="Container-Minimal">
<type image="oci">
<containerconfig
name="rockylinux"
tag="9-minimal"
maintainer="Release Engineering (SIG/Core)">
<subcommand execute="/bin/bash"/>
<labels>
<label name="org.opencontainers.image.vendor" value="Rocky Enterprise Software Foundation"/>
<label name="org.opencontainers.image.url" value="https://github.com/rocky-linux/rocky-toolbox-images"/>
<label name="org.opencontainers.image.license" value="BSD-3-Clause"/>
<label name="org.opencontainers.image.name" value="rockylinux"/>
<label name="org.opencontainers.image.version" value="9-minimal"/>
<label name="org.opencontainers.image.authors" value="Magauer Lukas, Neil Hanlon, Louis Abel"/>
<label name="vendor" value="Rocky Enterprise Software Foundation"/>
<label name="license" value="BSD-3-Clause"/>
<label name="name" value="rockylinux"/>
<label name="version" value="9-minimal"/>
</labels>
</containerconfig>
</type>
<timezone>Etc/UTC</timezone>
<locale>en_US</locale>
<rpm-locale-filtering>true</rpm-locale-filtering>
<rpm-excludedocs>true</rpm-excludedocs>
<packagemanager>microdnf</packagemanager>
</preferences>
<preferences profiles="Container-UBI">
<type image="oci">
<containerconfig
name="rockylinux"
tag="9-UBI"
maintainer="Release Engineering (SIG/Core)">
<subcommand execute="/bin/bash"/>
<labels>
<label name="org.opencontainers.image.vendor" value="Rocky Enterprise Software Foundation"/>
<label name="org.opencontainers.image.url" value="https://github.com/rocky-linux/rocky-toolbox-images"/>
<label name="org.opencontainers.image.license" value="BSD-3-Clause"/>
<label name="org.opencontainers.image.name" value="rockylinux"/>
<label name="org.opencontainers.image.version" value="9-UBI"/>
<label name="org.opencontainers.image.authors" value="Magauer Lukas, Neil Hanlon, Louis Abel"/>
<label name="vendor" value="Rocky Enterprise Software Foundation"/>
<label name="license" value="BSD-3-Clause"/>
<label name="name" value="rockylinux"/>
<label name="version" value="9-UBI"/>
</labels>
</containerconfig>
</type>
<timezone>Etc/UTC</timezone>
<locale>en_US</locale>
<rpm-locale-filtering>true</rpm-locale-filtering>
<rpm-excludedocs>true</rpm-excludedocs>
</preferences>
<preferences profiles="Container-Toolbox">
<type image="oci">
<containerconfig
name="rocky-toolbox"
tag="9"
maintainer="Release Engineering (SIG/Core)">
<subcommand execute="/bin/bash"/>
<labels>
<label name="org.opencontainers.image.vendor" value="Rocky Enterprise Software Foundation"/>
<label name="org.opencontainers.image.url" value="https://github.com/rocky-linux/rocky-toolbox-images"/>
<label name="org.opencontainers.image.license" value="BSD-3-Clause"/>
<label name="org.opencontainers.image.name" value="rocky-toolbox"/>
<label name="org.opencontainers.image.version" value="9"/>
<label name="org.opencontainers.image.authors" value="Magauer Lukas, Neil Hanlon, Louis Abel"/>
<label name="vendor" value="Rocky Enterprise Software Foundation"/>
<label name="license" value="BSD-3-Clause"/>
<label name="name" value="rocky-toolbox"/>
<label name="version" value="9"/>
</labels>
</containerconfig>
</type>
<timezone>Etc/UTC</timezone>
<locale>en_US</locale>
<rpm-locale-filtering>true</rpm-locale-filtering>
<rpm-excludedocs>true</rpm-excludedocs>
</preferences>
<!-- Core package installation. This affects everything except for the
toolbox container. -->
<packages type="bootstrap" profiles="Core-Container">
<package name="bash"/>
<package name="coreutils-single"/>
<package name="glibc-minimal-langpack"/>
<package name="rocky-release"/>
<package name="util-linux"/>
<ignore name="dosfstools"/>
<ignore name="e2fsprogs"/>
<ignore name="firewalld"/>
<ignore name="fuse-libs"/>
<ignore name="gettext*"/>
<ignore name="gnupg2-smime"/>
<ignore name="grub*"/>
<ignore name="iptables"/>
<ignore name="kernel"/>
<ignore name="*-firmware"/>
<ignore name="libss"/>
<ignore name="os-prober"/>
<ignore name="pinentry"/>
<ignore name="qemu-guest-agent"/>
<ignore name="shared-mime-info"/>
<ignore name="trousers"/>
<ignore name="xfsprogs"/>
<ignore name="xkeyboard-config"/>
</packages>
<!-- Base -->
<packages type="bootstrap" profiles="Container-Base">
<package name="binutils"/>
<package name="crypto-policies-scripts"/>
<package name="curl-minimal"/>
<package name="dnf"/>
<package name="findutils"/>
<package name="gzip"/>
<package name="hostname"/>
<package name="iputils"/>
<package name="less"/>
<package name="libcurl-minimal"/>
<package name="libusbx"/>
<package name="rootfiles"/>
<package name="tar"/>
<package name="usermode"/>
<package name="vim-minimal"/>
<ignore name="brotli"/>
<ignore name="kexec-tools"/>
</packages>
<!-- End Base -->
<!-- Minimal -->
<packages type="bootstrap" profiles="Container-Minimal">
<package name="microdnf"/>
<ignore name="brotli"/>
<ignore name="hostname"/>
<ignore name="iputils"/>
<ignore name="kexec-tools"/>
<ignore name="less"/>
<ignore name="rootfiles"/>
<ignore name="tar"/>
<ignore name="vim-minimal"/>
<ignore name="yum"/>
</packages>
<!-- End Minimal -->
<!-- UBI -->
<packages type="bootstrap" patternType="plusRecommended" profiles="Container-UBI">
<package name="crypto-policies-scripts"/>
<package name="curl-minimal"/>
<package name="dnf"/>
<package name="gdb-gdbserver"/>
<package name="gzip"/>
<package name="langpacks-en"/>
<package name="libcurl-minimal"/>
<package name="rootfiles"/>
<package name="systemd"/>
<package name="tar"/>
<package name="vim-minimal"/>
<package name="which"/>
<ignore name="kexec-tools"/>
</packages>
<!-- End UBI -->
<!-- Toolbox -->
<packages type="bootstrap" patternType="plusRecommended" profiles="Container-Toolbox">
<package name="acl"/>
<package name="bash"/>
<package name="bash-completion"/>
<package name="bc"/>
<package name="bzip2"/>
<package name="coreutils-single"/>
<package name="curl"/>
<package name="diffutils"/>
<package name="dnf"/>
<package name="dnf-plugins-core"/>
<package name="findutils"/>
<package name="flatpak-spawn"/>
<package name="gawk"/>
<package name="git"/>
<package name="glibc-minimal-langpack"/>
<package name="gnupg"/>
<package name="gnupg2-smime"/>
<package name="grep"/>
<package name="gvfs-client"/>
<package name="gzip"/>
<package name="hostname"/>
<package name="iproute"/>
<package name="iputils"/>
<package name="keyutils"/>
<package name="krb5-libs"/>
<package name="langpacks-en"/>
<package name="less"/>
<package name="libcap"/>
<package name="lsof"/>
<package name="man-db"/>
<package name="man-pages"/>
<package name="mlocate"/>
<package name="mtr"/>
<package name="openssh-clients"/>
<package name="openssl"/>
<package name="p11-kit"/>
<package name="pam"/>
<package name="passwd"/>
<package name="pigz"/>
<package name="procps-ng"/>
<package name="python3"/>
<package name="rocky-release"/>
<package name="rpaste"/>
<package name="rpm"/>
<package name="rsync"/>
<package name="sed"/>
<package name="shadow-utils"/>
<package name="sudo"/>
<package name="systemd"/>
<package name="tar"/>
<package name="tcpdump"/>
<package name="time"/>
<package name="traceroute"/>
<package name="tree"/>
<package name="unzip"/>
<package name="util-linux"/>
<package name="vte-profile"/>
<package name="wget"/>
<package name="which"/>
<package name="words"/>
<package name="xorg-x11-xauth"/>
<package name="xz"/>
<package name="zip"/>
<ignore name="dosfstools"/>
<ignore name="e2fsprogs"/>
<ignore name="firewalld"/>
<ignore name="fuse-libs"/>
<ignore name="gettext*"/>
<ignore name="geolite2-city"/>
<ignore name="geolite2-country"/>
<ignore name="grubby"/>
<ignore name="iptables"/>
<ignore name="kernel"/>
<ignore name="*-firmware"/>
<ignore name="libss"/>
<ignore name="osprober"/>
<ignore name="pinentry"/>
<ignore name="shared-mime-info"/>
<ignore name="sssd-client"/>
<ignore name="trousers"/>
<ignore name="xfsprogs"/>
<ignore name="xkeyboard-config"/>
</packages>
<packages type="uninstall" profiles="Container-Toolbox">
<package name="dracut"/>
<package name="pinentry"/>
<package name="systemd-resolved"/>
<package name="xkeyboard-config"/>
</packages>
<!-- End Toolbox -->
</image>

46
grub.tmpl Normal file
View File

@ -0,0 +1,46 @@
# copied from a live built image, and modified to deal with non-uefi
set default="${default_boot}"
if [ "$$grub_platform" == "efi" ]; then
function load_video {
insmod efi_gop
insmod efi_uga
insmod video_bochs
insmod video_cirrus
insmod all_video
}
set basicgfx="nomodeset"
else
function load_video {
insmod all_video
}
set basicgfx="nomodeset vga=791"
fi
load_video
set gfxpayload=keep
insmod gzio
insmod part_gpt
insmod ext2
terminal_input console
terminal_output ${terminal_output}
set timeout=${boot_timeout}
search ${search_params}
menuentry 'Start ${title}' --class fedora --class gnu-linux --class gnu --class os {
linux ($$root)${bootpath}/${kernel_file} ${boot_options}
initrd ($$root)${bootpath}/${initrd_file}
}
menuentry 'Test this media & start ${title}' --class fedora --class gnu-linux --class gnu --class os {
linux ($$root)${bootpath}/${kernel_file} ${boot_options} rd.live.check
initrd ($$root)${bootpath}/${initrd_file}
}
submenu "Troubleshooting -->" {
menuentry "Start ${title} in basic graphics mode" --class fedora --class gnu-linux --class gnu --class os {
linux ($$root)${bootpath}/${kernel_file} ${boot_options} $${basicgfx}
initrd ($$root)${bootpath}/${initrd_file}
}
}

104
live-build.sh Executable file
View File

@ -0,0 +1,104 @@
#!/bin/bash
# helps build a quick live image. that way a user doesn't have to use emapandas
# nor livemedia-creator. mock is probably not necessary, but it's up to you.
# label@resf.org
set -o errexit
set -o pipefail
SCRNAME="$(basename "$0")"
SCRDIR="$(dirname "${BASH_SOURCE[0]}")"
export __usage
__usage="
usage: $SCRNAME [OPTIONS]
Options:
-o, --output-dir DIR
-l, --live-image NAME
-m, --minor NUM
-p, --peridot ID # optional. will use peridot repos.
-d, --debug # optional
"
OPTS=$(getopt -a -n live-build -o l:,o:,p:,m:,d,h \
-l live-image:,output-dir:,peridot:,minor:,debug,help -- "$@")
function is_in_path() {
builtin type -P "${1}"
}
function usage() {
echo "$__usage"
}
eval set -- "$OPTS"
while :; do
case "$1" in
-l | --live-image) LIVE="$2" ; shift 2 ;;
-o | --output-dir) OUTPUTDIR="$2" ; shift 2 ;;
-p | --peridot) PERIDOTID="$2" ; shift 2 ;;
-m | --minor) MINOR="$2" ; shift 2 ;;
-d | --debug) DEBUG="--debug" ; shift ;;
-h | --help) usage ;;
--) shift ; break ;;
esac
done
if [ -z "$LIVE" ] || [ -z "$OUTPUTDIR" ]; then
echo "Options are not set properly."
usage
exit 12
fi
if [ -e "/sys/fs/selinux/enforce" ]; then
enforce_check="$(cat /sys/fs/selinux/enforce)"
if [ "$enforce_check" -eq "1" ]; then
echo "Running with selinux enforcing is not recommended."
exit 22
fi
fi
is_in_path kiwi-ng &> /dev/null
ret_val=$?
if [ "$ret_val" -ne "0" ]; then
echo "kiwi-ng not found. kiwi packages are likely not installed on this system."
exit 32
fi
function switch_repo_to_peridot() {
ID="$1"
# https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/
pushd repositories || { echo "not found"; exit 1; }
sed -i "s;ZZ_INTERNAL_BaseOS_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/BaseOS/\$basearch;g" core-peridot.xml
sed -i "s;ZZ_INTERNAL_AppStream_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/AppStream/\$basearch;g" core-peridot.xml
sed -i "s;ZZ_INTERNAL_CRB_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/CRB/\$basearch;g" core-peridot.xml
sed -i "s;ZZ_INTERNAL_extras_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/extras/\$basearch;g" core-peridot.xml
rm core.xml
ln -sf core-peridot.xml core.xml
popd
}
function main() {
/bin/rm config.xml
if [ ! -f "configs/rocky-live-${LIVE,,}.xml" ]; then
echo "${LIVE} was not found. Is it supported?"
exit 42
fi
ln -sf "configs/rocky-live-${LIVE,,}.xml" config.xml
if [ -n "$PERIDOTID" ]; then
switch_repo_to_peridot "${PERIDOTID}"
fi
if [ -n "$MINOR" ]; then
sed -i "s/Rocky-9-/Rocky-9-$MINOR-/g" components/live/*.xml
sed -i "s/Rocky-9-/Rocky-9.$MINOR-/g" configs/rocky-live-*.xml
fi
kiwi-ng $DEBUG --type="iso" --profile="$LIVE-Live" --color-output system build --description="$SCRDIR" --target-dir "$OUTPUTDIR"
}
main

12
live/cinnamon.xml Normal file
View File

@ -0,0 +1,12 @@
<image>
<profiles>
<profile name="Cinnamon-Live" description="Rocky Linux Cinnamon">
<requires profile="Live-Base"/>
<requires profile="Cinnamon-Desktop"/>
</profile>
</profiles>
<packages type="bootstrap" patternType="plusRecommended" profiles="Cinnamon-Live">
<package name="rocky-release"/>
<package name="epel-release"/>
</packages>
</image>

12
live/kde.xml Normal file
View File

@ -0,0 +1,12 @@
<image>
<profiles>
<profile name="KDE-Live" description="Rocky Linux KDE">
<requires profile="Live-Base"/>
<requires profile="KDE-Desktop"/>
</profile>
</profiles>
<packages type="bootstrap" patternType="plusRecommended" profiles="KDE-Live">
<package name="rocky-release"/>
<package name="epel-release"/>
</packages>
</image>

12
live/mate.xml Normal file
View File

@ -0,0 +1,12 @@
<image>
<profiles>
<profile name="MATE-Live" description="Rocky Linux MATE">
<requires profile="Live-Base"/>
<requires profile="MATE-Desktop"/>
</profile>
</profiles>
<packages type="bootstrap" patternType="plusRecommended" profiles="MATE-Live">
<package name="rocky-release"/>
<package name="epel-release"/>
</packages>
</image>

11
live/workstation-lite.xml Normal file
View File

@ -0,0 +1,11 @@
<image>
<profiles>
<profile name="Workstation-Lite-Live" description="Rocky Linux Workstation-Lite">
<requires profile="Live-Base"/>
<requires profile="Workstation-Lite-Desktop"/>
</profile>
</profiles>
<packages type="bootstrap" patternType="plusRecommended" profiles="Workstation-Lite-Live">
<package name="rocky-release"/>
</packages>
</image>

11
live/workstation.xml Normal file
View File

@ -0,0 +1,11 @@
<image>
<profiles>
<profile name="Workstation-Live" description="Rocky Linux Workstation">
<requires profile="Live-Base"/>
<requires profile="Workstation-Desktop"/>
</profile>
</profiles>
<packages type="bootstrap" patternType="plusRecommended" profiles="Workstation-Live">
<package name="rocky-release"/>
</packages>
</image>

12
live/xfce.xml Normal file
View File

@ -0,0 +1,12 @@
<image>
<profiles>
<profile name="XFCE-Live" description="Rocky Linux XFCE">
<requires profile="Live-Base"/>
<requires profile="XFCE-Desktop"/>
</profile>
</profiles>
<packages type="bootstrap" patternType="plusRecommended" profiles="XFCE-Live">
<package name="rocky-release"/>
<package name="epel-release"/>
</packages>
</image>

13
repositories/altarch-common-default.xml Normal file
View File

@ -0,0 +1,13 @@
<!-- There isn't a way to exclude packages from a certain repo -->
<image>
<repository type="rpm-md" alias="sig-altarch-common" priority="5">
<source path="http://dl.rockylinux.org/stg/sig/$releasever/altarch/$basearch/altarch-common">
<signing key="https://git.rockylinux.org/staging/src/rocky-release-altarch/-/raw/r9/SOURCES/RPM-GPG-KEY-Rocky-SIG-AltArch"/>
</source>
</repository>
<repository type="rpm-md" alias="sig-altarch-rockyrpi" priority="5">
<source path="http://dl.rockylinux.org/stg/sig/$releasever/altarch/$basearch/altarch-rockyrpi">
<signing key="https://git.rockylinux.org/staging/src/rocky-release-altarch/-/raw/r9/SOURCES/RPM-GPG-KEY-Rocky-SIG-AltArch"/>
</source>
</repository>
</image>

1
repositories/altarch-common.xml Symbolic link
View File

@ -0,0 +1 @@
altarch-common-default.xml

6
repositories/cloud-common-default.xml Normal file
View File

@ -0,0 +1,6 @@
<!-- There isn't a way to exclude packages from a certain repo -->
<image>
<repository type="rpm-md" alias="sig-cloud-common" priority="5">
<source path="http://dl.rockylinux.org/stg/sig/$releasever/cloud/$basearch/cloud-common"/>
</repository>
</image>

1
repositories/cloud-common.xml Symbolic link
View File

@ -0,0 +1 @@
cloud-common-default.xml

22
repositories/core-default.xml Normal file
View File

@ -0,0 +1,22 @@
<image>
<repository type="rpm-md" alias="baseos" priority="1">
<source path="https://download.rockylinux.org/stg/rocky/$releasever/BaseOS/$basearch/os">
<signing key="file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
<repository type="rpm-md" alias="appstream" priority="1">
<source path="https://download.rockylinux.org/stg/rocky/$releasever/AppStream/$basearch/os">
<signing key="file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
<repository type="rpm-md" alias="crb" priority="1">
<source path="https://download.rockylinux.org/stg/rocky/$releasever/CRB/$basearch/os">
<signing key="file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
<repository type="rpm-md" alias="extras" priority="1">
<source path="https://download.rockylinux.org/stg/rocky/$releasever/extras/$basearch/os">
<signing key="file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
</image>

22
repositories/core-outside.xml Normal file
View File

@ -0,0 +1,22 @@
<image>
<repository type="rpm-md" alias="baseos" priority="1">
<source path="https://download.rockylinux.org/stg/rocky/$releasever/BaseOS/$basearch/os">
<signing key="file:///usr/share/distribution-gpg-keys/rocky/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
<repository type="rpm-md" alias="appstream" priority="1">
<source path="https://download.rockylinux.org/stg/rocky/$releasever/AppStream/$basearch/os">
<signing key="file:///usr/share/distribution-gpg-keys/rocky/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
<repository type="rpm-md" alias="crb" priority="1">
<source path="https://download.rockylinux.org/stg/rocky/$releasever/CRB/$basearch/os">
<signing key="file:///usr/share/distribution-gpg-keys/rocky/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
<repository type="rpm-md" alias="extras" priority="1">
<source path="https://download.rockylinux.org/stg/rocky/$releasever/extras/$basearch/os">
<signing key="file:///usr/share/distribution-gpg-keys/rocky/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
</image>

22
repositories/core-peridot.xml Normal file
View File

@ -0,0 +1,22 @@
<image>
<repository type="rpm-md" alias="baseos" priority="1">
<source path="ZZ_INTERNAL_BaseOS_REPO_URL_ZZ">
<signing key="file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
<repository type="rpm-md" alias="appstream" priority="1">
<source path="ZZ_INTERNAL_AppStream_REPO_URL_ZZ">
<signing key="file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
<repository type="rpm-md" alias="crb" priority="1">
<source path="ZZ_INTERNAL_CRB_REPO_URL_ZZ">
<signing key="file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
<repository type="rpm-md" alias="extras" priority="1">
<source path="ZZ_INTERNAL_extras_REPO_URL_ZZ">
<signing key="file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
</image>

1
repositories/core.xml Symbolic link
View File

@ -0,0 +1 @@
core-default.xml

7
repositories/epel-default.xml Normal file
View File

@ -0,0 +1,7 @@
<image>
<repository type="rpm-md" alias="epel" priority="2">
<source path="https://dl.fedoraproject.org/pub/epel/$releasever/Everything/x86_64/">
<signing key="file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-$releasever"/>
</source>
</repository>
</image>

7
repositories/epel-outside.xml Normal file
View File

@ -0,0 +1,7 @@
<image>
<repository type="rpm-md" alias="epel" priority="2">
<source path="https://dl.fedoraproject.org/pub/epel/$releasever/Everything/x86_64/">
<signing key="file:///usr/share/distribution-gpg-keys/epel/RPM-GPG-KEY-EPEL-$releasever"/>
</source>
</repository>
</image>

1
repositories/epel.xml Symbolic link
View File

@ -0,0 +1 @@
epel-default.xml

9
repositories/gnulab-tmp.xml Normal file
View File

@ -0,0 +1,9 @@
<!-- There isn't a way to exclude packages from a certain repo -->
<image>
<repository type="rpm-md" alias="gnulab_tmp_1" priority="1">
<source path="https://rockyrepos.gnulab.org/gen_aarch64_el$releasever/"/>
</repository>
<repository type="rpm-md" alias="gnulab_tmp_2" priority="1">
<source path="https://rockyrepos.gnulab.org/rpir$releasever/"/>
</repository>
</image>

12
repositories/kernel-common-default.xml Normal file
View File

@ -0,0 +1,12 @@
<!-- There isn't a way to exclude packages from a certain repo -->
<image>
<repository type="rpm-md" alias="sig-kernel-drivers" priority="5">
<source path="http://dl.rockylinux.org/stg/sig/$releasever/kernel/$basearch/kernel-drivers"/>
</repository>
<repository type="rpm-md" alias="sig-kernel-mainline" priority="5">
<source path="http://dl.rockylinux.org/stg/sig/$releasever/kernel/$basearch/kernel-mainline"/>
</repository>
<repository type="rpm-md" alias="sig-kernel-lts" priority="5">
<source path="http://dl.rockylinux.org/stg/sig/$releasever/kernel/$basearch/kernel-lts"/>
</repository>
</image>

1
repositories/kernel-common.xml Symbolic link
View File

@ -0,0 +1 @@
kernel-common-default.xml

6
repositories/oracle.xml Normal file
View File

@ -0,0 +1,6 @@
<!-- There isn't a way to exclude packages from a certain repo -->
<image>
<repository type="rpm-md" alias="oraclelinux-addons" priority="50">
<source path="http://yum.oracle.com/repo/OracleLinux/OL$releasever/addons/$basearch/"/>
</repository>
</image>

9
repositories/sig-core-default.xml Normal file
View File

@ -0,0 +1,9 @@
<!-- There isn't a way to exclude packages from a certain repo -->
<image>
<repository type="rpm-md" alias="sig-core-common" priority="5">
<source path="http://dl.rockylinux.org/stg/sig/$releasever/core/$basearch/core-common"/>
</repository>
<repository type="rpm-md" alias="sig-core-infra" priority="5">
<source path="http://dl.rockylinux.org/stg/sig/$releasever/core/$basearch/core-infra"/>
</repository>
</image>

1
repositories/sig-core.xml Symbolic link
View File

@ -0,0 +1 @@
sig-core-default.xml

3
root/etc/fstab.script Normal file
View File

@ -0,0 +1,3 @@
#!/bin/sh
# anaconda does this technically.
gawk -i inplace '$2 == "/boot/efi" { $4 = $4",umask=0077,shortname=winnt" } { print $0 }' /etc/fstab

6
root/etc/sysconfig/kernel Normal file
View File

@ -0,0 +1,6 @@
# UPDATEDEFAULT specifies if kernel-install should make
# new kernels the default
UPDATEDEFAULT=yes
# DEFAULTKERNEL specifies the default kernel package type
DEFAULTKERNEL=kernel-core

98
sbc-build.sh Executable file
View File

@ -0,0 +1,98 @@
#!/bin/bash
# helps build a quick sbc image. that way a user doesn't have to use emapandas
# nor some other method. mock is probably not necessary, but it's up to you.
# label@resf.org
set -o errexit
set -o pipefail
SCRNAME="$(basename "$0")"
SCRDIR="$(dirname "${BASH_SOURCE[0]}")"
export __usage
__usage="
usage: $SCRNAME [OPTIONS]
Options:
-o, --output-dir DIR
-c, --sbc-image NAME
-p, --peridot ID # optional. will use peridot repos.
-d, --debug # optional
"
OPTS=$(getopt -a -n sbc-build -o c:,o:,p:,d,h \
-l sbc-image:,output-dir:,peridot:,debug,help -- "$@")
function is_in_path() {
builtin type -P "${1}"
}
function usage() {
echo "$__usage"
}
eval set -- "$OPTS"
while :; do
case "$1" in
-c | --sbc-image) SBC="$2" ; shift 2 ;;
-o | --output-dir) OUTPUTDIR="$2" ; shift 2 ;;
-p | --peridot) PERIDOTID="$2" ; shift 2 ;;
-d | --debug) DEBUG="--debug" ; shift ;;
-h | --help) usage ;;
--) shift ; break ;;
esac
done
if [ -z "$SBC" ] || [ -z "$OUTPUTDIR" ]; then
echo "Options are not set properly."
usage
exit 12
fi
if [ -e "/sys/fs/selinux/enforce" ]; then
enforce_check="$(cat /sys/fs/selinux/enforce)"
if [ "$enforce_check" -eq "1" ]; then
echo "Running with selinux enforcing is not recommended."
exit 22
fi
fi
is_in_path kiwi-ng &> /dev/null
ret_val=$?
if [ "$ret_val" -ne "0" ]; then
echo "kiwi-ng not found. kiwi packages are likely not installed on this system."
exit 32
fi
function switch_repo_to_peridot() {
ID="$1"
# https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/
pushd repositories || { echo "not found"; exit 1; }
sed -i "s;ZZ_INTERNAL_BaseOS_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/BaseOS/\$basearch;g" core-peridot.xml
sed -i "s;ZZ_INTERNAL_AppStream_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/AppStream/\$basearch;g" core-peridot.xml
sed -i "s;ZZ_INTERNAL_CRB_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/CRB/\$basearch;g" core-peridot.xml
sed -i "s;ZZ_INTERNAL_extras_REPO_URL_ZZ;https://yumrepofs.build.resf.org/v1/projects/${ID}/repo/extras/\$basearch;g" core-peridot.xml
rm core.xml
ln -sf core-peridot.xml core.xml
popd
}
function main() {
/bin/rm config.xml
if [ ! -f "configs/rocky-sbc-${SBC,,}.xml" ]; then
echo "${LIVE} was not found. Is it supported?"
exit 42
fi
ln -sf "configs/rocky-sbc-${SBC,,}.xml" config.xml
if [ -n "$PERIDOTID" ]; then
switch_repo_to_peridot "${PERIDOTID}"
fi
# shellcheck disable=SC2086
kiwi-ng $DEBUG --type="oem" --profile="SBC-$SBC" --color-output system build --description="$SCRDIR" --target-dir "$OUTPUTDIR"
}
main

36
sbc/editbootinstall_genericarm.sh Normal file
View File

@ -0,0 +1,36 @@
#!/bin/bash
# Modify this script to handle disk changes as needed.
# Some of this may be incorrect or not needed. You will need to verify this.
set -ex
#diskname="$1"
#devname="$2"
#loopname="${devname%*p2}"
#loopdev=/dev/${loopname#/dev/mapper/*}
# shellcheck disable=SC2034
image_fs="$1"
root_partnum="$2"
root_device="/dev/mapper/loop*p${root_partnum}"
loop_name="$(basename $root_device | cut -f 1-2 -d 'p')"
disk_device="/dev/${loop_name}"
# pi's probably don't support GPT.
cat > gdisk.tmp <<-'EOF'
x
r
g
t
1
c
w
y
EOF
dd if="$disk_device" of=mbrid.bin bs=1 skip=440 count=4
gdisk "$disk_device" < gdisk.tmp
dd of="$disk_device" if=mbrid.bin bs=1 seek=440 count=4
rm -f mbrid.bin
rm -rf gdisk.tmp

36
sbc/editbootinstall_rpi.sh Normal file
View File

@ -0,0 +1,36 @@
#!/bin/bash
# Modify this script to handle disk changes as needed.
# Some of this may be incorrect or not needed. You will need to verify this.
set -ex
#diskname="$1"
#devname="$2"
#loopname="${devname%*p2}"
#loopdev=/dev/${loopname#/dev/mapper/*}
# shellcheck disable=SC2034
image_fs="$1"
root_partnum="$2"
root_device="/dev/mapper/loop*p${root_partnum}"
loop_name="$(basename $root_device | cut -f 1-2 -d 'p')"
disk_device="/dev/${loop_name}"
# pi's probably don't support GPT.
cat > gdisk.tmp <<-'EOF'
x
r
g
t
1
c
w
y
EOF
dd if="$disk_device" of=mbrid.bin bs=1 skip=440 count=4
gdisk "$disk_device" < gdisk.tmp
dd of="$disk_device" if=mbrid.bin bs=1 seek=440 count=4
rm -f mbrid.bin
rm -rf gdisk.tmp

86
sbc/pi.xml Normal file
View File

@ -0,0 +1,86 @@
<image>
<profiles>
<profile name="Core-Pi" description="Pi Base Packages">
<requires profile="Core-Boot"/>
</profile>
<profile name="SBC-RaspberryPi" description="Raspberry Pi Image">
<requires profile="Core-Pi"/>
</profile>
<profile name="SBC-GenericArm" description="Generic ARM Image">
<requires profile="Core-Pi"/>
</profile>
</profiles>
<!-- RPI -->
<preferences profiles="SBC-RaspberryPi" arch="aarch64">
<type image="oem"
filesystem="ext4"
bootpartition="true" bootpartsize="1000" bootfilesystem="ext4" efipartsize="100" firmware="efi"
kernelcmdline="console=ttyAMA0,115200 console=tty1 root=LABEL=RPIROOT rootfstype=ext4 elevator=deadline rootwait"
devicepersistency="by-label"
editbootinstall="sbc/editbootinstall_rpi.sh"
rootfs_label="RPIROOT">
<oemconfig>
<oem-resize>false</oem-resize>
<oem-skip-verify>true</oem-skip-verify>
<oem-swap>true</oem-swap>
<oem-swapsize>512</oem-swapsize>
</oemconfig>
<bootloader name="grub2" console="serial"/>
</type>
</preferences>
<preferences profiles="SBC-GenericArm" arch="aarch64">
<type image="oem"
filesystem="ext4"
bootpartition="true" bootpartsize="1000" bootfilesystem="ext4" efipartsize="500" firmware="efi"
kernelcmdline="root=LABEL=rootfs rootfstype=ext4 elevator=deadline rootwait console=ttyS0"
devicepersistency="by-label"
editbootinstall="sbc/editbootinstall_genericarm.sh"
rootfs_label="rootfs">
<oemconfig>
<oem-resize>false</oem-resize>
<oem-skip-verify>true</oem-skip-verify>
<oem-swap>true</oem-swap>
<oem-swapsize>500</oem-swapsize>
</oemconfig>
<bootloader name="grub2" console="serial"/>
<size unit="G">3</size>
</type>
</preferences>
<packages type="image" patternType="plusRecommended" profiles="Core-Pi">
<namedCollection name="core"/>
<package name="rocky-release"/>
<package name="rocky-release-altarch"/>
<package name="bash-completion"/>
<package name="chrony"/>
<package name="cloud-utils-growpart"/>
<package name="kernel-tools"/>
<package name="langpacks-en"/>
<package name="glibc-all-langpacks"/>
<package name="net-tools"/>
<package name="nano"/>
<package name="NetworkManager-wifi"/>
<package name="rng-tools"/>
<package name="vim"/>
</packages>
<packages type="image" patternType="plusRecommended" profiles="SBC-RaspberryPi">
<package name="rocky-release-rpi"/>
<package name="raspberrypi2-firmware"/>
<package name="raspberrypi2-kernel4"/>
</packages>
<packages type="image" patternType="plusRecommended" profiles="SBC-GenericArm">
<package name="bcm2711-firmware"/>
<package name="bcm2835-firmware"/>
<package name="bcm283x-firmware"/>
<package name="bcm283x-overlays"/>
<package name="dracut-config-generic"/>
<package name="efibootmgr"/>
<package name="kernel"/>
<package name="kernel-core"/>
<package name="systemd-udev"/>
<package name="uboot-images-armv8"/>
<package name="uboot-tools"/>
<ignore name="dracut-config-rescue"/>
<ignore name="java-11-*"/>
</packages>
</image>

131
vagrant/vagrant.xml Normal file
View File

@ -0,0 +1,131 @@
<image>
<profiles>
<profile name="Core-Vagrant" description="Vagrant Core Packages">
<requires profile="Core-Boot"/>
</profile>
<!--
<profile name="Vagrant-Hyperv" description="Vagrant Hyperv Image">
<requires profile="Core-Vagrant"/>
</profile>
-->
<profile name="Vagrant-Libvirt" description="Vagrant Libvirt Image">
<requires profile="Core-Vagrant"/>
</profile>
<profile name="Vagrant-Vbox" description="Vagrant Vbox Image">
<requires profile="Core-Vagrant"/>
</profile>
<profile name="Vagrant-VMware" description="Vagrant VMware Image">
<requires profile="Core-Vagrant"/>
</profile>
</profiles>
<users profiles="Core-Vagrant">
<user name="vagrant" groups="vagrant" password="vagrant" home="/home/vagrant" pwdformat="plain" />
<user name="root" groups="root" password="$5$xyz$DPJRaBL9FrgJhscbvsfpJpNA9c.o4sMBorTsYKIb69." home="/root"/>
</users>
<!--
<preferences profiles="Vagrant-Hyperv" arch="x86_64">
<type image="oem" format="vagrant"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="no_timer_check console=tty0 console=ttyS0,115200n8 net.ifnames=0 biosdevname=0 elevator=noop"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="G">10</size>
<vagrantconfig provider="hyperv" virtualsize="5"/>
</type>
</preferences>
-->
<preferences profiles="Vagrant-Libvirt" arch="x86_64,aarch64">
<type image="oem" format="vagrant"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="no_timer_check console=tty0 console=ttyS0,115200n8 net.ifnames=0 biosdevname=0 elevator=noop"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="G">10</size>
<vagrantconfig provider="libvirt" virtualsize="5"/>
</type>
</preferences>
<preferences profiles="Vagrant-Vbox" arch="x86_64,aarch64">
<type image="oem" format="vagrant"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="no_timer_check console=tty0 console=ttyS0,115200n8 net.ifnames=0 biosdevname=0 elevator=noop"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="G">10</size>
<!-- <vagrantconfig provider="virtualbox" virtualbox_guest_additions_present="true" virtualsize="5"/> -->
<vagrantconfig provider="virtualbox" virtualbox_guest_additions_present="false" virtualsize="5"/>
</type>
</preferences>
<!-- VMware is made as a libvirt image and converted later. This this profile
at your own risk. -->
<preferences profiles="Vagrant-VMware" arch="x86_64,aarch64">
<type image="oem" format="vagrant"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="no_timer_check console=tty0 console=ttyS0,115200n8 net.ifnames=0 biosdevname=0 elevator=noop"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="G">10</size>
<vagrantconfig provider="libvirt" virtualsize="5"/>
</type>
</preferences>
<packages type="image" patternType="plusRecommended" profiles="Core-Vagrant">
<namedCollection name="core"/>
<ignore name="dracut-config-rescue"/>
<ignore name="*-firmware"/>
<ignore name="microcode_ctl"/>
<ignore name="plymouth"/>
<package name="bash-completion"/>
<package name="bzip2"/>
<package name="chrony"/>
<package name="cifs-utils"/>
<package name="gdisk"/>
<package name="glibc-langpack-en"/>
<package name="man-pages"/>
<package name="nfs-utils"/>
<package name="open-vm-tools"/>
<package name="rsync"/>
<package name="vim-minimal"/>
<package name="yum-utils"/>
</packages>
<!--
<packages type="image" patternType="plusRecommended" profiles="Vagrant-Hyperv">
<package name="hyperv-daemons"/>
</packages>
-->
<packages type="image" patternType="plusRecommended" profiles="Vagrant-Libvirt">
<package name="hyperv-daemons"/>
<package name="qemu-guest-agent"/>
</packages>
<!-- <packages type="image" patternType="plusRecommended" profiles="Vagrant-Vbox">
<package name="virtualbox-guest-additions"/>
</packages> -->
<!-- Do we need this? I don't see cloud-init in our kickstarts -->
<packages type="uninstall" profiles="Core-Vagrant">
<package name="cloud-init"/>
</packages>
</image>