poc: init for r9

Working live image of XFCE. Cloud portions available but untested.

Signed-off-by: Louis Abel <label@rockylinux.org>
This commit is contained in:
Louis Abel 2024-03-28 23:18:15 -07:00
commit e2942d1e4b
Signed by untrusted user: label
GPG key ID: 2A6975660E424560
19 changed files with 1308 additions and 0 deletions

56
README.md Normal file
View file

@ -0,0 +1,56 @@
## rocky-kiwi-descriptions
Kiwi descriptions for Rocky Linux 9.
`config.xml` is a symlink to `rocky.xml`. this way the symlink can just be
changed to deal with live images (as kiwi doesn't seem to support using the
--kiwi-file option for iso).
### Can't you use the same config.xml? Why are you symlinking?
Yes and the reason why we're symlinking is that "name" and "displayname" are
not flexible. They are only set/read at the very top level `<image>` (at least
from testing at the time of this writing). As our images and volume names (at
least for live images) have a very specific format, and we want it to be easy
to rename them, we did it this way.
Cloud, container, vagrant images can all use the first config, likely just fine.
The live images were the problematic ones, thus, symlinks with a default to the
`rocky.xml` config.
### I found an issue...
Please fork and make a PR! We're still learning how this tool works ourselves.
### How to try it out
You can actually do this in mock pretty easily. You could also probably get
this running in a podman container or otherwise. As of this writing, we
haven't tried it yet. Theory says it should work.
Note that selinux must be set to permissive.
#### Live Image Example
The below makes an XFCE live image.
```
% mock -r rocky+epel-9-x86_64 --init
% mock -r rocky+epel-9-x86_64 --install kiwi-cli \
dracut-kiwi-live \
kiwi-systemdeps-{bootloaders,containers,core,disk-images,filesystems,image-validation,iso-media} \
distribution-gpg-keys
% sudo setenforce 0
% mock -r rocky+epel-9-x86_64 --shell --enable-network --isolation=simple
% git clone https://git.resf.org/sig_core/rocky-kiwi-descriptions -b r9
% cd rocky-kiwi-descriptions
% sed -i 's/ZZVOLVERZZ/9/g ; s/ZZVERZZ/9/g' $(find . -name "*.xml")
% ln -sf configs/live-xfce.xml config.xml
% kiwi-ng --debug --type="iso" \
--profile="XFCE-Live" \
--color-output system \
build \
--description="./" \
--target-dir /builddir/lmc
```

257
cloud/cloud.xml Normal file
View file

@ -0,0 +1,257 @@
<image>
<profiles>
<profile name="Core-Cloud" description="Cloud Base Packages">
<requires profile="Core-Boot"/>
</profile>
<!-- Generic package set is a good starting point -->
<profile name="Cloud-GenericCloud-Base" description="GenericCloud Base Image">
<requires profile="Core-Cloud"/>
</profile>
<profile name="Cloud-GenericCloud-LVM" description="GenericCloud LVM Image">
<requires profile="Core-Cloud"/>
</profile>
<profile name="Cloud-Azure-Base" description="Azure Base Image">
<requires profile="Core-Cloud"/>
</profile>
<profile name="Cloud-Azure-LVM" description="Azure LVM Image">
<requires profile="Core-Cloud"/>
</profile>
<profile name="Cloud-EC2-Base" description="EC2 Base Image">
<requires profile="Core-Cloud"/>
</profile>
<profile name="Cloud-EC2-LVM" description="EC2 LVM Image">
<requires profile="Core-Cloud"/>
</profile>
<profile name="Cloud-OCP-Base" description="OCP Base Image">
<requires profile="Core-Cloud"/>
</profile>
</profiles>
<!-- Generic -->
<preferences profiles="Cloud-GenericCloud-Base" arch="x86_64,aarch64">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="G">10</size>
</type>
</preferences>
<preferences profiles="Cloud-GenericCloud-LVM" arch="x86_64,aarch64">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="G">10</size>
<systemdisk name="rocky" preferlvm="true">
<volume name="@root" size="9G" mountpoint="/" />
</systemdisk>
</type>
</preferences>
<!-- Generic specific to ppc64le -->
<preferences profiles="Cloud-GenericCloud-Base" arch="ppc64le">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="G">10</size>
</type>
</preferences>
<preferences profiles="Cloud-GenericCloud-LVM" arch="ppc64le">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" firmware="ofw"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="G">10</size>
<systemdisk name="rocky" preferlvm="true">
<volume name="@root" size="9G" mountpoint="/" />
</systemdisk>
</type>
</preferences>
<!-- Generic specific to s390x -->
<preferences profiles="Cloud-GenericCloud-Base" arch="s390x">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="zipl" targettype="CDL" timeout="1"/>
<size unit="G">10</size>
</type>
</preferences>
<preferences profiles="Cloud-GenericCloud-LVM" arch="s390x">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="G">10</size>
<systemdisk name="rocky" preferlvm="true">
<volume name="@root" size="9G" mountpoint="/" />
</systemdisk>
</type>
</preferences>
<!-- End Generic -->
<!-- Azure -->
<preferences profiles="Cloud-Azure-Base" arch="x86_64,aarch64">
<type image="oem" format="vhd-fixed" formatoptions="force_size"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="rootdelay=300 console=ttyS0 earlyprintk=ttyS0 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" console="serial" timeout="1"/>
<size unit="G">10</size>
</type>
</preferences>
<preferences profiles="Cloud-Azure-LVM" arch="x86_64,aarch64">
<type image="oem" format="vhd-fixed" formatoptions="force_size"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="rootdelay=300 console=ttyS0 earlyprintk=ttyS0 no_timer_check crashkernel=auto net.ifnames=0"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="G">10</size>
<systemdisk name="rocky" preferlvm="true">
<volume name="@root" size="9G" mountpoint="/" />
</systemdisk>
</type>
</preferences>
<!-- End Azure -->
<!-- EC2 -->
<preferences profiles="Cloud-EC2-Base" arch="x86_64,aarch64">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0 nvme_core.io_timeout=4294967295 nvme_core.max_retries=10"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="G">10</size>
</type>
</preferences>
<preferences profiles="Cloud-EC2-LVM" arch="x86_64,aarch64">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0 nvme_core.io_timeout=4294967295 nvme_core.max_retries=10"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="G">10</size>
<systemdisk name="rocky" preferlvm="true">
<volume name="@root" size="9G" mountpoint="/" />
</systemdisk>
</type>
</preferences>
<!-- End EC2 -->
<!-- OCP -->
<preferences profiles="Cloud-OCP-Base" arch="x86_64,aarch64">
<type image="oem" format="qcow2"
filesystem="xfs"
bootpartition="true" bootpartsize="1000" bootfilesystem="xfs" efipartsize="100" firmware="uefi"
kernelcmdline="console=ttyS0,115200n8 console=tty0 no_timer_check crashkernel=auto net.ifnames=0 LANG=en_US.UTF-8 transparent_hugepage=never rd.luks=0 rd.md=0 rd.dm=0 rd.lvm.vg=rocky rd.lvm.lv=rocky/root rd.net.timeout.dhcp=10"
devicepersistency="by-uuid"
rootfs_label="rocky">
<oemconfig>
<oem-resize>false</oem-resize>
</oemconfig>
<bootloader name="grub2" timeout="1"/>
<size unit="G">10</size>
</type>
</preferences>
<!-- End OCP -->
<packages type="image" patternType="plusRecommended" profiles="Core-Cloud">
<namedCollection name="core"/>
<ignore name="*-firmware"/>
<ignore name="alsa-lib"/>
<ignore name="biosdevname"/>
<ignore name="iprutils"/>
<ignore name="langpacks-*"/>
<ignore name="langpacks-en"/>
<ignore name="plymouth"/>
<package name="NetworkManager"/>
<package name=""/>
<package name="chrony"/>
<package name="dnf"/>
<package name="cloud-init"/>
<package name="cloud-utils-growpart"/>
<package name="dracut-config-generic"/>
<package name="dracut-norescue"/>
<package name="firewalld"/>
<package name="gdisk"/>
<package name="grub2"/>
<package name="kernel"/>
<package name="nfs-utils"/>
<package name="rsync"/>
<package name="tar"/>
<package name="dnf-utils"/>
<package name="cockpit-system"/>
<package name="cockpit-ws"/>
<package name="dhcp-client"/>
<package name="python3-jsonschema"/>
<package name="qemu-guest-agent"/>
<package name="rocky-release"/>
<package name="rng-tools"/>
</packages>
<!-- is this needed? -->
<packages type="image" patternType="plusRecommended" profiles="Cloud-GenericCloud-Base,Cloud-GenericCloud-LVM">
<package name="qemu-guest-agent"/>
</packages>
<packages type="image" patternType="plusRecommended" profiles="Cloud-Azure-Base,Cloud-Azure-LVM">
<package name="WALinuxAgent"/>
<package name="hyperv-daemons"/>
</packages>
<!-- There isn't a way to exclude packages from a certain repo -->
<packages type="image" patternType="plusRecommended" profiles="Cloud-OCP-Base">
<package name="oci-utils"/>
<package name="python3-circuitbreaker"/>
<package name="python3-daemon"/>
<package name="python3-sdnotify"/>
<package name="python39-oci-sdk"/>
</packages>
</image>

25
components/boot.xml Normal file
View file

@ -0,0 +1,25 @@
<image>
<profiles>
<profile name="Core-Boot" description="Boot Core Packages"/>
</profiles>
<packages type="bootstrap" patternType="plusRecommended" profiles="Core-Boot">
<package name="grubby"/>
</packages>
<packages type="image" patternType="plusRecommended" profiles="Core-Boot">
<package name="grub2-efi-aa64" arch="aarch64"/>
<package name="grub2-efi-aa64-modules" arch="aarch64"/>
<package name="grub2-efi-x64" arch="x86_64"/>
<package name="grub2-efi-x64-modules" arch="x86_64"/>
<package name="grub2-pc" arch="x86_64"/>
<package name="grub2-pc-modules" arch="x86_64"/>
<package name="grub2-ppc64le" arch="ppc64le"/>
<package name="s390utils-base" arch="s390x"/>
<package name="shim-signed-aa64" arch="aarch64"/>
<package name="shim-signed-x64" arch="x86_64"/>
<package name="kernel-core"/>
</packages>
<packages type="iso" patternType="plusRecommended" profiles="Core-Boot">
<package name="grub2-efi-aa64-cdboot" arch="aarch64"/>
<package name="grub2-efi-x64-cdboot" arch="x86_64"/>
</packages>
</image>

View file

@ -0,0 +1,55 @@
<image>
<profiles>
<profile name="Live-Base" description="Rocky Linux Live Install Image">
<requires profile="Core-Boot"/>
</profile>
</profiles>
<packages type="iso" patternType="plusRecommended" profiles="Live-Base">
<namedCollection name="anaconda-tools"/>
<namedCollection name="base-x"/>
<namedCollection name="guest-desktop-agents"/>
<namedCollection name="standard"/>
<namedCollection name="core"/>
<namedCollection name="fonts"/>
<namedCollection name="input-methods"/>
<namedCollection name="dial-up"/>
<namedCollection name="multimedia"/>
<namedCollection name="hardware-support"/>
<!-- SB -->
<package name="shim-x64" arch="x86_64"/>
<package name="shim-aa64" arch="aarch64"/>
<!-- Base Package Set -->
<package name="aajohan-comfortaa-fonts"/>
<package name="anaconda"/>
<package name="anaconda-install-env-deps"/>
<package name="anaconda-live"/>
<package name="chkconfig"/>
<package name="dracut-live"/>
<package name="efi-filesystem"/>
<package name="efivar-libs"/>
<package name="efibootmgr"/>
<package name="glibc-all-langpacks"/>
<package name="grub2-common"/>
<package name="grub2-tools"/>
<package name="grub2-tools-efi"/>
<package name="grub2-tools-extra"/>
<package name="grub2-tools-minimal"/>
<package name="kernel"/>
<package name="kernel-modules"/>
<package name="kernel-modules-extra"/>
<package name="initscripts"/>
<package name="livesys-scripts"/>
<!-- x86_64 -->
<package name="grub2-efi-x64" arch="x86_64"/>
<package name="grub2-efi-x64-cdboot" arch="x86_64"/>
<package name="grub2-pc-modules" arch="x86_64"/>
<package name="grub2-tools-efi" arch="x86_64"/>
<package name="memtest86+" arch="x86_64"/>
<package name="syslinux" arch="x86_64"/>
<!-- aarch64 -->
<package name="grub2-efi-aa64" arch="aarch64"/>
<package name="grub2-efi-aa64-cdboot" arch="aarch64"/>
<!-- ignores -->
<ignore name="shim-unsigned-*64"/>
</packages>
</image>

76
components/live/xfce.xml Normal file
View file

@ -0,0 +1,76 @@
<image>
<profiles>
<profile name="XFCE-Desktop" description="XFCE Desktop">
<requires profile="Live-Base"/>
</profile>
</profiles>
<preferences profiles="Live-Base">
<type image="iso" publisher="Rocky Enterprise Software Foundation" volid="Rocky-ZZVOLVERZZ-XFCE" primary="true" flags="dmsquash" firmware="uefi" kernelcmdline="quiet rhgb" mediacheck="false">
<bootloader name="grub2" grub_template="grub.tmpl" console="console" timeout="10"/>
</type>
</preferences>
<packages type="image" patternType="plusRecommended" profiles="XFCE-Desktop">
<!-- Equivalent to @xfce-desktop nodefaults -->
<package name="Thunar"/>
<package name="xfce4-panel"/>
<package name="xfce4-session"/>
<package name="xfce4-settings"/>
<package name="xfconf"/>
<package name="xfdesktop"/>
<package name="xfwm4"/>
<package name="firefox"/>
<package name="firewall-config"/>
<package name="gjs"/>
<package name="gparted"/>
<package name="gparted"/>
<package name="lightdm"/>
<package name="network-manager-applet"/>
<package name="openssh-askpass"/>
<package name="pavucontrol"/>
<package name="pcp-selinux"/>
<package name="rocky-backgrounds"/>
<package name="rocky-backgrounds-compat"/>
<package name="rocky-release"/>
<package name="seahorse"/>
<package name="thunar-archive-plugin"/>
<package name="thunar-volman"/>
<package name="thunderbird"/>
<package name="tumbler"/>
<package name="wget"/>
<package name="xdg-user-dirs"/>
<package name="xdg-user-dirs-gtk"/>
<package name="xfce-polkit"/>
<package name="xfce4-about"/>
<package name="xfce4-appfinder"/>
<package name="xfce4-datetime-plugin"/>
<package name="xfce4-netload-plugin"/>
<package name="xfce4-notifyd"/>
<package name="xfce4-panel-profiles"/>
<package name="xfce4-power-manager"/>
<package name="xfce4-screensaver"/>
<package name="xfce4-screenshooter-plugin"/>
<package name="xfce4-smartbookmark-plugin"/>
<package name="xfce4-systemload-plugin"/>
<package name="xfce4-taskmanager"/>
<package name="xfce4-terminal"/>
<package name="xfce4-time-out-plugin"/>
<package name="xfce4-weather-plugin"/>
<package name="xfce4-whiskermenu-plugin"/>
<!-- ignores for space and other things -->
<ignore name="autofs"/>
<ignore name="acpid"/>
<ignore name="gimp-help"/>
<ignore name="desktop-backgrounds-basic"/>
<ignore name="aspell-*"/> <!-- dictionaries are big -->
<ignore name="xfce4-sensors-plugin"/>
<ignore name="xfce4-eyes-plugin"/>
<ignore name="mpage"/>
<ignore name="hplip"/>
<ignore name="isdn4k-utils"/>
<ignore name="xsane"/>
<ignore name="xsane-gimp"/>
<ignore name="sane-backends"/>
<ignore name="gdm"/>
<ignore name="gnome-shell"/>
</packages>
</image>

5
components/users.xml Normal file
View file

@ -0,0 +1,5 @@
<image>
<users profiles="Cloud-Azure-Base,Cloud-Azure-LVM,Cloud-EC2-Base,Cloud-EC2-LVM,Cloud-GenericCloud-Base,Cloud-GenericCloud-LVM,Cloud-OCP-Base,Live-Base">
<user name="root" groups="root" password="linux" home="/root" pwdformat="plain" />
</users>
</image>

632
config.sh Normal file
View file

@ -0,0 +1,632 @@
#!/bin/bash
set -euxo pipefail
#======================================
# Functions...
#--------------------------------------
test -f /.kconfig && . /.kconfig
test -f /.profile && . /.profile
#======================================
# Greeting...
#--------------------------------------
echo "Configure image: [$kiwi_iname]-[$kiwi_profiles]..."
################################################################################
# ALL OF OUR FUNCTIONS
function common_live_steps() {
# this isn't needed in our testing, but we'll put it here just in case
systemctl set-default graphical.target
systemctl enable livesys.service livesys-late.service
systemctl enable tmp.mount
cat >> /etc/fstab << EOF
vartmp /var/tmp tmpfs defaults 0 0
EOF
rm -f /var/lib/rpm/__db*
majorver=$(rpm --eval '%{rhel}')
rpm --import "/etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-${majorver}"
rm -f /var/lib/rpm/__db*
/usr/bin/mandb
rm -f /core*
rm -f /boot/*-rescue*
}
function live_gnome_steps() {
sed -i 's/^livesys_session=.*/livesys_session="gnome"/' /etc/sysconfig/livesys
}
function live_kde_steps() {
sed -i 's/^livesys_session=.*/livesys_session="kde"/' /etc/sysconfig/livesys
cat > /root/.gtkrc-2.0 << EOF
include "/usr/share/themes/Adwaita/gtk-2.0/gtkrc"
include "/etc/gtk-2.0/gtkrc"
gtk-theme-name="Adwaita"
EOF
mkdir -p /root/.config/gtk-3.0
cat > /root/.config/gtk-3.0/settings.ini << EOF
[Settings]
gtk-theme-name = Adwaita
EOF
rm -f /usr/share/wallpapers/Fedora
ln -s rocky-abstract-2 /usr/share/wallpapers/Fedora
systemctl enable --force sddm.service
cat > /etc/sddm.conf.d/theme.conf <<THEMEEOF
[Theme]
Current=breeze
THEMEEOF
}
function live_cinnamon_steps() {
sed -i 's/^livesys_session=.*/livesys_session="cinnamon"/' /etc/sysconfig/livesys
cat > /etc/sysconfig/desktop <<EOF
PREFERRED=/usr/bin/cinnamon-session
DISPLAYMANAGER=/usr/sbin/lightdm
EOF
systemctl enable --force lightdm.service
}
function live_mate_steps() {
sed -i 's/^livesys_session=.*/livesys_session="mate"/' /etc/sysconfig/livesys
systemctl enable --force lightdm.service
}
function live_xfce_steps() {
sed -i 's/^livesys_session=.*/livesys_session="xfce"/' /etc/sysconfig/livesys
systemctl enable --force lightdm.service
cat > /etc/sysconfig/desktop <<EOF
PREFERRED=/usr/bin/startxfce4
DISPLAYMANAGER=/usr/sbin/lightdm
EOF
# set default background
cat > /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml <<XFCEEOF
<?xml version="1.0" encoding="UTF-8"?>
<channel name="xfce4-desktop" version="1.0">
<property name="backdrop" type="empty">
<property name="screen0" type="empty">
<property name="monitor0" type="empty">
<property name="color-style" type="int" value="0"/>
<property name="image-style" type="int" value="5"/>
<property name="last-image" type="string" value="/usr/share/backgrounds/rocky-default-9-abstract-2-day.png"/>
<property name="last-single-image" type="string" value="/usr/share/backgrounds/rocky-default-9-abstract-2-day.png"/>
<property name="image-path" type="string" value="/usr/share/backgrounds/rocky-default-9-abstract-2-day.png"/>
</property>
</property>
</property>
</channel>
XFCEEOF
}
function epel_de_steps() {
dnf config-manager --set-enabled crb
}
# live fixes if we need them
function live_fixes() {
sed -i "s/org.fedoraproject.AnacondaInstaller/anaconda/" /usr/share/applications/liveinst.desktop
}
function common_cloud_steps() {
# This can be done via systemctl set-default, but sometimes it doesn't work.
# systemctl set-default multi-user.target
rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
# chrony should already be enabled, let's make sure
systemctl enable chronyd
# make a persistent journal
mkdir -p /var/log/journal
dnf -C -y remove linux-firmware avahi\*
dnf -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
sed -i '/^#NAutoVTs=.*/ a\
NAutoVTs=0' /etc/systemd/logind.conf
truncate -s 0 /etc/resolv.conf
echo "virtual-guest" > /etc/tuned/active_profile
rm -f /etc/udev/rules.d/70*
ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
cat > /etc/sysconfig/network << EOF
NETWORKING=yes
NOZEROCONF=yes
EOF
cat > /etc/hosts << EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
EOF
echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
systemctl mask tmp.mount
echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
sed -i '1i # Modified for cloud image' /etc/cloud/cloud.cfg
sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
}
################################################################################
# Azure
function azure_cloud_steps() {
echo 'azure' > /etc/dnf/vars/infra
cat << EOF | tee -a /etc/NetworkManager/conf.d/dhcp-timeout.conf
# Configure dhcp timeout to 300s by default
[connection]
ipv4.dhcp-timeout=300
EOF
systemctl enable waagent
sed -i 's/Provisioning.UseCloudInit=n/Provisioning.UseCloudInit=y/g' /etc/waagent.conf
sed -i 's/Provisioning.Enabled=y/Provisioning.Enabled=n/g' /etc/waagent.conf
cat << EOF | tee -a /etc/udev/rules.d/68-azure-sriov-nm-unmanaged.rules
# Accelerated Networking on Azure exposes a new SRIOV interface to the VM.
# This interface is transparently bonded to the synthetic interface,
# so NetworkManager should just ignore any SRIOV interfaces.
SUBSYSTEM=="net", DRIVERS=="hv_pci", ACTION=="add", ENV{NM_UNMANAGED}="1"
EOF
cat << EOF | tee -a /etc/udev/rules.d/98-hyperv-ptp.rules
## See: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/time-sync#check-for-ptp-clock-source
SUBSYSTEM=="ptp", ATTR{clock_name}=="hyperv", SYMLINK += "ptp_hyperv"
EOF
cat << EOF | tee -a /etc/chrony.conf
# Setup hyperv PTP device as refclock
refclock PHC /dev/ptp_hyperv poll 3 dpoll -2 offset 0 stratum 2
EOF
cat << EOF | tee -a /etc/modprobe.d/azure-blacklist.conf
blacklist amdgpu
blacklist nouveau
blacklist radeon
EOF
cat << EOF | tee /etc/cloud/cloud.cfg.d/10-azure-kvp.cfg
# Enable logging to the Hyper-V kvp in Azure
reporting:
logging:
type: log
telemetry:
type: hyperv
EOF
cat << EOF | tee -a /etc/dracut.conf.d/80-azure.conf
add_drivers+=" hv_vmbus hv_netvsc hv_storvsc "
EOF
dracut -f -v
}
################################################################################
# EC2
function ec2_cloud_steps() {
echo 'ec2' > /etc/dnf/vars/infra
cat >> /etc/dhcp/dhclient.conf << EOF
timeout 300;
retry 60;
EOF
sed -i -e 's/ rhgb quiet//' /boot/grub/grub.conf
cat > /etc/modprobe.d/blacklist-nouveau.conf << EOL
blacklist nouveau
EOL
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
DEVICE="eth0"
ONBOOT="yes"
BOOTPROTO="dhcp"
TYPE="Ethernet"
USERCTL="no"
PEERDNS="yes"
IPV6INIT="no"
PERSISTENT_DHCLIENT="1"
EOF
echo 'install_items+=" sgdisk "' > /etc/dracut.conf.d/sgdisk.conf
echo 'add_drivers+=" xen-netfront xen-blkfront "' > /etc/dracut.conf.d/xen.conf
KERNEL_VERSION=$(rpm -q kernel --qf '%{V}-%{R}.%{arch}\n')
dracut -f /boot/initramfs-$KERNEL_VERSION.img $KERNEL_VERSION
cat >> /etc/chrony.conf << EOF
# Amazon Time Sync Service
server 169.254.169.123 prefer iburst minpoll 4 maxpoll 4
EOF
}
################################################################################
# Generic Cloud (genclo)
function genclo_cloud_steps() {
echo 'genclo' > /etc/dnf/vars/infra
cat >> /etc/dhcp/dhclient.conf << EOF
timeout 300;
retry 60;
EOF
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
DEVICE="eth0"
ONBOOT="yes"
BOOTPROTO="dhcp"
BOOTPROTOV6="dhcp"
TYPE="Ethernet"
USERCTL="no"
PEERDNS="yes"
IPV6INIT="yes"
PERSISTENT_DHCLIENT="1"
EOF
}
################################################################################
# OCP
function ocp_cloud_steps() {
cat >> /etc/dhcp/dhclient.conf << EOF
timeout 300;
retry 60;
EOF
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
DEVICE="eth0"
ONBOOT="yes"
BOOTPROTO="dhcp"
TYPE="Ethernet"
USERCTL="no"
PEERDNS="yes"
IPV6INIT="no"
PERSISTENT_DHCLIENT="1"
EOF
# OCI - Import repo GPG key
cat <<EOF > /tmp/key
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGHncu8BEAC2dhocMZkdapnP9o/MvAnKOczaSpF4Cj9yqt49bxLPJCY57jz9
2ZkJ5iGk6kpBt4rPTh18aAl30T+nPP8VMQjMhvHJKfZmBtaJJ5RpvvpK5mj1UgRJ
4DQX7gqAbT0s/uZZcouZsJzXo3c7GNMrim1C+ScfGG6BoB6GVBK74jFeJNMsxZ2Y
BwQhpE+KG+1zD94RZCySykJjNoKj+U4W5H2XdB/mNEc8icFqxjJGZ5BN0DA2Wqxn
mwELTO3Q2ne1y9+sPn2YKhRqyihuZYaUPR/Jpdki93mk61MdaoTTxFPZ8FWAYrAW
9KVdreT8K33SaTFFpmhbpndPEYesgCqDqiZG7Ywjgbf2nqSOzBr2ZX23PX7QUCvQ
ar58bNbWENLhC3B950TK+r23kkPa3GICE9WP5TftWJdbJMWRBX3YhdNooNGGCbeB
xM7B/UV9hSRx1S/US8HvDhJezZDuKrpPXrNWJTuW9Kty2WGwUkEDT2GBbcjx9ocJ
fqyNJKhaLoYKCVlsmhJUi4xCY0CDDapekWLZOzHB2zgT49uIjawV5ex6pA7oLaPI
hQGvTcCl7GFWOP/6feazzIpnsJ4V3B2DoLnAevpZlINo/bi3Hv/YmbvE6NyYzD6c
1y90pc0+Om1trLPCAZpaO1I369ZhLl6T/mCd92hrCG1y8K3PFiRIKpEMVwARAQAB
tDVPcmFjbGUgTGludXggKHJlbGVhc2Uga2V5IDEpIDxzZWNhbGVydF91c0BvcmFj
bGUuY29tPokCVAQTAQoAPhYhBD5tgm0/urOJwvOONLxNBqCNi3VvBQJinlnsAhsD
BQklmAYABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJELxNBqCNi3Vv3LEP/2au
kXzbdA/T/7i+4AbGFfYnTWqmZy58wfteDNy1sk6cPmfOUqZQXUrJcSGqqeIDjPvl
KNExpee/Ja4NGg2YfzkwH5IK5sXmEDKObXRCXGZh9/WyYpr4TBoDU2rSYBP4sbKm
PsnVoRalt2Zb0qbQF8GilytoRabjI0gLzwhmoHBZMMc3MIO14KQ5yFbekaJZKcxE
BxaDQ1NDZV1rOVbkg0yDLS9Nw89dDYWVn1wx0foRJcD277ExvmaB4vmC5yayo4ss
cFldYLu7W9FHmh46flXQGfduORCbDFfjn92eB0jdrkuoEhVRpljAtMO15GMpuVbv
HzbImI2f1MfydOa6dHbRAlzeV37fPz+1nO9IWdXqFeRG0nrH2gB02AfeoObMkK/a
XYT9sq1mC5DaK6fbOPWlY+c2hIq0BhUpe+OBdDfmm7L+si9Ffj2sUdn4sHLN6Tj7
BrJuWmJEz42+rblDNBkrdBC6XXDaRYILKSuGD65PVV+/pVl1c2EOqcktW00iiehb
eLhj2sz6NaoO5Rhx0J3pMsaCaEBAm8P6UxQSx4iGhZ8Kh5O1SVVlqu3xOhSGOKRE
sS8gIjeV/Jl3frR4eZG/BpzdTjKZmQV7dvJ4gDuDE+X7rZBzUm7nggyE2pV6UbTD
5Qwy+ASQfYHfHK4lsHD4kbO/We6H1fEFPlzlr14UuQINBGHncu8BEADBG52gWRob
VEsQIzAfq2obFnwMroxMupXrDBka7i6cUJw8HsqyHs9maGxAuRDlAma2MBPUYcbm
DH3bmctaUR7CA1RouPkb6qbZXwSwpvgN4eh4naPX20/VEp/cd5DhKWjP9yC70weh
r4LmGWV41jBAMK0G1l6+FDw2ITgsamZP+tw0swCKqzpIY2waiygCtPHCCCFMuZ6S
7hzQpsKVFh8zqzRxMs6Mni9olk4+xwng0ahYfoe2esByR2M1kGX62Y6BOcIRX1cE
zYFCUww5GrjZdJoObBtffUSz+q2LNOBcqg5huRd8BoC+k5yrXUq8ypspfV1kNEI3
/ebFew6A8sdf2c+sOdTxTu4MI5iXM1fhCC6X4lAN8w1Ga3ML+k/kgL75mH62Yyzr
OHXNkylTDfxz9qvq6qszVfWdzVaGXRfulW5nAbAXhuX1gmgZW+M7IQ22xyWC+I60
UcaE2l9QtHFKuekdYnekTkSUA0ghVwuw+JCQZGQbq5LqbA5TkEYuibBOJD3MZYQ5
C3DK4KHs/3wxf2aq+Pkf3mpSscC4B0Ba5tlpJawUWqnUmGd208sfUwD20MFfHM+1
N+M6JYCv0tC0cyAV9Jq74bAUDXLMfkGKZyAWmlPaZBMMt4WaN0r2PAKp00T6PX6x
jTM6/aNDvNTpsaaUpMXRzH13AiJ/1SjfZwARAQABiQI8BBgBCgAmAhsMFiEEPm2C
bT+6s4nC8440vE0GoI2LdW8FAmKeWsgFCSRtulkACgkQvE0GoI2LdW/pig//Zi0a
bmFJKTxku0/LMI31ZaLn9gzXjv2ugmJumfXAce+nlaheCNBa+IMLQdAmrbislzLs
qXX2+6Eqh4Q/vqGLCkElIzT9ulkgwwEp0cVF6jnXqlWHa0a/T6oAq10jRneaQFCE
t6hweJ9KTUQufp5aAiZr/GVpBJLJ8kfOx+5eHvDj+VFlFUhpzzns/NfN5N+bthJ/
Wbt49tzmWaWoEFA0tlwMBPO3zEh/mo5lys0GqENPs4Yb4tL82qg+SG7jHSuH2lZk
XLLyLQ6p63VZysL9+UTBtafs5jxnTopQFIXtzAOwdtQ8o7/6hhsUchRoUy23EIHT
J25yA2Qtb8Z/1m/G0e3lz46xHBPIs8FKSOPToCT6E1+9lomnzJPRBCCDTZO5imfX
4N4l7BodW9nb7zEMHCi2BUM+InpSsEkQkQFs0HIRI2KHSyY30uN0pVXJLOoVQIBr
WdUzLTTkN9w43fLpkcFXGbpU+pZvK2uksC3O+eBhIpZA9E7iZDwfEaZlUKO5kFvS
V5f8ZM1jbEb0sOZNNNEaEhTFTl8pQPc2GqgZ3rYt9mqH5OwhzKftV9PDYulIbY+Y
AN6eJhHj8Eu/IlxG6iYCDmF2hOVPs9aLo9zqdxbu8B6rUyVPOwfNbOR1U7WMRCYm
4QrtLe//99hXPcFVanIxgkdslnyYf4fjdbdlmNY=
=xpaH
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGHndDkBEACieeO8U0kcUTDMLGXGKrJ3nScZ4LN5hHSzWC1zuLPpkB0YQdik
CrfSwodyp9LeEhaRsCSoGDc3cS5f5uGvsSUHMCZwEKjdT8LmZkF/dtvVDWawgaLS
KjoT+AJpss+ws0d/qmwkIHeYExdvZFNdKxvvxycCNy9fNwarT4aNySW6Ax7ERDl8
k0QSK7uvL1AaWQKSz9rX//KcLv5OXVUX3ITcwprJPD3H2yTOy4pE9gxs/qKfnP+U
Pbb3pNaHP4PnCIQrjXhJxnH9cEJ7ef0kqBdliGPN7EObrP2uPg70WnVsXovYw/TF
PrA4H2lvJ58RVhh3ocrSnR+SIne7Lgf1FRSrsE2mmNZAWD6rOxOzO4kUrcfv/pqZ
f+sDs7KTFMO0noJ1Kt7JSV6xCQzeKGdOh9JxYI0/YIsquiHTF2xva3WHrpOG1sns
xXcnrLKONisg4gEK36fjsliG4jJhcNyJaAf4sfDiTKDOE5om+BZ7kMNSrMn20wg4
AdZJm6x8Z0OfjxGOzMQ8re4Cf73H5odrpUel7HFGXiLWtk/f4P5EjxUTznlMbNED
gYi0H898Dz5Qfmtr97WQ8132fnKKtsPlXWNUNgJpYe+GvzmYOBAr4p5EZEWjB+q6
EnfLDLpkaS+PbrpLCls5AnWnHjimBmlIMoO5GEsJdYLIQvVVvfKtEDJIBQARAQAB
tDRPcmFjbGUgTGludXggKGJhY2t1cCBrZXkgMSkgPHNlY2FsZXJ0X3VzQG9yYWNs
ZS5jb20+iQJUBBMBCgA+FiEEmCIxdZx0ZwZdDOmyp90HCItO++YFAmKewpICGwMF
CSWYBgAFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQp90HCItO++bU+w//SFOe
RBqWoA5kP4BN9z716LpgkCllMRQsRZ0kZm8Enbe5S9ENn2T5/f6zZca3TNU6Wbit
ryToXuOlTsWy4BqAvQhQFeschg10Xgy6/VG3p5kCY4DIPOUjlb7/1r8k0xX6m/mH
BXBf2MCVRx/zkyeRDtD3lYHyz4cwoHEZ2NuB+CCe5WA2owVhgsRuVmjidDeOa7Q6
61eLhAJ53OVqsUt5JpQS0KrVeYVJxCiiZnKgJMqHp26Jq0WIKtgBV3sakxhUpRUf
6ap7mnSAdh6Ae4r1+pTKd7trkxjIqLXH9RI0d7Xm+blRQVZJL9GLaLUaSvw4sfd/
jfqENCBwAH7D488L1yvTqPfHC2+kRuUI3GU98RULCHveCISRGLVGwh1p88+9aok3
DoV7/BUEIGbHzg3gcx8zFO2ZKKoJ7xS+vvNLAslPvHNDFH0XOwKBqlVztJprwWtA
H33e6fti7BMRw1vgljC8yVATBTiKXj5aw+25zi70o1fIFxpwsx5mwMmqHc634ai2
hPWNZid0Lu3MYBd8pDCvMMMGimfecoyEZKJR2KbO+pNBn7suol5XS3pCmbF3ldMa
Atra+HvnxNBMxFVdxsqZhr/+ovQszYNIlWSYUDLbqk33HBmvbi3IuogAyxhLdw3T
uIjjf0acjOsSgy79ju2NpKPVtJw4BmvJRFX0Rh25Ag0EYed0OQEQAJRhf7/ZIWhZ
LpCX2vg8B4hjsEYeRvEAPUrUMHkqCuElmDaT7g76aPG0jvbMFVU/ykEt2mIi7EhW
s0SZknT5G8HoHJM2MirkyGB26yp4IlkPyNlc5H9nmMhY7iz/utxQps8jDS8dvxeG
1YAJGleGywGAet9vFfrLX9Xq9efTXozJfWOsRm+y2WklS+LblftaTUurStzLXRGT
AsBYOyVaRX/6AMu+fZt7mvoM+bOFNGxMSDIZi93wBiCKp0P2Se1YJoFHTOcQ0M6V
Fbl91ZcImPxAOX4DHfw4iuokiHCs//wV0DLZ3qtuqN2m/kV4JE9ak//BPVn4acH1
Z6DQIzQpY66dIyLumGuCdPhl7MFHyAeKhBtLc7gp4+sli+zNUfYwwp55rTdZ9JDR
G2LD/P2eNnrUXEsvOzqqQy48BmzOmTdgc2vef85Z23GczwX1PyTaGnrQKkReajN0
IxIuFpTgRQFBoPHTB1VVjSsOu7McWx4Gy2zccSrXKIskj4sOBIYBjxBAR0U4Gi5h
OAqplVGH3x3RoRb2swkc/LLb6WV6J7REmZ0+0dAE1ShBR8GmEb4wYc5BUgYXrhEn
hK3nmNx65jZXSAwJOZU8ETLaMoa/I/+QkgPvAJ8gyTLbMQ/xB2kMNRdisphz0jiy
PIXWlOf6I750VtbBNPHqfe0RHbBQJAl9ABEBAAGJAjwEGAEKACYCGwwWIQSYIjF1
nHRnBl0M6bKn3QcIi0775gUCYp7C3AUJJG4hIwAKCRCn3QcIi0775nmYD/sEI0T4
+MHIt5EzL+vBAzAbd23U2oF9KrJP49xmrLlm7qC6ghfuUVqoKwWyE24g8T4N3cxE
xQWTZ8drqvE2E2tyKqVMjJ5PfiZjK/3WOOIq9YZHpNKljv9KaAAf5alpvMxn6IBj
ZUhs775JcGWWngilBN9i3OEVFcQG9tFtfKqcYf8oRLPQlqhrH0pKOymFdqdL+NFX
G/M2LquGrvyDwnT2Cyy4p4sw639BUyA4k1hESgK9KVZTrmJPYU8hCD7kcSOY25UT
zDERLlXUsnGU9WHm/4aZ4TCs2h2qm29jHeWjfw0U/O8f4K5MV7WcJ0ZywdOk7SSf
jOKUetPH01l22I6JXiH0jLlBU5uA/zAxd8aPpvcYcWm2Ti+mkpIB6/XWbjnPoYHh
JmH8r9Pih1Z4dVR7qri/mdcsTZsKzLPuD6AITafJYuRCItCbMerhvGCwBaaR0oHS
AdpSzwKk8mrLd4BQUSM5a3E010dDeKGL4TA5ttfZJuSe7RXbi4RdDd98XHKEiU3n
N1ethSQNvEyrh0uA1U3FZvPMcbfYZa8zO85Nz9h/TGUNfmp5CyrZUHZLmvvGTOch
lUjaIhAGBVJQR/y7+4aC3zzkyzbKyLOL3hCk0xie4LLbfTQ5BtT4+GqEAtzwRQqZ
RgwnCPfIai7lLNx95bdwB8U2NpY11OXsoTLZAA==
=UWTf
-----END PGP PUBLIC KEY BLOCK-----
EOF
rpm --import /tmp/key
# Import EPEL Key
cat <<EOF > /tmp/key
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGE3mOsBEACsU+XwJWDJVkItBaugXhXIIkb9oe+7aadELuVo0kBmc3HXt/Yp
CJW9hHEiGZ6z2jwgPqyJjZhCvcAWvgzKcvqE+9i0NItV1rzfxrBe2BtUtZmVcuE6
2b+SPfxQ2Hr8llaawRjt8BCFX/ZzM4/1Qk+EzlfTcEcpkMf6wdO7kD6ulBk/tbsW
DHX2lNcxszTf+XP9HXHWJlA2xBfP+Dk4gl4DnO2Y1xR0OSywE/QtvEbN5cY94ieu
n7CBy29AleMhmbnx9pw3NyxcFIAsEZHJoU4ZW9ulAJ/ogttSyAWeacW7eJGW31/Z
39cS+I4KXJgeGRI20RmpqfH0tuT+X5Da59YpjYxkbhSK3HYBVnNPhoJFUc2j5iKy
XLgkapu1xRnEJhw05kr4LCbud0NTvfecqSqa+59kuVc+zWmfTnGTYc0PXZ6Oa3rK
44UOmE6eAT5zd/ToleDO0VesN+EO7CXfRsm7HWGpABF5wNK3vIEF2uRr2VJMvgqS
9eNwhJyOzoca4xFSwCkc6dACGGkV+CqhufdFBhmcAsUotSxe3zmrBjqA0B/nxIvH
DVgOAMnVCe+Lmv8T0mFgqZSJdIUdKjnOLu/GRFhjDKIak4jeMBMTYpVnU+HhMHLq
uDiZkNEvEEGhBQmZuI8J55F/a6UURnxUwT3piyi3Pmr2IFD7ahBxPzOBCQARAQAB
tCdGZWRvcmEgKGVwZWw5KSA8ZXBlbEBmZWRvcmFwcm9qZWN0Lm9yZz6JAk4EEwEI
ADgWIQT/itE0RZcQbs6BO5GKOHK/MihGfAUCYTeY6wIbDwULCQgHAgYVCgkICwIE
FgIDAQIeAQIXgAAKCRCKOHK/MihGfFX/EACBPWv20+ttYu1A5WvtHJPzwbj0U4yF
3zTQpBglQ2UfkRpYdipTlT3Ih6j5h2VmgRPtINCc/ZE28adrWpBoeFIS2YAKOCLC
nZYtHl2nCoLq1U7FSttUGsZ/t8uGCBgnugTfnIYcmlP1jKKA6RJAclK89evDQX5n
R9ZD+Cq3CBMlttvSTCht0qQVlwycedH8iWyYgP/mF0W35BIn7NuuZwWhgR00n/VG
4nbKPOzTWbsP45awcmivdrS74P6mL84WfkghipdmcoyVb1B8ZP4Y/Ke0RXOnLhNe
CfrXXvuW+Pvg2RTfwRDtehGQPAgXbmLmz2ZkV69RGIr54HJv84NDbqZovRTMr7gL
9k3ciCzXCiYQgM8yAyGHV0KEhFSQ1HV7gMnt9UmxbxBE2pGU7vu3CwjYga5DpwU7
w5wu1TmM5KgZtZvuWOTDnqDLf0cKoIbW8FeeCOn24elcj32bnQDuF9DPey1mqcvT
/yEo/Ushyz6CVYxN8DGgcy2M9JOsnmjDx02h6qgWGWDuKgb9jZrvRedpAQCeemEd
fhEs6ihqVxRFl16HxC4EVijybhAL76SsM2nbtIqW1apBQJQpXWtQwwdvgTVpdEtE
r4ArVJYX5LrswnWEQMOelugUG6S3ZjMfcyOa/O0364iY73vyVgaYK+2XtT2usMux
VL469Kj5m13T6w==
=Mjs/
-----END PGP PUBLIC KEY BLOCK-----
EOF
rpm --import /tmp/key
# remove these for debugging
sed -i -e 's/ rhgb quiet//' /boot/grub/grub.conf
# enable resizing on copied AMIs
echo 'install_items+=" sgdisk "' > /etc/dracut.conf.d/sgdisk.conf
# OCI - Need iscsi as a dracut module
echo 'add_dracutmodules+=" iscsi "' > /etc/dracut.conf.d/iscsi.conf
# OCI - Virtio drivers
echo 'add_drivers+=" virtio virtio_blk virtio_net virtio_pci virtio_ring virtio_scsi virtio_console "' > /etc/dracut.conf.d/virtio.conf
# OCI - YOLO
mkdir -p /usr/lib/dracut/modules.d/95oci
OCIDRACUT="H4sIAGtFHmMAA+2WWW/bOBCA/Vr+illZzQXoluPUhgMURYrmpS02fevuGpJIWYQVUiWpJoHr/15S
crLZZBs3QA8U5QfYosQ5NUNSrRRBTfMAi6xoVXDOcVsT6ePg2YgXNBh8C0LNeDTqrpq7124cpfF4
nIzT8fhwEEaj+HA8gNE38b6FVqpMAAwE5+ohuW3zvyjtw/UnLMtr4lFZSOrlV00mpS+rR/rYUv84
StJBlIx10ZNREscD/SRNkwGE3yXjO/zm9R/+EeSUBbJCQ/AOPNANQCYgK1LXniwEbdQUKMOEKU9l
ufT6eUbrqRby8kzSwuNlKYmaQDo1JrQhcjkBJWdHIC9mKUg9TIEoKGlN1FVDZtobGr7NVFFB11nm
3YLikNU1v4A8ozXwVgEtQVUEullM5RKKjGkZQTJ8BTmBkrcMo6Eg5QTeiCxvFxMYJmESxWGYImRc
wYLo8i7gOMDkY8Dauob4eCeCT5/Ah1uN7+mhbmx0+vrs5M93s10kZo67Mp6Hec2L5WTtIB1Oby3n
vIYQBPa76P1+XcDODrwHj4DjCgf+nprYGSDQlFwA69KgDNy93ooERpR5uD8FzDs5w3utv+qEnz6d
HKwdmIHTudE2TdgFZ4qyltwodGk2mZBk3snNO0dfTlh7vc722sQ9bcftInCMmiCqFQyiG+lN2HPC
ipm7J5WYC9LUWUH+VXMC/fsrLp39TgtzRuAe3RQpKr5JcAJnS9o0lC3AveXD930HjnfiR4lDl/7y
XC5uqUkjT7CZdgJ13gSdHbP+FcHebSNOr3VJFYSopGgXfWX1S21ZmgV109c3rYCuwzgxe6oJ+/Ts
xdkpbPR5oyhn15l+leR/kuw13L6BdeFAEgwehd3gn7fP372a+QdusBK9ilSYmniq9RTc1eU0MBKB
HnwI11P9n6x3/ycP3QsXme4E56VeoNr4g9GZt/az9zbLdrac//29p7f3tnn8wb9h2/dfchjdOf/D
OIns+f8j2Jz/+iD/4V8ARUWK5d4+rNCTzRkTojVCmDSEYXl/gjJdqrruJ8zNvOJ8CY0gXqt3NTg6
0vufjg5T8YXvVkeb+dkv3GKxWCwWi8VisVgsFovFYrFYLBaLxWL5jnwGdMMrBgAoAAA="
base64 -d <<<"$OCIDRACUT" | tar -xz
OCICLOUDCFG="IyBPQ0kgY2xvdWQtaW5pdCBjb25maWd1cmF0aW9uCmRhdGFzb3VyY2VfbGlzdDogWydPcmFjbGUn
LCAnT3BlblN0YWNrJ10KZGF0YXNvdXJjZToKICBPcGVuU3RhY2s6CiAgICBtZXRhZGF0YV91cmxz
OiBbJ2h0dHA6Ly8xNjkuMjU0LjE2OS4yNTQnXQogICAgdGltZW91dDogMTAKICAgIG1heF93YWl0
OiAyMAoKIyBzd2FwIGZpbGUKc3dhcDoKICAgZmlsZW5hbWU6IC8uc3dhcGZpbGUKICAgc2l6ZTog
ImF1dG8iCgpjbG91ZF9pbml0X21vZHVsZXM6CiMgT0NJOiBkaXNrX3NldHVwIGlzIGRpc2FibGVk
CiMtIGRpc2tfc2V0dXAKIC0gbWlncmF0b3IKIC0gYm9vdGNtZAogLSB3cml0ZS1maWxlcwojIE9D
STogVGhlIGdyb3dwYXJ0IG1vZHVsZSBpcyBkaXNhYmxlZCBieSBkZWZhdWx0LiBUbyBlbmFibGUg
YXV0b21hdGljIGJvb3Qgdm9sdW1lIHJlc2l6aW5nLCB1bmNvbW1lbnQKIyB0aGUgYmVsb3cgZW50
cnkgZm9yICctIGdyb3dwYXJ0JyBhbmQgcmVib290LiBBbGwgdGhlIGRlcGVuZGVudCBwYWNrYWdl
cyBmb3IgdGhlIGdyb3dwYXJ0CiMgbW9kdWxlIHRvIHdvcmsgc3VjaCBhcyBjbG91ZC11dGlscy1n
cm93cGFydCBhbmQgZ2Rpc2sgYXJlIGFscmVhZHkgaW5jbHVkZWQgaW4gdGhlIGltYWdlLgojLSBn
cm93cGFydAogLSByZXNpemVmcwojIE9DSTogc2V0X2hvc3RuYW1lLCB1cGRhdGVfaG9zdG5hbWUs
IHVwZGF0ZV9ldGNfaG9zdHMgYXJlIGRpc2FibGVkCiMtIHNldF9ob3N0bmFtZQojLSB1cGRhdGVf
aG9zdG5hbWUKIy0gdXBkYXRlX2V0Y19ob3N0cwogLSByc3lzbG9nCiAtIHVzZXJzLWdyb3Vwcwog
LSBzc2gKCmNsb3VkX2NvbmZpZ19tb2R1bGVzOgogLSBtb3VudHMKIC0gbG9jYWxlCiAtIHNldC1w
YXNzd29yZHMKIyBPQ0k6IHJoX3N1YnNjcmlwdGlvbiBpcyBkaXNhYmxlZAojLSByaF9zdWJzY3Jp
cHRpb24KIC0geXVtLWFkZC1yZXBvCiAtIHBhY2thZ2UtdXBkYXRlLXVwZ3JhZGUtaW5zdGFsbAog
LSB0aW1lem9uZQogLSBudHAKIC0gcHVwcGV0CiAtIGNoZWYKIC0gc2FsdC1taW5pb24KIC0gbWNv
bGxlY3RpdmUKIC0gZGlzYWJsZS1lYzItbWV0YWRhdGEKIC0gcnVuY21kCgpjbG91ZF9maW5hbF9t
b2R1bGVzOgogLSByaWdodHNjYWxlX3VzZXJkYXRhCiAtIHNjcmlwdHMtcGVyLW9uY2UKIC0gc2Ny
aXB0cy1wZXItYm9vdAogLSBzY3JpcHRzLXBlci1pbnN0YW5jZQogLSBzY3JpcHRzLXVzZXIKIC0g
c3NoLWF1dGhrZXktZmluZ2VycHJpbnRzCiAtIGtleXMtdG8tY29uc29sZQogLSBwaG9uZS1ob21l
CiAtIGZpbmFsLW1lc3NhZ2UKIyBPQ0k6IHBvd2VyLXN0YXRlLWNoYW5nZSBpcyBkaXNhYmxlZAoj
LSBwb3dlci1zdGF0ZS1jaGFuZ2UKCg=="
base64 -d <<<"$OCICLOUDCFG" >> /etc/cloud/cloud.cfg.d/99_oci.cfg
# Remove system.devices because Oracle does things.
rm -fv /etc/lvm/devices/system.devices
# Start OCId
systemctl enable ocid
# Copyright (C) 2020 Oracle Corp., Inc. All rights reserved.
# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl
#
# /usr/lib/oci-linux-config/cloud/scripts/initramfs-mod/net.sh
#
echo "$(date) - OCI initramfs network modification script started."
# Symlink network config files where cloud-init >= 19.4 expects them
DRACUT_CFG=/run/initramfs/state/etc/sysconfig/network-scripts
CI_DIR=/run
if [ -d $DRACUT_CFG ]; then
FILE_COUNT=`ls $DRACUT_CFG | wc -l`
if [ $FILE_COUNT -eq 0 ]; then
# Create dummy file if dracut did not create network device config
dummycfg=$CI_DIR/net-dummy.conf
echo "DEVICE=\"dummy\"" > $dummycfg
echo "BOOTPROTO=dhcp" >> $dummycfg
echo "$(date) - Creating dummy config $dummycfg."
else
for dcfg in $DRACUT_CFG/*; do
filename=${dcfg##*/}
devname=${filename##ifcfg-}
cicfg=$CI_DIR/net-$devname.conf
if [ ! -e $cicfg ]; then
echo "$(date) - Creating symlink from $dcfg to $cicfg."
ln -s $dcfg $cicfg
fi
done
fi
fi
echo "$(date) - OCI initramfs network modification script done."
}
function cloud_cleanup_steps() {
truncate -c -s 0 /var/log/dnf.log
rm -rf /var/log/yum.log
rm -rf /var/lib/yum/*
rm -rf /root/install.log
rm -rf /root/install.log.syslog
rm -rf /root/anaconda-ks.cfg
rm -rf /var/log/anaconda*
rm -f /var/lib/systemd/random-seed
touch /var/log/cron
touch /var/log/boot.log
mkdir -p /var/cache/yum
# Azure Only
if [[ "$kiwi_profiles" == *"Azure"* ]]; then
rm -f /var/log/waagent.log
cloud-init clean
waagent -force -deprovision+user
fi
}
function azure_cleanup_steps() {
rm -f /var/log/waagent.log
cloud-init clean
waagent -force -deprovision+user
}
#
################################################################################
cat /dev/null > /etc/machine-id
# Gets around grub-bls issue
echo "GRUB_DEFAULT=saved" >> /etc/default/grub
# All cloud and live
if [[ "$kiwi_profiles" == *"Cloud"* ]] || [[ "$kiwi_profiles" == *"Live"* ]]; then
passwd -d root
passwd -l root
fi
################################################################################
# Just about all the cloud images should do these things.
if [[ "$kiwi_profiles" == *"Cloud"* ]]; then
common_cloud_steps
fi
################################################################################
# Azure specific settings
if [[ "$kiwi_profiles" == *"Azure"* ]]; then
azure_cloud_steps
fi
################################################################################
# EC2 specific settings
if [[ "$kiwi_profiles" == *"EC2"* ]]; then
ec2_cloud_steps
fi
################################################################################
# GenClo specific settings
if [[ "$kiwi_profiles" == *"GenericCloud"* ]]; then
genclo_cloud_steps
fi
################################################################################
# OCP specific settings
if [[ "$kiwi_profiles" == *"OCP"* ]]; then
ocp_cloud_steps
EOF
fi
# cloud clean up
if [[ "$kiwi_profiles" == *"Cloud"* ]]; then
echo "cleanup time"
cloud_cleanup_steps
# Azure Only
if [[ "$kiwi_profiles" == *"Azure"* ]]; then
azure_cleanup_steps
fi
rm -f ~/.bash_history
export HISTSIZE=0
fi
# Live Images Only
if [[ "$kiwi_profiles" == *"Live"* ]]; then
common_live_steps
if [[ "$kiwi_profiles" == *"Workstation"* ]]; then
live_gnome_steps
fi
if [[ "$kiwi_profiles" == *"KDE"* ]]; then
live_kde_steps
epel_de_steps
fi
if [[ "$kiwi_profiles" == *"Cinnamon"* ]]; then
live_cinnamon_steps
epel_de_steps
fi
if [[ "$kiwi_profiles" == *"MATE"* ]]; then
live_mate_steps
epel_de_steps
fi
if [[ "$kiwi_profiles" == *"XFCE"* ]]; then
live_xfce_steps
epel_de_steps
fi
fi

31
config.xml Normal file
View file

@ -0,0 +1,31 @@
<?xml version="1.0" encoding="utf-8"?>
<image schemaversion="7.4" name="Rocky">
<description type="system">
<author>Release Engineering (SIG/Core)</author>
<contact>releng@rockylinux.org</contact>
<specification>Rocky Linux</specification>
</description>
<preferences>
<version>9</version>
<packagemanager>dnf</packagemanager>
<locale>en_US</locale>
<keytable>us</keytable>
<timezone>UTC</timezone>
<release-version>9</release-version>
</preferences>
<include from="this://./repositories/core.xml"/>
<include from="this://./repositories/epel.xml"/>
<include from="this://./repositories/oracle.xml"/>
<include from="this://./components/boot.xml"/>
<include from="this://./components/users.xml"/>
<include from="this://./components/live/common.xml"/>
<include from="this://./components/live/xfce.xml"/>
<include from="this://./cloud/cloud.xml"/>
<include from="this://./container/container.xml"/>
<include from="this://./live/xfce.xml"/>
<packages type="bootstrap">
<package name="basesystem"/>
<package name="filesystem"/>
</packages>
</image>

28
configs/live-xfce.xml Normal file
View file

@ -0,0 +1,28 @@
<?xml version="1.0" encoding="utf-8"?>
<image schemaversion="7.4" name="Rocky-ZZVERZZ-XFCE" displayname="Rocky Linux XFCE ZZVERZZ">
<description type="system">
<author>Release Engineering (SIG/Core)</author>
<contact>releng@rockylinux.org</contact>
<specification>Rocky Linux</specification>
</description>
<preferences>
<version>9</version>
<packagemanager>dnf</packagemanager>
<locale>en_US</locale>
<keytable>us</keytable>
<timezone>UTC</timezone>
<release-version>9</release-version>
</preferences>
<include from="this://./repositories/core.xml"/>
<include from="this://./repositories/epel.xml"/>
<include from="this://./components/boot.xml"/>
<include from="this://./components/users.xml"/>
<include from="this://./components/live/common.xml"/>
<include from="this://./components/live/xfce.xml"/>
<include from="this://./live/xfce.xml"/>
<packages type="bootstrap">
<package name="basesystem"/>
<package name="filesystem"/>
</packages>
</image>

30
configs/rocky.xml Normal file
View file

@ -0,0 +1,30 @@
<?xml version="1.0" encoding="utf-8"?>
<image schemaversion="7.4" name="Rocky">
<description type="system">
<author>Release Engineering (SIG/Core)</author>
<contact>releng@rockylinux.org</contact>
<specification>Rocky Linux</specification>
</description>
<preferences>
<version>9</version>
<packagemanager>dnf</packagemanager>
<locale>en_US</locale>
<keytable>us</keytable>
<timezone>UTC</timezone>
<release-version>9</release-version>
</preferences>
<include from="this://./repositories/core.xml"/>
<include from="this://./repositories/epel.xml"/>
<include from="this://./repositories/oracle.xml"/>
<include from="this://./components/boot.xml"/>
<include from="this://./components/users.xml"/>
<include from="this://./components/live/common.xml"/>
<include from="this://./components/live/xfce.xml"/>
<include from="this://./cloud/cloud.xml"/>
<include from="this://./live/xfce.xml"/>
<packages type="bootstrap">
<package name="basesystem"/>
<package name="filesystem"/>
</packages>
</image>

6
container/container.xml Normal file
View file

@ -0,0 +1,6 @@
<image>
<profiles>
<profile name="Core-Container" description="Container Core Packages">
</profile>
</profiles>
</image>

46
grub.tmpl Normal file
View file

@ -0,0 +1,46 @@
# copied from a live built image, and modified to deal with non-uefi
set default="${default_boot}"
if [ "$$grub_platform" == "efi" ]; then
function load_video {
insmod efi_gop
insmod efi_uga
insmod video_bochs
insmod video_cirrus
insmod all_video
}
set basicgfx="nomodeset"
else
function load_video {
insmod all_video
}
set basicgfx="nomodeset vga=791"
fi
load_video
set gfxpayload=keep
insmod gzio
insmod part_gpt
insmod ext2
terminal_input console
terminal_output ${terminal_output}
set timeout=${boot_timeout}
search ${search_params}
menuentry 'Start ${title}' --class fedora --class gnu-linux --class gnu --class os {
linux ($$root)${bootpath}/${kernel_file} ${boot_options}
initrd ($$root)${bootpath}/${initrd_file}
}
menuentry 'Test this media & start ${title}' --class fedora --class gnu-linux --class gnu --class os {
linux ($$root)${bootpath}/${kernel_file} ${boot_options} rd.live.check
initrd ($$root)${bootpath}/${initrd_file}
}
submenu "Troubleshooting -->" {
menuentry "Start ${title} in basic graphics mode" --class fedora --class gnu-linux --class gnu --class os {
linux ($$root)${bootpath}/${kernel_file} ${boot_options} $${basicgfx}
initrd ($$root)${bootpath}/${initrd_file}
}
}

11
live/xfce.xml Normal file
View file

@ -0,0 +1,11 @@
<image>
<profiles>
<profile name="XFCE-Live" description="Rocky Linux XFCE">
<requires profile="Live-Base"/>
<requires profile="XFCE-Desktop"/>
</profile>
</profiles>
<packages type="bootstrap" patternType="plusRecommended" profiles="XFCE-Live">
<package name="rocky-release"/>
</packages>
</image>

22
repositories/core.xml Normal file
View file

@ -0,0 +1,22 @@
<image>
<repository type="rpm-md" alias="baseos">
<source path="https://download.rockylinux.org/stg/rocky/$releasever/BaseOS/$basearch/os">
<signing key="file:///usr/share/distribution-gpg-keys/rocky/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
<repository type="rpm-md" alias="appstream">
<source path="https://download.rockylinux.org/stg/rocky/$releasever/AppStream/$basearch/os">
<signing key="file:///usr/share/distribution-gpg-keys/rocky/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
<repository type="rpm-md" alias="crb">
<source path="https://download.rockylinux.org/stg/rocky/$releasever/CRB/$basearch/os">
<signing key="file:///usr/share/distribution-gpg-keys/rocky/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
<repository type="rpm-md" alias="crb">
<source path="https://download.rockylinux.org/stg/rocky/$releasever/extras/$basearch/os">
<signing key="file:///usr/share/distribution-gpg-keys/rocky/RPM-GPG-KEY-Rocky-$releasever"/>
</source>
</repository>
</image>

7
repositories/epel.xml Normal file
View file

@ -0,0 +1,7 @@
<image>
<repository type="rpm-md" alias="epel">
<source path="https://dl.fedoraproject.org/pub/epel/$releasever/Everything/x86_64/">
<signing key="file:///usr/share/distribution-gpg-keys/epel/RPM-GPG-KEY-EPEL-$releasever"/>
</source>
</repository>
</image>

6
repositories/oracle.xml Normal file
View file

@ -0,0 +1,6 @@
<!-- There isn't a way to exclude packages from a certain repo -->
<image>
<repository type="rpm-md" alias="oraclelinux-addons">
<source path="http://yum.oracle.com/repo/OracleLinux/OL$releasever/addons/$basearch/"/>
</repository>
</image>

View file

@ -0,0 +1,6 @@
<!-- There isn't a way to exclude packages from a certain repo -->
<image>
<repository type="rpm-md" alias="sig-cloud-common">
<source path="http://dl.rockylinux.org/stg/sig/$releasever/cloud/$basearch/cloud-common"/>
</repository>
</image>

3
root/etc/fstab.script Normal file
View file

@ -0,0 +1,3 @@
#!/bin/sh
# anaconda does this technically.
gawk -i inplace '$2 == "/boot/efi" { $4 = $4",umask=0077,shortname=winnt" } { print $0 }' /etc/fstab

View file

@ -0,0 +1,6 @@
# UPDATEDEFAULT specifies if kernel-install should make
# new kernels the default
UPDATEDEFAULT=yes
# DEFAULTKERNEL specifies the default kernel package type
DEFAULTKERNEL=kernel-core