auth --enableshadow --passalgo=sha512
url --url="http://mirror.centos.org/centos/7/os/x86_64"
cmdline
skipx
timezone Europe/Paris --isUtc
keyboard --vckeymap=fr-oss --xlayouts='fr (oss)'
lang fr_FR.UTF-8
services --enabled ntpd
firewall --enabled --service ssh
network  --bootproto=dhcp --activate --noipv6
rootpw --iscrypted $6$6OYBD0R8xuGsqAUl$KVHVrjCM6VmLR13TW0exHAl4toKHxQTd9zwbuYzR/t79heCMrAcVmtBmw0wCcNu5zoz1y3LzwdIZjNedRlz7Y/
zerombr
bootloader --location mbr --append 'ipv6.disable=1'
# Enable fws and epel
repo --name=fws --baseurl=http://repo.firewall-services.com/centos/7
repo --name=epel --mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=x86_64

%include /tmp/ks.partitions

user --name=ansible --shell /bin/bash --gecos="Ansible Account"

reboot

%packages --nobase --ignoremissing
epel-release
crontabs
dhclient
irqbalance
ntp
openssh-server
passwd
prelink
rootfiles
selinux-policy-targeted
tmpwatch
yum
mailx
net-tools
openssh-clients
rsync
screen
sudo
sysstat
vim
strace
pbzip2
xz
pxz
iftop
wget
tcpdump
pciutils
nc
lsof
htop
-iprutil
-kernel-tools
-kexec-tools
-microcode_ctl
-parted
-NetworkManager
-NetworkManager-tui
-*-firmware
-b43-openfwwf

%end

# Disable kdump
%addon com_redhat_kdump --disable --reserve-mb='auto'

%end

################################################
# Detect hard drives before starting the install
################################################
%pre --log /tmp/pre.log

# ensure file exists
touch /tmp/ks.partitions

# Select first drive
main_drive=$(list-harddrives | awk '$2>=8704 {print $1; nextfile}')
ignore=$(echo $(list-harddrives | awk '$1!="'$main_drive'" {print $1}') | sed -e 's| |,|g')
[ ! -z "$ignore" ] && echo "ignoredisk --drives $ignore" >> /tmp/ks.partitions
cat << _EOF >> /tmp/ks.partitions
clearpart --all --initlabel --drives $main_drive
part /boot --fstype xfs --size 1024 --ondrive $main_drive
part swap --fstype swap --size 512
part / --fstype xfs --size 7168 --grow
_EOF

%end

################################################
# Copy logs in the chroot
################################################
%post --nochroot
cp /tmp/pre.log /mnt/sysimage/root/pre.log
%end

################################################
# Post-install processes
################################################
%post --log /root/post.log

# Initial SSH keys
mkdir /home/ansible/.ssh
cat << _EOF >> /home/ansible/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/CJITA6LlogkvmhEtdAHw15lIRwWURzrHFDYzANzlWrIGUs50huBBQsQBOxtc043TTLqrWXkvJyUFRLUvX1+qMJUh0hD4bmRgfWGwJMwxjjKoa+ac55ybUkJ3b9kKe+khicCQnWNdDd1dXess9Q0kh+fcPaOXb5bkkVeaTYGKPfztz63NRwXfXyBIM399aPi8U29BOKtMiBZl/QQZ7SiglFbs/rgwEEkWXZApbCWjj7EnuXJN8ru4kib7sVZBeq3oklZv9hdiPXdj0DZddM/IDYHQAnlAUVUWrz+kZVauOMp+3Cpu4LiuYr2xAbW/XsimIV+eEJN79BpoLE4mos0ZZgFtB5iYdg8hhw1UcgqSmh50YhxblNTvOFY7nMQat79bmqHzZjpMuZ+71MZO5yA+z9xtIxx+qhHK7R9aFq75GOuhXHfamX6RQwmbET4aB55A7e4dKmEZB4n+2MioLyF3TIlmj4Al4/eE5QaxpuwXXj2riYPFCihN0Vn0jn8T0to6MXSll6o9TzGuvl3ONcDvJZLBt4/3O3kRwDCxhqYGXaeFsDYDdaEl/8/R265E5+xzSCRyXIjaEo7kZuyJ27+4/4LS3xDAXaon3b9PrurYpiCN8w7V1kBA2jdxZXownBQZY39/5lnW4B8r8vEc/63pcnZRwYE19BEDpTukA/RBTw== ansible@lapiole.org
_EOF
chmod 700 /home/ansible/.ssh
chown -R ansible:ansible /home/ansible/.ssh

# Sudo access for ansible
cat << _EOF > /etc/sudoers.d/ansible
Defaults:ansible !requiretty
ansible ALL=(ALL) NOPASSWD: ALL
_EOF

%end