# To start a VM to test this script out: # PATHTOTHISFILE='/var/b/shared/code/gitlab.com/dustymabe/pc-ansible-config/md-crypt-lv-btrfs/forblog.ks' # sudo -E virt-install \ # --name installtest --ram 4096 --vcpus 2 \ # --disk path=/var/b/libvirt-manual-pool/foodisk.img,size=9,bus=scsi \ # --location /var/b/images/Fedora-Server-dvd-x86_64-31-1.9.iso \ # --extra-args="inst.sshd inst.text inst.ks=file:///$(basename $PATHTOTHISFILE)" \ # --initrd-inject $PATHTOTHISFILE install cdrom lang en_US.UTF-8 keyboard us timezone --utc America/New_York bootloader --location=mbr --driveorder=sda --append="crashkernel=auto" clearpart --all part / --size=3000 --fstype=ext4 --grow %packages @core %end %pre --erroronfail ( #!/bin/bash # The password for hard drive encryption ENCPASS='lukspass' # The root user password ROOTPASS='simplepass' # set -x after passwords get set set -ex # Format the hard drive # These fail sometimes bc kernel can't re-read part table fdisk /dev/sda < /etc/yum.repos.d/dvd.repo [dvd] name=dvd baseurl=file:///run/install/repo enabled=1 gpgcheck=0 EOF # Install the base system dnf install -y --releasever=31 --installroot=/mnt/sysimage filesystem # Mount special filesystems mount -v -o bind /dev /mnt/sysimage/dev/ mount -v -o bind /run /mnt/sysimage/run/ mount -v -t proc proc /mnt/sysimage/proc/ mount -v -t sysfs sys /mnt/sysimage/sys/ # Copy over the dvd repo into the new sysroot cp /etc/yum.repos.d/dvd.repo /mnt/sysimage/etc/yum.repos.d/ # Install more stuff now dnf install -y --installroot=/mnt/sysimage --disablerepo=* --enablerepo=dvd @core @standard kernel btrfs-progs lvm2 grub2-pc-modules grub2-tools # Remove the dvd repo. We don't want it to be on the installed system rm /mnt/sysimage/etc/yum.repos.d/dvd.repo # Set root user password set +x echo -n $ROOTPASS | chroot /mnt/sysimage passwd --stdin root set -x # Chroot into the system chroot /mnt/sysimage bash <<'ENDCHROOT' # Set up unlocking the encrypted device on boot UUID=$(blkid -s UUID -o value /dev/sda1) cat < /etc/crypttab cryptodisk /dev/disk/by-uuid/$UUID - EOF # Write fstab cat < /etc/fstab /dev/vgroot/lvroot / btrfs defaults 1 1 /dev/vgroot/lvswap swap swap defaults 0 0 EOF # Anaconda writes out /etc/sysconfig/kernel here: # https://github.com/rhinstaller/anaconda/blob/7477c6f7a1d22c2f107b66b0d906dfae91ac2117/pyanaconda/bootloader.py#L2355 # If we don't have this file then we have to update grub.cfg # everytime we do a kernel update: # https://bugzilla.redhat.com/show_bug.cgi?id=1242315 cat < /etc/sysconfig/kernel # UPDATEDEFAULT specifies if new-kernel-pkg should make # new kernels the default UPDATEDEFAULT=yes # DEFAULTKERNEL specifies the default kernel package type DEFAULTKERNEL=kernel-core EOF # put in place symlink for /etc/grub2.cfg. If we don't # then grub doesn't get updated when new kernels get installed pushd /etc/ ln -s ../boot/grub2/grub.cfg /etc/grub2.cfg popd # configure relabel on first boot touch /.autorelabel # Write out some var for grub.conf and generate grub.cfg cat <> /etc/default/grub GRUB_ENABLE_CRYPTODISK=y SUSE_BTRFS_SNAPSHOT_BOOTING=true GRUB_ENABLE_BLSCFG=true EOF grub2-mkconfig -o /boot/grub2/grub.cfg # Install grub grub2-install /dev/sda # Generate initramfs KERNELVRA=$(rpm -q kernel --qf %{V}-%{R}.%{ARCH}) dracut --kver $KERNELVRA --force ENDCHROOT # copy off log file echo "SUCCESS!" cp /tmp/install.log /mnt/sysimage/root/ # umount mounted filesystems and reboot umount /mnt/sysimage/{dev,run,sys,proc} umount /mnt/sysimage/ reboot ) 2>&1 | tee /tmp/install.log /dev/pts/0 %end