-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathalmalinux.yaml
226 lines (198 loc) · 7.19 KB
/
almalinux.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
---
image:
distribution: almalinux
release: 9
source:
downloader: almalinux-http
url: https://almalinux.savoirfairelinux.net
keys:
# RPM-GPG-KEY-AlmaLinux-9
- |-
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGHmnykBEACuIcqcNYTmu2q58XI5NRZowdJGAxxs+6ExX7qsa4vbPp6St7lB
JmLpwf5p6czIBhLL4b8E7zJpu57tVDo7Ejw6Hv584rbI8vw7pnMTe6XUFhMTL8FT
lyAmn8xAIlcyM+SzshnxAc5b8E0p/egMonr3J1QnvMSfixMQ59GrmLVyece7Vv3J
4fREh6k31kg7eQdEkzRQhRdO2KyxWYLR0A6haXSXVaiBOjFF7iUs7anlJSfeD3FO
afPq0Ix8oWi+mUc4txkABMdsGpdkE/MHOwN90FB8EG5XVrdv3emm3yzKMMzb53Yd
jcf0fovIeRloQyl9+CrVCnkBjFcIFBZZddsB43kM7eTflmAQ+tanOZ8OKBRPMtmI
56b/vk31ozHUoST/NmjbEI5tu+QYCuFSZ++mC06qJg0Bkw821DTAsM7Kynuj7K2f
WWQjlDL9ZsFifLqDXRymL+sn6g142hHQOa5KSHtT7cAcrm6L48gEL3fPntVSOU/H
BlTnODiSSTIsIRNA7kBkbSP3wWoYC1JQPmNYbUtZ7va2uXNb9dGT2k7Ae0465WND
wqRQJDxsr6TLYFpti+JRaOpSMNclXz4kRSP263Y4ZzQvkMGgSgwqg7JU00Uahk2p
KTlJAA8AiaMBdShlo/QXvL29Lyg0Y5klq2HCNziJDupWhXto5j5pjixrpwARAQAB
tCdBbG1hTGludXggT1MgOSA8cGFja2FnZXJAYWxtYWxpbnV4Lm9yZz6JAk4EEwEI
ADgWIQS/GKwodheJCNbnEmfTbLhsuGs3FgUCYeafKQIbAwULCQgHAgYVCgkICwIE
FgIDAQIeAQIXgAAKCRDTbLhsuGs3FrvnD/9X1wDM/C214t3UVsMVjTLdIJDGG+iU
E7Uk7QGeyeNif19rRatzXUHBBGjiAwpxe2rkveWBHCHPSUKqsAR9Arv3nMKiaGfA
0nomzDndLEDIgv35xzaU6OhX95mZzvj+9PThuxDxUnsNoA+7vGkaiRw+cyyDdTJQ
bKwum8bx1gS8Kbqo9mqrMekQ4NHCodq9bb2hI6pAxlYa472QuwFAXFAzbE3LIMIK
hzLkew7nxwP0txP/zzqPw4lYN38fg9AlHL2qgf0twCFO4N/ftkw25qwoiBhiwaWT
Ca8Z9wUJx35Z/ufscbNrtRrIGYNXTDFJdGY/WxKDp7QsyOx/sclcsSksKoC/52tL
2yFLQrMXsqnLjAQajA6adaeCAAwvp2/8VP8R65O4KMuKghMneCGwXVlVVYyRUXJD
Kjg7EvmmMGuh/Lj2A/vj+mQMmlS2kAl0qOsK9DtUIA7Z9m98zI3UmN/5BMb/HdqW
KADagOW9IPyo6IaSIT+A+7npTN1Y7m1aIrL1vsAKrus4MrCvAs1vYqzqIikv88Di
EWYVFCWTsTWf7jxBCVTLn1Lr7Mj08i+7OgRgguQGpcnvKsbwq1v2whQrs+YKR9hP
vVaW5DmGJ5brPykJUaQS6p5Esp1q3HBk0HbBxiiGIwGsKbLp0pKsk5TLzMIJwIG/
lEolCV+fJ0P4nLkCDQRh5p8pARAAvXTL29arJ5Dl9FXVpE4Km1jJLaK2WfbQARJz
ygQKps9QNqS1yz7C7mYdTtgRxeK2eqcX5oA83w3ppJ0DTsxfAkY3nqAXS8+QRORU
ffSFvhdsU1G/qpvhX0Aq62gr4y1bkIMr9GlLq86uVKIQrNdmto4NDfQc1bDD5e4j
KaNMmNLXxq/s67AxFW/yLchYYZ7cMqQd6Ab4lacqpGdYFIAkBkVMmj3GUSo+FLpl
+4c50AZ8O0aB+xkrjch+4PoVyIpIC1IuqNYBYn2wMYFB414QY2iDopzpZXUhpCqx
NP4Zyhl1noUcOtH/wUfH1JsIcYRn0ixWF6JnE9KmjpkqBuM2/4Ot/bl67iPiN/if
vf3Z1kYjNPaszoMW3kmJj8MlBCSH9w6nQRG/eikihbeUDBB6rh2O7Dz8ltFqlt8N
asbngRoNZMnWMnItRV67Fo0pfn/DZA8VvI029apE21sNp6l7MUa8Z2/I/PNq10E8
rPMQM//k9y2kgxz52i6iCyesobPvun6UC4xuFoYKUTQMgKQgqOhyZ4evkepFhmHg
Gzx+F8EmwN1FtxfNxfLtQZSUT3kxuUDizwpaH/LkSkRXpJOQyHJL6VBINNTjB4j1
3+0jD+lCV6xIt88NYkGJL9rtKwZLQHSDPiI0ooCJ69GKy8SmSx04AwSsY67In1q8
+FQjT20AEQEAAYkCNgQYAQgAIBYhBL8YrCh2F4kI1ucSZ9NsuGy4azcWBQJh5p8p
AhsMAAoJENNsuGy4azcW0KkP/i0YLRv+pDiSC4034oboczAnNrzJnBhqTi9cUEGn
Xpqvf/Zz3opqvRQiqZAgVcCtxfW+P9J3Vb/mBJ6OkR/jywAlY5il2dzK08YfVXmP
cEf6RF4M0KNtlYJmPlnQCZjMJaisrPmYD3Yy8ER1qJ5JQZ7n0REHZCbBCqH8w+5r
j4ohEHY7xXbd7+tvWTCk2MkHaide/UV/04WiO064AoZSUze/vaAx8Ll4AyFpxuIk
ktXZXbq7MaVzqYYJptiRB6TljzMwIbblLm9A7T7YTA/1rNe12OhDT8VoR3gG2C/l
Mtf37EmYq3QVqFlbj4+ouQWIiQmp5dQenH5ugf+Bob7IiENpxzF1cIu6wd4p5Y64
3cdYUoxrjhsCM6W1lSqECoN8yXJnRTxpBwwm65SVk477KS2h77aJfa+v5UnBhpSt
eVlAhs0A8Qp/hX3o7qMO1jWca3zdJwXppLlFEYTVaFUOUrc4Lhlbi0gAnn8aBwSx
xF1r5GhPGIBzHtRgulwZkmS6VwtDMuC6KlrASu9f93D5gLZqVk22Oar9LpgCEACd
8Gw/+BFbdANqo9IKmDrWf7k/YuEqZ3h+eoyKI/2z7dKh/fcVEydMTn3LB4nFRvSD
AZ27tvC0IUXCUNx7iJdrD5kDsMhZRl5/dXbe539G4y2W00QYuJC0DpUvGdtOuaFx
1WKL
=jk2t
-----END PGP PUBLIC KEY BLOCK-----
variant: minimal
targets:
lxc:
create_message: |
You just created a {{ image.description }} container.
config:
- type: all
before: 5
content: |-
lxc.include = LXC_TEMPLATE_CONFIG/almalinux.common.conf
- type: user
before: 5
content: |-
lxc.include = LXC_TEMPLATE_CONFIG/almalinux.userns.conf
- type: all
after: 4
content: |-
lxc.include = LXC_TEMPLATE_CONFIG/common.conf
- type: user
after: 4
content: |-
lxc.include = LXC_TEMPLATE_CONFIG/userns.conf
- type: all
content: |-
lxc.arch = {{ image.architecture_kernel }}
files:
- name: hostname
path: /etc/hostname
generator: hostname
- name: hosts
path: /etc/hosts
generator: hosts
- path: /etc/machine-id
generator: dump
- path: /var/lib/dbus/machine-id
generator: remove
- name: ifcfg-eth0
path: /etc/sysconfig/network-scripts/ifcfg-eth0
generator: dump
templated: true
content: |-
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
HOSTNAME=LXC_NAME
TYPE=Ethernet
MTU=
DHCP_HOSTNAME=LXC_NAME
- name: ifcfg-eth0.incus
path: /etc/sysconfig/network-scripts/ifcfg-eth0
generator: template
content: |-
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
HOSTNAME={{ container.name }}
TYPE=Ethernet
MTU=
DHCP_HOSTNAME={{ container.name }}
IPV6INIT=yes
- name: 86-nm-unmanaged.rules
path: /etc/udev/rules.d/86-nm-unmanaged.rules
generator: dump
content: |-
ENV{ID_NET_DRIVER}=="veth", ENV{NM_UNMANAGED}="0"
- name: network
path: /etc/sysconfig/network
generator: dump
templated: true
content: |-
NETWORKING=yes
HOSTNAME=LXC_NAME
- name: network.incus
path: /etc/sysconfig/network
generator: template
content: |-
NETWORKING=yes
HOSTNAME={{ container.name }}
packages:
manager: yum
update: true
cleanup: true
sets:
- packages:
- cronie
- cronie-noanacron
- curl
- dhclient
- glibc-langpack-en
- glibc-locale-source
- hostname
- initscripts
- openssh-clients
- passwd
- policycoreutils
- rootfiles
- rsyslog
- sudo
- vim-minimal
- NetworkManager
- newt
- epel-release
action: install
- packages:
- https://rpm.itsm-ng.org/redhat/9/itsm-ng-release-1.0-1.el9.noarch.rpm
- https://rpms.remirepo.net/enterprise/remi-release-9.rpm
action: install
actions:
- trigger: post-packages
action: |-
#!/bin/sh
set -eux
dnf module install php:remi-8.4 -y
dnf install itsm-ng php-sodium -y
# Disable SELinux
mkdir -p /selinux
echo 0 > /selinux/enforce
# Disable loginuid in PAM stack
sed -i '/^session.*pam_loginuid.so/s/^session/# session/' /etc/pam.d/*
# Set default locale
localedef -i fr_FR -f UTF-8 fr_FR.UTF-8
echo 'LANG=fr_FR.utf8' > /etc/locale.conf
# Add setup-itsm script
curl https://raw.githubusercontent.com/itsmng/itsm-lxc/main/setup-itsm \
-o /usr/local/bin/setup-itsm
chmod +x /usr/local/bin/setup-itsm
# Add autorun
echo "if [ ! -f /etc/itsm-ng/config_db.php ]; then setup-itsm; fi" \
>> /root/.bashrc
- trigger: post-files
action: |-
#!/bin/sh
set -eux
mkdir -p /etc/NetworkManager/conf.d/
printf "[main]\ndhcp=dhclient" \
> /etc/NetworkManager/conf.d/dhcp-client.conf
systemctl enable NetworkManager.service httpd.service mariadb.service