# Keyboard layouts keyboard --xlayouts='fr (oss)' # System language lang fr_FR.UTF-8 # Required settings rootpw qemubuild user --name=qemubuild --password=qemubuild --groups=wheel authconfig --enableshadow --enablemd5 # System timezone timezone Europe/Paris --utc repo --name=fedora --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch repo --name=updates --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch url --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-\$releasever&arch=\$basearch%%EXTRA_URL%% # Optional settings #bootloader --location=mbr bootloader --disabled clearpart --all --initlabel firstboot --enable #install network --bootproto=dhcp reboot selinux --enforcing #services --enabled=sshd,zram-swap,systemd-networkd,systemd-resolved services --enabled=sshd --disabled=systemd-vconsole-setup skipx text zerombr # Disk partition part / --fstype="ext2" --ondisk=vda --grow # btrfs : part btrfs.50 --fstype="btrfs" --ondisk=vda --grow part /boot/efi --fstype="efi" --ondisk=vda --size=30 --fsoptions="umask=0077,shortname=winnt" #btrfs none --label=fedora_fedora btrfs.50 #btrfs / --subvol --name=root LABEL=fedora_fedora # Packages %packages --excludedocs --instLangs=fr --nocore --exclude-weakdeps #@core --nodefaults audit bash coreutils #dracut-config-generic # btrfs duperemove #glibc-langpack-fr kbd kernel-core microdnf openssh-server openssh-clients qemu-guest-agent systemd-networkd #rpm #shadow-utils screen sudo systemd #util-linux -zram # -kernel %end # Post %post # for microdnf touch /etc/dnf/dnf.conf # add qemubuild to sudo echo "qemubuild ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/qemubuild # remove unecessary directories rm -rf /usr/share/doc rm -rf /usr/share/licenses #rm -rfv /usr/share/icons/* # remove some random help txt files rm -fv /usr/share/gnupg/help*.txt # Pruning random things rm usr/lib/rpm/rpm.daily #some random not-that-useful binaries rm -fv /usr/bin/pinky # if you want to change the timezone, bind-mount it from the host or reinstall tzdata localzone=$(readlink /etc/localtime) mv $localzone /tmp rm -rfv /usr/share/zoneinfo mkdir -p $(dirname $localzone) mv /tmp/$(basename $localzone) $localzone # configure systemd-networkd echo """[Match] Name=* [Network] DHCP=yes""" > /etc/systemd/network/dhcp.network SYSTEMDDIR=/usr/lib/systemd/system MULTI=$SYSTEMDDIR/multi-user.target.wants ln -sf ../systemd-networkd.service $MULTI/systemd-networkd.service ln -sf ../systemd-resolved.service $MULTI/systemd-resolved.service # initramfs have to mount iso9660 partition # install bootload SYSDISK="/dev/vda2" MACHINEID=`cat /etc/machine-id` KERNELVERSION=`ls /lib/modules` DISK=`lsblk -n $SYSDISK -o uuid` mkdir /boot/$MACHINEID # btrfs : echo "root=UUID=$DISK ro rootflags=subvol=root" > /etc/kernel/cmdline echo "root=UUID=$DISK ro" > /etc/kernel/cmdline # add CDROM driver echo 'add_drivers+=" iso9660 "' > /etc/dracut.conf.d/cdrom.conf kernel-install add $KERNELVERSION /lib/modules/$KERNELVERSION/vmlinuz mv /boot/$MACHINEID/$KERNELVERSION /boot/efi # // ADD MOUNT INSTRUCTION IN INITRAMFS # build second initrd file that mount cdrom to /usr #echo 'add_fstab+=/tmp/fstab' >> /etc/dracut.conf.d/cdrom.conf #echo "/dev/sr0 /sysroot/usr/local/lib iso9660 ro,relatime,x-systemd.after=sysroot.mount,x-systemd.before=systemd-volatile-root.service 0 0" > /tmp/fstab #echo "/dev/sr0 /sysroot/usr/local/lib iso9660 ro,x-initrd.mount,nosuid,noexec,uid=0,gid=0,mode=400 0 0" > /tmp/fstab echo "[Unit] DefaultDependencies=no After=sysroot.mount Before=initrd-udevadm-cleanup-db.service #Before=systemd-volatile-root.service After=blockdev@dev-sr0.target [Service] Type=oneshot ExecStart=mount /dev/sr0 /sysroot/usr/local/lib -t iso9660 -o defaults,ro,nosuid,noexec,uid=0,gid=0,mode=400 " > /usr/lib/systemd/system/sysroot-usr-local-lib.service # // VERSION .mount #[Mount] #Where=/sysroot/usr/local/lib #What=/dev/sr0 #Type=iso9660 #Options=defaults,ro,nosuid,noexec,uid=0,gid=0,mode=400" > /usr/lib/systemd/system/sysroot-usr-local-lib.mount mkdir -p /usr/lib/systemd/system/initrd-root-fs.target.requires cd /usr/lib/systemd/system/initrd-root-fs.target.requires #ln -sf ../sysroot-usr-local-lib.mount . ln -sf ../sysroot-usr-local-lib.service . #echo 'install_items+=" /usr/lib/systemd/system/sysroot-usr-local-lib.mount /usr/lib/systemd/system/initrd-root-fs.target.requires/sysroot-usr-local-lib.mount "' >> /etc/dracut.conf.d/cdrom.conf echo 'install_items+=" /usr/lib/systemd/system/sysroot-usr-local-lib.service /usr/lib/systemd/system/initrd-root-fs.target.requires/sysroot-usr-local-lib.service "' >> /etc/dracut.conf.d/cdrom.conf kernel-install add $KERNELVERSION /lib/modules/$KERNELVERSION/vmlinuz mv /boot/$MACHINEID/$KERNELVERSION/initrd /boot/efi/$KERNELVERSION/initrd.cdrom rm -f /etc/dracut.conf.d/cdrom.conf // END INITRAMFS # rename entry file without machine ID mv /boot/loader/entries/$MACHINEID-$KERNELVERSION.conf /boot/loader/entries/fedora.conf sed -i "/^machine-id /d" /boot/loader/entries/fedora.conf sed -i "s@/boot/$MACHINEID/$KERNELVERSION/@/$KERNELVERSION/@g" /boot/loader/entries/fedora.conf # move it in EFI directory for systemd-boot mv /boot/loader /boot/efi # remove unused file rm -rf /lib/modules/$KERNELVERSION/vmlinuz /boot/initramfs* /boot/$MACHINEID # install systemd-boot bootctl install # remove authselect and dracut microdnf -y remove dracut xz acl authselect authselect-compat authselect-libs chrony cpio libkcapi-hmaccalc libkcapi linux-firmware linux-firmware-whence # remove python3 microdnf -y remove python3 python3-libs python-pip-wheel python-setuptools-wheel gdbm-libs # remove langpacks fr microdnf -y remove langpacks-fr langpacks-core-fr langpacks-core-font-fr dejavu-sans-fonts fonts-filesystem rm -f /var/lib/systemd/random-seed rm -rfv /var/lib/authselect %end