dataset/seed/applicationservice/2022.03.08/base-fedora/packer/os/http/ks-34.cfg

# Keyboard layouts
keyboard --xlayouts='fr (oss)'
# System language
lang fr_FR.UTF-8
# Required settings
rootpw qemubuild
user --name=qemubuild --password=qemubuild --groups=wheel
authconfig --enableshadow --enablemd5

# System timezone
timezone Europe/Paris --utc
repo --name=fedora --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
repo --name=updates --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
url --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-\$releasever&arch=\$basearch%%EXTRA_URL%%

# Optional settings
#bootloader --location=mbr
bootloader --disabled
clearpart --all --initlabel
firstboot --enable
#install
network --bootproto=dhcp
reboot
selinux --enforcing
#services --enabled=sshd,zram-swap,systemd-networkd,systemd-resolved
services --enabled=sshd --disabled=systemd-vconsole-setup
skipx
text
zerombr

# Disk partition
part / --fstype="ext2" --ondisk=vda --grow
# btrfs : part btrfs.50 --fstype="btrfs" --ondisk=vda --grow
part /boot/efi --fstype="efi" --ondisk=vda --size=30 --fsoptions="umask=0077,shortname=winnt"

#btrfs none --label=fedora_fedora btrfs.50
#btrfs / --subvol --name=root LABEL=fedora_fedora

# Packages
%packages --excludedocs --instLangs=fr --nocore --exclude-weakdeps
#@core --nodefaults
audit
bash
coreutils
#dracut-config-generic
# btrfs duperemove
#glibc-langpack-fr
kbd
kernel-core
microdnf
openssh-server
openssh-clients
qemu-guest-agent
systemd-networkd
#rpm
#shadow-utils
screen
sudo
systemd
#util-linux
-zram
#
-kernel
%end

# Post
%post

# for microdnf
touch /etc/dnf/dnf.conf

# add qemubuild to sudo
echo "qemubuild        ALL=(ALL)       NOPASSWD: ALL" >> /etc/sudoers.d/qemubuild

# remove unecessary directories
rm -rf /usr/share/doc
rm -rf /usr/share/licenses
#rm -rfv /usr/share/icons/*
# remove some random help txt files
rm -fv /usr/share/gnupg/help*.txt
# Pruning random things
rm usr/lib/rpm/rpm.daily
#some random not-that-useful binaries
rm -fv /usr/bin/pinky

# if you want to change the timezone, bind-mount it from the host or reinstall tzdata
localzone=$(readlink /etc/localtime)
mv $localzone /tmp
rm -rfv  /usr/share/zoneinfo
mkdir -p $(dirname $localzone)
mv /tmp/$(basename $localzone) $localzone

# configure systemd-networkd
echo """[Match]
Name=*

[Network]
DHCP=yes""" > /etc/systemd/network/dhcp.network
SYSTEMDDIR=/usr/lib/systemd/system
MULTI=$SYSTEMDDIR/multi-user.target.wants
ln -sf ../systemd-networkd.service $MULTI/systemd-networkd.service
ln -sf ../systemd-resolved.service $MULTI/systemd-resolved.service

# initramfs have to mount iso9660 partition
# install bootload
SYSDISK="/dev/vda2"
MACHINEID=`cat /etc/machine-id`
KERNELVERSION=`ls /lib/modules`
DISK=`lsblk -n $SYSDISK -o uuid`
mkdir /boot/$MACHINEID
# btrfs : echo "root=UUID=$DISK ro rootflags=subvol=root" > /etc/kernel/cmdline
echo "root=UUID=$DISK ro" > /etc/kernel/cmdline
# add CDROM driver
echo 'add_drivers+=" iso9660 "' > /etc/dracut.conf.d/cdrom.conf
kernel-install add $KERNELVERSION /lib/modules/$KERNELVERSION/vmlinuz
mv /boot/$MACHINEID/$KERNELVERSION /boot/efi
# // ADD MOUNT INSTRUCTION IN INITRAMFS
# build second initrd file that mount cdrom to /usr
#echo 'add_fstab+=/tmp/fstab' >> /etc/dracut.conf.d/cdrom.conf
#echo "/dev/sr0 /sysroot/usr/local/lib iso9660 ro,relatime,x-systemd.after=sysroot.mount,x-systemd.before=systemd-volatile-root.service 0 0" > /tmp/fstab
#echo "/dev/sr0 /sysroot/usr/local/lib iso9660 ro,x-initrd.mount,nosuid,noexec,uid=0,gid=0,mode=400 0 0" > /tmp/fstab
echo "[Unit]
DefaultDependencies=no
After=sysroot.mount
Before=initrd-udevadm-cleanup-db.service
#Before=systemd-volatile-root.service
After=blockdev@dev-sr0.target

[Service]
Type=oneshot
ExecStart=mount /dev/sr0 /sysroot/usr/local/lib -t iso9660 -o defaults,ro,nosuid,noexec,uid=0,gid=0,mode=400
" > /usr/lib/systemd/system/sysroot-usr-local-lib.service

# // VERSION .mount
#[Mount]
#Where=/sysroot/usr/local/lib
#What=/dev/sr0
#Type=iso9660
#Options=defaults,ro,nosuid,noexec,uid=0,gid=0,mode=400" > /usr/lib/systemd/system/sysroot-usr-local-lib.mount
mkdir -p /usr/lib/systemd/system/initrd-root-fs.target.requires
cd /usr/lib/systemd/system/initrd-root-fs.target.requires
#ln -sf ../sysroot-usr-local-lib.mount .
ln -sf ../sysroot-usr-local-lib.service .
#echo 'install_items+=" /usr/lib/systemd/system/sysroot-usr-local-lib.mount /usr/lib/systemd/system/initrd-root-fs.target.requires/sysroot-usr-local-lib.mount "' >> /etc/dracut.conf.d/cdrom.conf
echo 'install_items+=" /usr/lib/systemd/system/sysroot-usr-local-lib.service /usr/lib/systemd/system/initrd-root-fs.target.requires/sysroot-usr-local-lib.service "' >> /etc/dracut.conf.d/cdrom.conf
kernel-install add $KERNELVERSION /lib/modules/$KERNELVERSION/vmlinuz
mv /boot/$MACHINEID/$KERNELVERSION/initrd /boot/efi/$KERNELVERSION/initrd.cdrom
rm -f /etc/dracut.conf.d/cdrom.conf
 // END INITRAMFS
# rename entry file without machine ID
mv /boot/loader/entries/$MACHINEID-$KERNELVERSION.conf /boot/loader/entries/fedora.conf
sed -i "/^machine-id /d" /boot/loader/entries/fedora.conf
sed -i "s@/boot/$MACHINEID/$KERNELVERSION/@/$KERNELVERSION/@g" /boot/loader/entries/fedora.conf
# move it in EFI directory for systemd-boot
mv /boot/loader /boot/efi
# remove unused file
rm -rf /lib/modules/$KERNELVERSION/vmlinuz /boot/initramfs* /boot/$MACHINEID
# install systemd-boot
bootctl install

# remove authselect and dracut
microdnf -y remove dracut xz acl authselect authselect-compat authselect-libs chrony cpio libkcapi-hmaccalc libkcapi linux-firmware linux-firmware-whence
# remove python3
microdnf -y remove python3 python3-libs python-pip-wheel python-setuptools-wheel gdbm-libs
# remove langpacks fr
microdnf -y remove langpacks-fr langpacks-core-fr langpacks-core-font-fr dejavu-sans-fonts fonts-filesystem
rm -f /var/lib/systemd/random-seed
rm -rfv /var/lib/authselect
%end