aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMat Booth <mat.booth@redhat.com>2014-12-18 14:34:18 +0000
committerMat Booth <mat.booth@redhat.com>2014-12-18 14:34:18 +0000
commit37c37b313c1df4384b652518cdab25e4affdcbf6 (patch)
tree865003e7fccb3e51484a8a985a6f0fb7059ce1a0
parent05f5e59b9672cfea26443834eedaa8a97a188434 (diff)
downloadid.darkpeak.org-37c37b313c1df4384b652518cdab25e4affdcbf6.tar.gz
id.darkpeak.org-37c37b313c1df4384b652518cdab25e4affdcbf6.tar.xz
id.darkpeak.org-37c37b313c1df4384b652518cdab25e4affdcbf6.zip
Update id.dp.org kickstarts
-rw-r--r--README.md16
-rwxr-xr-x[-rw-r--r--]create_freeipa.sh17
-rw-r--r--freeipa-client.ks (renamed from freeipa-client-f21.ks)10
-rw-r--r--freeipa-server.ks (renamed from freeipa-server-f21.ks)36
4 files changed, 45 insertions, 34 deletions
diff --git a/README.md b/README.md
index 0d9627b..5d5a072 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,15 @@
-Tools for provisioning the Dark Peak FreeIPA identity server
+#Identity Server
+
+Tools for provisioning the Dark Peak FreeIPA identity server.
+
+##Deploy to Local VM
+
+ $ sudo ./create_freeipa.sh server
+
+##Deploy to Production
+
+Boot from a CentOS 7 installation disc.
+
+Before starting installation, hit tab to add an extra boot parameter. Add the following:
+
+ ks=http://git.cyberdelia.org.uk/darkpeak/id.darkpeak.org/raw/master/freeipa-server.ks
diff --git a/create_freeipa.sh b/create_freeipa.sh
index db7570e..2aa345f 100644..100755
--- a/create_freeipa.sh
+++ b/create_freeipa.sh
@@ -26,9 +26,16 @@ if [ "$(which virt-viewer virt-install virt-manager | wc -l)" -lt 3 ] ; then
yum -y install virt-manager virt-install virt-viewer libvirt-daemon-kvm
fi
-# Create VM and kick off the installation
-virt-install --virt-type=kvm --name=freeipa-$TYPE --ram=2048 --vcpus=1 --arch=x86_64 --graphics=spice --os-variant=fedora20 \
- --disk=size=15, --network=network=virt \
- --location="http://www.mirrorservice.org/sites/dl.fedoraproject.org/pub/fedora/linux/development/21/x86_64/os/" \
- --initrd-inject="./freeipa-$TYPE-f21.ks" --extra-args="ks=file:/freeipa-$TYPE-f21.ks"
+# Create VM and kick off the installation, CentOS 7 for servers, Fedora 21 for clients
+if [ "$TYPE" == "server" ] ; then
+ virt-install --virt-type=kvm --name=freeipa-$TYPE --graphics=spice --os-variant=centos7.0 \
+ --arch=x86_64 --vcpus=1 --ram=1024 --disk=size=10, --network=network=virt \
+ --location="http://www.mirrorservice.org/sites/mirror.centos.org/7/os/x86_64/" \
+ --initrd-inject="./freeipa-${TYPE}.ks" --extra-args="ks=file:/freeipa-${TYPE}.ks"
+else
+ virt-install --virt-type=kvm --name=freeipa-$TYPE --graphics=spice --os-variant=fedora21 \
+ --arch=x86_64 --vcpus=1 --ram=2048 --disk=size=20, --network=network=virt \
+ --location="http://www.mirrorservice.org/sites/dl.fedoraproject.org/pub/fedora/linux/releases/21/Everything/x86_64/os/" \
+ --initrd-inject="./freeipa-${TYPE}.ks" --extra-args="ks=file:/freeipa-${TYPE}.ks"
+fi
diff --git a/freeipa-client-f21.ks b/freeipa-client.ks
index 2b96a55..d0b1791 100644
--- a/freeipa-client-f21.ks
+++ b/freeipa-client.ks
@@ -1,10 +1,9 @@
-# Kickstart for deploying FreeIPA infrastructure on F21
+# Kickstart for deploying FreeIPA client infrastructure on F21
# Network installation
install
-url --url="http://www.mirrorservice.org/sites/dl.fedoraproject.org/pub/fedora/linux/development/21/x86_64/os/"
+url --url="http://www.mirrorservice.org/sites/dl.fedoraproject.org/pub/fedora/linux/releases/21/Everything/x86_64/os/"
repo --name=updates
-repo --name=updates-testing
# System authorization information
auth --enableshadow --passalgo=sha512
@@ -24,7 +23,7 @@ clearpart --all --initlabel --drives=vda
# Localisation
keyboard --vckeymap=uk --xlayouts='gb'
lang en_GB.UTF-8
-timezone Europe/London --nontp --isUtc
+timezone Europe/London --isUtc
# Security information
firewall --disabled
@@ -33,9 +32,6 @@ selinux --permissive
# Don't run setup agent
firstboot --disabled
-# Other services
-services --disabled="chronyd"
-
# Reboot when done
reboot
diff --git a/freeipa-server-f21.ks b/freeipa-server.ks
index bec70e2..b992645 100644
--- a/freeipa-server-f21.ks
+++ b/freeipa-server.ks
@@ -1,10 +1,10 @@
-# Kickstart for deploying FreeIPA infrastructure on F21
+# Kickstart for deploying FreeIPA server infrastructure on CentOS 7
# Network installation
install
-url --url="http://www.mirrorservice.org/sites/dl.fedoraproject.org/pub/fedora/linux/development/21/x86_64/os/"
+url --url="http://www.mirrorservice.org/sites/mirror.centos.org/7/os/x86_64/"
repo --name=updates
-repo --name=updates-testing
+repo --name=freeipa --baseurl=http://copr-be.cloud.fedoraproject.org/results/mkosek/freeipa/epel-7-x86_64/
# System authorization information
auth --enableshadow --passalgo=sha512
@@ -24,33 +24,26 @@ clearpart --all --initlabel --drives=vda
# Localisation
keyboard --vckeymap=uk --xlayouts='gb'
lang en_GB.UTF-8
-timezone Europe/London --nontp --isUtc
+timezone Europe/London --isUtc
# Security information
-firewall --disabled
+firewall --enabled --service=dhcpv6-client,dns,http,https,kerberos,kpasswd,ldap,ldaps,ssh
selinux --permissive
# Don't run setup agent
firstboot --disabled
-# Other services
-services --disabled="chronyd"
-
# Reboot when done
reboot
%packages
# Base packages
+@base
@core
-@standard
-@hardware-support
-@server-product
-@headless-management
--abrt-cli
-# Everything needed to be a FreeIPA Client
-@domain-client
-# Everything needed to be a FreeIPA Server
-@freeipa-server
+# FreeIPA packages
+freeipa-server
+bind-dyndb-ldap
+bind-pkcs11
%end
%post
@@ -62,13 +55,14 @@ PASS_MASTER=$( < /dev/urandom tr -dc [:alnum:] | head -c16 )
# FreeIPA "admin" password
PASS_ADMIN=$( < /dev/urandom tr -dc [:alnum:] | head -c16 )
-IP_ADDR=\$(ip -family inet -oneline address show dev eth0 | awk '{print $4}' | cut -d'/' -f1)
+IP_ADDR=\$(ip -family inet -oneline address show dev eth0 | awk '{print \$4}' | cut -d'/' -f1)
ipa-server-install -r DARKPEAK.ORG -n darkpeak.org --hostname=id.darkpeak.org --ip-address=\$IP_ADDR \\
- --no-ssh --no-sshd --no-dns-sshfp --setup-dns --no-host-dns --no-forwarders --no-dnssec-validation \\
- --no-ntp --ds-password=\$PASS_MASTER --master-password=\$PASS_MASTER --admin-password=\$PASS_ADMIN \\
- --idstart=5000 --subject="O=Dark Peak Data Co-operative Limited" \\
+ --no-ntp --no-dns-sshfp --setup-dns --no-host-dns --no-forwarders --no-dnssec-validation \\
+ --ds-password=\$PASS_MASTER --master-password=\$PASS_MASTER --admin-password=\$PASS_ADMIN \\
+ --idstart=5000 --mkhomedir --subject="O=Dark Peak Data Co-operative Limited" \\
&& echo "FreeIPA Admin Password is: \$PASS_ADMIN"
EOF
chmod +x /root/freeipa_setup.sh
%end
+