From ac7449d5f681b113e28ce70274867850b03b7295 Mon Sep 17 00:00:00 2001 From: Sergei Bobkov Date: Fri, 3 Jan 2025 14:55:31 +0300 Subject: [PATCH] Add some options to ansible.conf --- ansible/.conf/.ansible.cfg | 3 + ansible/.secret/.ansible/inventories/hosts | 15 +- .../vmware_vm_inventory.yml | 8 +- ansible/.secret/.ansible/vars_creds.yml | 2 +- .../vmware_vm_inventory.sh | 2 +- .../files/debian12/sources.list | 4 +- ansible/roles/rd_os-linux-prep/tasks/main.yml | 4 +- .../var/www/.boot/boot_00:50:56:91:d2:c8.ipxe | 5 - .../initrd.gz | 0 .../linux | 0 .../var/www/.preseeds/def_preseed.cfg | 120 --------------- .../var/www/.preseeds/files_common/mc/ini | 144 ------------------ .../www/.preseeds/files_common/mc/panels.ini | 35 ----- .../www/.preseeds/files_common/skel/.bashrc | 116 -------------- .../files_common/update-motd.d/99-custom | 3 - .../.preseeds/preseed_00:50:56:91:d2:c8.cfg | 141 ----------------- .../.preseeds/scripts_common/first_start.sh | 10 -- .../var/www/.preseeds/scripts_common/rc.local | 16 -- 18 files changed, 16 insertions(+), 612 deletions(-) rename ansible/.secret/.ansible/{inventories/vmware_vm_inventory => }/vmware_vm_inventory.sh (83%) delete mode 100644 iPXEdeploy-server/config_files/var/www/.boot/boot_00:50:56:91:d2:c8.ipxe rename iPXEdeploy-server/config_files/var/www/.images/{netinst_deb12x64 => netinst_debian12_64Guest}/initrd.gz (100%) rename iPXEdeploy-server/config_files/var/www/.images/{netinst_deb12x64 => netinst_debian12_64Guest}/linux (100%) delete mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/def_preseed.cfg delete mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/ini delete mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/panels.ini delete mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/files_common/skel/.bashrc delete mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/files_common/update-motd.d/99-custom delete mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/preseed_00:50:56:91:d2:c8.cfg delete mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/first_start.sh delete mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/rc.local diff --git a/ansible/.conf/.ansible.cfg b/ansible/.conf/.ansible.cfg index dcf2bf9..2e91f0b 100644 --- a/ansible/.conf/.ansible.cfg +++ b/ansible/.conf/.ansible.cfg @@ -133,6 +133,9 @@ accelerate_daemon_timeout = 30 #special_context_filesystems=nfs,vboxsf,fuse,ramfs [inventory] +#cache = true +#cache_connection = $HOME/.ansible/inventory +#cache_timeout = 600 # enable inventory plugins, default: 'host_list', 'script', 'yaml', 'ini', 'auto' #enable_plugins = vmware_vm_inventory #enable_plugins = community.vmware.vmware_vm_inventory, ini diff --git a/ansible/.secret/.ansible/inventories/hosts b/ansible/.secret/.ansible/inventories/hosts index ad3bc64..e227b57 100644 --- a/ansible/.secret/.ansible/inventories/hosts +++ b/ansible/.secret/.ansible/inventories/hosts @@ -1,14 +1,5 @@ -[test] -z3.lab.loc ansible_host=10.8.11.13 ansible_ssh_port=22 ansible_python_interpreter="/usr/bin/python3" +# For iPXE deploy VMs +ipxe-deplsrv01-it.lab.loc -[all_linux] -ovpnsrv01-infr-dmz.lab.loc ansible_host=10.1.1.11 ansible_ssh_port=22 ansible_python_interpreter="/usr/bin/python3" -ovpnsrv09-infr-dmz.lab.loc ansible_host=10.1.1.19 ansible_ssh_port=22 ansible_python_interpreter="/usr/bin/python3" -websrv99-it-dmz.lab.loc ansible_host=10.1.2.99 ansible_ssh_port=22 ansible_python_interpreter="/usr/bin/python3" -svcsrv01-it-dmz.lab.loc ansible_host=10.1.254.254 ansible_ssh_port=22 ansible_python_interpreter="/usr/bin/python3" -fakednssrv01-infr.lab.loc ansible_host=10.1.101.101 ansible_ssh_port=22 ansible_python_interpreter="/usr/bin/python3" -#autotoolsrv01-it.lab.loc ansible_host=10.1.222.11 ansible_ssh_port=22 ansible_python_interpreter="/usr/bin/python3" -lin-reposrv01-it.lab.loc ansible_host=10.1.254.51 ansible_ssh_port=22 ansible_python_interpreter="/usr/bin/python3" -rslogsrv01-it.lab.loc ansible_host=10.1.254.2 ansible_ssh_port=22 ansible_python_interpreter="/usr/bin/python3" -svcsrv01-it.lab.loc ansible_host=10.1.254.254 ansible_ssh_port=22 ansible_python_interpreter="/usr/bin/python3" +# All dynamic inventory by ./inventories/vmware_vm_inventory.yml diff --git a/ansible/.secret/.ansible/inventories/vmware_vm_inventory/vmware_vm_inventory.yml b/ansible/.secret/.ansible/inventories/vmware_vm_inventory/vmware_vm_inventory.yml index dfa0744..36d8e28 100644 --- a/ansible/.secret/.ansible/inventories/vmware_vm_inventory/vmware_vm_inventory.yml +++ b/ansible/.secret/.ansible/inventories/vmware_vm_inventory/vmware_vm_inventory.yml @@ -5,9 +5,9 @@ # cat zzz.yml | grep -i "guestid" | sed 's/^ config.guestId: //' | sed 's/$.*//' | sort | uniq # plugin: community.vmware.vmware_vm_inventory -strict: true +strict: false hostname: "vcsrv01.XXXXXXX.XXX" -username: "ansb-autotools-it@vsphere.local" +username: "XXXXXXXXXXXXXXXX@vsphere.local" password: "XXXXXXXXXXXXXXXX" validate_certs: false with_tags: true @@ -71,7 +71,7 @@ filters: - config.template == false - summary.runtime.powerState == 'poweredOn' - '"vCLS" not in config.name' -- '"vcsrv01.lab.loc" not in config.name' +- '"vcsrv01.XXXXXXX.loc" not in config.name' #"'Nas01' in config.datastoreUrl[0].name" # or guest.ipAddress is match('192.169.*')) @@ -82,7 +82,7 @@ compose: # composed_var: 'config.name' # ansible_user: "'root'" # ansible_connection: "'ssh'" -# ansible_ssh_private_key_file: "'~/.ssh/id_rsa_XXXXXX'" +# ansible_ssh_private_key_file: "'~/.ssh/id_rsa_XXXXXXX'" # ansible_ssh_port: "'22'" # ansible_python_interpreter: "'/usr/bin/python3'" diff --git a/ansible/.secret/.ansible/vars_creds.yml b/ansible/.secret/.ansible/vars_creds.yml index babd916..f14f3df 100644 --- a/ansible/.secret/.ansible/vars_creds.yml +++ b/ansible/.secret/.ansible/vars_creds.yml @@ -5,7 +5,7 @@ vcenter_password: "XXXXXXXXX" vcenter_validate_certs: false vcenter_datacenter: "DC01" -ansible_user: "root" +ansible_user: "ansb-it" #ansible_password: "XXXXXXX" ansible_ssh_private_key_file: '~/.ssh/id_rsa_XXXXXXX' ansible_ssh_port: 22 diff --git a/ansible/.secret/.ansible/inventories/vmware_vm_inventory/vmware_vm_inventory.sh b/ansible/.secret/.ansible/vmware_vm_inventory.sh similarity index 83% rename from ansible/.secret/.ansible/inventories/vmware_vm_inventory/vmware_vm_inventory.sh rename to ansible/.secret/.ansible/vmware_vm_inventory.sh index ffe26e8..e8f8cbc 100755 --- a/ansible/.secret/.ansible/inventories/vmware_vm_inventory/vmware_vm_inventory.sh +++ b/ansible/.secret/.ansible/vmware_vm_inventory.sh @@ -1,3 +1,3 @@ #!/bin/bash -ansible-inventory -i ~/.secret/.ansible/inventories/vmware_vm_inventory/vmware_vm_inventory.yml --list -y --output ~/.secret/.ansible/inventories/hosts.yml +ansible-inventory -i ~/.secret/.ansible/inventories/vmware_vm_inventory/vmware_vm_inventory.yml --list -y --output ~/.secret/.ansible/hosts-temp.yml diff --git a/ansible/roles/rd_os-linux-prep/files/debian12/sources.list b/ansible/roles/rd_os-linux-prep/files/debian12/sources.list index 932ff58..7ad6238 100644 --- a/ansible/roles/rd_os-linux-prep/files/debian12/sources.list +++ b/ansible/roles/rd_os-linux-prep/files/debian12/sources.list @@ -1,3 +1,3 @@ # -deb http://repo.rosdolg.loc/debian bookworm main contrib non-free non-free-firmware -deb http://repo.rosdolg.loc/debian-security bookworm-security main contrib non-free non-free-firmware +deb http://repo-deb12.rosdolg.loc/debian bookworm main contrib non-free non-free-firmware +deb http://repo-deb12.rosdolg.loc/debian-security bookworm-security main contrib non-free non-free-firmware diff --git a/ansible/roles/rd_os-linux-prep/tasks/main.yml b/ansible/roles/rd_os-linux-prep/tasks/main.yml index 7d290dd..a7c8f76 100644 --- a/ansible/roles/rd_os-linux-prep/tasks/main.yml +++ b/ansible/roles/rd_os-linux-prep/tasks/main.yml @@ -6,8 +6,8 @@ - name: import_tasks: apt_conf.yml -- name: - import_tasks: os_conf.yml +#- name: +# import_tasks: os_conf.yml diff --git a/iPXEdeploy-server/config_files/var/www/.boot/boot_00:50:56:91:d2:c8.ipxe b/iPXEdeploy-server/config_files/var/www/.boot/boot_00:50:56:91:d2:c8.ipxe deleted file mode 100644 index 9628ede..0000000 --- a/iPXEdeploy-server/config_files/var/www/.boot/boot_00:50:56:91:d2:c8.ipxe +++ /dev/null @@ -1,5 +0,0 @@ -#!ipxe - -kernel http://${next-server}/.images/netinst_deb12x64/linux ipv6.disable=1 auto=true netcfg/dhcp_timeout=30 priority=critical locale=en_US preseed/url=http://${next-server}/.preseeds/preseed_00:50:56:91:d2:c8.cfg -initrd http://${next-server}/.images/netinst_deb12x64/initrd.gz -boot diff --git a/iPXEdeploy-server/config_files/var/www/.images/netinst_deb12x64/initrd.gz b/iPXEdeploy-server/config_files/var/www/.images/netinst_debian12_64Guest/initrd.gz similarity index 100% rename from iPXEdeploy-server/config_files/var/www/.images/netinst_deb12x64/initrd.gz rename to iPXEdeploy-server/config_files/var/www/.images/netinst_debian12_64Guest/initrd.gz diff --git a/iPXEdeploy-server/config_files/var/www/.images/netinst_deb12x64/linux b/iPXEdeploy-server/config_files/var/www/.images/netinst_debian12_64Guest/linux similarity index 100% rename from iPXEdeploy-server/config_files/var/www/.images/netinst_deb12x64/linux rename to iPXEdeploy-server/config_files/var/www/.images/netinst_debian12_64Guest/linux diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/def_preseed.cfg b/iPXEdeploy-server/config_files/var/www/.preseeds/def_preseed.cfg deleted file mode 100644 index 9186a40..0000000 --- a/iPXEdeploy-server/config_files/var/www/.preseeds/def_preseed.cfg +++ /dev/null @@ -1,120 +0,0 @@ -# Language and Locale -d-i debian-installer/language string en -d-i debian-installer/country string RU -d-i debian-installer/locale string en_US.UTF-8 - -# Hostname -d-i netcfg/get_hostname string unassigned-hostname -d-i netcfg/get_domain string unassigned-domain - -# Keyboard -d-i keymap select us -d-i console-keymaps-at/keymap select us -d-i keyboard-configuration/xkb-keymap select us - -# Timezone / Time -d-i time/zone string Europe/Moscow -d-i clock-setup/utc boolean true - - -# Package Configuration -d-i pkgsel/upgrade select full-upgrade -#d-i mirror/country string TR -d-i mirror/country string manual -d-i mirror/http/hostname string reposrv.lab.loc -d-i mirror/http/directory string /debian -d-i apt-setup/services-select multiselect security, updates -d-i apt-setup/security_host string reposrv.lab.loc - -d-i apt-setup/non-free boolean true -d-i apt-setup/contrib boolean true - -tasksel tasksel/first multiselect none -d-i pkgsel/include string openssh-server open-vm-tools perl-modules-* net-tools mc htop bash-completion iotop iftop bwm-ng sysstat iptraf-ng iperf3 ethtool tcpdump scsitools lsscsi kpartx toilet figlet git apt-transport-https sysfsutils curl ethtool secure-delete dnsutils net-tools rpm2cpio dos2unix telnet rsync sudo whois pv screen lsof tmux hping3 nload parted netcat-openbsd wget vim rsyslog iptables man -d-i pkgsel/install-language-support boolean false -popularity-contest popularity-contest/participate boolean false - -# Partitioning -d-i partman/mount_style select uuid -d-i partman-auto/disk string /dev/sda -d-i partman-basicfilesystems/choose_label string gpt -d-i partman-basicfilesystems/default_label string gpt -d-i partman-partitioning/choose_label string gpt -d-i partman-partitioning/default_label string gpt -d-i partman/choose_label string gpt -d-i partman/default_label string gpt -d-i partman-auto/method string lvm -d-i partman-auto/purge_lvm_from_device boolean true -d-i partman-auto/choose_recipe select gpt-boot-lvm -d-i partman-auto-lvm/new_vg_name string vg01 -d-i partman-auto/expert_recipe string \ - gpt-boot-lvm :: \ - 1 1 1 free \ - $bios_boot{ } \ - method{ biosgrub } \ - . \ - 537 537 537 linux-swap \ - $defaultignore{ } \ - $lvmok{ } \ - lv_name{ swap } \ - method{ swap } \ - format{ } \ - . \ - 2600 2600 -1 ext4 \ - $defaultignore{ } \ - $lvmok{ } \ - lv_name{ root } \ - method{ format } \ - format{ } \ - use_filesystem{ } \ - filesystem{ ext4 } \ - mountpoint{ / } \ - . -d-i partman-auto-lvm/no_boot boolean true -d-i partman/confirm boolean true -d-i partman-lvm/confirm boolean true -d-i partman-lvm/confirm_nooverwrite boolean true -d-i partman-lvm/device_remove_lvm boolean true -d-i partman-lvm/confirm boolean true -d-i partman/choose_partition select Finish partitioning and write changes to disk -d-i partman/confirm_nooverwrite boolean true -d-i partman/mount_style select uuid - - -# mkpasswd -s -m sha-512 -# -d-i passwd/root-login boolean true -d-i passwd/root-password-crypted password $6$vWJHdzEQUi4x9.cd$usa.oXjqhviC1bAi4vc95o0B17LVMekzn/P5C8Q2JyFWNQj3cfntd7YzcRiNAFUCH4i4F8Y0nOS/j66rAvxov1 - -d-i passwd/make-user boolean false -#d-i passwd/user-fullname string user -#d-i passwd/username string user -#d-i passwd/user-password-crypted password $6$Xdo2ihdwRlBgvpQB$wPZTb9IvmjE8Y5XHsgT/OL.dPaWhna5EzLFgfWXjQ3k5NnLJqzCnb/mKBzkGQpcjSLhQCXyXqOZ0ji5E.Mu1c/ - -d-i user-setup/allow-password-weak boolean true -d-i user-setup/encrypt-home boolean false - -d-i grub-installer/bootdev string /dev/sda - -d-i debian-installer/splash boolean false - -d-i finish-install/reboot_in_progress note -d-i preseed/late_command string in-target /bin/sh -c "cd /root;curl https://aassdd.ru/zzxxccvvbbnn/deb_conf/config/.bashrc > .bashrc;cd /root;mkdir .config;mkdir ./.config/mc;chmod -R 700 .config;cd /root/.config/mc;curl https://aassdd.ru/zzxxccvvbbnn/deb_conf/config/ini > ini;curl https://aassdd.ru/zzxxccvvbbnn/deb_conf/config/panels.ini > panels.ini; sed -i 's/^#PermitRootLogin prohibit-password/#PermitRootLogin prohibit-password\nPermitRootLogin yes/' /etc/ssh/sshd_config; sed -i 's/^PermitRootLogin without-password/#PermitRootLogin without-password\nPermitRootLogin yes/' /etc/ssh/sshd_config; echo \"echo; hostname -f | sed 's/.*/\U&/' | sed 's/^/=> /' | sed 's/$/ <=/' | toilet -f term -F border --gay;echo\" >> /etc/profile"; \ -in-target mkdir -p /root/.ssh; \ -in-target /bin/sh -c "echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDrHbdpfwqnQdPXnpX70Bq8Msq7bcLUuTRWT/JqwTtbEBDEvJCjNUJiJlefqrAFP58qew2u826olTuRqfDhb/lsBPUFUzU63aWmEAdhITTsYQYof9o2FKzDwK/qc1Bz17UELWlruNHdTjciz6BV+9ZLqNwmQ1CXO2rSt5D57Bv13LRtlTZ1LOIvA3HGr0NmCjr+FmHvihNqinSkqfdfd6SMMqwYEFvHscH2bazGZorqKwHc7q7INOSsU5JPlX2SbcstcMclocAWmX+DdbylZRtuEVky4vZqmGJjPQ3w5Ng5nLa1BEIDk3Hc7vW5BJsCM8mqTmmgWVnZHpakAOaFvjgcevKTr7fEyELzbOO42MUu29HjMP24VZnpdQJxc1zZ9UXCGW1Rd0b3hll8SAbYBBOeYNt+yGR8j8uPeP9sHhuEIRgMwKgHSVTF5ZaeqUneQcawrRGLg5++nyze/wMqCLYCSUykxxZYuhCk1cxPlGoXNokGWkQDinm+IlG9AxKI6C72qGhSZTBZPkD7qlY+HftnZHa8RGh0mc8ANhxOcXbZzBBaSHm7Dbf/Nc/0T58V1DJnwUmY3Y87E9rvkiN+PhSxzNgLfPeNtJHVyvA76ONEgieOIPU288nkKHDIwNhzb3fS6BajMq05ZgP49qsaLfcUTlYfHgkuWXjfne9ADNSsJw== root@local.local' >> /root/.ssh/authorized_keys"; \ -in-target chown -R root:root /root/.ssh; \ -in-target chmod 600 /root/.ssh/authorized_keys; \ -in-target chmod 700 /root/.ssh; \ -in-target sed -i 's/quiet/quiet ipv6.disable=1/' /etc/default/grub; \ -in-target /bin/sh -c "update-grub"; \ -in-target /bin/sh -c "curl http://10.8.221.2/.preseeds/scripts_common/rc.local > /etc/rc.local; curl http://10.8.221.2/.preseeds/scripts_common/first_start.sh > /root/first_start.sh"; \ -in-target chmod 755 /etc/rc.local; \ -in-target chmod 755 /root/first_start.sh; \ -in-target /bin/sh -c "update-alternatives --set iptables /usr/sbin/iptables-legacy"; \ -in-target /bin/sh -c "echo >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo '#x#auto ens160' >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo '#x#allow-hotplug ens160' >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo '#x# iface ens160 inet static' >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo '#x# address 10.1.1.2' >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo '#x# netmask 255.255.255.0' >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo '#x# gateway 10.1.1.1' >> /etc/network/interfaces" diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/ini b/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/ini deleted file mode 100644 index b4e1e1c..0000000 --- a/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/ini +++ /dev/null @@ -1,144 +0,0 @@ -[Midnight-Commander] -verbose=true -shell_patterns=true -auto_save_setup=false -preallocate_space=false -auto_menu=false -use_internal_view=true -use_internal_edit=true -clear_before_exec=true -confirm_delete=true -confirm_overwrite=true -confirm_execute=false -confirm_history_cleanup=true -confirm_exit=false -confirm_directory_hotlist_delete=false -confirm_view_dir=false -safe_delete=false -safe_overwrite=false -use_8th_bit_as_meta=false -mouse_move_pages_viewer=true -mouse_close_dialog=false -fast_refresh=false -drop_menus=false -wrap_mode=true -old_esc_mode=true -cd_symlinks=true -show_all_if_ambiguous=false -use_file_to_guess_type=true -alternate_plus_minus=false -only_leading_plus_minus=true -show_output_starts_shell=false -xtree_mode=false -file_op_compute_totals=true -classic_progressbar=true -use_netrc=true -ftpfs_always_use_proxy=false -ftpfs_use_passive_connections=true -ftpfs_use_passive_connections_over_proxy=false -ftpfs_use_unix_list_options=true -ftpfs_first_cd_then_ls=true -ignore_ftp_chattr_errors=true -editor_fill_tabs_with_spaces=false -editor_return_does_auto_indent=false -editor_backspace_through_tabs=false -editor_fake_half_tabs=true -editor_option_save_position=true -editor_option_auto_para_formatting=false -editor_option_typewriter_wrap=false -editor_edit_confirm_save=true -editor_syntax_highlighting=true -editor_persistent_selections=true -editor_drop_selection_on_copy=true -editor_cursor_beyond_eol=false -editor_cursor_after_inserted_block=false -editor_visible_tabs=true -editor_visible_spaces=true -editor_line_state=false -editor_simple_statusbar=false -editor_check_new_line=false -editor_show_right_margin=false -editor_group_undo=true -editor_state_full_filename=true -editor_ask_filename_before_edit=false -nice_rotating_dash=true -mcview_remember_file_position=false -auto_fill_mkdir_name=true -copymove_persistent_attr=true -pause_after_run=1 -mouse_repeat_rate=100 -double_click_speed=250 -old_esc_mode_timeout=1000000 -max_dirt_limit=10 -num_history_items_recorded=60 -vfs_timeout=60 -ftpfs_directory_timeout=900 -ftpfs_retry_seconds=30 -fish_directory_timeout=900 -editor_tab_spacing=8 -editor_word_wrap_line_length=72 -editor_option_save_mode=0 -editor_backup_extension=~ -editor_filesize_threshold=64M -editor_stop_format_chars=-+*\\,.;:&> -mcview_eof= -skin=default - -[Layout] -message_visible=0 -keybar_visible=1 -xterm_title=1 -output_lines=0 -command_prompt=1 -menubar_visible=1 -free_space=1 -horizontal_split=0 -vertical_equal=1 -left_panel_size=66 -horizontal_equal=1 -top_panel_size=1 - -[Misc] -timeformat_recent=%b %e %H:%M -timeformat_old=%b %e %Y -ftp_proxy_host=gate -ftpfs_password=anonymous@ -display_codepage=UTF-8 -source_codepage=Other_8_bit -autodetect_codeset= -spell_language=en -clipboard_store= -clipboard_paste= - -[Colors] -base_color= -xterm= -color_terminals= - -[Panels] -show_mini_info=true -kilobyte_si=false -mix_all_files=false -show_backups=true -show_dot_files=true -fast_reload=false -fast_reload_msg_shown=false -mark_moves_down=true -reverse_files_only=true -auto_save_setup_panels=false -navigate_with_arrows=false -panel_scroll_pages=true -panel_scroll_center=false -mouse_move_pages=true -filetype_mode=true -permission_mode=false -torben_fj_mode=false -quick_search_mode=2 -select_flags=7 - -[Panelize] -Find *.orig after patching=find . -name \\*.orig -print -Find SUID and SGID programs=find . \\( \\( -perm -04000 -a -perm /011 \\) -o \\( -perm -02000 -a -perm /01 \\) \\) -print -Find rejects after patching=find . -name \\*.rej -print -Modified git files=git ls-files --modified - diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/panels.ini b/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/panels.ini deleted file mode 100644 index 67583ba..0000000 --- a/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/panels.ini +++ /dev/null @@ -1,35 +0,0 @@ -[New Left Panel] -display=listing -reverse=false -case_sensitive=false -exec_first=false -sort_order=name -list_mode=full -brief_cols=2 -user_format=half type name | size | perm -user_status0=half type name | size | perm -user_status1=half type name | size | perm -user_status2=half type name | size | perm -user_status3=half type name | size | perm -user_mini_status=false -list_format=full - -[New Right Panel] -display=listing -reverse=false -case_sensitive=false -exec_first=false -sort_order=name -list_mode=full -brief_cols=2 -user_format=half type name | size | perm -user_status0=half type name | size | perm -user_status1=half type name | size | perm -user_status2=half type name | size | perm -user_status3=half type name | size | perm -user_mini_status=false -list_format=full - -[Dirs] -current_is_left=false -other_dir=/ diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/skel/.bashrc b/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/skel/.bashrc deleted file mode 100644 index 1bb1d17..0000000 --- a/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/skel/.bashrc +++ /dev/null @@ -1,116 +0,0 @@ -# ~/.bashrc: executed by bash(1) for non-login shells. -# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc) -# for examples - -# If not running interactively, don't do anything -case $- in - *i*) ;; - *) return;; -esac - -# by me -shopt -s cdspell - -# don't put duplicate lines or lines starting with space in the history. -# See bash(1) for more options -HISTCONTROL=ignoreboth - -# append to the history file, don't overwrite it -shopt -s histappend - -# for setting history length see HISTSIZE and HISTFILESIZE in bash(1) -HISTSIZE=2000 -HISTFILESIZE=2000 - -# check the window size after each command and, if necessary, -# update the values of LINES and COLUMNS. -shopt -s checkwinsize - -# If set, the pattern "**" used in a pathname expansion context will -# match all files and zero or more directories and subdirectories. -#shopt -s globstar - -# make less more friendly for non-text input files, see lesspipe(1) -#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)" - -# set variable identifying the chroot you work in (used in the prompt below) -if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then - debian_chroot=$(cat /etc/debian_chroot) -fi - -# set a fancy prompt (non-color, unless we know we "want" color) -case "$TERM" in - xterm-color|*-256color) color_prompt=yes;; -esac - -# uncomment for a colored prompt, if the terminal has the capability; turned -# off by default to not distract the user: the focus in a terminal window -# should be on the output of commands, not on the prompt -force_color_prompt=yes - -if [ -n "$force_color_prompt" ]; then - if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then - # We have color support; assume it's compliant with Ecma-48 - # (ISO/IEC-6429). (Lack of such support is extremely rare, and such - # a case would tend to support setf rather than setaf.) - color_prompt=yes - else - color_prompt= - fi -fi - -if [ "$color_prompt" = yes ]; then - PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' -else - PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' -fi -unset color_prompt force_color_prompt - -# If this is an xterm set the title to user@host:dir -case "$TERM" in -xterm*|rxvt*) - PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1" - ;; -*) - ;; -esac - -# enable color support of ls and also add handy aliases -if [ -x /usr/bin/dircolors ]; then - test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" - alias ls='ls --color=auto' - #alias dir='dir --color=auto' - #alias vdir='vdir --color=auto' - - alias grep='grep --color=auto' - #alias fgrep='fgrep --color=auto' - #alias egrep='egrep --color=auto' -fi - -# colored GCC warnings and errors -#export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01' - -# some more ls aliases -#alias ll='ls -l' -#alias la='ls -A' -#alias l='ls -CF' - -# Alias definitions. -# You may want to put all your additions into a separate file like -# ~/.bash_aliases, instead of adding them here directly. -# See /usr/share/doc/bash-doc/examples in the bash-doc package. - -if [ -f ~/.bash_aliases ]; then - . ~/.bash_aliases -fi - -# enable programmable completion features (you don't need to enable -# this, if it's already enabled in /etc/bash.bashrc and /etc/profile -# sources /etc/bash.bashrc). -if ! shopt -oq posix; then - if [ -f /usr/share/bash-completion/bash_completion ]; then - . /usr/share/bash-completion/bash_completion - elif [ -f /etc/bash_completion ]; then - . /etc/bash_completion - fi -fi diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/update-motd.d/99-custom b/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/update-motd.d/99-custom deleted file mode 100644 index ecb8892..0000000 --- a/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/update-motd.d/99-custom +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh - -hostname -f | sed 's/.*/\U&/' | sed 's/^/=> /' | sed 's/$/ <=/' | toilet -f term -F border --gay diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/preseed_00:50:56:91:d2:c8.cfg b/iPXEdeploy-server/config_files/var/www/.preseeds/preseed_00:50:56:91:d2:c8.cfg deleted file mode 100644 index 57dcb21..0000000 --- a/iPXEdeploy-server/config_files/var/www/.preseeds/preseed_00:50:56:91:d2:c8.cfg +++ /dev/null @@ -1,141 +0,0 @@ -# Language and Locale -d-i debian-installer/language string en -d-i debian-installer/country string RU -d-i debian-installer/locale string en_US.UTF-8 - -# Hostname -d-i netcfg/get_hostname string unassigned-hostname -d-i netcfg/get_domain string unassigned-domain - -# Keyboard -d-i keymap select us -d-i console-keymaps-at/keymap select us -d-i keyboard-configuration/xkb-keymap select us - -# Timezone / Time -d-i time/zone string Europe/Moscow -d-i clock-setup/utc boolean true - - -# Package Configuration -d-i pkgsel/upgrade select full-upgrade -#d-i mirror/country string TR -d-i mirror/country string manual -d-i mirror/http/hostname string reposrv.lab.loc -d-i mirror/http/directory string /debian -d-i apt-setup/services-select multiselect security, updates -d-i apt-setup/security_host string reposrv.lab.loc - -d-i apt-setup/non-free boolean true -d-i apt-setup/contrib boolean true - -tasksel tasksel/first multiselect none -d-i pkgsel/include string openssh-server open-vm-tools perl-modules-* net-tools mc htop bash-completion iotop iftop bwm-ng sysstat iptraf-ng iperf3 ethtool tcpdump scsitools lsscsi kpartx toilet figlet git apt-transport-https sysfsutils curl ethtool secure-delete dnsutils net-tools rpm2cpio dos2unix telnet rsync sudo whois pv screen lsof tmux hping3 nload parted netcat-openbsd wget vim rsyslog iptables man -d-i pkgsel/install-language-support boolean false -popularity-contest popularity-contest/participate boolean false - -# Partitioning -d-i partman/mount_style select uuid -d-i partman-auto/disk string /dev/sda -d-i partman-basicfilesystems/choose_label string gpt -d-i partman-basicfilesystems/default_label string gpt -d-i partman-partitioning/choose_label string gpt -d-i partman-partitioning/default_label string gpt -d-i partman/choose_label string gpt -d-i partman/default_label string gpt -d-i partman-auto/method string lvm -d-i partman-auto/purge_lvm_from_device boolean true -d-i partman-auto/choose_recipe select gpt-boot-lvm -d-i partman-auto-lvm/new_vg_name string vg01 -d-i partman-auto/expert_recipe string \ - gpt-boot-lvm :: \ - 1 1 1 free \ - $bios_boot{ } \ - method{ biosgrub } \ - . \ - 537 537 537 linux-swap \ - $defaultignore{ } \ - $lvmok{ } \ - lv_name{ swap } \ - method{ swap } \ - format{ } \ - . \ - 2600 2600 -1 ext4 \ - $defaultignore{ } \ - $lvmok{ } \ - lv_name{ root } \ - method{ format } \ - format{ } \ - use_filesystem{ } \ - filesystem{ ext4 } \ - mountpoint{ / } \ - . -d-i partman-auto-lvm/no_boot boolean true -d-i partman/confirm boolean true -d-i partman-lvm/confirm boolean true -d-i partman-lvm/confirm_nooverwrite boolean true -d-i partman-lvm/device_remove_lvm boolean true -d-i partman-lvm/confirm boolean true -d-i partman/choose_partition select Finish partitioning and write changes to disk -d-i partman/confirm_nooverwrite boolean true -d-i partman/mount_style select uuid - - -# mkpasswd -s -m sha-512 -# -d-i passwd/root-login boolean true -d-i passwd/root-password-crypted password $6$vWJHdzEQUi4x9.cd$usa.oXjqhviC1bAi4vc95o0B17LVMekzn/P5C8Q2JyFWNQj3cfntd7YzcRiNAFUCH4i4F8Y0nOS/j66rAvxov1 - -d-i passwd/make-user boolean false -#d-i passwd/user-fullname string user -#d-i passwd/username string user -#d-i passwd/user-password-crypted password $6$Xdo2ihdwRlBgvpQB$wPZTb9IvmjE8Y5XHsgT/OL.dPaWhna5EzLFgfWXjQ3k5NnLJqzCnb/mKBzkGQpcjSLhQCXyXqOZ0ji5E.Mu1c/ - -d-i user-setup/allow-password-weak boolean true -d-i user-setup/encrypt-home boolean false - -d-i grub-installer/bootdev string /dev/sda - -d-i debian-installer/splash boolean false - -d-i finish-install/reboot_in_progress note -d-i preseed/late_command string in-target /bin/sh -c "cd /root;curl http://10.8.221.2/.preseeds/files_common/skel/.bashrc > .bashrc;cd /root;mkdir .config;mkdir ./.config/mc;chmod -R 700 .config;cd /root/.config/mc;curl http://10.8.221.2/.preseeds/files_common/mc/ini > ini;curl http://10.8.221.2/.preseeds/files_common/mc/panels.ini > panels.ini"; \ -in-target /bin/sh -c "sed -i 's/^#PermitRootLogin prohibit-password/#PermitRootLogin prohibit-password\nPermitRootLogin yes/' /etc/ssh/sshd_config; sed -i 's/^PermitRootLogin without-password/#PermitRootLogin without-password\nPermitRootLogin yes/' /etc/ssh/sshd_config"; \ -in-target /bin/sh -c "echo '#!/bin/bash' > /etc/update-motd.d/99-custom"; \ -in-target /bin/sh -c "echo \"echo; hostname -f | sed 's/.*/\U&/' | sed 's/^/=> /' | sed 's/$/ <=/' | toilet -f term -F border --gay\" >> /etc/update-motd.d/99-custom"; \ -in-target chmod 755 /etc/update-motd.d/99-custom; \ -in-target mkdir -p /root/.ssh; \ -in-target /bin/sh -c "echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDrHbdpfwqnQdPXnpX70Bq8Msq7bcLUuTRWT/JqwTtbEBDEvJCjNUJiJlefqrAFP58qew2u826olTuRqfDhb/lsBPUFUzU63aWmEAdhITTsYQYof9o2FKzDwK/qc1Bz17UELWlruNHdTjciz6BV+9ZLqNwmQ1CXO2rSt5D57Bv13LRtlTZ1LOIvA3HGr0NmCjr+FmHvihNqinSkqfdfd6SMMqwYEFvHscH2bazGZorqKwHc7q7INOSsU5JPlX2SbcstcMclocAWmX+DdbylZRtuEVky4vZqmGJjPQ3w5Ng5nLa1BEIDk3Hc7vW5BJsCM8mqTmmgWVnZHpakAOaFvjgcevKTr7fEyELzbOO42MUu29HjMP24VZnpdQJxc1zZ9UXCGW1Rd0b3hll8SAbYBBOeYNt+yGR8j8uPeP9sHhuEIRgMwKgHSVTF5ZaeqUneQcawrRGLg5++nyze/wMqCLYCSUykxxZYuhCk1cxPlGoXNokGWkQDinm+IlG9AxKI6C72qGhSZTBZPkD7qlY+HftnZHa8RGh0mc8ANhxOcXbZzBBaSHm7Dbf/Nc/0T58V1DJnwUmY3Y87E9rvkiN+PhSxzNgLfPeNtJHVyvA76ONEgieOIPU288nkKHDIwNhzb3fS6BajMq05ZgP49qsaLfcUTlYfHgkuWXjfne9ADNSsJw== root@local.local' >> /root/.ssh/authorized_keys"; \ -in-target chown -R root:root /root/.ssh; \ -in-target chmod 600 /root/.ssh/authorized_keys; \ -in-target chmod 700 /root/.ssh; \ -in-target sed -i 's/quiet/quiet ipv6.disable=1/' /etc/default/grub; \ -in-target /bin/sh -c "update-grub"; \ -in-target /bin/sh -c "curl http://10.8.221.2/.preseeds/scripts_common/rc.local > /etc/rc.local; curl http://10.8.221.2/.preseeds/scripts_common/first_start.sh > /root/first_start.sh"; \ -in-target chmod 755 /etc/rc.local; \ -in-target chmod 755 /root/first_start.sh; \ -in-target /bin/sh -c "update-alternatives --set iptables /usr/sbin/iptables-legacy"; \ -in-target /bin/sh -c "echo > /etc/network/interfaces"; \ -in-target /bin/sh -c "echo 'source /etc/network/interfaces.d/*' >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo 'auto lo' >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo 'iface lo inet loopback' >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo 'auto ens192' >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo 'allow-hotplug ens192' >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo ' iface ens192 inet static' >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo ' address 10.8.11.55' >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo ' netmask 255.255.255.0' >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo ' gateway 10.8.11.1' >> /etc/network/interfaces"; \ -in-target /bin/sh -c "echo 'zdc01-testsrv01-it-infr.lab.loc' > /etc/hostname"; \ -in-target /bin/sh -c "echo '127.0.0.1 localhost' > /etc/hosts"; \ -in-target /bin/sh -c "echo '10.8.11.55 zdc01-testsrv01-it-infr.lab.loc zdc01-testsrv01-it-infr' >> /etc/hosts"; \ -in-target /bin/sh -c "echo >> /etc/hosts"; \ -in-target /bin/sh -c "echo '# The following lines are desirable for IPv6 capable hosts' >> /etc/hosts"; \ -in-target /bin/sh -c "echo '::1 localhost ip6-localhost ip6-loopback' >> /etc/hosts"; \ -in-target /bin/sh -c "echo 'ff02::1 ip6-allnodes' >> /etc/hosts"; \ -in-target /bin/sh -c "echo 'ff02::2 ip6-allrouters' >> /etc/hosts"; \ -in-target /bin/sh -c "echo 'domain lab.loc' > /etc/resolv.conf"; \ -in-target /bin/sh -c "echo 'search lab.loc' >> /etc/resolv.conf"; \ -in-target /bin/sh -c "echo 'nameserver 10.12.90.1' >> /etc/resolv.conf" - diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/first_start.sh b/iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/first_start.sh deleted file mode 100644 index ebac8ec..0000000 --- a/iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/first_start.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -parted /dev/sda resizepart 2 100% -pvresize /dev/sda2 -lvextend -y -f -l +100%FREE /dev/vg01/root -resize2fs /dev/vg01/root; - -sed '/first_start/d' -i /etc/rc.local - -rm -f /root/first_start.sh diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/rc.local b/iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/rc.local deleted file mode 100644 index e18ef89..0000000 --- a/iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/rc.local +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -e -# -# rc.local -# -# This script is executed at the end of each multiuser runlevel. -# Make sure that the script will exit 0 on success or any other -# value on error. -# -# In order to enable or disable this script just change the execution -# bits. -# -# By default this script does nothing. - -/root/first_start.sh & - -exit 0