Initial commit

C7.x86_64.ISB2017.cfg

+#sshpw --username=root centos7 --plaintext 
+# remote ssh during installation:
+# enable by commenting out the 1st line and add to the install command line: 
+# inst.sshd=1
+# this file: https://gitlab.pasteur.fr/tru/ISB2017/raw/master/C7.x86_64.ISB2017-http.cfg
+# 
+#version=RHEL7
+# reboot after installation: don't wait for ever for someone to press [reboot]
+reboot
+# Use CDROM installation media
+#cdrom
+# pasteur local mirror:
+#url --url=http://ftp.pasteur.fr/mirrors/CentOS/7/os/x86_64
+#repo --name="updates"  --baseurl=http://ftp.pasteur.fr/mirrors/CentOS/7/updates/x86_64/ --cost=500
+#repo --name="extras"  --baseurl=http://ftp.pasteur.fr/mirrors/CentOS/7/extras/x86_64/ --cost=1000
+#repo --name="EPEL" --baseurl=http://dl.fedoraproject.org/pub/epel/7/x86_64/ --cost=1000
+url --url=http://192.168.56.1/pub/centos/7/os/x86_64
+repo --name="updates"  --baseurl=http://192.168.56.1/pub/centos/7/updates/x86_64/ --cost=500
+repo --name="extras"  --baseurl=http://192.168.56.1/pub/centos/7/extras/x86_64/ --cost=1000
+repo --name="EPEL" --baseurl=http://192.168.56.1/pub/epel/7/x86_64/ --cost=1000
+
+# Use graphical install
+graphical
+eula --agreed
+# DONT Run the Setup Agent on first boot
+firstboot --disable
+
+# Keyboard layouts
+keyboard --vckeymap=us --xlayouts='us'
+# System language
+lang en_US.UTF-8
+
+# Network information
+network  --bootproto=dhcp --device=eth0 --onboot=on --ipv6=auto --activate
+network  --hostname=localhost.localdomain
+rootpw --plaintext isb2017
+# System services
+services --enabled="chronyd"
+# System timezone
+timezone Europe/Athens --isUtc --ntpservers=0.centos.pool.ntp.org,1.centos.pool.ntp.org,2.centos.pool.ntp.org,3.centos.pool.ntp.org
+
+authconfig --enableshadow --passalgo=sha512 
+selinux --enforcing
+
+# X Window System configuration information
+xconfig  --startxonboot
+# System bootloader configuration
+bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
+# Partition clearing information
+clearpart --all --initlabel --drives=sda
+# Disk partitioning information
+#part /boot --fstype="ext4" --ondisk=sda --size=500
+#part /boot/efi --fstype="efi" --ondisk=sda --size=200 --fsoptions="umask=0077,shortname=winnt"
+#part / --fstype="ext4" --ondisk=sda --size=102400
+#part swap --fstype="swap" --ondisk=sda --size=8000
+#part /opt --fstype="ext4" --ondisk=sda --size=1796628
+
+part /boot --fstype=ext3 --ondisk=sda --size 1000  --asprimary
+part /     --fstype=xfs  --ondisk=sda --size 40000 --grow --asprimary
+
+user  --groups=centos --homedir=/home/centos --name=centos --password=isb2017
+# centos is the admin user with sudo access and remote ssh access
+user  --groups=isb2017 --homedir=/home/isb2017 --name=isb2017 --password=changemenow
+# student account
+
+%packages
+@base
+@compat-libraries
+@core
+#@desktop-debugging
+@development
+#@dial-up
+#@directory-client
+@fonts
+@guest-agents
+@guest-desktop-agents
+@input-methods
+@internet-browser
+@java-platform
+#@kde-apps
+#@kde-desktop
+@legacy-x
+#@multimedia
+#@network-file-system-client
+#@networkmanager-submodules
+#@office-suite
+@print-client
+@x11
+chrony
+#kexec-tools
+#@gnome-apps
+#@gnome-desktop
+#@additional-devel
+#@platform-devel
+#@technical-writing
+
+#
+-initial-setup
+-gnome-initial-setup
+# minimal
+wget
+sudo
+lftp
+curl
+screen
+rsync
+sysstat
+yum-utils
+-libvirt-client
+-libvirt-docs
+
+# added Tru
+epel-release
+environment-modules
+elinks
+atlas-static
+atlas-devel
+fftw
+fftw-devel
+fftw-static
+# ISB2017
+#@mate-desktop-environment 
+tree
+
+vim-enhanced
+tmux
+java-1.8.0-openjdk.x86_64
+environment-modules
+x2goserver.x86_64
+zlib-devel
+ncurses-devel
+bzip2-devel
+xz-devel
+curl-devel
+openssl-devel
+bash-completion
+emacs
+gedit
+nedit
+gd-devel
+libreoffice
+evince
+xpdf
+eog
+elinks
+cmake
+parallel
+hdf5-static.x86_64
+hdf5-devel.x86_64
+glibc-static
+libstdc++-static
+# muscle build for micca
+atlas-devel
+blas-devel
+lapack-devel
+# R
+readline-devel
+libXt-devel.x86_64
+# R
+libtiff-devel
+cairo-devel
+libicu-devel
+libxml2-devel # R/tidyverse
+vim-X11
+pdsh-rcmd-ssh.x86_64
+perl-Digest-MD5
+bind-utils
+perl-Digest
+nano
+zsh
+
+%end
+
+%post --nochroot
+cp /etc/resolv.conf /mnt/sysimage/etc/resolv.conf
+%end
+
+%post
+# ssh with keys only:
+curl https://gitlab.pasteur.fr/tru/ISB2017/raw/master/c7-sshd_config.sh | sh
+# centos ssh-keys
+curl https://gitlab.pasteur.fr/tru/ISB2017/raw/master/centos-autorized_keys.sh| sh
+# isb2017 ssh-keys
+curl https://gitlab.pasteur.fr/tru/ISB2017/raw/master/isb2017-autorized_keys.sh | sh 
+
+yum -y groupinstall mate-desktop-environment 
+
+# missing systemctl disable initial-setup.service
+# https://bugzilla.redhat.com/show_bug.cgi?id=1213114
+# https://bugzilla.redhat.com/show_bug.cgi?id=968582
+systemctl disable initial-setup-graphical.service
+#
+# cuda installation
+# curl http:// | sh
+
+%end
+
+%addon com_redhat_kdump --disable
+# instead of  --enable --reserve-mb='auto'
+
+%end
+
+%pre
+# workaround clearpart initlabel not able to initialise sda
+parted -s /dev/sda  mklabel msdos
+
+%end
+

README.md

+# Pasteur Course on Integrative Structural Biology
+- https://www.pasteur.fr/en/integrative-structural-biology
+- Institu Pasteur, July 17th-22nd 2017, Paris - France
+

c7-sshd_config.sh

+#!/bin/sh
+# curl https://gitlab.pasteur.fr/tru/ISB2017/raw/master/c7-sshd_config.sh | sh
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+export PATH
+# sshd
+/usr/bin/sed -i -e 's/^PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config
+/usr/bin/sed -i -e 's/^PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config
+#
+# fix selinux permissions
+/sbin/restorecon -rv /home /etc/ssh
+
+

centos-autorized_keys.sh

+mkdir -p /home/centos/.ssh
+echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQChyr2SuPSTR18ExCCDHdrn5K+7OHBkHzCNPWYF5rdmaGgsflysqcWcyqeGQu6WPmcJkQQ76n1qjB+4eVzfoB3iINjBcak071M6j+kK8NmIPdgZWm5VtZmODa9DFsByT1tFp1uprgqDP/8LD83hZXuWsAf6P2YDN5xNdQayuy372QuSo5XwY6BdwO+aAOxfPn6UqoEI6yal9wX+CVfjy1jrq1L8pJABMel7wLeK/Qms5d2+SkOu6bh6P3MAwmd5XBbqXhacdonCD/8eM01OS3gEZW/fEBiWMj4dri9+fT1ZQxi9QkaMpeTELqX3uf6aAT5a9VoCgCURZ0ELt2oIEvSD isb2017-centos' > /home/centos/.ssh/authorized_keys
+
+chmod 0700 /home/centos/.ssh
+chmod 0600 /home/centos/.ssh/authorized_keys
+chown -R centos:centos /home/centos/.ssh
+restorecon -rv /home/centos
+echo 'centos ALL=(ALL) ALL' >> /etc/sudoers
+restorecon -rv /etc/sudoers

isb2017-autorized_keys.sh

+mkdir -p /home/isb2017/.ssh
+echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJS7wW19JQ6l7p4W4CwfNvWT8MmwFwneH5/c+uI5w48DzypdrBHBYwEBu10UrlYbgTjQX5rU67Wu/yYXnLPOjowex/j2ie3TY5wTuEnuJuU8YphPbZaGP4RyU0rAeS51iH0FoTmEcsSbpQPLPt/nGNuPdtZhMsnpdboKY7aZcWLGarIaS50WnrQgQMZ49m7y06Sf+rze8dJBO8w6rVDIoWqveuRqjggI2HjMmH3atJH9QKSrQPlOeV4XAkAiSj1JyQBTCOIGjg18jK7bIQnbGmF/hZdm6jZxmiz+jaGj77e8oJtMhi9bL0uEyOfnqcINsU18rqlqIOLJUJN6Gj1AQh isb2017-student' >/home/isb2017/.ssh/authorized_keys 
+chmod 0700 /home/isb2017/.ssh
+chmod 0600 /home/isb2017/.ssh/authorized_keys
+chown -R isb2017:isb2017 /home/isb2017/.ssh
+restorecon -rv /home/isb2017