Use Jinja to manage includes
The drawback to the native `%include` Kickstart directive is that it requires a static, hard-coded, absolute path. This means that we cannot, for example, host a copy of the kickstarts from a different branch for testing, without modifying the URLs of all the included files. Switching to using Jinja templates introduces a build step, but the result is that the artifacts are self-contained. This way, they can be deployed anywhere. I'm not sure where I'll put them, though, and they'll need a Jenkins job to run the build and publish them.
This commit is contained in:
30
fedora-rpi-common.ks.j2
Normal file
30
fedora-rpi-common.ks.j2
Normal file
@@ -0,0 +1,30 @@
|
||||
{# vim: set ft=sh.jinja : -#}
|
||||
bootloader --location none
|
||||
clearpart --all --initlabel --disklabel msdos
|
||||
part /boot/efi --fstype vfat --size 128 --label RASPBERRYPI
|
||||
|
||||
timesource --ntp-pool 2.fedora.pool.ntp.org
|
||||
|
||||
%packages --exclude-weakdeps
|
||||
bcm2711-firmware
|
||||
bcm283x-overlays
|
||||
uboot-images-armv8
|
||||
%end
|
||||
|
||||
{% include "fedora-common.ks" %}
|
||||
|
||||
%post --erroronfail
|
||||
cp -P /usr/share/uboot/rpi_arm64/u-boot.bin /boot/efi/rpi-u-boot.bin
|
||||
|
||||
grubby --args='quiet systemd.show_status=1' --update-kernel=ALL
|
||||
|
||||
systemctl enable chrony-wait
|
||||
# Ensure clock is synchronized before trying to get host certs signed
|
||||
mkdir -p /etc/systemd/system/ssh-host-cert-sign@.service.d
|
||||
cat > /etc/systemd/system/ssh-host-cert-sign@.service.d/time-sync.conf <<EOF
|
||||
[Unit]
|
||||
After=time-sync.target
|
||||
Wants=time-sync.target
|
||||
Before=sshd.service
|
||||
EOF
|
||||
%end
|
||||
Reference in New Issue
Block a user