From c2e6d5ccd8ab7e52f360ae8fee0859b870559166 Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Sat, 15 Nov 2025 14:13:59 -0600
Subject: [PATCH] nvr2: Migrate to Jinja

---
 Makefile   |   3 +-
 nvr2.ks    | 113 -----------------------------------------------------
 nvr2.ks.j2 |  15 +++++++
 3 files changed, 17 insertions(+), 114 deletions(-)
 delete mode 100644 nvr2.ks
 create mode 100644 nvr2.ks.j2

diff --git a/Makefile b/Makefile
index 578829a..6a23324 100644
--- a/Makefile
+++ b/Makefile
@@ -3,7 +3,8 @@ KICKSTARTS = \
 	fedora-rpi-nvme-noswap.ks \
 	fedora-rpi-nvme.ks \
 	fedora-rpi.ks \
-	fedora.ks
+	fedora.ks \
+	nvr2.ks \
 
 .PHONY: all clean publish
 
diff --git a/nvr2.ks b/nvr2.ks
deleted file mode 100644
index 1eb8da0..0000000
--- a/nvr2.ks
+++ /dev/null
@@ -1,113 +0,0 @@
-# vim: set ft=sh :
-text
-url --url http://dl.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/$basearch/os
-repo --name=updates --baseurl=http://dl.fedoraproject.org/pub/fedora/linux/updates/$releasever/Everything/$basearch
-repo --name=dch --baseurl=http://files.pyrocufflink.blue/yum/dch/fedora/$releasever
-lang en_US.UTF-8
-keyboard us
-timezone --utc UTC
-rootpw --lock
-reboot
-
-# Create the "standard" disk layout using only the first disk
-# Other disks are left alone in case they already contain data, e.g.
-# migrated from another system.
-ignoredisk --only-use /dev/disk/by-id/nvme-Samsung_SSD_980_250GB_S64CNJ0RB07610E
-bootloader --location mbr
-clearpart --all --initlabel
-reqpart
-part /boot --fstype ext4 --size=512
-part pv.01 --size=1 --grow
-volgroup fedora pv.01
-logvol / --fstype ext4 --name=root --vgname=fedora --size=4096
-logvol /home --fstype ext4 --name=home --vgname=fedora --size=100
-logvol /var --fstype ext4 --name=var --vgname=fedora --size=1024 --grow
-logvol /var/log --fstype ext4 --name=var_log --vgname=fedora --size=1024
-
-%packages --exclude-weakdeps
--NetworkManager
--authconfig
--dhcp-client
--dnf-plugins-core
--dnf-yum
--dracut-config-rescue
--grub2-tools-extra
--man-db
--openssh-clients
--parted
--plymouth
--sssd-common
--sssd-kcm
--sudo
--yum
-amd-gpu-firware
-btrfs-progs
-chrony
-dnf
-e2fsprogs
-grubby
-kitty-terminfo
-mdadm
-openssh-server
-python3-libselinux
-python3-policycoreutils
-rng-tools
-selinux-policy-targeted
-smartmontools
-sshca-cli-systemd
-systemd-networkd
-%end
-
-network --hostname=nvr2.pyrocufflink.blue
-
-services --enabled systemd-networkd,systemd-resolved,ssh-host-certs-renew.timer,ssh-host-certs.target --disabled systemd-homed,systemd-userdbd,systemd-userdbd.socket
-
-%addon com_redhat_kdump --disable
-%end
-
-%post --erroronfail
-date
-env
-echo 'install_weak_deps=0' >> /etc/dnf/dnf.conf
-echo 'deltarpm=0' >> /etc/dnf/dnf.conf
-echo '%_excludedocs 1' >> /etc/rpm/macros
-
-# Trust SSHCA to authenticate users
-cat >> /etc/ssh/ca.pub <<'EOF'
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyi18IfxAf9wLnyffnMrThYpqxVwu0rsuiLoqW6rcwF sshca.pyrocufflink.blue
-EOF
-cat >> /etc/ssh/sshd_config.d/70-trustedusercakeys.conf <<'EOF'
-TrustedUserCAKeys /etc/ssh/ca.pub
-EOF
-
-# Configure SSH daemon to use host certificates obtained from SSHCA
-cat > /etc/sysconfig/ssh-host-cert-sign <<EOF
-SSHCA_SERVER=https://sshca.pyrocufflink.blue
-EOF
-for a in ecdsa ed25519 rsa; do
-    printf 'HostCertificate /etc/ssh/ssh_host_%s_key-cert.pub\n' "${a}"
-done > /etc/ssh/sshd_config.d/10-hostcertificate.conf
-
-# Configure networking with systemd-networkd
-rm -rf /etc/sysconfig/network-scripts /etc/sysconfig/network
-cat > /etc/systemd/network/99-default.network <<EOF
-[Match]
-Name=en*
-Type=ether
-
-[Network]
-DHCP=true
-EOF
-ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
-
-# systemd-getty-generator is broken in F40
-if [ $(rpm -E %fedora) -eq 40 ]; then
-    console=$(cat /sys/class/tty/console/active)
-    case "${console}" in
-    ttyS*)
-        systemctl enable serial-getty@$console
-        ;;
-    esac
-fi
-%end
-
diff --git a/nvr2.ks.j2 b/nvr2.ks.j2
new file mode 100644
index 0000000..7b4a388
--- /dev/null
+++ b/nvr2.ks.j2
@@ -0,0 +1,15 @@
+{# vim: set ft=sh.jinja sw=4 ts=4 sts=4 et : -#}
+
+# Create the "standard" disk layout using only the first disk
+# Other disks are left alone in case they already contain data, e.g.
+# migrated from another system.
+ignoredisk --only-use /dev/nvme0n1
+bootloader --location mbr
+clearpart --all --initlabel
+reqpart
+
+network --hostname=nvr2.pyrocufflink.blue
+
+{% include "fedora-disk-dch.ks" %}
+{% include "fedora-common.ks" %}
+{% include "autoprovision.ks.j2" %}