# vim: set ft=sh : text url --url http://dl.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/$basearch/os repo --name=updates --baseurl=http://dl.fedoraproject.org/pub/fedora/linux/updates/$releasever/Everything/$basearch repo --name=dch --baseurl=http://files.pyrocufflink.blue/yum/dch/fedora/$releasever lang en_US.UTF-8 keyboard us timezone --utc UTC rootpw --lock reboot %packages --exclude-weakdeps --excludedocs -NetworkManager -authconfig -dhcp-client -dnf-plugins-core -dnf-yum -dracut-config-rescue -man-db -openssh-clients -parted -plymouth -sssd-common -sssd-kcm -sudo -yum chrony dnf e2fsprogs grubby kitty-terminfo openssh-server python3-libselinux python3-policycoreutils rng-tools selinux-policy-targeted sshca-cli-systemd systemd-networkd %end services --enabled systemd-networkd,systemd-resolved --disabled systemd-homed,systemd-nsresourced,systemd-nsresourced.socket,systemd-userdbd,systemd-userdbd.socket %addon com_redhat_kdump --disable %end %post --erroronfail export NO_PROXY='pyrocufflink.blue,*.pyrocufflink.blue' echo uninitialized > /etc/machine-id echo 'install_weak_deps=0' >> /etc/dnf/dnf.conf echo 'deltarpm=0' >> /etc/dnf/dnf.conf echo '%_excludedocs 1' >> /etc/rpm/macros # Set the hostname hostname -f > /etc/hostname # Trust SSHCA to authenticate users curl -fsSL https://sshca.pyrocufflink.blue/user/ca > /etc/ssh/ca.pub test -s /etc/ssh/ca.pub || exit cat >> /etc/ssh/sshd_config.d/70-trustedusercakeys.conf <<'EOF' TrustedUserCAKeys /etc/ssh/ca.pub EOF # Configure networking with systemd-networkd # Use MAC address as client ID to keep the same lease from Anaconda rm -rf /etc/sysconfig/network-scripts /etc/sysconfig/network cat > /etc/systemd/network/99-default.network <