From 2321381567470e6aeb9e5584ae868df628c0e40c Mon Sep 17 00:00:00 2001
From: Lukas <lukas@phyllo.me>
Date: Mon, 8 Nov 2021 17:09:10 +0100
Subject: [PATCH] add nano kickstart

---
 leaves/bnd.cfg | 83 ++++++++++++++++++++++++++++----------------------
 leaves/n.cfg   | 20 ++++++++++++
 2 files changed, 67 insertions(+), 36 deletions(-)
 create mode 100644 leaves/n.cfg

diff --git a/leaves/bnd.cfg b/leaves/bnd.cfg
index c5ec08d..771a778 100644
--- a/leaves/bnd.cfg
+++ b/leaves/bnd.cfg
@@ -13,36 +13,35 @@
 # ATTENTION : this kickstart file will automatically DESTROY the main disk and all of its contents. 
 # Bye bye
 
-cmdline # Perform the full installation in real text mode see here https://wiki.centos.org/TipsAndTricks/KickStart
+# NOTE : it currently fails
 
-repo --name=fedora --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name=updates --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
-# #repo --name=updates-testing --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-testing-f$releasever&arch=$basearch
-url --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
+# cmdline # Perform the full installation in real text mode see here https://wiki.centos.org/TipsAndTricks/KickStart
+text # Perform installation in text mode
 
-keyboard --xlayouts='ch (fr)' # set keyboard layouts for Romandie # Unnecessary if using inital-setup 
-lang en_US.UTF-8 # Set system language to American English # Unnecessary if using inital-setup 
-timezone Europe/Paris --utc # Set System timezone to Paris # Unnecessary if using inital-setup 
+# Installation method. For cdrom, replace repo and url with cdrom
+repo --name=fedora --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch # Official Fedora mirror
+repo --name=updates --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch # Official Fedora updates mirror
+url --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch # Official Fedora updates mirror
 
-# Set dummy encrypted root password and activate the root account
-rootpw --iscrypted $6$2rA58L/SQu5.xMTb$u8.zqBWE5bK1/N983qDpJEp41yg66GwQ3YVTpsRghVhNiZypWyo2Zq2Qwr2tCM3bt50mKMIgHzbPdtSq9ErPz. 
-# Create "test" user account # Unnecessary if using inital-setup 
-user --name=test --password=$6$wlB.n8fvumAXv3xn$clVIswjLUjb7MZoJ2JHi1zk1zmx5ViQuzbVkLYf70SDan5hdqI0tUkc89nHE8pVnHStO4mcl3c1Tk0WJvCet1. --iscrypted --gecos="test" 
-# Mini-game : find the cleartext password and send it to security@phyllo.me to collect your reward (Swiss chocolate shipped to you).
-# Only valid for the first exploit.
+keyboard --xlayouts='ch (fr)' # set keyboard layouts for Romandie
+lang en_US.UTF-8 # Set system language to American English. More languages could be supported: --addsupport=cs_CZ,de_DE,en_UK
+timezone Europe/Paris --utc # Set system timezone to Paris
 
+rootpw --lock --iscrypted locked # Lock the root account
+
+selinux --enforcing # Make sure SELinux is in enforced mode  
 firewall --enabled --service=mdns # Make sure the firewall is enabled
-services --enabled=NetworkManager --disabled=sshd
-network --bootproto=dhcp --device=link --activate --onboot=on
+services --enabled=NetworkManager,libvirtd --disabled=sshd
+network  --onboot=yes --bootproto=dhcp --device=link --activate --hostname=phyllome-alpha # Configure network interfaces and set hostname. "link" selects the first device reaching an up state 
 
 zerombr # WARNING : Dangerous command ! Will clear the Master Boot Record
 clearpart --all --initlabel # Partition clearing information. This setup uses GPT by default.
-part /boot/efi --fstype="efi" --size=128 --fsoptions="umask=0077,shortname=winnt" --label=efi # Will create an efi partitition of 128 MiB
-part /boot --fstype="ext4" --size=384 --label=boot # Create a boot partition of 384 MiB using the ext4 filesystem.
-part / --fstype="ext4" --grow --label=root # The remaining space will be used for root.
-bootloader --timeout=1 # Set the Grub bootloader timeout to 1
+part /boot/efi --fstype="efi" --size=128 --fsoptions="umask=0077,shortname=winnt" --label=efi # Will create an efi partitition of 128 MiB (vda1)
+part /boot --fstype="ext4" --size=384 --label=boot # Create a boot partition of 384 MiB using the ext4 filesystem (vda2).
+part / --fstype="ext4" --grow --label=root # The remaining space will be used for root (vda3).
+bootloader --timeout=1 # Set the GNU GRUB bootloader timeout to 1.
 
-reboot --kexec # Reboot the system after the installation is successfully completed
+# reboot --kexec # Reboot the system after the installation is successfully completed
 # firstboot --enable --reconfig # Initial Setup will start after the first reboot
 
 %packages --excludedocs --nocore --exclude-weakdeps
@@ -61,7 +60,33 @@ grub2-efi-x64 # "GRUB for EFI systems"
 qemu-guest-agent # "QEMU guest agent"
 spice-vdagent # "Agent for Spice guests"
 pciutils # Pciutils provides lspci commandline tool and is not installed by default
-@networkmanager-submodules
+basesystem
+curl
+dhcp-client
+dnf
+filesystem
+glibc
+grubby
+hostname
+iproute
+iputils
+kbd
+less
+man-db
+ncurses
+passwd
+policycoreutils
+procps-ng
+rootfiles
+rpm
+selinux-policy-targeted
+setup
+shadow-utils
+sudo
+systemd
+util-linux
+vim-minimal
+yum
 -fedora-release # Fedora release-notes
 -fedora-release-common # Fedora release files
 -fedora-release-identity-basic # ???
@@ -78,18 +103,4 @@ localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be p
 dnf update -y # Update the system 
 grub2-mkconfig -o /boot/grub2/grub.cfg # Update grub otherwise the system won't boot properly
 
-# Note that running rpm recreates the rpm db files which aren't needed or wanted
-rm -f /var/lib/rpm/__db*
-
-# remove random seed, the newly installed instance should make it's own
-rm -f /var/lib/systemd/random-seed
-
-# Disable network service here, as doing it in the services line
-# fails due to RHBZ #1369794
-/sbin/chkconfig network off
-
-# Remove machine-id on pre generated images
-rm -f /etc/machine-id
-touch /etc/machine-id
-
 %end # End of the %post section
\ No newline at end of file
diff --git a/leaves/n.cfg b/leaves/n.cfg
new file mode 100644
index 0000000..9f97c03
--- /dev/null
+++ b/leaves/n.cfg
@@ -0,0 +1,20 @@
+#            __          ____                        ____  _____
+#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
+#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
+#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
+#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
+# /_/          /____/
+
+# What ? This kickstart file itents to provide a basic block small than the minimal operating system.
+# 'n' for nano, 'd' for development only.
+
+%include bnd.cfg # A base system
+
+firstboot --enable --reconfig # Initial Setup will start after the first reboot
+reboot --kexec # Reboot straight into the system after a successfull installation
+
+%packages --exclude-weakdeps # Beginning of the packages section. Do not include weak dependencies.
+
+initial-setup # Install the initial setup package.
+
+%end # End of the packages section
\ No newline at end of file