# Kickstart file that bootstraps a minimal fedora 34 server.  
# Made to be small.

# ATTENTION : this script will automatically DESTROY the main virtual disk 'vda' and all of its contents. 
# Bye bye!

# ATTENTION : user accounts are password-protected and passwords are crypted in the file. 
# Not ready yet for public use. 
# Okay okay, if you really want to hack it, you can reset the root password of the resulting image with the 'virt-sysprep' tool
# Do something like virt-sysprep --root-password password: -a thenameofyourdiskimage.img. 
# Your password must be added after the semicolon ":"

# USAGE : Press the `tab` key during POST and apend that after the 'quiet' string : 
# inst.ks=https://git.phyllo.me/home/kickstart/raw/branch/master/f34/main.cfg

# Only for development purposes
# Requires a 3GB disk image
# It expects a BIOS-based virtual machine (no-EFI support). There will be a kickstart file for that (tm)
# Tested on the Q35 chipset
# This kickstart creates two partitions, vda1 for /boot and vda2 for /
# It uses the ext4 filesystem
# It will populate all the available disk space
# After the installation, it will install updates
# It will also install the qemu and spice guest agents

# Originally generated by Anaconda 34.24.9
# Orginally generated by pykickstart v3.32
#version=DEVEL

## INSTALLATION SOURCE ##

# Configure cdrom as installation method
cdrom

# Alternatively, use network installation by commenting out 'cdrom' and uncommenting the following : --> Is it really the case ?

url --url="http://download.fedoraproject.org/pub/fedora/linux/releases/34/Server/x86_64/os"

## INSTALLATION TYPE ##

# Perform Installation in Graphical Mode
graphical

# Alternatively, start the installation in text mode. -> To be tested
# text

## REPOSITORIES ##

# Add repo and mirror
url --mirrorlist="https://mirrors.fedoraproject.org/metalink?repo=fedora-34&arch=x86_64"
repo --name=fedora-updates --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f34&arch=x86_64" --cost=0

repo --name=rpmfusion-free --mirrorlist="https://mirrors.rpmfusion.org/mirrorlist?repo=free-fedora-34&arch=x86_64" --includepkgs=rpmfusion-free-release
repo --name=rpmfusion-free-updates --mirrorlist="https://mirrors.rpmfusion.org/mirrorlist?repo=free-fedora-updates-released-34&arch=x86_64" --cost=0

# Uncomment to add-nonfree repositories

# repo --name=rpmfusion-nonfree --mirrorlist="https://mirrors.rpmfusion.org/mirrorlist?repo=nonfree-fedora-34&arch=x86_64" --includepkgs=rpmfusion-nonfree-release
# repo --name=rpmfusion-nonfree-updates --mirrorlist="https://mirrors.rpmfusion.org/mirrorlist?repo=nonfree-fedora-updates-released-34&arch=x86_64" --cost=0

## USER RELATED ##

# Keyboard layouts -> Doesn't seem to survive a reboot
keyboard fr-ch

# Set the system language to American English
lang en_US.UTF-8

# Alternatively, set the system language to Suisse romand 
# lang fr_CH.UTF-8

# System timezone. 
timezone Europe/Paris --utc

# Set root password and activate the account
rootpw --iscrypted $6$2rA58L/SQu5.xMTb$u8.zqBWE5bK1/N983qDpJEp41yg66GwQ3YVTpsRghVhNiZypWyo2Zq2Qwr2tCM3bt50mKMIgHzbPdtSq9ErPz.

# Create user account
user --name=test --password=$6$wlB.n8fvumAXv3xn$clVIswjLUjb7MZoJ2JHi1zk1zmx5ViQuzbVkLYf70SDan5hdqI0tUkc89nHE8pVnHStO4mcl3c1Tk0WJvCet1. --iscrypted --gecos="test"

## NETWORK RELATED ##

# Configure Firewall
firewall --enabled

# Configure Network Interfaces
network --onboot=yes --bootproto=dhcp --hostname=f34-minimal

# Run the Setup Agent on first boot
firstboot --enable

## SYSTEM RELATED ## To do

# Services to enable/disable
# services --disabled=mlocate-updatedb,mlocate-updatedb.timer,geoclue,avahi-daemon

## DISK RELATED ##

# Only use disk labelled as vda
ignoredisk --only-use=vda

# System bootloader configuration
bootloader --location=mbr

# WARNING : Dangerous command ! Will clear the Master Boot Record 
zerombr

# Partition clearing information
clearpart --all --initlabel --drives=vda

# Disk partitioning information. 
# Will create a boot partition of 350 MiB on disk vda using the ext4 filesystem. The remaining space will be used for root. 
part /boot --fstype="ext4" --ondisk=vda --size=350 --label=boot
part / --fstype="ext4" --ondisk=vda --grow --label=system

## SOFTWARE ##

# Install packages for the server environment. 'Core' and 'Base' are always selected 
%packages
@^server-product-environment
%end

## Start of the %post section with logging into /root/ks-post.log
%post --log=/root/ks-post.log

## Set keymap to ch-fr. ##Doesn't survive a reboot. Or only touches the console
#localectl set-keymap ch-fr

# Set new hostname. ##Doesn't work
# hostnamectl set-hostname kickstarted-fedora

# Update the system
dnf update -y

# Remove the Headless Management group, which provides Cockpit, and that we don't need

dnf groupremove -y "Headless Management"

# Install dejavu mono fonts
# dnf install -y dejavu-sans-mono-fonts

# Install the desktop environment, a terminal and a web browser. Uncomment for VM 
# dnf install -y gnome-shell gnome-terminal firefox

# WPA Supplicant for Linux. Not integrated by default in gnome-shell. Not useful for virtual machine 
# dnf install -y wpa_supplicant

# Set the desktop environment as the default target with systemd. Uncomment for graphical system
# systemctl set-default graphical.target

# We also need to install a qemu and spice guest agents, respectively to allow a better support for spice and the ability for the host to better interact with the guest

dnf install -y spice-vdagent qemu-guest-agent

# Install virtualization-related utilites, including virt-manager. Only useful for desktop system 
# dnf groupinstall -y Virtualization  

# Install wallpapers in gnome. Only useful for Gnome
# dnf install -y elementary-wallpapers-gnome.noarch

## make user "test" part of the existing libvirt group. It will allow this user to interact with the hypervisor. Will take effect after a logout

# usermod -a -G libvirt test

# load kernel modules in grub. Add `intel_iommu=on intel_iommu=pt` for intel processors, `amd_iommu=on` for amd processors. Add `i915.enable_guc=0` too. 
# See here for explanation : # See here : https://wiki.archlinux.org/title/Intel_graphics#Enable_GuC_/_HuC_firmware_loading. Only useful for nested virtualization

# sed -i 's/\(quiet\)/\1 intel_iommu=on/i' /etc/default/grub 
# 
# sed -i 's/\(intel_iommu=on\)/\1 intel_iommu=pt/i' /etc/default/grub 

# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd, kvmgt, vfio-mdev. Only useful for nested-virtualization

# echo "vfio" > /etc/modules-load.d/vfio.conf
# echo "vfio-pci" > /etc/modules-load.d/vfio-pci.conf
# echo "vfio_iommu_type1" > /etc/modules-load.d/vfio_iommu_type1.conf
# echo "vfio_virqfd" > /etc/modules-load.d/vfio_virqfd.conf
# echo "kvmgt" > /etc/modules-load.d/kvmgt.conf
# echo "vfio-mdev" > /etc/modules-load.d/vfio-mdev.conf

# Update grub 
# grub2-mkconfig -o /boot/grub2/grub.cfg

reboot

## End of the %post section
%end