centos 6 PXE boot and prepare for ISPConfig 3

Discussion in 'Tips/Tricks/Mods' started by monkfish, Jun 11, 2013.

  1. monkfish

    monkfish New Member

    Hello,
    Thought I'd share my kickstart file for preparing a Centos 6.4 x86_64 build for ISPConfig 3 deployment. I use this when messing about with different installations and need to quickly prepare a test machine.

    After use:
    - mysql_secure_installation needs to be run
    - quota needs to be setup on relevant volume
    - mailman needs to be configured (could add in to kickstart I don't use it)
    - suphp (if really wanted) and mod_ruby to be installed

    A few notes in no particular order:

    - max 5 min install on fast internet connection as lots of packages are dragged from online repo's. However, takes about 20 minutes on a ~3mbit connection - to be expected.
    - I do a minimal install then build up from there accordingly, either through naming packages or allowing Yum to auto-detect dependencies. This can be expanded on adding files in as appropriate.
    - you can install manually then inspect /root/anaconda-ks.cfg to see the equivalent kickstart file for your install to grab, eg. country settings etc.
    - if you're doing anything funky with RAID partitions and you inspect /root/anaconda-ks.cfg afterwards note the order listed is WRONG - all the #part statements have to go BEFORE the #raid statements otherwise it simply won't work.
    - I turn off iptables service as I deploy my own firewall scripts afterwards.
    - change ip addresses as appropriate for both your pxe server, location of install image served over http and ip addresses, mask, gateway, hostname and dns of target server. Make dhcp if appropriate, add the packages back in if required.
    - sed commands could well be optimised, all ideas welcome!
    - now researching building a kickstart file on the fly containing relevant addresses for a specific server. Looking to integrate with something like cobbler as appropriate.
    - also researching a custom "firstboot" type script, rather like "Elastix" installation which will go on and do, eg mysql_secure_installation, configure other packages required and then perhaps download, unpack and fire off installer for ISPConfig.

    Monk

    Code:
    install
    text
    reboot
    url --url=http://192.168.200.250/images/CentOS-6.4-x86_64
    lang en_US.UTF-8
    keyboard uk
    
    network --onboot yes --device eth0 --noipv6 --bootproto static --ip 192.168.200.55 --gateway 192.168.200.14 --netmask 255.255.255.0  --nameserver 192.168.200.250 --hostname ispsvn.myco.lcl
    
    rootpw  --iscrypted <myrootpassword>
    firewall --service=ssh
    authconfig --enableshadow --passalgo=sha512
    selinux --disabled
    timezone --utc Etc/GMT
    bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
    
    clearpart --drives=sda --all --initlabel
    
    part /boot --fstype=ext4 --size=256
    part / --fstype=ext4 --size=5120
    part /var --fstype=ext4 --size=5120
    part swap --size=1024
    part /tmp --fstype=ext4 --size=256
    part /home --fstype=ext4 --size=5120
    
    %packages --nobase
    @core
    @british-support
    @server-policy
    -aic94xx-firmware
    -atmel-firmware
    -bfa-firmware
    -ipw2100-firmware
    -ipw2200-firmware
    -ivtv-firmware
    -iwl1000-firmware
    -iwl100-firmware
    -iwl3945-firmware
    -iwl4965-firmware
    -iwl5000-firmware
    -iwl5150-firmware
    -iwl6000-firmware
    -iwl6000g2a-firmware
    -iwl6050-firmware
    -libertas-usb8388-firmware
    -ql2100-firmware
    -ql2200-firmware
    -ql23xx-firmware
    -ql2400-firmware
    -ql2500-firmware
    -rt61pci-firmware
    -rt73usb-firmware
    -zd1211-firmware
    #dont need broadcom
    -b43-openfwwf
    #dont need dhcp - static address set
    -dhclient
    -dhcp-common
    
    #pciutils
    pciutils
    #wget
    wget
    
    #ssh tools
    libedit
    openssh-clients
    
    #tcpdump
    libpcap
    tcpdump
    
    #file loation
    mlocate
    #iptraf
    iptraf
    
    # yum utilities
    yum-utils
    deltarpm
    yum-presto
    yum-plugin-downloadonly
    
    #lynx
    centos-indexhtml
    lynx
    
    #vim-enhanced
    gpm-libs
    perl-Pod-Escapes
    perl-libs
    perl-version
    perl-Module-Pluggable
    perl-Pod-Simple
    perl
    vim-common
    vim-enhanced
    
    #preliink
    prelink
    
    #ntp
    ntpdate
    ntp
    
    #tmpwatch
    tmpwatch
    
    #rsync
    rsync
    
    #zip
    zip
    unzip
    
    %post
    
    #add hostname to /etc/hosts
    echo 192.168.2.55 ispsvn.myco.lcl >> /etc/hosts
    
    #Install RPMForge and EPEL Repositories
    rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
    
    #add priority to EPEL
    sed -i -e "s/enabled\=1/priority\=10\nenabled=1/g" /etc/yum.repos.d/epel.repo
    
    #install components for ispconfig
    yum install quota httpd mod_ssl mysql-server php php-mysql php-mbstring dovecot dovecot-mysql dovecot-pigeonhole getmail amavisd-new spamassassin clamav clamd unrar perl-DBD-mysql php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-pecl-apc php-mbstring php-mcrypt php-mssql php-snmp php-soap php-tidy curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel mod_fcgid php-cli httpd-devel gcc gcc-c++ make automake httpd-devel ruby ruby-devel mod_python pure-ftpd openssl bind bind-utils webalizer awstats perl-DateTime-Format-HTTP perl-DateTime-Format-Builder fail2ban rkhunter telnet screen -y
    
    #enable services
    chkconfig --del clamd
    chkconfig amavisd on
    chkconfig clamd.amavisd on
    chkconfig dovecot on
    chkconfig httpd on
    chkconfig iptables off
    chkconfig ip6tables off
    chkconfig mysqld on
    chkconfig netfs off
    chkconfig ntpd on
    chkconfig pure-ftpd on
    chkconfig saslauthd on
    
    #make required ispconfig changes to php
    sed -i -e "s/^;cgi.fix_pathinfo\=1/cgi.fix_pathinfo\=1/g"  /etc/php.ini
    sed -i -e "s/^error_reporting = E_ALL \& ~E_DEPRECATED/error_reporting = E_ALL \& ~E_NOTICE/g" /etc/php.ini
    
    #make required ispconfig change to fail2ban conf file
    sed -i -e "s/^logtarget \= SYSLOG/logtarget \= \/var\/log\/fail2ban.log/g" /etc/fail2ban/fail2ban.conf
    
    #create named.conf.local file required for ispconfig
    touch /etc/named.conf.local
    
    #get ispconfig from build server
    mkdir /home/install
    mkdir /home/install/ispconfig
    wget http://192.168.200.250/kickstart/ISPConfig-3.0.5.2.tar.gz -O /home/install/ispconfig/ISPConfig-3.0.5.2.tar.gz
    
     

Share This Page