#version=F28
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --iscrypted --lock locked
# Reboot after installation
reboot
# System timezone
timezone Etc/UTC --isUtc --nontp
# Use text mode install
text
# Network information
network  --bootproto=dhcp --device=link --activate
repo --name="koji-override-0" --baseurl=http://composefiles.stream.rdu2.redhat.com/odcs-2882/compose/AppStream/x86_64/os
repo --name="koji-override-1" --baseurl=http://composefiles.stream.rdu2.redhat.com/odcs-2882/compose/BaseOS/x86_64/os
# Use network installation
url --url="http://composefiles.stream.rdu2.redhat.com/odcs-2882/compose/BaseOS/x86_64/os"

# System bootloader configuration
bootloader --disabled
autopart --type=plain --fstype=ext4 --nohome --noboot --noswap
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all

%post --logfile=/root/anaconda-post.log --erroronfail
set -eux

# Support for subscription-manager secrets
ln -s /run/secrets/etc-pki-entitlement /etc/pki/entitlement-host
ln -s /run/secrets/rhsm /etc/rhsm-host

#https://bugzilla.redhat.com/show_bug.cgi?id=1201663
rm -f /etc/systemd/system/multi-user.target.wants/rhsmcertd.service

# Set install langs macro so that new rpms that get installed will
# only install langs that we limit it to.
LANG="C.utf8"
echo "%_install_langs $LANG" > /etc/rpm/macros.image-language-conf
echo "LANG=C.utf8" > /etc/locale.conf

# https://bugzilla.redhat.com/show_bug.cgi?id=1400682
# https://bugzilla.redhat.com/show_bug.cgi?id=1672230
## CS TODO - Import GPG keys when we have them
#echo "Import RPM GPG key"
#rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-centos-stream-release

#echo "# fstab intentionally empty for containers" > /etc/fstab
#this is not possible, guestmount needs fstab => brew build crashes without it
#fstab is removed in TDL when tar-ing files

# Remove network configuration files leftover from anaconda installation
# https://bugzilla.redhat.com/show_bug.cgi?id=1713089
rm -f /etc/sysconfig/network-scripts/ifcfg-*

# Remove machine-id on pre generated images
rm -f /etc/machine-id
touch /etc/machine-id
# Keep permissions the same as the systemd RPM so rpm --verify works
chmod 0444 /etc/machine-id

%end

%post --logfile=/root/anaconda-post.log --erroronfail
#Mask mount units and getty service so that we don't get login prompt
#https://bugzilla.redhat.com/show_bug.cgi?id=1418327
systemctl mask systemd-logind.service getty.target console-getty.service sys-fs-fuse-connections.mount systemd-remount-fs.service dev-hugepages.mount

# Remove some dnf info
rm -rfv /var/lib/dnf

# Final pruning
rm -rfv /var/cache/* /var/log/* /tmp/*

%end

%post --nochroot --logfile=/mnt/sysimage/root/anaconda-post-nochroot.log --erroronfail
set -eux

# https://bugzilla.redhat.com/show_bug.cgi?id=1343138
# Fix /run/lock breakage since it's not tmpfs in docker
# This unmounts /run (tmpfs) and then recreates the files
# in the /run directory on the root filesystem of the container
# NOTE: run this in nochroot because "umount" does not exist in chroot
umount /mnt/sysimage/run
# The file that specifies the /run/lock tmpfile is
# /usr/lib/tmpfiles.d/legacy.conf, which is part of the systemd
# rpm that isn't included in this image. We'll create the /run/lock
# file here manually with the settings from legacy.conf
# NOTE: chroot to run "install" because it is not in anaconda env
chroot /mnt/sysimage install -d /run/lock -m 0755 -o root -g root

%end

%addon com_redhat_kdump --disable
%end
%packages --excludedocs --nocore --instLangs=en --excludeWeakdeps
bash
coreutils-single
crypto-policies-scripts
curl-minimal
findutils
gdb-gdbserver
glibc-minimal-langpack
gzip
libcurl-minimal
redhat-release
rootfiles
tar
vim-minimal
yum
-dosfstools
-e2fsprogs
-gnupg2-smime
-kernel
-libss
-pinentry
-qemu-guest-agent
-trousers
-xfsprogs
-xkeyboard-config

%end