#CentOS Kickstart file by Yysoft Ltd.
#

#System  language
lang en_US

#Language modules to install, deprecated in RHEL 5
#langsupport en_US

#System keyboard
keyboard us

#System mouse
mouse none

#Sytem timezone
timezone Asia/Shanghai

#Root password
rootpw --iscrypted $1$y9qc3/k/$.PLZNdn2q0SFLSaOlYbd81

#Reboot after installation
reboot

#Use text mode install
text

#Install Red Hat Linux instead of upgrade
install

#Use CDROM installation media
cdrom
#nfs --server=192.168.29.82  --dir=/home/centos/devel
#url --url

#System bootloader configuration
bootloader --location=mbr

zerombr

#Partition clearing information
clearpart --all --initlabel
part / --fstype ext3 --size=256 --grow --maxsize=1024 --asprimary
part swap --size=256 --grow --maxsize=2048 --asprimary
part pv.os --size=2048 --grow --asprimary
volgroup CentOS --pesize=32768 pv.os
logvol /var --fstype ext3 --name=var --vgname=CentOS --size=1024 --grow --maxsize=4096
logvol /tmp --fstype ext3 --name=tmp --vgname=CentOS --size=1024 --grow --maxsize=2048
logvol /usr --fstype ext3 --name=usr --vgname=CentOS --size=2048 --grow --maxsize=4096
logvol /home --fstype ext3 --name=home --vgname=CentOS --size=1024 --grow

#System authorization infomation
auth  --useshadow  --enablemd5

#Network information
network --bootproto=dhcp --onboot=on --hostname=srv001.yysoft.com
#network --device=eth0 --bootproto=static --ip=192.168.20.70 --netmask=255.255.255.0 --gateway=192.168.20.254 --nameserver=192.168.25.250 --hostname=setup.yysoft.com

#Firewall configuration
firewall --disabled
selinux --disabled

#Do not configure XWindows
skipx

#Package install information
%packages --resolvedeps
@base
@core
@editors

autoconf
automake
bison
cvs
flex
gcc
gcc-c++
gdb
libtool
redhat-rpm-config
rpm-build
subversion
xorg-x11-xauth
kernel-devel

yum-cron
postfix
ntp
sox
lynx

mysql
mysql-devel
mysql-server

# 不需要安装所有的 web-server 组件

httpd
mod_ssl
gd
php
php-mysql
php-gd
php-mbstring
php-pear

%post

#
#
if grep -q 'Red Hat Enterprise Linux.*release 5.3' /etc/redhat-release
then
 /usr/bin/perl -pi -e 's|^ZONE.*|ZONE="Asia/Shanghai"|g' /etc/sysconfig/clock
 /usr/sbin/tzdata-update
fi

/bin/rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
#/usr/bin/perl -pi -e "s|^HWADDR|#HWADDR|g" /etc/sysconfig/network-scripts/ifcfg-eth0

echo "pool.ntp.org" >  /etc/ntp/step-tickers
cat > /etc/ntp.conf <restrict default kod nomodify notrap nopeer noquery
restrict 127.0.0.1
server time.yysoft.com prefer
server ntp.time.ac.cn
server time.nist.gov
server  127.127.1.0     # local clock
fudge   127.127.1.0 stratum 10
driftfile /var/lib/ntp/drift
EOF

/sbin/chkconfig --level 345 ntpd on
/sbin/chkconfig --add postfix
/sbin/chkconfig --level 345 postfix on
/sbin/chkconfig --level 345 yum-cron on
/usr/sbin/alternatives --set mta /usr/sbin/sendmail.postfix

/sbin/chkconfig --levels 2345 apmd off
/sbin/chkconfig --levels 2345 auditd off
/sbin/chkconfig --levels 2345 autofs off
/sbin/chkconfig --levels 2345 cups off
/sbin/chkconfig --levels 2345 cpuspeed off
/sbin/chkconfig --levels 2345 firstboot off
/sbin/chkconfig --levels 2345 ip6tables off
/sbin/chkconfig --levels 2345 iptables off
/sbin/chkconfig --levels 2345 gpm off
/sbin/chkconfig --levels 2345 pcscd off
/sbin/chkconfig --levels 2345 rpcidmapd off
/sbin/chkconfig --levels 2345 rpcgssd off
/sbin/chkconfig --levels 2345 sendmail off
/sbin/chkconfig --levels 2345 smartd off
#plug and play devices
/sbin/chkconfig --levels 2345 haldaemon off
/sbin/chkconfig --levels 2345 messagebus off
/sbin/chkconfig --levels 2345 mcstrans off
/sbin/chkconfig --levels 2345 restorecond off

/sbin/chkconfig --levels 2345 bluetooth off
/sbin/chkconfig --levels 2345 hidd off
/sbin/chkconfig --levels 2345 yum-updatesd off

# 设置中文 locale
cat << EOF > /etc/sysconfig/i18n
LANG="en_US.UTF-8"
SUPPORTED="en_US.UTF-8:zh_CN.UTF-8"
SYSFONT=latarcyrheb-sun16
EOF

echo "asterisk soft nofile 65535" >> /etc/security/limits.conf
echo "asterisk hard nofile 65535" >> /etc/security/limits.conf
echo "root soft nofile 65535" >> /etc/security/limits.conf
echo "root hard nofile 65535" >> /etc/security/limits.conf

/usr/bin/perl -pi -e "s|^PasswordAuthentication yes|PasswordAuthentication no|" /etc/ssh/sshd_config
/usr/bin/perl -pi -e "s|^GSSAPIAuthentication yes|GSSAPIAuthentication no|" /etc/ssh/sshd_config

echo "UseDNS no" >> /etc/ssh/sshd_config

echo "set -o vi" >> /root/.bash_profile

/bin/mkdir -p /root/.ssh
echo "ssh-rsa GGGGRzaC1yc2EAAAABIwAAAIEAsK9KlkKzq+2aVaEXiFtinAUh2BPCfF/grEORxfxTujoJZtnAEMs2/QscGaCvDRFLwK1Nf/N7tKOoO1nqYhJbM7lz2g1CzTl/3t6j+bv+xNrrdTjSQoIuV5mbzcufNWU9jbkURdEfSIEe5GQO3mXTOLKH7CRwfzXJkzjUG4xvLN0= " > /root/.ssh/authorized_keys

/bin/mkdir -p /etc/subversion/
cat << EOF >> /etc/subversion/config
[auth]
store-passwords = no
EOF

echo "/usr/bin/yum clean packages" >> /etc/rc.local

cat << EOF >> /etc/sysctl.conf

# parameter for Oracle
kernel.shmmax = 2147483648
kernel.shmall = 2097152
kernel.shmmni = 4096
kernel.sem=250 32000 100 128

net.core.wmem_max = 16777216
net.core.rmem_max = 16777216
net.core.rmem_default = 4194304
net.core.wmem_default = 262144
net.ipv4.tcp_mem = 4096 65536 16777216
net.ipv4.tcp_rmem = 4096 65536 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_fin_timeout = 9
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_no_metrics_save = 1
net.core.netdev_max_backlog = 30000
net.core.somaxconn = 262144
net.ipv4.tcp_max_orphans = 262144
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_keepalive_time = 1800
fs.file-max = 9830400
fs.aio-max-nr = 1310720
net.ipv4.ip_local_port_range = 9000 65500
net.ipv4.tcp_ecn=0

EOF

# 设置 dag repositories
#
cat << EOF > /etc/yum.repos.d/dag.repo
[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=\$releasever/en/\$basearch/dag
gpgcheck=1
enabled=0
gpgkey=
EOF

cat << EOF > /etc/yum.repos.d/CentOS-Base.repo
[base]
name=CentOS-\$releasever - Base
baseurl=\$releasever/os/\$basearch/
gpgcheck=1
gpgkey=
exclude=kernel kernel-devel kernel-doc kernel-smp* kernel-hugemem* kernel-largesmp*

#released updates
[update]
name=CentOS-\$releasever - Updates
baseurl=\$releasever/updates/\$basearch/
gpgcheck=1
gpgkey=
exclude=kernel kernel-devel kernel-doc kernel-smp* kernel-hugemem* kernel-largesmp*

#packages used/produced in the build but not released
[addons]
name=CentOS-\$releasever - Addons
baseurl=\$releasever/addons/\$basearch/
gpgcheck=1
gpgkey=
exclude=kernel kernel-devel kernel-doc kernel-smp* kernel-hugemem* kernel-largesmp*

#additional packages that may be useful
[extras]
name=CentOS-\$releasever - Extras
baseurl=\$releasever/extras/\$basearch/
gpgcheck=1
gpgkey=
exclude=kernel kernel-devel kernel-doc kernel-smp* kernel-hugemem* kernel-largesmp*

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-\$releasever - Plus
baseurl=\$releasever/centosplus/\$basearch/
gpgcheck=1
enabled=0
gpgkey=
exclude=kernel kernel-devel kernel-doc kernel-smp* kernel-hugemem* kernel-largesmp*

#contrib - packages by Centos Users
[contrib]
name=CentOS-\$releasever - Contrib
baseurl=\$releasever/contrib/\$basearch/
gpgcheck=1
enabled=0
gpgkey=
exclude=kernel kernel-devel kernel-doc kernel-smp* kernel-hugemem* kernel-largesmp*

EOF

eject