# Penguin Cluster Kickstart file

install
lang en_US
langsupport --default en_US.iso885915 en_US.iso885915
keyboard us
mouse generic3ps/2 --device psaux --emulthree
skipx
network --device eth0 --bootproto dhcp
rootpw --iscrypted $1$AIAneuom$CH/i03qzAJ8C2swmyYpLs.
firewall --high --port ssh:tcp --trust eth0
authconfig --enableshadow --enablemd5
timezone America/New_York
bootloader
nfs --server 192.168.0.1 --dir /u1/redhat
reboot
clearpart --linux
part /boot --fstype ext3 --size=36 --asprimary
part / --fstype ext3 --size=5200 --asprimary
part swap --size=512 --asprimary
part /scratch --fstype ext3 --size=1 --grow --asprimary

%packages --resolvdeps
@ Printing Support			# Groups of packages defined by
@ Network Support			# Red Hat
@ NFS File Server
@ Network Managed Workstation
@ Utilities
@ Legacy Application Support
@ Software Development
glib2-devel				# Additional individual packages
Glide3-devel				# needed or desired on compute nodes
kernel-smp
compat-egcs-c++
rsync
compat-egcs-g77

%post
#/bin/bash
#
PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH
#
# Penguin Cluster Node Assimilation Script
echo "Commencing Penguin Cluster Node Assimilation"
#
# Setup hosts table
echo "* Building /etc/hosts"
cat > /etc/hosts << EOF
127.0.0.1	`hostname` localhost.localdomain localhost
#
192.168.0.1	node01 master
192.168.0.2	node02
192.168.0.3	node03
     .
     .
     .
192.168.0.64	node64
EOF
#
# Configure ipchains for needed service, block everything else
echo "* Reconfiguring the firewall rules"
cat > /etc/sysconfig/ipchains << EOF
:input ACCEPT
:forward ACCEPT
:output ACCEPT
-A input -s 0/0 -d 0/0 22 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 -i lo -j ACCEPT
-A input -s 0/0 -d 0/0 -i eth0 -j ACCEPT
-A input -s 0/0 -d 0/0 -p tcp -y -j REJECT
-A input -s 0/0 -d 0/0 -p udp -j REJECT
EOF
/etc/rc.d/init.d/ipchains restart
#
# Configure ntp and set the correct time before going any further
echo "* Configuring and starting time service"
cat > /etc/ntp.conf << EOF
restrict default noquery notrust nomodify
restrict 127.0.0.1
restrict 192.168.0.0 mask 255.255.0.0
server 192.168.0.1
driftfile /etc/ntp.drift
logfile /var/log/ntp.log
EOF
cat > /etc/ntp/step-tickers << EOF
192.168.0.1
EOF
chkconfig ntpd on
/etc/rc.d/init.d/ntpd start
#
# Setup /etc/hosts.equiv
echo "* Building /etc/hosts.equiv"
cat > /etc/hosts.equiv << EOF
node01
node02
node03
  .
  .
  .
node64
EOF
#
# Setup NFS mounts
echo "* Establishing NFS mounts"
mkdir -p /home
mkdir -p /u1
if test -f /etc/fstab.assim-save; then \
	echo "** WARNING: Modifying previously-saved fstab file instead of the current one"
else \
	cp -p /etc/fstab /etc/fstab.assim-save
fi
cat > /etc/fstab << EOF
`cat /etc/fstab.assim-save`
node01:/home	/home	nfs		soft,bg,intr	0 0
node01:/u1	/u1	nfs		soft,bg,intr	0 0
EOF
mount -at nfs
#
# Configure a serial console
echo "* Configuring for serial console"
if grep '^co:' /etc/inittab > /dev/null; then \
	echo "** Serial console already configured"
else \
	cat >> /etc/inittab << EOF
# Serial console since this machine has no head
co:2345:respawn:/sbin/agetty ttyS0 9600 vt100
EOF
fi
if grep '^ttyS0' /etc/securetty > /dev/null; then \
	echo "** ttyS0 is already contained in /etc/securetty";
else \
	cat >> /etc/securetty << EOF
ttyS0
EOF
fi
#
# Update /etc/hosts.allow and /etc/hosts.deny
echo "* Setting up /etc/hosts.allow and /etc/hosts.deny"
cat > /etc/hosts.allow << EOF
#
# hosts.allow	This file describes the names of the hosts which are
#		allowed to use the local INET services, as decided
#		by the '/usr/sbin/tcpd' server.
#

ALL: 192.168.0.
EOF
cat >> /etc/hosts.deny << EOF
#
# hosts.deny	This file describes the names of the hosts which are
#		*not* allowed to use the local INET services, as decided
#		by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow.  In particular
# you should know that NFS uses portmap!

ALL: ALL
EOF
#
# To allow root login via rlogin/rsh, add 'rlogin' and 'rsh' entries
# to /etc/securetty
echo "* Allowing root logins via rlogin and rsh"
if grep '^rlogin' /etc/securetty > /dev/null; then \
	echo "** rlogin is already contained in /etc/securetty"
else \
	cat >> /etc/securetty << EOF
rlogin
EOF
fi
if grep '^rsh' /etc/securetty > /dev/null; then \
	echo "** rsh is already contained in /etc/securetty"
else \
	cat >> /etc/securetty << EOF
rsh
EOF
fi
cat > /root/.rhosts << EOF
master root
EOF
#
# Enable rsync, rlogin, and rsh
echo "* Enabling rsync, rlogin, and rsh"
chkconfig rsync on
chkconfig rlogin on
chkconfig rsh on
#
# Update /etc/aliases so someone gets root's mail
echo "* Updating /etc/aliases"
if grep '^root:' /etc/aliases > /dev/null; then \
	echo "** root is already contained in /etc/aliases"
else \
	cat >> /etc/aliases << EOF
root:	localuser@node01
EOF
newaliases
fi
#
# useradd may be used to establish user accounts on the compute node.
# Alternatively, the master node may provide user/group databases using rsync
# after the installation process is complete.
#
# Install my favorite analysis package
rpm -i /u1/packages/analpack-1.0-5.i386.rpm
# Install my favorite commercial compiler
tar xzpf /u1/packages/xyz-f90.tar.gz
#
echo "Penguin Cluster Node Assimilation Complete"
exit