# Kickstart output config
text

# General system config
lang en_US.UTF-8
keyboard us
timezone UTC

# Security config
authconfig --enableshadow --passalgo=sha512
rootpw vagrant
# Just have SELinux warn by default, to avoid breaking dev efforts
selinux --permissive
# To enable SELinux, use:
#   selinux --enforcing
# Disable the firewall by default, to avoid breaking dev efforts
firewall --disabled
# To enable the firewall and (required) open the SSH port, use:
#   firewall --enable --ssh

# Delete all existing partitions and create the default ones
clearpart --all --initlabel
# For unencrypted partitions (default):
autopart
# For encrypted paritions, use:
#   autopart --encrypted --passphrase=<your_password>

# Default bootloader config
bootloader
# For a GRUB password, use:
#   bootloader --password=<your_password>

# Don't insall the X Window System
skipx

# Reboot, and don't launch setup wizard after boot
firstboot --disabled
reboot

%packages
  # Install minimal set of packages here, let provisioners (Ansible) handle them
%end

%post
  # In the VM output, this is the "Running post-installation scripts" section.
  # Unfortunately, it produces no output. The `yum update` step may give the
  # appearance that the build is hung, as it's slow, uses little CPU and
  # doesn't transfer much data during the package index building step.

  # Update all packages
  yum update -y

  # Clear yum cache to save space
  yum clean all

  # Create vagrant user and group, give them correct permissions
  # This needs to happen before Packer tries to SSH in and poweroff the VM,
  # (at the end of the builder step), so it must be done here (in the
  # builder step), not in an external script called by a Packer shell
  # provisioner (after the builder step).
  groupadd vagrant
  useradd vagrant -g vagrant -G wheel
  echo "vagrant" | passwd --stdin vagrant
  echo "vagrant        ALL=(ALL)       NOPASSWD: ALL" >> /etc/sudoers.d/vagrant

  # Everything requires the ability to run sudo without a tty
  # Else, may see errors like "sorry, you must have a tty to run sudo"
  # Need to do this here, before Packer reboots the VM and runs scripts,
  # because `sudo` in the scripts fails without it. Docker also needs this
  # (for Ansible to run `sudo`), but it doesn't run this kickstart, so it the
  # logic must be duplicated in Docker's config script and here.
  sed -i "s/^.*requiretty/#Defaults requiretty/" /etc/sudoers
%end