Commit Graph

123 Commits

Author SHA1 Message Date
Brian C. Lane
ac6d408115 Remove fedora-productimg-workstation, now included with anaconda 2019-08-14 15:38:56 -07:00
Brian C. Lane
48ba83b67b New lorax documentation - 29.28 2019-05-07 15:46:06 -07:00
Brian C. Lane
4b87dc09d0 Change customizations.firewall to append items instead of replace
To maintain consistency with the other options this changes firewall to
combine the existing settings from the image template with the settings
from the blueprint.

Also updated the docs, added a new test for it, and sorted the output
for consistency.

(cherry picked from commit 3e08389a0f)
(cherry picked from commit 9d48aa4d92)
2019-05-06 12:09:00 -07:00
Brian C. Lane
36ba09345b Update customizations.services documentation
Make it clear that the services are added to services already listed in
the image templates, and that you can specify any systemd unit filename.

Older releases are more restrictive, and this documentation will need to
be updated when these changes are backported.

(cherry picked from commit 4f701e7e92)
(cherry picked from commit 80281c7ad4)
2019-05-06 12:09:00 -07:00
Brian C. Lane
f39e965fb2 lorax-composer: Add firewall support to blueprints
You can now open ports in the firewall, using port numbers or service
names:

    [customizations.firewall]
    ports = ["22:tcp", "80:tcp", "imap:tcp", "53:tcp", "53:udp"]

Or enable/disable services registered with firewalld:

     [customizations.firewall.services]
     enabled = ["ftp", "ntp", "dhcp"]
     disabled = ["telnet"]

If the template contains firewall --disabled it cannot be overridden,
under the assumption that it is required for the image to boot in the
selected environment.

(cherry picked from commit 4d35668ab5)
(cherry picked from commit 9f1756cc27)
2019-05-06 12:09:00 -07:00
Brian C. Lane
725a0437c7 lorax-composer: Add locale support to blueprints
You can now set the keyboard layout and language. Eg.

[customizations.locale]
languages = ["en_CA.utf8", "en_HK.utf8"]
keyboard = "de (dvorak)"

Existing entries in the kickstart templates are replaced with the new
ones. If there are no entries then it will default to 'keyboard us' and
'lang en_US.UTF-8'

Includes tests, and leaves the existing keyboard and lang entries in the
templates with a note that they can be replaced by the blueprint.

(cherry picked from commit e5a8700bdf)
(cherry picked from commit 49259c607b)
2019-05-06 12:09:00 -07:00
Brian C. Lane
6368b0e83b Update docs for new timezone section
(cherry picked from commit 2929deaf01)
(cherry picked from commit a31df965e7)
2019-05-06 12:09:00 -07:00
Brian C. Lane
25bac2fe65 Proposal for adding to the blueprint customizations
The goal here is to do the minimum needed to get the images setup for
use so they can have more complex customizations applied later.
I think this list is a pretty good minimal set of features without going
full kickstart.

(cherry picked from commit 95c288d829)
(cherry picked from commit e682d309ed)
2019-05-06 12:09:00 -07:00
David Shea
9a4a45f05a Add a compose type for alibaba.
This compose type creates a partitioned disk as a qcow2 file, but with
only one partition instead of using a separate /boot.

(cherry picked from commit 44e14176bb)
(cherry picked from commit 0f59e576d8)
2019-05-06 12:07:29 -07:00
David Shea
0220077242 Add a new compose type for Hyper-V
This is based on the VHD compose type, with the following differences:

  * Use the vhdx format instead of vhd
  * No WALinuxAgent
  * Install hyperv-daemons

The hyperv-daemons are activated through udev rules, so there is no need
to add them to the services line.

(cherry picked from commit 434fe58c28)
(cherry picked from commit 367c2583e4)
2019-05-06 12:07:29 -07:00
David Shea
69caef3c2d Add a compose type for Google Compute Engine
(cherry picked from commit bd804c271b)
(cherry picked from commit 846d839980)
2019-05-06 12:07:29 -07:00
Brian C. Lane
c9f076c86d Make it easier to generate docs for the next release
Change the docs-in-docker target to generate the docs for the NEXT
release, not the current one. Also pass in uid/gid so that the new files
can be set to the correct ownership instead of root.

Modify docs/conf.py to bump the version of the docs if
LORAX_VERSION=next is set in the environment.

(cherry picked from commit 2acd13d612)
(cherry picked from commit a71ef40dd5)
2019-05-06 12:07:06 -07:00
Brian C. Lane
0169422746 Add pylorax.api.gitrpm module and tests
This handles creating the rpm from the dictionary describing the
repository and rpm. Also adds tests for archive and rpm creation.

(cherry picked from commit f6f2308765)
(cherry picked from commit efc77c1d71)
2019-05-06 12:05:34 -07:00
Brian C. Lane
21b03c2108 Add support for [[repos.git]] section to blueprints
This adds support, documentation, and testing for a [[repos.git]]
blueprint section that can be used to install files from a git
repository. It will create an rpm that will be added to the build,
and included in the metadata that can be downloaded. This allows you to
accurately keep track of the source of configuration files and extra
metadata that is added to the build.

The source repo and reference will be listed in the rpm's summary making
it easy to discover on the installed system.

(cherry picked from commit d7b96c8f0f)
(cherry picked from commit 047f174dcf)
2019-05-06 12:05:34 -07:00
Brian C. Lane
afa68df873 lorax-composer: Add the ability to append to the kernel command-line
Sometimes it is necessary to modify the kernel command-line of the
image, this adds support for a [customizations.kernel] section to the
blueprint:

[customizations.kernel]
append = "nosmt=force"

This will be appended to the kickstart's bootloader --append argument.

Includes tests for modifying the bootloader line, the kickstart
template, and examining the final-kickstart.ks created for a compose.

(cherry picked from commit 59464286f9)
(cherry picked from commit c5f4dfe113)
2019-05-06 11:54:56 -07:00
Brian C. Lane
53c4daa529 Switch the --virt-uefi method to use SecureBoot
This updates the qemu arguments so that it will actually work, and
switches to using SecureBoot OVMF firmware.

(cherry picked from commit f2b19cfcf7e23dfdb7176fcb1fa8b0335da5aa9a)
(cherry picked from commit 79c38687f3)
2019-05-06 11:51:32 -07:00
Brian C. Lane
5ed5690fb6 Drop auth from the kickstart examples
System defaults should be sufficient these days.

(cherry picked from commit 2af0973155)
2019-05-03 17:01:30 -07:00
Brian C. Lane
6debc2252c fedora-livemedia.ks: Add packages needed to boot livecd on UEFI systems
(cherry picked from commit 9577f719ae)
2019-05-03 16:59:25 -07:00
David Shea
3daede741c Add openstack to the image type list in the docs
(cherry picked from commit d619430d6d)
2019-05-03 16:52:44 -07:00
Alexander Todorov
4c41780856 Update docs with info about ssh keys
it looks like the key value expects the entire content of
~/.ssh/id_rsa.pub

(cherry picked from commit 6631002a81)
2019-05-03 16:36:58 -07:00
Brian C. Lane
06db78c9c4 Turn off smartquotes in Sphinx documentation
It mangles the double dashes in the docstrings, and should close #155

(cherry picked from commit e85bcf4359)
2019-01-08 13:47:07 -08:00
Brian C. Lane
0c042afd34 New lorax documentation - 29.21 2018-11-29 11:12:11 -08:00
Brian C. Lane
080705e8e6 Remove SELinux Permissive checks
Anaconda, Lorax, lorax-composer, and livemedia-creator can all now run
with SELinux in Enforcing mode. It does not need to be disabled and if
there are denials they should be reported as a bug.

Log the current state of SELinux when starting, update the
documentation.

(cherry picked from commit 35b8957f12)
2018-11-29 11:11:28 -08:00
Brian C. Lane
5cf54c6f29 New lorax documentation - 29.20 2018-10-29 15:04:22 -07:00
Brian C. Lane
d9b282150e Build manpages for composer-cli and lorax-composer
Add manpage creation to make docs target to keep them updated.

(cherry picked from commit 7500a17f27)
2018-10-29 14:49:15 -07:00
Brian C. Lane
e63da65ad1 Revert "Rename composer-cli to composer"
This reverts commit d540ba3a23.

It conflicts with the PHP dependency manager project named 'composer'
2018-10-08 15:51:24 -07:00
Brian C. Lane
8963c33e16 Lock the root account, except on live-iso
If we leave the root account w/o a password people will use it that way,
leading to insecure images. Also if we use a default password. So lock
the root account in the templates.

Users will need to do one of these things:
 1. Use [[customizations.user]] in their blueprint to configure root or
    another user.
 2. Use [[customizations.sshkey]] to set a key for root
 2. Install a package that configures a user at install time
 3. Install a package that sets up a user at boot time (eg. cloud-init)

This also drops the auth line from the kickstart templates, allowing it
to use the default password algoritm instead of md5.

Resolves: rhbz#1626122
2018-10-05 09:09:10 -07:00
David Shea
ecd4327a01 Add a vmdk compose type.
This is similar to the AMI type, but also adds open-vm-tools and does not do
anything special to the partitioning
2018-10-05 09:09:10 -07:00
David Shea
d6274ec413 Add a vhd compose type for Azure images
This does pretty much the same things as the AMI compose type, but also
replaces NetworkManager with the Azure linux agent.
2018-10-05 09:09:10 -07:00
David Shea
af3cab0dfe Add an ami compose type for AWS images
This differs from lmc's --make-ami in that creates a full disk image instead of
an fsimage. Create a raw disk image with a / and /boot partitions, and enable
sshd, chronyd, and cockpit by default.
2018-10-05 09:09:10 -07:00
Lars Karlitski
d540ba3a23 Rename composer-cli to composer 2018-10-05 09:09:10 -07:00
Brian C. Lane
9de0948511 Add a Makefile target for building html docs using a rawhide environment
This makes it easier to generate new documentation for
http://weldr.io/lorax/

It requires having a current welder/lorax-composer:latest image (created with
the test-in-docker target), then run docs-in-docker to rerun sphinx with
the docs/html directory mounted from the container.
2018-10-05 09:09:10 -07:00
Brian C. Lane
5204e3c6f4 New lorax documentation - 29.14 2018-10-05 09:09:10 -07:00
Brian C. Lane
04fd94f44b Add documentation for using a DVD as the package source 2018-08-21 11:28:35 -07:00
Brian C. Lane
c638926880 New lorax documentation - 29.11 2018-08-13 16:43:20 -07:00
Brian C. Lane
83e5f3f885 Add a note about using lorax-composer.service
Update the docs to make it clear that .socket will be slow to respond to
the first request, and to use .service to speed it up.
2018-08-13 16:41:44 -07:00
Brian C. Lane
07de4c371a Ignore dnf.logging when building docs 2018-08-13 16:32:26 -07:00
Chris Lumens
bf95a3310b Document that you shouldn't run lorax-composer twice.
(cherry picked from commit 052828047c)
2018-07-26 10:41:56 -04:00
Brian C. Lane
8b271aa917 New lorax documentation - 29.10 2018-07-20 15:51:06 -07:00
Brian C. Lane
0ff9a674ca Add dnf.transaction to list of modules for sphinx to ignore 2018-07-20 15:48:18 -07:00
Chris Lumens
76d376fe18 Add support for groups to blueprints.
Nothing is currently being done with this information, but it will be
soon.

(cherry picked from commit 0f69d2084c)
2018-07-18 13:48:25 -07:00
Brian C. Lane
9e41052992 Fix a couple typos in lorax-composer docs.
The description of blueprint versions was wrong, now it is
correct.
2018-06-29 14:15:54 -07:00
Brian C. Lane
98de565979 Add reqpart to example kickstart files
This will make sure that platform specific partitions are created when
making partitioned disk images.
2018-06-11 13:54:51 -07:00
Brian C. Lane
ca6030c5c7 New lorax documentation - 29.7 2018-06-07 09:03:55 -07:00
Brian C. Lane
84ee526d3f New lorax documentation - 29.6 2018-06-04 16:27:56 -07:00
Brian C. Lane
d47d38e0c8 Override Sphinx documentation version with LORAX_VERSION
Normally you want to document the NEXT release, not the last. This
allows you to build the documentation using:

LORAX_VERSION="29.6" make docs
2018-06-04 16:25:33 -07:00
Brian C. Lane
6d677b2207 Add support for user defined package sources API
This lives under /api/v0/projects/source/*

See the documentation for details
2018-06-04 15:45:36 -07:00
Colin Walters
bb3d8edd06 templates: Stop using gconfset
We had only been indirectly pulling in GConf, and anyways
nothing was listening to these keys.

<kalev> I still think it's a fallout from 27a90d973f

Really in general, if we wanted to make changes like this
it'd probably be a lot simpler to do them on boot or so.

https://bugzilla.redhat.com/show_bug.cgi?id=1581838
2018-05-23 14:20:44 -07:00
Brian C. Lane
683ec03cc8 Update documentation (#1430906) 2018-05-17 11:20:22 -07:00
Brian C. Lane
e963af3b1a Fix documentation for enabling lorax-composer.socket
It needs to be enabled AND started for it to work.
2018-05-14 14:09:46 -07:00