add kickstarts for modular containers

Signed-off-by: Dennis Gilmore <dennis@ausil.us>

fedora-modular-container-base-minimal.ks

@@ -0,0 +1,70 @@
+# See docker-base-common.ks for details on how to hack on docker image kickstarts
+# This base is a stripped back Fedora image without python3/dnf.
+# If you need that use the standard base image.
+
+%include fedora-modular-container-common.ks
+
+%packages --excludedocs --instLangs=en --nocore --excludeWeakdeps
+microdnf
+
+%end
+
+%post --erroronfail --log=/root/anaconda-post.log
+# remove some random help txt files
+rm -fv usr/share/gnupg/help*.txt
+
+# Pruning random things
+rm usr/lib/rpm/rpm.daily
+rm -rfv usr/lib64/nss/unsupported-tools/  # unsupported
+
+# Statically linked crap
+rm -fv usr/sbin/{glibc_post_upgrade.x86_64,sln}
+ln usr/bin/ln usr/sbin/sln
+
+# Remove some dnf info
+rm -rfv /var/lib/dnf
+
+# don't need icons
+rm -rfv /usr/share/icons/*
+
+#some random not-that-useful binaries
+rm -fv /usr/bin/pinky
+
+# we lose presets by removing /usr/lib/systemd but we do not care
+rm -rfv /usr/lib/systemd
+
+# if you want to change the timezone, bind-mount it from the host or reinstall tzdata
+rm -fv /etc/localtime
+mv /usr/share/zoneinfo/UTC /etc/localtime
+rm -rfv  /usr/share/zoneinfo
+
+# Final pruning
+rm -rfv /var/cache/* /var/log/* /tmp/*
+
+%end
+
+%post --nochroot --erroronfail --log=/mnt/sysimage/root/anaconda-post-nochroot.log
+set -eux
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1343138
+# Fix /run/lock breakage since it's not tmpfs in docker
+# This unmounts /run (tmpfs) and then recreates the files
+# in the /run directory on the root filesystem of the container
+# NOTE: run this in nochroot because "umount" does not exist in chroot
+umount /mnt/sysimage/run
+# The file that specifies the /run/lock tmpfile is
+# /usr/lib/tmpfiles.d/legacy.conf, which is part of the systemd
+# rpm that isn't included in this image. We'll create the /run/lock
+# file here manually with the settings from legacy.conf
+# NOTE: chroot to run "install" because it is not in anaconda env
+chroot /mnt/sysimage install -d /run/lock -m 0755 -o root -g root
+
+
+# See: https://bugzilla.redhat.com/show_bug.cgi?id=1051816
+# NOTE: run this in nochroot because "find" does not exist in chroot
+KEEPLANG=en_US
+for dir in locale i18n; do
+    find /mnt/sysimage/usr/share/${dir} -mindepth  1 -maxdepth 1 -type d -not \( -name "${KEEPLANG}" -o -name POSIX \) -exec rm -rfv {} +
+done
+
+%end

fedora-modular-container-base.ks

@@ -0,0 +1,38 @@
+# See docker-base-common.ks for details on how to hack on docker image kickstarts
+# This base is a standard Fedora image with python3 and dnf
+
+%include fedora-modular-container-common.ks
+
+%packages --excludedocs --instLangs=en --nocore
+rootfiles
+tar # https://bugzilla.redhat.com/show_bug.cgi?id=1409920
+vim-minimal
+dnf
+dnf-yum  # https://pagure.io/fesco/ticket/1312#comment:29
+sssd-client
+
+%end
+
+%post --erroronfail --log=/root/anaconda-post.log
+# remove some extraneous files
+rm -rf /var/cache/dnf/*
+rm -rf /tmp/*
+
+#Mask mount units and getty service so that we don't get login prompt
+systemctl mask systemd-remount-fs.service dev-hugepages.mount sys-fs-fuse-connections.mount systemd-logind.service getty.target console-getty.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1343138
+# Fix /run/lock breakage since it's not tmpfs in docker
+# This unmounts /run (tmpfs) and then recreates the files
+# in the /run directory on the root filesystem of the container
+#
+# We ignore the return code of the systemd-tmpfiles command because
+# at this point we have already removed the /etc/machine-id and all
+# tmpfiles lines with %m in them will fail and cause a bad return
+# code. Example failure:
+#   [/usr/lib/tmpfiles.d/systemd.conf:26] Failed to replace specifiers: /run/log/journal/%m
+#
+umount /run
+systemd-tmpfiles --prefix=/run/ --prefix=/var/run/ --create --boot || true
+
+%end

fedora-modular-container-common.ks

@@ -0,0 +1,68 @@
+# This is the common bits between Fedora Docker base image.
+#
+# To keep this image minimal it only installs English language. You need to change
+# dnf configuration in order to enable other languages.
+#
+# ##  Hacking on this image ###
+# This kickstart is processed using Anaconda-in-ImageFactory (via Koji typically),
+# but you can run imagefactory locally too.
+#
+# To do so, testing local changes, first you'll need a TDL file.  I store one here:
+# https://git.fedorahosted.org/cgit/fedora-atomic.git/tree/fedora-atomic-rawhide.tdl
+#
+# Then, once you have imagefactory and imagefactory-plugins installed, run:
+#
+#   ksflatten -c fedora-docker-base[-minimal].ks -o fedora-docker-base-test.ks
+#   imagefactory --debug target_image --template /path/to/fedora-atomic-rawhide.tdl --parameter offline_icicle true --file-parameter install_script $(pwd)/fedora-docker-base-test.ks docker
+#
+
+text # don't use cmdline -- https://github.com/rhinstaller/anaconda/issues/931
+bootloader --disabled
+timezone --isUtc --nontp Etc/UTC
+rootpw --lock --iscrypted locked
+keyboard us
+network --bootproto=dhcp --device=link --activate --onboot=on
+reboot
+
+# boot partitions are irrelevant as the final docker image is a tarball
+zerombr
+clearpart --all
+autopart --noboot --nohome --noswap --nolvm
+
+%packages --excludedocs --instLangs=en --nocore
+fedora-modular-release
+bash
+-kernel
+-dosfstools
+-e2fsprogs
+-fuse-libs
+-gnupg2-smime
+-libss # used by e2fsprogs
+-libusbx
+-pinentry
+-shared-mime-info
+-trousers
+-xkeyboard-config
+
+%end
+
+%post --erroronfail --log=/root/anaconda-post.log
+set -eux
+
+# Set install langs macro so that new rpms that get installed will
+# only install langs that we limit it to.
+LANG="en_US"
+echo "%_install_langs $LANG" > /etc/rpm/macros.image-language-conf
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1400682
+echo "Import RPM GPG key"
+releasever=$(rpm -q --qf '%{version}\n' fedora-release)
+rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$releasever-primary
+
+echo "# fstab intentionally empty for containers" > /etc/fstab
+
+# Remove machine-id on pre generated images
+rm -f /etc/machine-id
+touch /etc/machine-id
+
+%end