obel1x/fedora-OEMDRV
0
0
Fork 1
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
92b5e9c4a62cda81699f398cc35092b8f556236b
fedora-OEMDRV/configure.md
T
unbrot 05a47a140d Add configure.sh wizard and offer to run it after install 
- system_setup/configure.sh: interactive first-time setup wizard that
  edits config.d/configure.conf, tests the encrypted home mount, and
  obtains a Nextcloud WebDAV token
- configure.md: short usage documentation for configure.sh
- system_setup/install.sh: after cloning the repo, ask whether to run
  configure.sh immediately (as the sudo-invoking user via su)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 14:12:11 +02:00

2.1 KiB
Raw Blame History

configure.sh — First-time setup wizard

Run system_setup/configure.sh as a normal user (not root) on the machine that has the OEMDRV partition mounted. It guides you through all site-specific settings, tests the configuration, and leaves the system ready for a Fedora installation.

bash /opt/sys_config/system_setup/configure.sh

What it does

  1. Edits configuration values — prompts for each setting below. Press Enter to keep the shown default, or type a new value. Derived values (e.g. SERVERFQDN_IPA) are updated immediately when you change TLDOMAIN, so subsequent prompts always reflect your latest input.

    Variable Description
    TLDOMAIN Top-level domain of your infrastructure (e.g. company.tld)
    SERVERFQDN_IPA FQDN of the FreeIPA server (default: ipa.<TLDOMAIN>)
    SERVERFQDN_NC FQDN of the Nextcloud server (default: nextcloud.<TLDOMAIN>)
    CLIENTADMINGROUP IPA group that receives sudo rights on clients
    DECRYPTEDDATADIR Mount point for the decrypted user data directory
    ENCRYPTEDDATADIR Path of the gocryptfs-encrypted data directory
    IPAVAULTUSE true to use IPA KRA vault for the encryption key, false to disable encryption
    IPAVAULTNAME Name of the IPA vault entry (default: CLIENT_FILEENCRYPTION_<hostname>)

  2. Confirms the FQDN — shows the computed FQDN (<hostname>.clients.<TLDOMAIN>) and lets you override the hostname part if needed.

  3. Tests the encrypted home mount — runs mount_ecrypt_home.sh. On failure you can restart the wizard or quit.

  4. Obtains a Nextcloud WebDAV token — calls get_nc_token, which opens Firefox for login. Verifies that the returned token belongs to the current user. You can retry or quit on failure.

  5. On success, the written config file config.d/configure.conf is picked up automatically by all other scripts instead of config/setup_system.conf.

After the wizard completes

Boot the target machine from the Fedora USB installer. Anaconda detects the OEMDRV partition and runs the Kickstart automatically.

Reference in New Issue View Git Blame Copy Permalink