bin/rax.sh - trafficserver-ci - Git at Google

 #!/bin/sh

 # Packages
 yum -y install emacs-nox fail2ban nfs-utils java bzip2 btrfs-progs deltarpm yum-cron yum-plugin-fastestmirror ccache make pkgconfig gcc-c++ openssl-devel tcl-devel expat-devel pcre-devel perl-ExtUtils-MakeMaker libcap libcap-devel hwloc hwloc-devel autoconf automake libtool bison flex git ntp clang rsyslog

 groupadd  -g 665 jenkins
 useradd -g jenkins -u 989 -s /bin/bash -M -d /home/jenkins -c "Jenkins Continuous Build server" jenkins
 mkdir /var/jenkins
 chown jenkins.jenkins /var/jenkins

 echo "ZONE=public" >> /etc/sysconfig/network-scripts/ifcfg-eth0
 echo "ZONE=public" >> /etc/sysconfig/network-scripts/ifcfg-eth1
 echo "ZONE=internal" >> /etc/sysconfig/network-scripts/ifcfg-eth2

 firewall-cmd --permanent --zone=internal --add-service=rpc-bind
 firewall-cmd --permanent --zone=internal --add-service=nfs
 firewall-cmd --permanent --zone=internal --remove-service=samba-client
 firewall-cmd --complete-reload

 echo "[sshd]" > /etc/fail2ban/jail.local
 echo "enabled = true" >> /etc/fail2ban/jail.local

 mount | grep /home > /dev/null  || echo "192.168.3.1:/home /home nfs  rw,noatime,intr   0 0" >> /etc/fstab
 mount /home

 # ccache
 mkdir -p /var/tmp/ccache && chown jenkins.jenkins /var/tmp/ccache
 sudo -u jenkins ccache -M 8G -F 0


 # For systemctl
 #systemctl enable ntpd
 #systemctl restart ntpd

 systemctl enable fail2ban
 systemctl restart fail2ban
	#!/bin/sh

	# Packages
	yum -y install emacs-nox fail2ban nfs-utils java bzip2 btrfs-progs deltarpm yum-cron yum-plugin-fastestmirror ccache make pkgconfig gcc-c++ openssl-devel tcl-devel expat-devel pcre-devel perl-ExtUtils-MakeMaker libcap libcap-devel hwloc hwloc-devel autoconf automake libtool bison flex git ntp clang rsyslog

	groupadd -g 665 jenkins
	useradd -g jenkins -u 989 -s /bin/bash -M -d /home/jenkins -c "Jenkins Continuous Build server" jenkins
	mkdir /var/jenkins
	chown jenkins.jenkins /var/jenkins

	echo "ZONE=public" >> /etc/sysconfig/network-scripts/ifcfg-eth0
	echo "ZONE=public" >> /etc/sysconfig/network-scripts/ifcfg-eth1
	echo "ZONE=internal" >> /etc/sysconfig/network-scripts/ifcfg-eth2

	firewall-cmd --permanent --zone=internal --add-service=rpc-bind
	firewall-cmd --permanent --zone=internal --add-service=nfs
	firewall-cmd --permanent --zone=internal --remove-service=samba-client
	firewall-cmd --complete-reload

	echo "[sshd]" > /etc/fail2ban/jail.local
	echo "enabled = true" >> /etc/fail2ban/jail.local

	mount \| grep /home > /dev/null \|\| echo "192.168.3.1:/home /home nfs rw,noatime,intr 0 0" >> /etc/fstab
	mount /home

	# ccache
	mkdir -p /var/tmp/ccache && chown jenkins.jenkins /var/tmp/ccache
	sudo -u jenkins ccache -M 8G -F 0


	# For systemctl
	#systemctl enable ntpd
	#systemctl restart ntpd

	systemctl enable fail2ban
	systemctl restart fail2ban