Cobbler

Official doc for 2.8.0 : http://cobbler.github.io/manuals/2.8.0
Another post on the topic : https://www.linuxtechi.com/install-and-configure-cobbler-on-centos-7/

VM

Get started on a CentOS 7, with vagrant for example

sudo apt install -y virtualbox vagrant
vagrant up bento/centos-7.4
vagrant ssh

Install

If you want to keep SELinux running

setsebool -P httpd_can_network_connect true

Otherwise

sudo setenforce 0
sed -i 's;enforcing;permissive;' /etc/sysconfig/selinux

Install Cobbler, tftp and so on, then open the firewall

sudo yum install epel-release -y
sudo yum install cobbler cobbler-web dnsmasq syslinux pykickstart xinetd -y

sudo systemctl start cobblerd httpd
sudo systemctl enable cobblerd httpd

sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --add-service=https --permanent
sudo firewall-cmd --add-service=dhcp --permanent
sudo firewall-cmd --add-service=tftp --permanent
sudo firewall-cmd --add-port=dhcp --permanent
sudo firewall-cmd --reload

Make sure wsgi module is enabled, a line like this around /etc/httpd/conf.modules.d/10-wsgi.conf

LoadModule wsgi_module modules/mod_wsgi.so

Configure

SSL

For test purpose, you can comment out SSL requirement in /etc/httpd/conf.d/cobbler_web.conf

# This configuration file enables the cobbler web
# interface (django version)

<Directory "/usr/share/cobbler/web/">
        # <IfModule mod_ssl.c>
        #     SSLRequireSSL
        # </IfModule>
        # <IfModule mod_nss.c>
        #     NSSRequireSSL
        # </IfModule>
        SetEnv VIRTUALENV 
        Options Indexes MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all
</Directory>

<Directory "/var/www/cobbler_webui_content/">
        # <IfModule mod_ssl.c>
        #     SSLRequireSSL
        # </IfModule>
        # <IfModule mod_nss.c>
        #     NSSRequireSSL
        # </IfModule>
        Options +Indexes +FollowSymLinks
        AllowOverride None
        Order allow,deny
        Allow from all
</Directory>

# Use separate process group for wsgi
WSGISocketPrefix /var/run/wsgi
WSGIScriptAlias /cobbler_web /usr/share/cobbler/web/cobbler.wsgi
WSGIDaemonProcess cobbler_web display-name=%{GROUP}
WSGIProcessGroup cobbler_web
WSGIPassAuthorization On

<IfVersion >= 2.4>
    <Location /cobbler_web>
        Require all granted
    </Location>
    <Location /cobbler_webui_content>
	Require all granted
    </Location>
</IfVersion>

Otherwise set up SSL as you see fit.

Passwords

Root password should be changed. Generate a new hash with

openssl passwd -1

Set the resulting value in /etc/cobbler/settings in default_password_crypted value

Default WebUI user is cobbler, password cobbler. This can be changed with

htdigest /etc/cobbler/users.digest "Cobbler" cobbler

To be continued

Or not