yum remove postfix
yum install epel-release
yum install apcupsd smartmontools ssmtpd lm_sensors fail2ban
sensors-detect --auto

cat << EOF > /etc/fail2ban/jail.d/99-enabled.conf
[sshd]
enabled = true
EOF

systemctl enable fail2ban --now

cat << EOF > /etc/ssmtp/ssmtp.conf
root=e.minguez@gmail.com 
mailhub=smtp.gmail.com:587
AuthUser=USER
AuthPass=PASS
UseSTARTTLS=YES
#UseTLS=YES
AuthMethod=LOGIN
TLS_CA_File=/etc/pki/tls/certs/ca-bundle.crt
EOF

cat << EOF > /etc/ssmtp/revaliases
root:e.minguez@gmail.com:smtp.gmail.com:587
EOF

echo "alias root root<e.minguez@gmail.com>" >> /etc/mail.rc
echo "alias root@localhost root<e.minguez@gmail.com>" >> /etc/mail.rc

systemctl enable smartd --now
systemctl enable apcupsd --now

yum install -y libusb usbutils epel-release tmux yum-utils git
# Configure ZFS
zpool create tank raidz2 /dev/disk/by-id/{ata-WDC_WD20EFRX-68AX9N0_WD-WMC301887336,ata-WDC_WD20EFRX-68AX9N0_WD-WMC301895708,ata-WDC_WD20EFRX-68AX9N0_WD-WMC301880783,ata-WDC_WD20EFRX-68AX9N0_WD-WMC301919087} -f

zfs set relatime=on tank
zfs set compression=on tank

zfs create tank/vms
zfs create tank/docker
zfs create tank/log

echo "/tank/log              /var/log                 none    bind    0 0" >> /etc/fstab

mkdir ~/git/
git clone https://github.com/lnicola/systemd-zpool-scrub.git ~/git/systemd-zpool-scrub/
install -m 644 -o root -g root ~/git/systemd-zpool-scrub/zpool-scrub@.service /etc/systemd/system
install -m 644 -o root -g root ~/git/systemd-zpool-scrub/zpool-scrub@.timer /etc/systemd/system
systemctl daemon-reload
systemctl enable --now zpool-scrub@tank.timer

yum copr enable poettlerric/zfs-auto-snapshot
yum install zfs-auto-snapshot

yum install -y docker

cat << EOF > /etc/docker/daemon.json 
{
  "storage-driver": "zfs",
  "graph": "/tank/docker"
}
EOF

:> /etc/sysconfig/docker-storage
:> /etc/sysconfig/docker-storage-setup

groupadd docker
usermod -aG docker edu

systemctl enable docker --now

docker info | grep zfs

yum groupinstall "Virtualization Host"

yum install cockpit cockpit-docker cockpit-machines setroubleshoot-server cockpit-storaged
sed -i -e 's/enabled=1/enabled=0/g' /etc/yum/pluginconf.d/subscription-manager.conf
systemctl enable --now cockpit.socket
firewall-cmd --permanent --zone=public --add-service=cockpit
firewall-cmd --reload