-
Notifications
You must be signed in to change notification settings - Fork 0
/
preseed.cfg
226 lines (206 loc) · 9.97 KB
/
preseed.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
#_preseed_V1
# Reference: https://preseed.debian.net/debian-preseed/bookworm/amd64-main-full.txt
# See also: https://www.debian.org/releases/bookworm/example-preseed.txt
###
# There are a few hints and remarks about this preseed file:
#
# Note: We do not set a hostname here, because we let the DHCP server do that for us and set it afterwards in the rc.local file
#
# Note: We do not set a domain name here, because we let the DHCP server do that for us and set it afterwards in the rc.local file
#
# Note: We do not set a nameserver here, because we let the DHCP server do that for us and set it afterwards in the rc.local file
#
# Note: The root password has no password, but we change it afterwards in the rc.local file to a hashed random password
#
# Most of the settings will be done in the rc.local file after the installation is complete and the system is rebooted
###
# This is an example of how to use preseeding to do a totally automated install.
d-i preseed/early_command string echo "Starting enabling Technology Debian installation"
# Preseeding only locale sets language, country and locale.
d-i debian-installer/locale string en_US
# The values can also be preseeded individually for greater flexibility.
d-i debian-installer/country string DE
# Optionally specify additional locales to be generated.
d-i debian-installer/language string en
# Keyboard selection.
d-i keyboard-configuration/xkb-keymap select de
d-i keyboard-configuration/variant select Deutschland
### Network configuration
# netcfg will choose an interface that has link if possible. This makes it
# skip displaying a list if there is more than one interface.
d-i netcfg/choose_interface select auto
# To pick a particular interface instead:
#d-i netcfg/choose_interface select eth1
# If you have a slow dhcp server and the installer times out waiting for
# it, this might be useful.
#d-i netcfg/dhcp_timeout string 60
#d-i netcfg/dhcpv6_timeout string 60
# If you prefer to configure the network manually, uncomment this line and
# the static network configuration below.
#d-i netcfg/disable_autoconfig boolean true
# If you want the preconfiguration file to work on systems both with and
# without a dhcp server, uncomment these lines and the static network
# configuration below.
d-i netcfg/dhcp_failed note
d-i netcfg/dhcp_options select Configure network manually
#
# Static network configuration.
# IPv4 example
#d-i netcfg/get_ipaddress string 192.168.1.42
#d-i netcfg/get_netmask string 255.255.255.0
#d-i netcfg/get_gateway string 192.168.1.1
#d-i netcfg/get_nameservers string 192.168.1.1
#d-i netcfg/confirm_static boolean true
# IPv6 example
#d-i netcfg/get_ipaddress string fc00::2
#d-i netcfg/get_netmask string ffff:ffff:ffff:ffff::
#d-i netcfg/get_gateway string fc00::1
#d-i netcfg/get_nameservers string fc00::1
#d-i netcfg/confirm_static boolean true
# Any hostname and domain names assigned from dhcp take precedence over
# values set here. However, setting the values still prevents the questions
# from being shown, even if values come from dhcp.
d-i netcfg/get_hostname string D12-INSTALL
d-i netcfg/get_domain string enatec.group
# If you want to force a hostname, regardless of what either the DHCP
# server returns or what the reverse DNS entry for the IP is, uncomment
# and adjust the following line.
#d-i netcfg/hostname string somehost
# Disable that annoying WEP key dialog.
d-i netcfg/wireless_wep string
# The wacky dhcp hostname that some ISPs use as a password of sorts.
#d-i netcfg/dhcp_hostname string radish
# If non-free firmware is needed for the network or other hardware, you can
# configure the installer to always try to load it, without prompting. Or
# change to false to disable asking.
d-i hw-detect/load_firmware boolean true
### Network console
# Use the following settings if you wish to make use of the network-console
# component for remote installation over SSH. This only makes sense if you
# intend to perform the remainder of the installation manually.
#d-i anna/choose_modules string network-console
#d-i network-console/authorized_keys_url string http://10.0.0.1/openssh-key
#d-i network-console/password password r00tme
#d-i network-console/password-again password r00tme
# If you select ftp, the mirror/country string does not need to be set.
d-i mirror/country string manual
# we use the german default mirror
d-i mirror/http/hostname string ftp.de.debian.org
# the directory on the mirror that holds the Debian distribution
d-i mirror/http/directory string /debian
# no proxy
d-i mirror/http/proxy string
# debian 12 bookworm
d-i mirror/suite string bookworm
# Skip password setup for root account (Why would you want that?)
d-i passwd/root-login boolean false
# Create a normal user account
# we use the same ID for the user and the group to avoid problems
d-i passwd/user-uid string 1000
d-i passwd/user-gid string 1000
# This is the default deployment user
# Note: If you change the username, you also have to change the username in the rc.local file to match the new name
d-i passwd/user-fullname string enadmin
d-i passwd/username string enadmin
# Password is hashed with: openssl passwd -6 -salt xyz yourpassword (Much better then an unencrypted password)
d-i passwd/user-password-crypted password $6$xyz$UD2FSOiDJEeIfTHlAsdXJe5ox0GvOmOV3MFk0MkOFW3nF7z/RYEyvnZ6VMWhtYumbpcsGt74UDbp6Db8VVZPd.
# We add the user to some additional groups
d-i passwd/user-default-groups string audio cdrom video plugdev adm dip lpadmin sambashare sudo
# do NOT allow weak passwords
d-i user-setup/allow-password-weak boolean false
# do NOT encrypt the home directory
d-i user-setup/encrypt-home boolean false
### Clock and time zone setup
# Controls whether or not the hardware clock is set to UTC.
d-i clock-setup/utc boolean true
# Our Timezone
d-i time/zone string Europe/Berlin
# Set the clock to use UTC by default.
d-i clock-setup/utc-auto boolean true
# NTP will be installed and configured after the system is installed.
d-i clock-setup/ntp boolean true
# NTP server to use. The default is almost always fine here.
d-i clock-setup/ntp-server string de.pool.ntp.org
# Partitioning, we use LVM for everything
d-i partman-auto/method string lvm
# max size (use the whole disk)
d-i partman-auto-lvm/guided_size string max
# Every LVM VG must have a name, we use the same name for all VGs to avoid problems
d-i partman-auto-lvm/new_vg_name string D12VG
# This can be handy, DHCP hostnames can change between reboots
#
# You can change this afterwards at any time:
# sudo vgrename D12VG <NewName>
# Edit /etc/fstab and change all the entries with the new name
# Edit /etc/initramfs-tools/conf.d/resume and replace the old name with the new one
# Rebuild an initramfs:
# sudo update-initramfs -u -k all
# no questions asked
d-i partman-lvm/confirm boolean true
# remove existing LVM
d-i partman-lvm/device_remove_lvm boolean true
# The same applies to pre-existing software RAID array:
d-i partman-md/device_remove_md boolean true
# remove existing MD
d-i partman-lvm/confirm_nooverwrite boolean true
# You can choose one of the three predefined partitioning recipes:
# - atomic: all files in one partition
# - home: separate /home partition
# - multi: separate /home, /var, and /tmp partitions
d-i partman-auto/choose_recipe select atomic
# no questions asked
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman/confirm_write_new_label boolean true
# Force UEFI booting ('BIOS compatibility' will be lost). Default: false.
d-i partman-efi/non_efi_system boolean true
# Ensure the partition table is GPT - this is required for EFI
d-i partman-partitioning/choose_label select gpt
# Create a small partition for EFI
d-i partman-partitioning/default_label string gpt
# Controlling how partitions are mounted
d-i partman/mount_style select uuid
# Scan additional installation media
d-i apt-setup/cdrom/set-first boolean false
# use mirror for everything, not only for security updates
d-i apt-setup/use_mirror boolean true
# Ignore the CD-ROM/USB stick and install from the network
d-i apt-setup/disable-cdrom-entries boolean true
# None free packages are activated as well: https://wiki.debian.org/SourcesList
d-i apt-setup/non-free boolean true
# Additional use of non-free firmware
d-i apt-setup/non-free-firmware boolean true
# Additional use of contrib packages
d-i apt-setup/contrib boolean true
# Select all updates
d-i apt-setup/services-select multiselect security, updates
# Use the default Debian mirror for security updates.
d-i apt-setup/security_host string security.debian.org
# this can be dangerous, so do NOT allow unauthenticated packages
d-i debian-installer/allow_unauthenticated boolean false
# Package selection
tasksel tasksel/first multiselect SSH server, standard system utilities
# Additional packages to install
d-i pkgsel/include string openssh-server sudo sed curl gnupg apt-transport-https wget
# No language support packages.
d-i pkgsel/install-language-support boolean false
# Language pack selection
d-i pkgsel/language-packs multiselect en
# automatic updates
d-i pkgsel/update-policy select unattended-upgrades
# Whether to upgrade packages after debootstrap.
# Allowed values: none, safe-upgrade, full-upgrade
d-i pkgsel/upgrade select full-upgrade
# Disable participation in contest
popularity-contest popularity-contest/participate boolean false
# Boot loader installation
d-i grub-installer/bootdev string default
# This command is run just before the install finishes
d-i preseed/late_command string tar -xzf /cdrom/debian.tar.gz -C /target/etc/; chown 0:0 /target/etc/rc.local; chmod 770 /target/etc/rc.local;
# Now we finish up the installation
# Eject the CD-ROM/ISO when the install is complete.
d-i cdrom-detect/eject boolean true
# Avoid that last message about the install being complete.
d-i finish-install/reboot_in_progress note