Use virt-install to fully automate the install for Devuan Ceres with preseed, May 2021 edition
This article is a follow-up or replacement to the following older posts: Use virt-install to fully automate the install for Devuan with preseed Use virt-install to fully automate the install for Devuan Ceres with preseed, March 2020 edition I also have a series on building RHEL-like VMs with virt-install: My kickstart for Fedora 34 VMs Install CentOS 8 with kickstart and virt-install
Installing Devuan Ceres with preseed
I use libvirt with qemu+kvm to run my virtualization environment. My latest work includes updating my Devuan Ceres VM build process to use a recent alpha release ISO for Devuan Chimaera (4.0). I had to modify my urlfetcher.py again in the libvirt files to handle the current locations (described in above article from March 2020) which you can determine with 7z. I was too lazy to investigate how to read contents of a iso file properly.
$ 7z l devuan_chimaera_4.0.alpha-20210510_amd64_netinstall.iso | grep -E '\/(linux|initrd\.gz)$'
2021-03-15 07:44:18 ..... 62400333 62400333 boot/isolinux/initrd.gz
2021-03-15 07:44:18 ..... 5278960 5278960 boot/isolinux/linux
So the urlfetcher.py class needs to have values:
if self.arch == "x86_64":
kernel_initrd_pair = ("boot/isolinux/linux",
"boot/isolinux/initrd.gz")
The preseed file
So, with the libvirt configuration out of the way, I have a preseed file which I have updated to match my current needs and the answers that the Devuan installer wants to see.
# File: /mnt/public/Support/Platforms/devuan/devuan-preseed1.txt
# Locations:
# /mnt/public/Support/Platforms/devuan/devuan-preseed1.txt
# Author: bgstack15
# Startdate: 2019-06-25
# Title: Preseed for devuan vms for ipa.internal.com
# Purpose: To provide an easy installation for VMs and other systems in the Internal network
# History:
# 2017-06 I learned how to use kickstart files for the RHCSA EX-200 exam
# 2017-08-08 Added notifyemail to --extra-args
# 2017-10-29 major revision to use local repository
# 2019-06-25 fork from centos7-ks.cfg
# 2018-12-29 fix up repos and in-target conclusion stuff
# 2020-02-27 heavy rewrite to use ascii 2.1
# 2021-05-16 bump to chimaera which upgrades self to ceres
# Usage with virt-install:
# vm=d2-04a ; time sudo virt-install -n "${vm}" --memory 2048 --vcpus=1 --os-variant=debiantesting -v --disk path=/var/lib/libvirt/images/"${vm}".qcow2,size=20 -l /mnt/public/Support/SetupsBig/Linux/devuan_chimaera_4.0.alpha-20210510_amd64_netinstall.iso --initrd-inject=/mnt/public/Support/Platforms/devuan/preseed/preseed.cfg --extra-args "hostname=${vm} NOTIFYEMAIL=bgstack15@gmail.com interface=auto" --debug --network type=bridge,source=br0 --noautoconsole
# vm=d2-04a; sudo virsh destroy "${vm}"; sudo virsh undefine --remove-all-storage "${vm}";
# Reference:
# https://sysadmin.compxtreme.ro/automatically-set-the-hostname-during-kickstart-installation/
# /mnt/public/Support/Platforms/CentOS7/install-vm.txt
# https://serverfault.com/questions/481244/preseed-command-string-fail-with-newline-character-using-virt-install-initrd-inj
# https://www.debian.org/releases/stable/i386/apbs01.html.en
# https://github.com/jameswthorne/preseeds/blob/master/debian-7-wheezy-unattended.seed
# syntax for --location https://www.queryxchange.com/q/1_908324/virt-install-preseed-not-working/
# example preseed https://www.debian.org/releases/stable/example-preseed.txt
# skip next dvd question https://unix.stackexchange.com/questions/409212/preseed-directive-to-skip-another-cd-dvd-scanning
# grub problem caused by consolekit:amd64 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915947#10
# https://stackoverflow.com/questions/39861614/how-to-fully-automate-unattended-virt-install
# https://www.debian.org/releases/stable/i386/apbs03.html.en
# https://dev1galaxy.org/viewtopic.php?id=1853
# https://www.cyberciti.biz/faq/howto-setup-serial-console-on-debian-linux/
# https://github.com/virt-manager/virt-manager/blob/master/virtinst/install/urldetect.py
# /mnt/public/Support/Platforms/devuan/fix-virt-manager.txt
# https://dev1galaxy.org/viewtopic.php?id=3332
# https://ubuntuforums.org/showthread.php?t=2387570
# sudo debconf-get-selections -c /mnt/public/Support/Platforms/devuan/preseed/preseed.cfg
# on d2-03a: sudo debconf-get-selections --installer
# https://serverfault.com/questions/593388/unable-to-nfs-mount-in-debian-preseed-target/593389
# https://preseed.debian.net/debian-preseed/sid/amd64-main-full.txt
# Improve:
# discover how to send email, using postfix or sendmail. Don't care which, but exclude exim4.
# echo "$( hostname ) has IP $( ip -4 -o a s eth0 | awk '{print $4}' | sed -r -e 's/\/.*$//' )" |
d-i debian-installer/country string US
d-i debian-installer/keymap select us
d-i debian-installer/language string en
d-i debian-installer/locale string en_US
d-i localechooser/supported-locales string en_US.UTF-8
d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/variantcode string
d-i keyboard-configuration/xkb-keymap select us
d-i netcfg/disable_autoconfig boolean false
d-i netcfg/get_domain string ipa.internal.com
d-i netcfg/wireless_wep string
# disable asking for non-free firmware, because this is a vm and has none
d-i hw-detect/load_firmware boolean false
#d-i apt-setup/enable-source-repositories boolean false
# ORIGINAL d-i apt-setup/services-select multiselect security updates, release updates, backported software
d-i apt-setup/services-select multiselect release updates
d-i apt-setup/contrib boolean true
d-i apt-setup/disable-cdrom-entries boolean true
d-i apt-setup/non-free boolean true
d-i apt-setup/use_mirror boolean true
d-i mirror/country string manual
d-i mirror/http/directory string /merged
d-i mirror/http/hostname string deb.devuan.org
d-i mirror/http/proxy string
d-i mirror/protocol string http
d-i mirror/suite string testing
d-i apt-setup/cdrom/set-failed boolean false
d-i apt-setup/cdrom/set-first boolean false
d-i apt-setup/cdrom/set-next boolean false
## my repos and ceres
d-i apt-setup/local0/comment string internaldeb
d-i apt-setup/local0/key string http://www.example.com/internal/repo/deb/internaldeb.gpg
d-i apt-setup/local0/repository string http://www.example.com/internal/repo/deb/ /
d-i apt-setup/local1/comment string devuan-deb
d-i apt-setup/local1/key string http://www.example.com/internal/repo/deb/internaldeb.gpg
d-i apt-setup/local1/repository string http://www.example.com/internal/repo/devuan-deb/ /
d-i apt-setup/local2/comment string ceres
d-i apt-setup/local2/key string http://www.example.com/mirror/devuan/dists/ceres/Release.gpg
d-i apt-setup/local2/repository string http://www.example.com/mirror/devuan ceres main contrib non-free
#d-i apt-setup/local2/key string http://pkgmaster.devuan.org/merged/dists/ceres/Release.gpg
#d-i apt-setup/local2/repository string http://pkgmaster.devuan.org/merged ceres main contrib non-free
d-i apt-setup/local3/comment string obsmirror
d-i apt-setup/local3/key string http://www.example.com/mirror/obs/Release.key
d-i apt-setup/local3/repository string http://www.example.com/mirror/obs/ /
# if for some reason I really need to turn off the gpg key check:
#d-i debian-installer/allow_unauthenticated boolean false
#tasksel tasksel/first multiselect standard, ssh-server
tasksel tasksel/first multiselect none
# adapted from /mnt/public/Support/Platforms/devuan/devuan.txt, main fluxbox desktop, but for a vm
# no xscreensaver, for a vm.
#d-i pkgsel/include string \
# alsamixergui alttab apt-transport-https bgconf bgscripts bgscripts-core \
# cifs-utils curl fluxbox freeipa-client git grub lightdm lightdm-gtk-greeter \
# mlocate net-tools nfs-common ntpdate oddjob-mkhomedir=0.0.1-1 openssh-server \
# p7zip palemoon palemoon-ublock-origin parted qemu-guest-agent rsync scite \
# screen spice-vdagent strace sudo tcpdump vim vlc volumeicon-alsa waterfox \
# xfce4-terminal xfe xserver-xorg-video-qxl fluxbox-themes-stackrpms
#d-i pkgsel/include string cifs-utils curl grub lightdm vim sudo vlc screen p7zip nfs-common
d-i pkgsel/include string openssh-server wget curl
d-i pkgsel/upgrade select none
popularity-contest popularity-contest/participate boolean true
d-i clock-setup/ntp boolean true
d-i clock-setup/ntp-server string dns1.ipa.internal.com
d-i time/zone string America/New_York
# skip grub during main part, because we will do it in late_command
#d-i grub-installer/skip boolean true
#d-i grub-installer/skip-again boolean true
#d-i grub-installer/skip-confirm boolean true
#d-i grub-installer/confirm_skip boolean true
#d-i nobootloader/confirmation_common boolean true
d-i choose-init/select_init select sysvinit
d-i choose-init/selected_sysvinit bool true
grub-installer grub-installer/choose_bootdev select /dev/vda
d-i lilo-installer/skip boolean true
#d-i grub-installer/with_other_os boolean true
d-i grub-installer/only_debian boolean true
d-i grub-installer/grub2_instead_of_grub_legacy boolean true
#d-i grub-installer/bootdev string /dev/vda
#d-i grub-installer/choose_bootdev select /dev/vda
#grub-installer grub-installer/force-efi-extra-removable boolean false
d-i passwd/root-password password plaintextexamplepw
d-i passwd/root-password-again password plaintextexamplepw
d-i partman-auto/choose_recipe select home
d-i partman-auto-crypto/erase_disks boolean false
d-i partman-auto/disk string /dev/vda
d-i partman-auto/init_automatically_partition select biggest_free
d-i partman-auto/method string lvm
d-i partman/choose_label string gpt
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman/confirm_write_new_label boolean true
d-i partman/default_label string gpt
#d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-md/confirm_nooverwrite boolean true
#d-i partman/mount_style select uuid
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman-auto-lvm/guided_size string 100%
# Uncomment this to add multiarch configuration for i386
#d-i apt-setup/multiarch string i386
d-i passwd/make-user boolean true
d-i passwd/user-fullname string bgstack15-local
d-i passwd/username string bgstack15-local
d-i passwd/user-password-crypted password $6$BxyYQfM7A1TEeS6X$S0SALxIk6.n6SU21s.ojeQ9F06AMcnnHS7vODHTufeWXLpNu6EmpsDN7eLVSyYXXU4moiXVgzIiTJYXatdGBz0/
d-i passwd/user-default-groups string audio cdrom video
d-i finish-install/reboot_in_progress note
d-i cdrom-detect/eject boolean true
# additional application stuff just in case it works and is useful
# LDAP server URI:
d-i shared/ldapns/ldap-server string ldapi:///ipa.internal.com
d-i openssh-server/password-authentication boolean true
d-i openssh-server/permit-root-login boolean false
d-i preseed/late_command string mkdir -p /target/etc/apt/sources.list.d /target/mnt/bgstack15 /target/mnt/public /target/etc/apt/sources.list.d /target/root/input ; touch /target/etc/apt/sources.list.d/empty ; cd /target/etc/apt ; \
in-target apt-get install -q -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" gpg grub-pc sudo ; \
in-target curl --no-progress-meter --output /root/set-local-devuan-repo.sh http://www.example.com/internal/Support/Platforms/devuan/scripts/set-local-devuan-repo.sh ; in-target sh /root/set-local-devuan-repo.sh ; \
in-target curl --no-progress-meter --output /root/input/52apt-file-stackrpms.conf http://www.example.com/internal/Support/Platforms/devuan/scripts/input/52apt-file-stackrpms.conf ; in-target curl --no-progress-meter --output /root/set-my-repos.sh http://www.example.com/internal/Support/Platforms/devuan/scripts/set-my-repos.sh ; in-target sh /root/set-my-repos.sh || : ; \
in-target rm /etc/apt/trusted.gpg.d/ceres.gpg || : ; \
in-target curl --no-progress-meter http://www.example.com/internal/certs/ca-ipa.internal.com.crt --output /usr/local/share/ca-certificates/ca-ipa.internal.com.crt && in-target update-ca-certificates || : ; \
in-target apt-get install -q -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" alsamixergui alttab bgconf bgscripts bgscripts-core ca-certificates cifs-utils curl desktop-base fluxbox fluxbox-themes-stackrpms freeipa-client freeipa-helper git grub-pc gtk3-nocsd gtk3-nooverlayscrollbar krb5-auth-dialog logout-manager man mlocate net-tools newmoon nfs-common ntpdate oddjob-mkhomedir=0.0.1-1 p7zip parted postfix qemu-guest-agent rsync scite screen spice-vdagent strace sudo tcpdump ublock-origin-combined vim vlc volumeicon-alsa xdgmenumaker xfce4-terminal xfe xserver-xorg-input-libinput xserver-xorg-video-qxl ; \
in-target apt-mark hold oddjob-mkhomedir ; \
rm -f /target/etc/apt/sources.list.d/empty || : ; \
in-target sed -i -r -e '/^\s*linux/s/(\s*console=.{1,7}[0-9])*\s*$/ console=tty0 console=ttyS0/;' /boot/grub/grub.cfg || : ; \
in-target sed -i -r -e '/^\s*kernel/s/(\s*console=.{1,7}[0-9])*\s*$/ console=tty0 console=ttyS0/;' /boot/grub/menu.lst || : ; \
in-target sed -i -r -e '$aT0:23:respawn:/sbin/getty -L ttyS0 9600 vt100' /etc/inittab ; \
in-target apt-get update ; \
in-target apt-get purge -q -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" consolekit exim4\* lxqt\* udev ; \
in-target curl --no-progress-meter --output /root/lightdm-elogind.sh http://www.example.com/internal/Support/Platforms/devuan/scripts/lightdm-elogind.sh ; in-target sh /root/lightdm-elogind.sh -y ; \
in-target su bgstack15-local -c "sudo /usr/bin/bgconf.py -d 10 1>/home/bgstack15-local/clone.log 2>&1" ; \
in-target wget -O /root/update-devuan.sh http://www.example.com/internal/Support/Platforms/devuan/scripts/update-devuan.sh ; in-target sh /root/update-devuan.sh preseed ; \
in-target curl --no-progress-meter --output /root/send-mail-ip-address.sh http://www.example.com/internal/Support/Platforms/devuan/scripts/send-mail-ip-address.sh ; in-target sh /root/send-mail-ip-address.sh bgstack15@gmail.com ;
Explanations
Some of the choices here need explanation. New since March 2020 is "partman-
auto-lvm/guided_size string 100%". I like to use lvm for my VMs because I
sometimes need to extend filesystems (particularly when trying to build
mozilla-based browsers). I use my own local mirror of Devuan but it is a truly
flattened repository and not the complex amprolla two-layer (proxying back to
usptream Debian files) ordeal that upstream Devuan uses. It makes it possible
for me to understand that apt repo, as well as facilitates the speed of
downloads when it's just across my LAN! I discovered that a good portion of my
logic that used to be in my preseed late_command I have already replicated
with various shell scripts. So I just download them and execute them. They are
included here as appendices. I install grub-pc (which is grub2) instead of
grub-legacy like I used to. I forget why and don't care. I'm more familiar
with grub2 anyway. There's some busted ceres.gpg file that could be part of
the alpha-release ISO but it's not important for some odd reason. I always
enable popcon to contribute stats upstream. Vote
early, and vote often! The big apt-get install list has multiple choices in it
that are significant. I don't use the pkgsel include
because it would always
flake out and I got tired of troubleshooting it.
- The bgconf, bgscripts, and stackrpm options are all my own packages for my own themes, files, configurations, etc. However, some logic in the scripts that this preseed run depend on bgscripts-core specifically.
- newmoon and waterfox are just my preferred web browsers
- oddjob-mkhomedir is a custom empty package to satisfy freeipa-common requirements. I describe it in article Devuan join freeipa domain
- qemu-guest-agent and spice-vdagent. While a modern Devuan installer will recognize it's in qemu and install that package, it doesn't catch spice-vdagent, which is incredibly useful including for resizing the screen of the guest console
- xserver-xorg-input-libinput and xserver-xorg-video-xql are the drivers to enable mouse and keyboard input and graphical (X11) output on the guest in spice-viewer. These are explicitly listed now but in the past they were not specifically named; I'm guessing they are no longer part of -all packages or similar.
One of my scripts, as you will see below, uses a glob of
/etc/apt/sources.list.d/*
and to stave off any errors I just made an empty
file. The grub.cfg an dmenu.lst logic add a serial
console to the VM which I've already covered a
few times. I dislike exim and not just because of it's security
vulnerabilities; it had some weird bugs a few years ago and also I just don't
like it. So I use postfix xor sendmail like a graybeard.
Appendices
set-local-devuan-repo.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
|
set-my-repos.sh
This script also uses file input/52apt-file-stackrpms.conf.
# File: /etc/apt/apt.preferences.d/52apt-file-stackrpms.conf
# Part of support devuan scripts
# This enables the flat apt repos in internal to be supported by apt-file
Acquire::IndexTargets {
deb::Contents-stackrpms {
MetaKey "Contents-$(ARCHITECTURE)";
ShortDescription "Contents-$(ARCHITECTURE)";
Description "$(RELEASE) $(ARCHITECTURE) Contents (deb)";
flatMetaKey "Contents-$(ARCHITECTURE)";
flatDescription "$(RELEASE) Contents (deb)";
PDiffs "true";
KeepCompressed "true";
DefaultEnabled "false";
Identifier "Contents-deb";
};
};
And now, set-my-repos.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 |
|
This script just enforces the contents of /etc/apt/sources.list.d/.
lightdm-elogind.sh
1 2 3 4 5 6 7 8 9 10 11 |
|
update-devuan.sh
This script is already covered in Unattended updates for Devuan Ceres, 2021 edition
send-mail-ip-address.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
|
Comments