summaryrefslogtreecommitdiff
path: root/preseed.cfg
blob: 526838a2e95207b5d73e8da7627a15e3fd57f95a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
# File: /mnt/public/Support/Platforms/devuan/devuan-preseed1.txt
# Locations:
#    /mnt/public/Support/Platforms/devuan/devuan-preseed1.txt
# Author: bgstack15
# Startdate: 2019-06-25
# Title: Preseed for devuan vms for ipa.smith122.com
# Purpose: To provide an easy installation for VMs and other systems in the Mersey network
# History:
#    2017-06 I learned how to use kickstart files for the RHCSA EX-200 exam
#    2017-08-08 Added notifyemail to --extra-args
#    2017-10-29 major revision to use local repository
#    2019-06-25 fork from centos7-ks.cfg
#    2018-12-29 fix up repos and in-target conclusion stuff
#    2020-02-27 heavy rewrite to use ascii 2.1
#    2021-05-16 bump to chimaera which upgrades self to ceres
#    2023-01-20 kernel cmdline, remove newmoon
#    2023-02-28 add ssh_config EnableEscapeCommandline yes, disable apparmor for sssd
#    2023-06-26 add configure-postfix.sh
# Usage with virt-install:
#    vm=d2-04a ; time sudo virt-install -n "${vm}" --memory 2048 --vcpus=1 --os-variant=debiantesting -v --disk path=/var/lib/libvirt/images/"${vm}".qcow2,size=20 -l /mnt/public/Support/SetupsBig/Linux/devuan_daedalus_5.0.preview-20230116_amd64_netinstall.iso --initrd-inject=/mnt/public/Support/Platforms/devuan/preseed/preseed.cfg --extra-args "NOTIFYEMAIL=bgstack15@gmail.com interface=auto netcfg/get_hostname=${vm}" --debug --network type=bridge,source=br0 --noautoconsole
#    vm=d2-04a; sudo virsh destroy "${vm}"; sudo virsh undefine --remove-all-storage "${vm}";
# Reference:
#    https://sysadmin.compxtreme.ro/automatically-set-the-hostname-during-kickstart-installation/
#    /mnt/public/Support/Platforms/CentOS7/install-vm.txt
#    https://serverfault.com/questions/481244/preseed-command-string-fail-with-newline-character-using-virt-install-initrd-inj
#    https://www.debian.org/releases/stable/i386/apbs01.html.en
#    https://github.com/jameswthorne/preseeds/blob/master/debian-7-wheezy-unattended.seed
#    syntax for --location https://www.queryxchange.com/q/1_908324/virt-install-preseed-not-working/
#    example preseed https://www.debian.org/releases/stable/example-preseed.txt
#    skip next dvd question https://unix.stackexchange.com/questions/409212/preseed-directive-to-skip-another-cd-dvd-scanning
#    grub problem caused by consolekit:amd64 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915947#10
#    https://stackoverflow.com/questions/39861614/how-to-fully-automate-unattended-virt-install
#    https://www.debian.org/releases/stable/i386/apbs03.html.en
#    https://dev1galaxy.org/viewtopic.php?id=1853
#    https://www.cyberciti.biz/faq/howto-setup-serial-console-on-debian-linux/
#    https://github.com/virt-manager/virt-manager/blob/master/virtinst/install/urldetect.py
#    /mnt/public/Support/Platforms/devuan/fix-virt-manager.txt
#    https://dev1galaxy.org/viewtopic.php?id=3332
#    https://ubuntuforums.org/showthread.php?t=2387570
#    sudo debconf-get-selections -c /mnt/public/Support/Platforms/devuan/preseed/preseed.cfg
#    on d2-03a: sudo debconf-get-selections --installer
#    https://serverfault.com/questions/593388/unable-to-nfs-mount-in-debian-preseed-target/593389
#    https://preseed.debian.net/debian-preseed/sid/amd64-main-full.txt
#    https://bgstack15.ddns.net/blog/posts/2020/12/03/disable-apparmor-for-sssd/
# Improve:
#    discover how to send email, using postfix or sendmail. Don't care which, but exclude exim4.
#    echo "$( hostname ) has IP $( ip -4 -o a s eth0 | awk '{print $4}' | sed -r -e 's/\/.*$//' )" | 
# Dependencies:
#    configure-postfix uses my gmail+smtp+oauth2 postfix relay

d-i debian-installer/country string US
d-i debian-installer/keymap select us
d-i debian-installer/language string en
d-i debian-installer/locale string en_US
d-i localechooser/supported-locales string en_US.UTF-8

d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/variantcode string
d-i keyboard-configuration/xkb-keymap select us

d-i netcfg/disable_autoconfig boolean false
# The hostname is supposed to come from the kernel cmdline in the virt-install invocation
#d-i netcfg/get_hostname string NONE
d-i netcfg/get_domain string ipa.smith122.com
d-i netcfg/wireless_wep string
# disable asking for non-free firmware, because this is a vm and has none
d-i hw-detect/load_firmware boolean false

#d-i apt-setup/enable-source-repositories boolean false
# ORIGINAL d-i apt-setup/services-select multiselect security updates, release updates, backported software
d-i apt-setup/services-select multiselect release updates
d-i apt-setup/contrib boolean true
d-i apt-setup/disable-cdrom-entries boolean true
d-i apt-setup/non-free boolean true
d-i apt-setup/use_mirror boolean true
d-i mirror/country string manual
d-i mirror/http/directory string /merged
d-i mirror/http/hostname string deb.devuan.org
d-i mirror/http/proxy string
d-i mirror/protocol string http
d-i mirror/suite string testing

d-i apt-setup/cdrom/set-failed boolean false
d-i apt-setup/cdrom/set-first boolean false
d-i apt-setup/cdrom/set-next boolean false

## my repos and ceres
d-i apt-setup/local0/comment    string smith122deb
d-i apt-setup/local0/key        string http://albion320.no-ip.biz/smith122/repo/deb/smith122deb.gpg
d-i apt-setup/local0/repository string http://albion320.no-ip.biz/smith122/repo/deb/ /
d-i apt-setup/local1/comment    string devuan-deb
d-i apt-setup/local1/key        string http://albion320.no-ip.biz/smith122/repo/deb/smith122deb.gpg
d-i apt-setup/local1/repository string http://albion320.no-ip.biz/smith122/repo/devuan-deb/ /
d-i apt-setup/local2/comment    string ceres
d-i apt-setup/local2/key        string http://albion320.no-ip.biz/mirror/devuan/dists/ceres/Release.gpg
d-i apt-setup/local2/repository string http://albion320.no-ip.biz/mirror/devuan ceres main contrib non-free
#d-i apt-setup/local2/key        string http://pkgmaster.devuan.org/merged/dists/ceres/Release.gpg
#d-i apt-setup/local2/repository string http://pkgmaster.devuan.org/merged ceres main contrib non-free
d-i apt-setup/local3/comment    string obsmirror
d-i apt-setup/local3/key        string http://albion320.no-ip.biz/mirror/obs/Release.key
d-i apt-setup/local3/repository string http://albion320.no-ip.biz/mirror/obs/ /
d-i apt-setup/local4/comment    string obsmirror-gtk3-classic
d-i apt-setup/local4/key        string http://albion320.no-ip.biz/mirror/obs-gtk3-classic/Release.key
d-i apt-setup/local4/repository string http://albion320.no-ip.biz/mirror/obs-gtk3-classic/ /
# if for some reason I really need to turn off the gpg key check:
#d-i debian-installer/allow_unauthenticated boolean false

#tasksel tasksel/first multiselect standard, ssh-server
tasksel tasksel/first multiselect none

# adapted from /mnt/public/Support/Platforms/devuan/devuan.txt, main fluxbox desktop, but for a vm
# no xscreensaver, for a vm.
#d-i pkgsel/include string \
#   alsamixergui alttab apt-transport-https bgconf bgscripts bgscripts-core \
#   cifs-utils curl fluxbox freeipa-client git grub lightdm lightdm-gtk-greeter \
#   mlocate net-tools nfs-common ntpdate openssh-server \
#   p7zip palemoon palemoon-ublock-origin parted qemu-guest-agent rsync scite \
#   screen spice-vdagent strace sudo tcpdump vim vlc volumeicon-alsa waterfox \
#   xfce4-terminal xfe xserver-xorg-video-qxl fluxbox-themes-stackrpms
#d-i pkgsel/include string cifs-utils curl grub lightdm vim sudo vlc screen p7zip nfs-common
d-i pkgsel/include string openssh-server wget curl

d-i pkgsel/upgrade select none

popularity-contest popularity-contest/participate boolean true

d-i clock-setup/ntp boolean true
d-i clock-setup/ntp-server string dns1.ipa.smith122.com
d-i time/zone string America/New_York

# skip grub during main part, because we will do it in late_command
#d-i grub-installer/skip boolean true
#d-i grub-installer/skip-again boolean true
#d-i grub-installer/skip-confirm boolean true
#d-i grub-installer/confirm_skip boolean true
#d-i nobootloader/confirmation_common boolean true
d-i     choose-init/select_init select  sysvinit
d-i     choose-init/selected_sysvinit bool   true
grub-installer  grub-installer/choose_bootdev   select  /dev/vda

d-i lilo-installer/skip boolean true
#d-i grub-installer/with_other_os boolean true
d-i grub-installer/only_debian boolean true
d-i grub-installer/grub2_instead_of_grub_legacy boolean true
#d-i grub-installer/bootdev string /dev/vda
#d-i grub-installer/choose_bootdev select /dev/vda
#grub-installer grub-installer/force-efi-extra-removable boolean false

d-i passwd/root-password password f0rg3tkickstart&
d-i passwd/root-password-again password f0rg3tkickstart&

d-i partman-auto/choose_recipe select home
d-i partman-auto-crypto/erase_disks boolean false
d-i partman-auto/disk string /dev/vda
d-i partman-auto/init_automatically_partition select biggest_free
d-i partman-auto/method string lvm
d-i partman/choose_label string gpt
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman/confirm_write_new_label boolean true
d-i partman/default_label string gpt
#d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-md/confirm_nooverwrite boolean true
#d-i partman/mount_style select uuid
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman-auto-lvm/guided_size string 100%

# Uncomment this to add multiarch configuration for i386
#d-i apt-setup/multiarch string i386

d-i passwd/make-user boolean true
d-i passwd/user-fullname string bgirton-local
d-i passwd/username string bgirton-local
d-i passwd/user-password-crypted password $6$85aKM2DkiD5g9r3D$zkbcVES1Bzu.b5dBJxklSggEJzswZBlVAyc9LUUIzMA2OLRH2PD2ZWE9Q40Wtw/3OOxDM2nF031hfD4s5LGuG1
d-i passwd/user-default-groups string audio cdrom video

d-i finish-install/reboot_in_progress note
d-i cdrom-detect/eject boolean true

# additional application stuff just in case it works and is useful
# LDAP server URI:
d-i shared/ldapns/ldap-server	string	ldapi:///ipa.smith122.com

d-i openssh-server/password-authentication	boolean	true
d-i openssh-server/permit-root-login	boolean	false

# Sometimes the update-devuan has to happen before the laundry list of packages, because upgrading from some stable release to Ceres causes package numbering-name mismatches.
d-i preseed/late_command string mkdir -p /target/etc/apt/sources.list.d /target/mnt/bgirton /target/mnt/public /target/etc/apt/sources.list.d /target/root/input ; touch /target/etc/apt/sources.list.d/empty ; cd /target/etc/apt ; \
   in-target apt-get install -q -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" gpg grub-pc sudo ; \
   in-target curl --no-progress-meter --output /root/set-local-devuan-repo.sh http://albion320.no-ip.biz/smith122/Support/Platforms/devuan/scripts/set-local-devuan-repo.sh ; in-target sh /root/set-local-devuan-repo.sh ; \
   in-target curl --no-progress-meter --output /root/input/52apt-file-stackrpms.conf http://albion320.no-ip.biz/smith122/Support/Platforms/devuan/scripts/input/52apt-file-stackrpms.conf ; in-target curl --no-progress-meter --output /root/set-my-repos.sh http://albion320.no-ip.biz/smith122/Support/Platforms/devuan/scripts/set-my-repos.sh ; in-target sh /root/set-my-repos.sh || : ; \
   in-target rm /etc/apt/trusted.gpg.d/ceres.gpg || : ; \
   in-target curl --no-progress-meter http://albion320.no-ip.biz/smith122/certs/ca-ipa.smith122.com.crt --output /usr/local/share/ca-certificates/ca-ipa.smith122.com.crt && in-target update-ca-certificates || : ; \
   in-target wget -O /root/update-devuan.sh http://albion320.no-ip.biz/smith122/Support/Platforms/devuan/scripts/update-devuan.sh ; in-target sh /root/update-devuan.sh preseed ; \
   in-target apt-get install -q -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" alsamixergui alttab bgconf bgscripts bgscripts-core ca-certificates cifs-utils curl desktop-base fluxbox fluxbox-themes-stackrpms freeipa-client freeipa-helper git grub-pc gtk3-automnemonics gtk3-nocsd gtk3-nooverlayscrollbar krb5-auth-dialog librewolf logout-manager man mlocate net-tools nfs-common ntpdate p7zip parted postfix qemu-guest-agent rsync scite screen spice-vdagent strace sudo tcpdump ublock-origin-combined vim vlc volumeicon-alsa xdgmenumaker xfce4-terminal xfe xserver-xorg-input-libinput xserver-xorg-video-qxl ; \
   rm -f /target/etc/apt/sources.list.d/empty || : ; \
   in-target sed -i -r -e '/^\s*linux/s/(\s*console=.{1,7}[0-9])*\s*$/ console=tty0 console=ttyS0/;' /boot/grub/grub.cfg || : ; \
   in-target sed -i -r -e '/^\s*kernel/s/(\s*console=.{1,7}[0-9])*\s*$/ console=tty0 console=ttyS0/;' /boot/grub/menu.lst || : ; \
   in-target sed -i -r -e '$aT0:23:respawn:/sbin/getty -L ttyS0 9600 vt100' /etc/inittab ; \
   in-target apt-get update ; \
   in-target apt-get purge -q -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" consolekit exim4\* lxqt\* udev ; \
   in-target curl --no-progress-meter --output /root/lightdm-elogind.sh http://albion320.no-ip.biz/smith122/Support/Platforms/devuan/scripts/lightdm-elogind.sh ; in-target sh /root/lightdm-elogind.sh -y ; \
   in-target su bgirton-local -c "sudo /usr/bin/bgconf.py -d 10 1>/home/bgirton-local/clone.log 2>&1" ; \
   in-target updateval -a -v /etc/ssh/ssh_config '^\s*EnableEscapeCommandline.*' 'EnableEscapeCommandline yes' ; \
   in-target ln -sf /etc/apparmor.d/usr.sbin.sssd /etc/apparmor.d/disable/ ; \
   in-target apparmor_parser -R /etc/apparmor.d/usr.sbin.sssd ; \
   in-target curl --no-progress-meter --output /root/lightdm-elogind.sh http://albion320.no-ip.biz/smith122/Support/Platforms/devuan/scripts/configure-postfix.sh ; in-target sh /root/configure-postfix.sh ; \
   in-target curl --no-progress-meter --output /root/send-mail-ip-address.sh http://albion320.no-ip.biz/smith122/Support/Platforms/devuan/scripts/send-mail-ip-address.sh ; in-target sh /root/send-mail-ip-address.sh bgstack15@gmail.com ;
bgstack15