| #_preseed_V1 |
| |
| # Basic Debian10 (buster) installer preseed file for Skolo machines. Assumes additional setup |
| # post-installation to reset the password for the chrome-bot user and overwrite |
| # /home/chrome-bot/.ssh/authorized_keys. |
| # Based on https://www.debian.org/releases/stretch/example-preseed.txt, retrieved 2018-01-17. |
| # Documentation of preseed files at https://www.debian.org/releases/buster/amd64/apb.en.html |
| # |
| # Note this warning in the example file ("d-i" is an abbreviation for Debian installer): |
| # d-i preseeding is inherently not secure. Nothing in the installer checks |
| # for attempts at buffer overflows or other exploits of the values of a |
| # preconfiguration file like this one. Only use preconfiguration files from |
| # trusted locations! |
| # |
| #################################################################################################### |
| # Making a USB stick: |
| #################################################################################################### |
| # 1. Create a modifiable Debian installer USB stick. |
| # a. Download a Debian Installer CD ISO. Maybe helpful to include third-party firmware. (I used |
| # debian-live-10.1.0-amd64-cinnamon+nonfree.iso.) |
| # b. Format USB stick (replace "foo" with device name): |
| # - sudo fdisk /dev/foo |
| # - g (Create a new GPT) |
| # - n (Create new partition) |
| # - 1 (Partition number) |
| # - Enter, enter (default start/end for max size) |
| # - t (Change partition type) |
| # - (If necessary:) 1 (Select partition 1) |
| # - 1 (EFI System) |
| # - w (Write partition table) |
| # c. sudo mkfs.fat -F32 /dev/foo1 |
| # d. Mount USB partition |
| # - sudo mkdir /mnt/usb |
| # - sudo mount /dev/foo1 /mnt/usb |
| # e. Install GRUB to the USB EFI partition |
| # - sudo grub-install --target x86_64-efi --efi-directory /mnt/usb/ --removable --boot-directory=/mnt/usb/boot |
| # f. Mount ISO |
| # - sudo mkdir /mnt/iso |
| # - sudo mount -o loop Downloads/debian-live-9.4.0-amd64-cinnamon+nonfree.iso /mnt/iso |
| # g. Copy all files from ISO to USB (ISO has a dir named .disk that * doesn't match) |
| # - sudo cp -R /mnt/iso/* /mnt/usb/ |
| # - sudo cp -R /mnt/iso/.disk/ /mnt/usb/ |
| # 2. Copy this file to the root of the USB stick. |
| # - sudo cp debian-preseed.cfg /mnt/usb/ |
| # 3. Add/modify a menuentry in boot/grub/grub.cfg: |
| # - md5sum /mnt/usb/debian-preseed.cfg |
| # - sudo nano /mnt/usb/boot/grub/grub.cfg |
| # - Add the following before any other menuentry lines, replacing ... with the output from |
| # above. |
| # set default="0" |
| # set timeout=15 |
| # menuentry "Preeseeded Debian Installer" { |
| # linux /d-i/vmlinuz auto=true file=/cdrom/debian-preseed.cfg preseed-md5=... "${loopback}" |
| # initrd /d-i/initrd.gz |
| # } |
| # 4. Cleanup |
| # - sudo umount /mnt/iso /mnt/usb |
| # - sudo rmdir /mnt/iso /mnt/usb |
| # 5. Label the USB stick with |
| # "WARNING: booting this will wipe the hard disk with no confirmation! |
| # Debian 10.1.0 preseed" |
| # |
| #################################################################################################### |
| # Updating for a new version |
| #################################################################################################### |
| # 1. In this file, replace buster with the next codename. |
| # 2. Compare the current release example-preseed.txt with buster and apply any relevant changes. |
| # 3. Create a new USB stick and test the installation. |
| # 4. If the installer paused for input, after the install is complete, copy the relevant parts of |
| # 'debconf-get-selections --installer' and/or 'debconf-get-selections' to this file. |
| # 5. Repeat steps 3-5 until the installer can run unattended. |
| #################################################################################################### |
| |
| ### Localization |
| # Preseeding only locale sets language, country and locale. |
| d-i debian-installer/locale string en_US |
| |
| # Keyboard selection. |
| d-i keyboard-configuration/xkb-keymap select us |
| |
| ### Network configuration |
| # netcfg will choose an interface that has link if possible. This makes it |
| # skip displaying a list if there is more than one interface. |
| d-i netcfg/choose_interface select auto |
| |
| #################################################################################################### |
| # For bots that have a wifi chip, we try to disable it in the BIOS. Some bots, like the Braswell |
| # NUC5PPYH, don't allow the wifi chip to be disabled, which means you must specify the network link |
| # you want to use (otherwise, the wifi might get selected which requires a WIFI prompt and other |
| # unwanted behavior). Unfortunately, the name "eth1" has more or less been deprecated and not used |
| # in modern Linux distros, so one has to specify the *exact* name here, requiring a different |
| # preseed config for different batches of bots. kjlubick simply made one for the Braswell bots with |
| # the line below instead of the "choose_interface select auto" line above. |
| # |
| # Alternatively, one can manually edit the boot line before starting the installer, or add more boot |
| # options to the menu with different network interfaces specified. See preseed docs for more info. |
| #d-i netcfg/choose_interface select enp3s0 |
| #################################################################################################### |
| |
| # Any hostname and domain names assigned from dhcp take precedence over |
| # values set here. However, setting the values still prevents the questions |
| # from being shown, even if values come from dhcp. |
| d-i netcfg/get_hostname string unassigned-hostname |
| d-i netcfg/get_domain string unassigned-domain |
| |
| # Disable that annoying WEP key dialog. |
| d-i netcfg/wireless_wep string |
| |
| # If non-free firmware is needed for the network or other hardware, you can |
| # configure the installer to always try to load it, without prompting. |
| d-i hw-detect/load_firmware boolean true |
| |
| ### Mirror settings |
| apt-mirror-setup apt-setup/use_mirror boolean true |
| d-i mirror/country string manual |
| d-i mirror/http/hostname string http.us.debian.org |
| d-i mirror/http/directory string /debian |
| d-i mirror/http/proxy string |
| |
| # Suite to install. |
| d-i mirror/suite string buster |
| |
| ### Account setup |
| # Skip creation of a root account (normal user account will be able to use sudo). (If this is set to |
| # true, chrome-bot user can't use sudo.) |
| d-i passwd/root-login boolean false |
| |
| # To create a normal user account. |
| d-i passwd/user-fullname string chrome-bot |
| d-i passwd/username string chrome-bot |
| # This is the hash of the temporary password that can be found in Valentine under |
| # "debian9-preseed.cfg." Generated with: |
| # > mkpasswd -m sha-512 <password> |
| d-i passwd/user-password-crypted password \ |
| $6$3cgN2NkwPUSrJ1T6$kMw8sP1suFA0fF8n8EwgYtgHgROOwuH7yKAtLBfx3z4heqRX1fe3T0UTGF1wd5v5AxBcGK4385WhtA2ZqiW1m/ |
| |
| ### Clock and time zone setup |
| # Controls whether or not the hardware clock is set to UTC. |
| d-i clock-setup/utc boolean true |
| |
| # You may set this to any valid setting for $TZ; see the contents of |
| # /usr/share/zoneinfo/ for valid values. |
| d-i time/zone string US/Eastern |
| |
| # Controls whether to use NTP to set the clock during the install |
| d-i clock-setup/ntp boolean true |
| # NTP server to use. We use the local router. |
| d-i clock-setup/ntp-server string 192.168.1.1 |
| |
| ### Partitioning |
| # - lvm: use LVM to partition the disk |
| d-i partman-auto/method string lvm |
| partman-auto partman-auto/method string lvm |
| # No clue what this means or why above is not enough to pick LVM. |
| partman-auto partman-auto/init_automatically_partition select 60some_device_lvm__________lvm |
| |
| # Use largest disk (i.e. not USB stick) for installation. |
| d-i partman/early_command string \ |
| largest=""; \ |
| largest_size="0"; \ |
| for d in /sys/block/*; do \ |
| d_size="$(cat $d/size)"; \ |
| if [ "$d_size" -gt "$largest_size" ]; then \ |
| largest="$(basename $d)"; \ |
| largest_size="$d_size"; \ |
| fi; \ |
| done; \ |
| debconf-set partman-auto/disk "/dev/$largest"; |
| |
| partman-auto-lvm partman-auto-lvm/guided_size string max |
| partman-auto-lvm partman-auto-lvm/new_vg_name string primary-vg |
| |
| # If one of the disks that are going to be automatically partitioned |
| # contains an old LVM configuration, the user will normally receive a |
| # warning. This can be preseeded away... |
| d-i partman-lvm/device_remove_lvm boolean true |
| # The same applies to pre-existing software RAID array: |
| d-i partman-md/device_remove_md boolean true |
| # And the same goes for the confirmation to write the lvm partitions. |
| d-i partman-lvm/confirm boolean true |
| d-i partman-lvm/confirm_nooverwrite boolean true |
| |
| # You can choose one of the three predefined partitioning recipes: |
| # - atomic: all files in one partition |
| # - home: separate /home partition |
| # - multi: separate /home, /var, and /tmp partitions |
| d-i partman-auto/choose_recipe select atomic |
| |
| # This makes partman automatically partition without confirmation, provided |
| # that you told it what to do using one of the methods above. |
| d-i partman-partitioning/confirm_write_new_label boolean true |
| d-i partman/choose_partition select finish |
| d-i partman/confirm boolean true |
| d-i partman/confirm_nooverwrite boolean true |
| |
| ### Apt setup |
| # You can choose to install non-free and contrib software. |
| d-i apt-setup/non-free boolean true |
| d-i apt-setup/contrib boolean true |
| |
| ### Package selection |
| tasksel tasksel/first multiselect standard, desktop |
| |
| # Whether to upgrade packages after debootstrap. |
| # Allowed values: none, safe-upgrade, full-upgrade |
| d-i pkgsel/upgrade select full-upgrade |
| |
| ### Boot loader installation |
| # This is fairly safe to set, it makes grub install automatically to the MBR |
| # if no other operating system is detected on the machine. |
| d-i grub-installer/only_debian boolean true |
| |
| # This one makes grub-installer install to the MBR if it also finds some other |
| # OS, which is less safe as it might not be able to boot that other OS. |
| d-i grub-installer/with_other_os boolean true |
| |
| ### Finishing up the installation |
| # Avoid that last message about the install being complete. |
| d-i finish-install/reboot_in_progress note |
| |
| ### SSH setup |
| # Install openssh-server. |
| d-i preseed/late_command string \ |
| apt-install openssh-server; |
| |