ministicraft/packer-ministack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: preseed

Browse Source
This commit is contained in:
Prémel-Cabic Arnaud
2024-05-08 20:27:09 +02:00
parent 71d6b22b81
commit 63e56664bc
3 changed files with 79 additions and 196 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
autoinstall/preseed.cfg
View File

@@ -1,7 +1,8 @@
#_preseed_V1
#### Contents of the preconfiguration file (for booksworm)
#### Contents of the preconfiguration file (for bookworm)
### Localization
# Preseeding only locale sets language, country and locale.
#d-i debian-installer/locale string en_US.UTF-8
d-i debian-installer/locale string en_US.UTF-8
# The values can also be preseeded individually for greater flexibility.
d-i debian-installer/language string en
@@ -9,13 +10,12 @@ d-i debian-installer/country string FR
d-i debian-installer/locale string en_US.UTF-8
# Optionally specify additional locales to be generated.
d-i localechooser/supported-locales multiselect en_US.UTF-8, fr_FR.UTF-8
#d-i debian-installer/fallbacklocale select fr_FR.UTF-8
#d-i debian-installer/locale select en_US.UTF-8
# Keyboard selection.
d-i keyboard-configuration/xkb-keymap select fr
d-i console-keymaps-at/keymap select fr-latin9
d-i debian-installer/keymap string fr-latin9
# d-i keyboard-configuration/toggle select No toggling
### Network configuration
# Disable network configuration entirely. This is useful for cdrom
@@ -27,13 +27,16 @@ d-i debian-installer/keymap string fr-latin9
# skip displaying a list if there is more than one interface.
d-i netcfg/choose_interface select auto
# To pick a particular interface instead:
#d-i netcfg/choose_interface select eth1
# To set a different link detection timeout (default is 3 seconds).
# Values are interpreted as seconds.
d-i netcfg/link_wait_timeout string 5
#d-i netcfg/link_wait_timeout string 10
# If you have a slow dhcp server and the installer times out waiting for
# it, this might be useful.
d-i netcfg/dhcp_timeout string 60
#d-i netcfg/dhcp_timeout string 60
#d-i netcfg/dhcpv6_timeout string 60
# Automatic network configuration is the default.
@@ -86,7 +89,7 @@ d-i netcfg/wireless_wep string
# If non-free firmware is needed for the network or other hardware, you can
# configure the installer to always try to load it, without prompting. Or
# change to false to disable asking.
d-i hw-detect/load_firmware boolean false
d-i hw-detect/load_firmware boolean true
### Network console
# Use the following settings if you wish to make use of the network-console
@@ -102,7 +105,7 @@ d-i hw-detect/load_firmware boolean false
# If you select ftp, the mirror/country string does not need to be set.
# Default value for the mirror protocol: http.
#d-i mirror/protocol string ftp
d-i mirror/country string FR
d-i mirror/country string manual
d-i mirror/http/hostname string deb.debian.org
d-i mirror/http/directory string /debian
d-i mirror/http/proxy string
@@ -115,24 +118,21 @@ d-i mirror/http/proxy string
### Account setup
# Skip creation of a root account (normal user account will be able to
# use sudo).
d-i passwd/root-login boolean true
d-i passwd/root-login boolean false
# Alternatively, to skip creation of a normal user account.
d-i passwd/make-user boolean false
#d-i passwd/make-user boolean true
# Root password, either in clear text
d-i passwd/root-password password packer
d-i passwd/root-password-again password packer
#d-i passwd/root-password password packer
#d-i passwd/root-password-again password packer
# or encrypted using a crypt(3) hash.
#d-i passwd/root-password-crypted password [$6$vnNlrAnstgaHYy3U$G2cn0/JQ.U1ssiugJNT4HAbFoOdlduSigYF7wP8DdpJin6W9ddbbjJXPSAU98.8jLn18wSfDNkBqesxdz6pm50]
# To create a normal user account.
#d-i passwd/user-fullname string packer
#d-i passwd/username string packer
# Normal user's password, either in clear text
#d-i passwd/user-password password packer
#d-i passwd/user-password-again password packer
# or encrypted using a crypt(3) hash.
#d-i passwd/user-password-crypted password [$6$vnNlrAnstgaHYy3U$G2cn0/JQ.U1ssiugJNT4HAbFoOdlduSigYF7wP8DdpJin6W9ddbbjJXPSAU98.8jLn18wSfDNkBqesxdz6pm50]
d-i passwd/user-fullname string debian
d-i passwd/username string debian
# mkpasswd -m sha-512 -S $(pwgen -ns 16 1) <password>
d-i passwd/user-password-crypted password [$6$L90Sg2c4Ymxre7W0$2lXvpEfio6tlSreW7aYVQ3X2bO3ela0dw97jIgo4WdsWFczsFp/jLExku4Rfxoi9/uYwuzubusAS1waDCqhos1]
# Create the first user with the specified UID instead of the default.
#d-i passwd/user-uid string 1010
@@ -327,8 +327,8 @@ d-i apt-setup/cdrom/set-first boolean false
# You can choose to install non-free firmware.
#d-i apt-setup/non-free-firmware boolean true
# You can choose to install non-free and contrib software.
#d-i apt-setup/non-free boolean true
#d-i apt-setup/contrib boolean true
d-i apt-setup/non-free boolean true
d-i apt-setup/contrib boolean true
# Uncomment the following line, if you don't want to have the sources.list
# entry for a DVD/BD installation image active in the installed system
# (entries for netinst or CD images will be disabled anyway, regardless of
@@ -366,6 +366,7 @@ d-i apt-setup/security_host string security.debian.org
# Uncomment this to add multiarch configuration for i386
#d-i apt-setup/multiarch string i386
### Package selection
tasksel tasksel/first multiselect standard, ssh-server
@@ -374,7 +375,7 @@ tasksel tasksel/first multiselect standard, ssh-server
#d-i pkgsel/run_tasksel boolean false
# Individual additional packages to install
d-i pkgsel/include string ca-certificates cloud-init qemu-guest-agent sudo
d-i pkgsel/include string ca-certificates cloud-init qemu-guest-agent sudo unattended-upgrades
# Whether to upgrade packages after debootstrap.
# Allowed values: none, safe-upgrade, full-upgrade
d-i pkgsel/upgrade select safe-upgrade
@@ -450,6 +451,7 @@ d-i cdrom-detect/eject boolean true
# debconf-get-selections --installer > file
# debconf-get-selections >> file
#### Advanced options
### Running custom commands during the installation
# d-i preseeding is inherently not secure. Nothing in the installer checks
@@ -472,4 +474,9 @@ d-i cdrom-detect/eject boolean true
# directly, or use the apt-install and in-target commands to easily install
# packages and run commands in the target system.
#d-i preseed/late_command string
d-i preseed/late_command string in-target sed -e 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' -i /etc/ssh/sshd_config
d-i preseed/late_command string \
in-target sed -e 's/#PermitRootLogin prohibit-password/PermitRootLogin no/' -i /etc/ssh/sshd_config; \
in-target sed -e 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/' -i /etc/ssh/sshd_config; \
in-target sed -e 's/#PasswordAuthentication yes/PasswordAuthentication no/' -i /etc/ssh/sshd_config; \
in-target sed -e 's/UsePAM yes/UsePAM no/' -i /etc/ssh/sshd_config
# in-target echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIERv00qRw1zq3dHoiRF1iOeXSREo4vhTwOGZYwKt5+3h' > /home/debian/.ssh/authorized_keys

0
build.sh Normal file
View File

222
debian12.pkr.hcl
View File

@@ -7,55 +7,6 @@ packer {
}
}
variable "bios_type" {
type = string
}
variable "boot_command" {
type = string
}
variable "boot_wait" {
type = string
}
variable "bridge_firewall" {
type = bool
default = false
}
variable "bridge_name" {
type = string
}
variable "cloud_init" {
type = bool
}
variable "iso_file" {
type = string
}
variable "iso_storage_pool" {
type = string
default = "local"
}
variable "machine_default_type" {
type = string
default = "pc"
}
variable "network_model" {
type = string
default = "virtio"
}
variable "os_type" {
type = string
default = "l26"
}
variable "proxmox_api_token_id" {
type = string
}
@@ -73,153 +24,78 @@ variable "proxmox_node" {
type = string
}
variable "qemu_agent_activation" {
type = bool
default = true
}
variable "scsi_controller_type" {
type = string
}
variable "ssh_timeout" {
type = string
}
variable "tags" {
type = string
}
variable "io_thread" {
type = bool
}
variable "cpu_type" {
type = string
default = "x86-64-v3"
}
variable "vm_info" {
type = string
}
variable "disk_discard" {
type = bool
default = true
}
variable "disk_format" {
type = string
default = "qcow2"
}
variable "disk_size" {
type = string
default = "16G"
}
variable "disk_type" {
type = string
default = "scsi"
}
variable "nb_core" {
type = number
default = 1
}
variable "nb_cpu" {
type = number
default = 1
}
variable "nb_ram" {
type = number
default = 1024
}
variable "ssh_username" {
type = string
}
variable "ssh_password" {
type = string
}
variable "ssh_handshake_attempts" {
type = number
}
variable "storage_pool" {
type = string
default = "local-zfs"
}
variable "vm_id" {
type = number
default = 99999
}
variable "vm_name" {
type = string
}
locals {
packer_timestamp = formatdate("YYYYMMDD-hhmm", timestamp())
storage_pool = "local-zfs"
vm_name = "pckr-deb12"
}
source "proxmox-iso" "debian12" {
bios = "${var.bios_type}"
boot_command = ["${var.boot_command}"]
boot_wait = "${var.boot_wait}"
cloud_init = "${var.cloud_init}"
cloud_init_storage_pool = "${var.storage_pool}"
bios = "ovmf"
boot_command = [
"<wait><wait><wait>c<wait><wait><wait>",
"linux /install.amd/vmlinuz ",
"auto=true ",
"url=https://git.cloud.arnaud-pc.fr/ministicraft/packer-ministack/raw/branch/master/autoinstall/preseed.cfg ",
"hostname=${local.vm_name} ",
"domain=arnaud-pc.local ",
"interface=auto ",
"vga=788 noprompt quiet --<enter>",
"initrd /install.amd/initrd.gz<enter>",
"boot<enter>"
]
boot_wait = "10s"
cloud_init = true
cloud_init_storage_pool = local.storage_pool
communicator = "ssh"
cores = "${var.nb_core}"
cpu_type = "${var.cpu_type}"
http_directory = "autoinstall"
cores = 1
cpu_type = "x86-64-v3"
insecure_skip_tls_verify = true
iso_file = "${var.iso_file}"
machine = "${var.machine_default_type}"
memory = "${var.nb_ram}"
node = "${var.proxmox_node}"
os = "${var.os_type}"
iso_checksum = "sha512:33c08e56c83d13007e4a5511b9bf2c4926c4aa12fd5dd56d493c0653aecbab380988c5bf1671dbaea75c582827797d98c4a611f7fb2b131fbde2c677d5258ec9"
iso_url = "https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-12.5.0-amd64-netinst.iso"
iso_storage_pool = "local"
iso_download_pve = true
machine = "q35"
memory = 2048
node = "pve3"
os = "l26"
proxmox_url = "${var.proxmox_api_url}"
qemu_agent = "${var.qemu_agent_activation}"
scsi_controller = "${var.scsi_controller_type}"
sockets = "${var.nb_cpu}"
ssh_handshake_attempts = "${var.ssh_handshake_attempts}"
qemu_agent = true
scsi_controller = "virtio-scsi-pci"
sockets = 1
ssh_handshake_attempts = 6
ssh_pty = true
ssh_timeout = "${var.ssh_timeout}"
ssh_username = "${var.ssh_username}"
ssh_password = "${var.ssh_password}"
tags = "${var.tags}"
template_description = "${var.vm_info} - ${local.packer_timestamp}"
ssh_timeout = "10m"
ssh_username = "debian"
ssh_private_key_file = "/home/ministicraft/.ssh/id_ed25519"
tags = "debian-12;template"
template_description = "Debian 12 Packer Template - ${local.packer_timestamp}"
token = "${var.proxmox_api_token_secret}"
unmount_iso = true
username = "${var.proxmox_api_token_id}"
vm_id = "${var.vm_id}"
vm_name = "${var.vm_name}"
vm_id = 99998
vm_name = local.vm_name
efi_config {
efi_storage_pool = "${var.storage_pool}"
efi_storage_pool = "${local.storage_pool}"
pre_enrolled_keys = false
efi_type = "4m"
}
disks {
discard = "${var.disk_discard}"
disk_size = "${var.disk_size}"
format = "${var.disk_format}"
io_thread = "${var.io_thread}"
storage_pool = "${var.storage_pool}"
type = "${var.disk_type}"
discard = true
disk_size = "12G"
format = "raw"
io_thread = false
storage_pool = "${local.storage_pool}"
type = "scsi"
}
network_adapters {
bridge = "${var.bridge_name}"
firewall = "${var.bridge_firewall}"
model = "${var.network_model}"
bridge = "vmbr0"
firewall = false
model = "virtio"
}
}