fix: preseed
This commit is contained in:
Prémel-Cabic Arnaud
@@ -1,7 +1,8 @@
|
||||
#_preseed_V1
|
||||
#### Contents of the preconfiguration file (for booksworm)
|
||||
#### Contents of the preconfiguration file (for bookworm)
|
||||
### Localization
|
||||
# Preseeding only locale sets language, country and locale.
|
||||
#d-i debian-installer/locale string en_US.UTF-8
|
||||
d-i debian-installer/locale string en_US.UTF-8
|
||||
|
||||
# The values can also be preseeded individually for greater flexibility.
|
||||
d-i debian-installer/language string en
|
||||
@@ -9,13 +10,12 @@ d-i debian-installer/country string FR
|
||||
d-i debian-installer/locale string en_US.UTF-8
|
||||
# Optionally specify additional locales to be generated.
|
||||
d-i localechooser/supported-locales multiselect en_US.UTF-8, fr_FR.UTF-8
|
||||
#d-i debian-installer/fallbacklocale select fr_FR.UTF-8
|
||||
#d-i debian-installer/locale select en_US.UTF-8
|
||||
|
||||
# Keyboard selection.
|
||||
d-i keyboard-configuration/xkb-keymap select fr
|
||||
d-i console-keymaps-at/keymap select fr-latin9
|
||||
d-i debian-installer/keymap string fr-latin9
|
||||
# d-i keyboard-configuration/toggle select No toggling
|
||||
|
||||
### Network configuration
|
||||
# Disable network configuration entirely. This is useful for cdrom
|
||||
@@ -27,13 +27,16 @@ d-i debian-installer/keymap string fr-latin9
|
||||
# skip displaying a list if there is more than one interface.
|
||||
d-i netcfg/choose_interface select auto
|
||||
|
||||
# To pick a particular interface instead:
|
||||
#d-i netcfg/choose_interface select eth1
|
||||
|
||||
# To set a different link detection timeout (default is 3 seconds).
|
||||
# Values are interpreted as seconds.
|
||||
d-i netcfg/link_wait_timeout string 5
|
||||
#d-i netcfg/link_wait_timeout string 10
|
||||
|
||||
# If you have a slow dhcp server and the installer times out waiting for
|
||||
# it, this might be useful.
|
||||
d-i netcfg/dhcp_timeout string 60
|
||||
#d-i netcfg/dhcp_timeout string 60
|
||||
#d-i netcfg/dhcpv6_timeout string 60
|
||||
|
||||
# Automatic network configuration is the default.
|
||||
@@ -86,7 +89,7 @@ d-i netcfg/wireless_wep string
|
||||
# If non-free firmware is needed for the network or other hardware, you can
|
||||
# configure the installer to always try to load it, without prompting. Or
|
||||
# change to false to disable asking.
|
||||
d-i hw-detect/load_firmware boolean false
|
||||
d-i hw-detect/load_firmware boolean true
|
||||
|
||||
### Network console
|
||||
# Use the following settings if you wish to make use of the network-console
|
||||
@@ -102,7 +105,7 @@ d-i hw-detect/load_firmware boolean false
|
||||
# If you select ftp, the mirror/country string does not need to be set.
|
||||
# Default value for the mirror protocol: http.
|
||||
#d-i mirror/protocol string ftp
|
||||
d-i mirror/country string FR
|
||||
d-i mirror/country string manual
|
||||
d-i mirror/http/hostname string deb.debian.org
|
||||
d-i mirror/http/directory string /debian
|
||||
d-i mirror/http/proxy string
|
||||
@@ -115,24 +118,21 @@ d-i mirror/http/proxy string
|
||||
### Account setup
|
||||
# Skip creation of a root account (normal user account will be able to
|
||||
# use sudo).
|
||||
d-i passwd/root-login boolean true
|
||||
d-i passwd/root-login boolean false
|
||||
# Alternatively, to skip creation of a normal user account.
|
||||
d-i passwd/make-user boolean false
|
||||
#d-i passwd/make-user boolean true
|
||||
|
||||
# Root password, either in clear text
|
||||
d-i passwd/root-password password packer
|
||||
d-i passwd/root-password-again password packer
|
||||
#d-i passwd/root-password password packer
|
||||
#d-i passwd/root-password-again password packer
|
||||
# or encrypted using a crypt(3) hash.
|
||||
#d-i passwd/root-password-crypted password [$6$vnNlrAnstgaHYy3U$G2cn0/JQ.U1ssiugJNT4HAbFoOdlduSigYF7wP8DdpJin6W9ddbbjJXPSAU98.8jLn18wSfDNkBqesxdz6pm50]
|
||||
|
||||
# To create a normal user account.
|
||||
#d-i passwd/user-fullname string packer
|
||||
#d-i passwd/username string packer
|
||||
# Normal user's password, either in clear text
|
||||
#d-i passwd/user-password password packer
|
||||
#d-i passwd/user-password-again password packer
|
||||
# or encrypted using a crypt(3) hash.
|
||||
#d-i passwd/user-password-crypted password [$6$vnNlrAnstgaHYy3U$G2cn0/JQ.U1ssiugJNT4HAbFoOdlduSigYF7wP8DdpJin6W9ddbbjJXPSAU98.8jLn18wSfDNkBqesxdz6pm50]
|
||||
d-i passwd/user-fullname string debian
|
||||
d-i passwd/username string debian
|
||||
# mkpasswd -m sha-512 -S $(pwgen -ns 16 1) <password>
|
||||
d-i passwd/user-password-crypted password $6$s8qqFert3xhUgBMk$gkMUohcpWbWGqGzRTuPsJnpE4f3DYT5sCPY/f6JTAO/NKRqL04ES91PddS3At3FSj2YCzkJf1WYR0wGtSXTFf1
|
||||
# Create the first user with the specified UID instead of the default.
|
||||
#d-i passwd/user-uid string 1010
|
||||
|
||||
@@ -327,8 +327,8 @@ d-i apt-setup/cdrom/set-first boolean false
|
||||
# You can choose to install non-free firmware.
|
||||
#d-i apt-setup/non-free-firmware boolean true
|
||||
# You can choose to install non-free and contrib software.
|
||||
#d-i apt-setup/non-free boolean true
|
||||
#d-i apt-setup/contrib boolean true
|
||||
d-i apt-setup/non-free boolean true
|
||||
d-i apt-setup/contrib boolean true
|
||||
# Uncomment the following line, if you don't want to have the sources.list
|
||||
# entry for a DVD/BD installation image active in the installed system
|
||||
# (entries for netinst or CD images will be disabled anyway, regardless of
|
||||
@@ -366,6 +366,7 @@ d-i apt-setup/security_host string security.debian.org
|
||||
# Uncomment this to add multiarch configuration for i386
|
||||
#d-i apt-setup/multiarch string i386
|
||||
|
||||
|
||||
### Package selection
|
||||
tasksel tasksel/first multiselect standard, ssh-server
|
||||
|
||||
@@ -374,7 +375,7 @@ tasksel tasksel/first multiselect standard, ssh-server
|
||||
#d-i pkgsel/run_tasksel boolean false
|
||||
|
||||
# Individual additional packages to install
|
||||
d-i pkgsel/include string ca-certificates cloud-init qemu-guest-agent sudo
|
||||
d-i pkgsel/include string ca-certificates cloud-init qemu-guest-agent sudo unattended-upgrades
|
||||
# Whether to upgrade packages after debootstrap.
|
||||
# Allowed values: none, safe-upgrade, full-upgrade
|
||||
d-i pkgsel/upgrade select safe-upgrade
|
||||
@@ -450,6 +451,7 @@ d-i cdrom-detect/eject boolean true
|
||||
# debconf-get-selections --installer > file
|
||||
# debconf-get-selections >> file
|
||||
|
||||
|
||||
#### Advanced options
|
||||
### Running custom commands during the installation
|
||||
# d-i preseeding is inherently not secure. Nothing in the installer checks
|
||||
@@ -472,4 +474,13 @@ d-i cdrom-detect/eject boolean true
|
||||
# directly, or use the apt-install and in-target commands to easily install
|
||||
# packages and run commands in the target system.
|
||||
#d-i preseed/late_command string
|
||||
d-i preseed/late_command string in-target sed -e 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' -i /etc/ssh/sshd_config
|
||||
d-i preseed/late_command string \
|
||||
in-target sed -e 's/#PermitRootLogin prohibit-password/PermitRootLogin no/' -i /etc/ssh/sshd_config; \
|
||||
in-target sed -e 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/' -i /etc/ssh/sshd_config; \
|
||||
in-target sed -e 's/#PasswordAuthentication yes/PasswordAuthentication no/' -i /etc/ssh/sshd_config; \
|
||||
in-target sed -e 's/UsePAM yes/UsePAM no/' -i /etc/ssh/sshd_config; \
|
||||
in-target mkdir -p /home/debian/.ssh; \
|
||||
in-target /bin/sh -c "echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIERv00qRw1zq3dHoiRF1iOeXSREo4vhTwOGZYwKt5+3h worldtocraft@gmail.com' >> /home/debian/.ssh/authorized_keys"; \
|
||||
in-target chown -R debian:debian /home/debian/.ssh/; \
|
||||
in-target chmod 644 /home/debian/.ssh/authorized_keys; \
|
||||
in-target chmod 700 /home/debian/.ssh/
|
||||
|
||||
Reference in New Issue
Block a user