roger-skyline-1/templates/preseed.cfg.j2

#******************************************************************************#
#                                                                              #
#                                                         :::      ::::::::    #
#    preseed.cfg                                        :+:      :+:    :+:    #
#                                                     +:+ +:+         +:+      #
#    By: tmaze <tmaze@student.42.fr>                +#+  +:+       +#+         #
#                                                 +#+#+#+#+#+   +#+            #
#    Created: 2018/12/15 12:46:55 by tmaze             #+#    #+#              #
#    Updated: 2018/12/19 14:00:53 by tmaze            ###   ########.fr        #
#                                                                              #
#******************************************************************************#

# FR locale/kbd map
d-i debian-installer/language fr
d-i debian-installer/country FR
d-i debian-installer/locale string fr_FR.UTF-8
d-i keyboard-configuration/xkb-keymap select us

# select and setup first network interface
d-i netcfg/choose_interface select enp0s3
d-i netcfg/disable_autoconfig boolean true
d-i netcfg/get_ipaddress string 172.127.0.130
d-i netcfg/get_netmask string 255.255.255.252
d-i netcfg/get_gateway string 172.127.0.129
d-i netcfg/get_nameservers string 172.127.0.129
d-i netcfg/confirm_static boolean true

# select and setup second network interface
d-i netcfg/choose_interface select enp0s8
d-i netcfg/disable_autoconfig boolean true
d-i netcfg/get_ipaddress string 192.168.99.2
d-i netcfg/get_netmask string 255.255.255.252
d-i netcfg/confirm_static boolean true

# set host and domain
d-i netcfg/get_hostname string roger-skyline-1
d-i netcfg/get_domain string unassigned-domain

# disable WEP dialogue
d-i netcfg/wireless_wep string

# use http.us.debian.org as mirror with no proxy
d-i mirror/country string manual
d-i mirror/http/hostname string ftp.fr.debian.org
d-i mirror/http/directory string /debian
d-i mirror/http/proxy string

# Root password
d-i passwd/root-password-crypted password $6$q/jW0Ty/YB2GToBc$lrUOumE65VOKjMyoC.uSptldHNYkWfl6b/YyAvqZlDdOgUuYHKvhwMhXtkRV746TvgLCTpS4Nfmn/Dr4W8RIx0

# make a regular user
d-i passwd/make-user boolean true
d-i passwd/user-fullname string tanguy
d-i passwd/username string tanguy
d-i passwd/user-password-crypted password $6$KgvQtUIVYT82CmSz$OJn2kCwDe7X1qSv5c0yN36iaPMxYwISXfUctuMd4NXAhu9kZfGSkP9rapdH8SM2WxTm9lpFsP4eDagbOSKP5/.
d-i passwd/user-default-groups tanguy cdrom floppy sudo audio dip video plugdev netdev

# hardware clock is UTC, timezone is US/Eastern, use ntp to set clock
d-i clock-setup/utc boolean true
d-i time/zone string Europe/Paris
d-i clock-setup/ntp boolean true

# no partitioning

# setup non-free and contrib repositories
d-i apt-setup/non-free boolean true
d-i apt-setup/contrib boolean true

# install standard system with ssh-server
tasksel tasksel/first multiselect standard, ssh-server

# also install the htop package
d-i pkgsel/include string emacs git sudo mailutils fail2ban wget

# upgrade all packages
d-i pkgsel/upgrade select full-upgrade

# disable popularity contest
popularity-contest popularity-contest/participate boolean false

# force grub install to /dev/sda
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
d-i grub-installer/bootdev  string /dev/sda

d-i preseed/late_command string wget -O/target/etc/network/interfaces http://{{ ansible_default_ipv4.address }}:3000/files/interfaces;\
						 		wget -O/target/etc/ssh/sshd_config http://{{ ansible_default_ipv4.address }}:3000/files/sshd_config_1;\
						 		mkdir /target/etc/iptables;\
						 		touch /target/etc/iptables/rules.v4;\
						 		wget -O/target/etc/iptables/rules.v4 http://{{ ansible_default_ipv4.address }}:3000/files/firewall.conf;\
						 		touch /target/etc/cron.d/update_script;\
						 		wget -O/target/etc/cron.d/update_script http://{{ ansible_default_ipv4.address }}:3000/files/update_script;\
						 		touch /target/etc/cron.d/check_crontab;\
						 		wget -O/target/etc/cron.d/check_crontab http://{{ ansible_default_ipv4.address }}:3000/files/check_crontab;\
						 		touch /target/usr/sbin/update_script.sh;\
						 		wget -O/target/usr/sbin/update_script.sh http://{{ ansible_default_ipv4.address }}:3000/files/update_script.sh;\
						 		chmod 755 /target/usr/sbin/update_script.sh;\
						 		touch /target/usr/sbin/check_crontab.sh;\
						 		wget -O/target/usr/sbin/check_crontab.sh http://{{ ansible_default_ipv4.address }}:3000/files/check_crontab.sh;\
						 		chmod 755 /target/usr/sbin/check_crontab.sh;\
						 		sh /target/usr/sbin/check_crontab.sh;\
						 		touch /target/etc/fail2ban/jail.local;\
						 		wget -O/target/etc/fail2ban/jail.local http://{{ ansible_default_ipv4.address }}:3000/files/jail.local;\
						 		wget -O/target/etc/hosts http://{{ ansible_default_ipv4.address }}:3000/files/hosts;\
						 		echo "roger-skyline-1" > /target/etc/hostname;

# don't wait for confirm, just reboot when finished
d-i finish-install/reboot_in_progress note