This is a script for building a new installer for Debian "bullseye" using a technique called a "preseeding". By using a "preseed" script we tell the installer the answer to a lot of routine questions to give ourselves a standard environment for new hosts. The script in this repository does the following:
- Creates a "paul" user with a known password and an SSH authorized_keys file and a known good environment.
- Builds an LVM configuration with an 8GB swap partition and the rest of the disk for data using XFS as a file system instead of ext4.
- Enables "security" and "updates" repositories but does not enable backports, sources or automatic updates.
- Fixes the systemd timesync configuration.
- Fixes the /etc/resolv.conf file.
- Installs standard system utilities and an SSH server.
- Installs some additional basic, common software.
When using the installer there are still several questions that you must answer. These include:
- If there are multiple active interfaces you must choose one.
- What IP address and host name to use for this new host.
- Which disk to use for the installation. WARNING! This disk will be erased.
- Which disk will receive the master boot record.
Otherwise this will create an entirely automated installation.
Follow these steps to run this script:
- Get on a Debian host!
- Download an netinstall image from the Debian website.
- Clone this repository.
- Install these libraries:
apt-get install -y --no-install-recommends xorriso isolinux pwgen - Run the build script:
./build /path/to/debian-11.x.x-amd64-netinst.iso /path/to/preseed-debian-11.x.x-amd64-netinst.iso - Use the new ISO file to build your host.
Note that the preseed.cfg file has no password for logging in as the "paul" user. You can set a password or just use SSH keys. You can change the password by following these steps:
- Put the new password in a text file. Call it something like "newpassword.txt".
- Generate the new password:
cat newpassword.txt | mkpasswd -s -m sha-512 -S "$(pwgen -ns 16 1)" - Place that new password in the preseed.cfg file.
- Remove newpassword.txt and definitely do not put it into source control.
Use this ISO just like you would any other install ISO. A preseeded ISO file can build baremetal systems or virtual machines. It is only useful for on-premise instances and is not useful for cloud instances.
I'm always having to look this up so here are the steps.
- Unmount the disk where
diskXXis your USB disk:diskutil unmountDisk /dev/diskXX - Convert the ISO file into a DMG file:
hdiutil convert -format UDRW -o preseed ./preseed.iso - Write the DMG file to your USB disk:
sudo dd if=./preseed.dmg of=/dev/diskXX bs=1m
Your thumb drive is now bootable.
I'm also always having to look this up so here are the steps.
- Attach the USB disk. Use
lsblkto see what the device label is that the USB disk has received. - Write the ISO file to your USB disk:
sudo dd bs=4M if=preseed.iso of=/dev/XXX conv=fdatasync
These links are where I got most of the information for building this preseed script.
- https://wiki.debian.org/DebianInstaller/Preseed
- https://wiki.debian.org/DebianInstaller/Preseed/EditIso
- https://github.com/pin/debian-vm-install
- https://www.debian.org/releases/squeeze/example-preseed.txt
- https://serverfault.com/questions/722021/preseeding-debian-install-efi
- https://github.com/dsgnr/ubuntu-16.04-unattended-install/blob/master/preseed.cfg