From 10cac4edfc25c11d66c0950c22371c2f7a3fe615 Mon Sep 17 00:00:00 2001 From: "martin f. krafft" Date: Wed, 12 Nov 2014 22:17:37 +0100 Subject: [PATCH] import jessie preseed --- preseed/jessie/commands/early_command | 2 + preseed/jessie/commands/late_command | 4 + .../late_commands.d/ansible_dependencies | 5 + .../commands/late_commands.d/ansible_user | 26 ++++ .../late_commands.d/enable_serial_console | 9 ++ .../late_commands.d/no_kernel_symlinks | 4 + .../late_commands.d/post_boot_cleanup | 15 ++ .../commands/late_commands.d/srv-home_symlink | 7 + preseed/jessie/preseed.cfg | 137 ++++++++++++++++++ 9 files changed, 209 insertions(+) create mode 100755 preseed/jessie/commands/early_command create mode 100755 preseed/jessie/commands/late_command create mode 100755 preseed/jessie/commands/late_commands.d/ansible_dependencies create mode 100755 preseed/jessie/commands/late_commands.d/ansible_user create mode 100755 preseed/jessie/commands/late_commands.d/enable_serial_console create mode 100755 preseed/jessie/commands/late_commands.d/no_kernel_symlinks create mode 100755 preseed/jessie/commands/late_commands.d/post_boot_cleanup create mode 100755 preseed/jessie/commands/late_commands.d/srv-home_symlink create mode 100644 preseed/jessie/preseed.cfg diff --git a/preseed/jessie/commands/early_command b/preseed/jessie/commands/early_command new file mode 100755 index 0000000..8f26221 --- /dev/null +++ b/preseed/jessie/commands/early_command @@ -0,0 +1,2 @@ +#!/bin/sh +# pwd is / diff --git a/preseed/jessie/commands/late_command b/preseed/jessie/commands/late_command new file mode 100755 index 0000000..3f843be --- /dev/null +++ b/preseed/jessie/commands/late_command @@ -0,0 +1,4 @@ +#!/bin/sh +cp -r /commands/late_commands.d /target +in-target run-parts /late_commands.d +rm -r /target/late_commands.d diff --git a/preseed/jessie/commands/late_commands.d/ansible_dependencies b/preseed/jessie/commands/late_commands.d/ansible_dependencies new file mode 100755 index 0000000..8480af1 --- /dev/null +++ b/preseed/jessie/commands/late_commands.d/ansible_dependencies @@ -0,0 +1,5 @@ +#!/bin/sh + +echo "Installing Ansible dependencies" +export DEBCONF_FRONTEND=noninteractive +apt-get install --no-install-recommends -y python-minimal python-apt python-yaml python-simplejson diff --git a/preseed/jessie/commands/late_commands.d/ansible_user b/preseed/jessie/commands/late_commands.d/ansible_user new file mode 100755 index 0000000..10adacd --- /dev/null +++ b/preseed/jessie/commands/late_commands.d/ansible_user @@ -0,0 +1,26 @@ +#!/bin/sh + +export DEBCONF_FRONTEND=noninteractive +apt-get install -y sudo + +USER=ansible +echo "Adding $USER user and installing SSH key" + +HOME=/var/lib/$USER +adduser --home $HOME --shell /bin/sh \ + --uid 999 --gid 65534 --disabled-password \ + --gecos 'Remote control with ansible' $USER + +install -d -m 700 -o $USER -g nogroup $HOME/.ssh +cat <<_eof > $HOME/.ssh/authorized_keys +no-agent-forwarding,no-port-forwarding,no-user-rc,no-X11-forwarding ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGUrO3VGYap3uyphcExiA4VXjXzwyiqXA4kD3o3uLi45Lw9TFCefwa815R4JkRhaGs/4pqy4Bqcmb6kbEOEaTS6xidedQOcuHIxk6nZfDAhGm95rmx1kSxgLIBYJn0RPFvdRiFuoGC07tn4FRQ/seiTVbbTtgy7Wrb3XqFMPhBp1EFfe0ASZdEUJ/EfZl/a72y/57DTflL6RzPIWF6t0z5URURSm3caC4Uxpvx3FK37xzXOd0il7ikv1UeC5pMopwR74zb9SfFiPVEcOK64jq8xnS7ugTOrlb+H5JwchOO88eUTD1pd72+4a7XkeHzneXT8mNROQJZUU1vxoJpZXFziL0uCtnR9QVt+/mE4q3MiYjq5YYOXYCJ0vKIDKVAkxv3U71N8WpnasLmC5mal7juuj8tHXqQJc8bNt7ZxoSRESwRjhIXmoIxdkso862KTM7FL5SKPGDwE8ifog4OU3PcI8C5dfTY1vMa7mZszsO3sK1+gpiJBUlWu0nv9Q2qB3KDPoKA/VnPGBitQSIMbFgDfUs/JXJ35q4ynxO/h0NqCPGXx1bECc6meepND99qo301kYPxYLY4FVeFMVJbcdS/kn0YxbMikaRmr3SqxaRUb4vl1NDKdtoIcIyS0Gh4AvTYtxlLZwShf8ImtRzLerLwqx73WWSIeNai+pHJJNTMvw== madduck@fishbowl +_eof +chmod -R u=rwX,og= $HOME +chown -R ${USER}.nogroup $HOME + +SUDOFILE=/etc/sudoers.d/local-ansible-user +cat <<_eof > $SUDOFILE +Defaults>ansible !requiretty +$USER $(hostname --fqdn)=(root) NOPASSWD: ALL +_eof +chmod 440 $SUDOFILE diff --git a/preseed/jessie/commands/late_commands.d/enable_serial_console b/preseed/jessie/commands/late_commands.d/enable_serial_console new file mode 100755 index 0000000..09f8acb --- /dev/null +++ b/preseed/jessie/commands/late_commands.d/enable_serial_console @@ -0,0 +1,9 @@ +#!/bin/sh +echo "Enabling the serial console..." +#683124 requires the cmdline patch, and #444026 is for GRUB_TERMINAL: +sed -i -e '/^GRUB_CMDLINE_LINUX=/s/"$/ console=tty0 console=ttyS0,115200n8&/' \ + -e '/^GRUB_CMDLINE_LINUX=/s/=" /="/' \ + -e '/^GRUB_TERMINAL=/s/serial/"& console"/' \ + /etc/default/grub +update-grub +sed -i '/ttyS0/s/^#//;/ttyS0/s/9600 vt100/115200 linux/' /etc/inittab diff --git a/preseed/jessie/commands/late_commands.d/no_kernel_symlinks b/preseed/jessie/commands/late_commands.d/no_kernel_symlinks new file mode 100755 index 0000000..290cbd3 --- /dev/null +++ b/preseed/jessie/commands/late_commands.d/no_kernel_symlinks @@ -0,0 +1,4 @@ +#!/bin/sh +echo "Removing kernel symlinks in / and disabling them..." +rm /initrd.img /vmlinuz +sed -i -e '/do_symlinks/s/yes/no/' /etc/kernel-img.conf diff --git a/preseed/jessie/commands/late_commands.d/post_boot_cleanup b/preseed/jessie/commands/late_commands.d/post_boot_cleanup new file mode 100755 index 0000000..f1fd808 --- /dev/null +++ b/preseed/jessie/commands/late_commands.d/post_boot_cleanup @@ -0,0 +1,15 @@ +#!/bin/sh + +SCRIPT=/etc/init.d/post_boot_cleanup +SYMLINK=/etc/rcS.d/S99post_boot_cleanup + +cat >> $SCRIPT <<_eof +#!/bin/sh +sed -i -e '/getty.*tty[12]/s/^#//' /etc/inittab +telinit q +rm $SCRIPT +update-rc.d ${SCRIPT##*/} remove +_eof + +chmod 755 $SCRIPT +update-rc.d ${SCRIPT##*/} start S 99 . diff --git a/preseed/jessie/commands/late_commands.d/srv-home_symlink b/preseed/jessie/commands/late_commands.d/srv-home_symlink new file mode 100755 index 0000000..56911e7 --- /dev/null +++ b/preseed/jessie/commands/late_commands.d/srv-home_symlink @@ -0,0 +1,7 @@ +#!/bin/sh +echo "Making /home a bind-mount of /srv/home..." +mkdir -m755 /srv/home +cat >>/etc/fstab <<_eof +/srv/home /home auto defaults,bind 0 0 +_eof +mount --bind /srv/home /home diff --git a/preseed/jessie/preseed.cfg b/preseed/jessie/preseed.cfg new file mode 100644 index 0000000..49f89dd --- /dev/null +++ b/preseed/jessie/preseed.cfg @@ -0,0 +1,137 @@ +d-i debian-installer/locale string en_NZ + +d-i keyboard-configuration/xkb-keymap select us +d-i keyboard-configuration/layoutcode string us + +d-i netcfg/choose_interface select auto +d-i netcfg/dhcp_options select Configure network manually +d-i netcfg/confirm_static boolean true +d-i netcfg/wireless_wep string + +d-i hw-detect/load_firmware boolean true + +d-i mirror/country string manual +d-i mirror/protocol string http +d-i mirror/http/hostname string debian.morphium.info +d-i mirror/http/directory string /debian +d-i mirror/http/proxy string +d-i mirror/suite string jessie + +d-i anna/choose_modules string network-console +d-i network-console/password password r00tme +d-i network-console/password-again password r00tme +d-i network-console/start boolean true +d-i di-utils-shell/do-shell boolean true + +d-i passwd/make-user boolean false +d-i passwd/root-password-crypted password $6$lifGZQZ9$OVYc/Z26ilx1DLCOyPSy1/xOz5o.f6weCgMHYXQZ9EE38DYt0xJBd1Z83/KMWhDyeNmKxp0TUqpJN6w.MT72// + +d-i time/zone string Europe/Berlin + +d-i clock-setup/utc boolean true +d-i clock-setup/ntp boolean true + +d-i partman-basicfilesystems/choose_label string gpt +d-i partman-basicfilesystems/default_label string gpt +d-i partman-partitioning/choose_label string gpt +d-i partman-partitioning/default_label string gpt +d-i partman/choose_label string gpt +d-i partman/default_label string gpt + +#d-i partman-partitioning/confirm_write_new_label boolean true +#d-i partman-partitioning/unknown_label boolean true + +d-i partman-auto/disk string /dev/vda +d-i partman-auto/method string lvm + +d-i partman-md/device_remove_md boolean true +d-i partman-auto/purge_lvm_from_device boolean true +d-i partman-lvm/device_remove_lvm boolean true +d-i partman-lvm/confirm boolean true +d-i partman-lvm/confirm_nooverwrite boolean true + +d-i partman-auto/expert_recipe string madduck :: \ + 1 1 1 free \ + $gptonly{ } \ + $primary{ } \ + method{ biosgrub } \ + . \ + 8192 32768 -1 ext3 \ + $defaultignore{ } \ + $primary{ } \ + method{ lvm } \ + . \ + 128 1024 200% linux-swap \ + $lvmok{ } lv_name{ swap } \ + method{ swap } format{ } \ + . \ + 1024 1536 3072 ext3 \ + $lvmok{ } lv_name{ root } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ / } label{ root } \ + options/relatime{ relatime } \ + options/user_xattr{ user_xattr } \ + . \ + 2048 3072 6144 ext3 \ + $lvmok{ } lv_name{ usr } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ /usr } label{ usr } \ + options/noatime{ noatime } \ + options/nodev{ nodev } \ + . \ + 2048 4096 8192 ext3 \ + $lvmok{ } lv_name{ var } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ /var } label{ var } \ + options/relatime{ relatime } \ + . \ + 512 10240 -1 ext3 \ + $lvmok{ } lv_name{ srv } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ /srv } label{ srv } \ + options/nodev{ nodev } \ + options/nosuid{ nosuid } \ + options/relatime{ relatime } \ + options/user_xattr{ user_xattr } \ + . \ + 512 768 1024 ext3 \ + $lvmok{ } lv_name{ tmp } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ /tmp } label{ tmp } \ + options/nodev{ nodev } \ + options/nosuid{ nosuid } \ + options/relatime{ relatime } \ + options/user_xattr{ user_xattr } \ + . +d-i partman-auto/choose_recipe select madduck +d-i partman-auto-lvm/no_boot boolean true + +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true + +d-i apt-setup/non-free boolean false +d-i apt-setup/contrib boolean false + +popularity-contest popularity-contest/participate boolean false + +tasksel tasksel/first multiselect + +#d-i pkgsel/include string openssh-server libterm-readline-gnu-perl + +d-i grub-installer/only_debian boolean true +d-i grub-installer/choose_bootdev select manually +d-i grub-installer/bootdev text /dev/vda + +d-i finish-install/reboot_in_progress note + +d-i debian-installer/exit/poweroff boolean false +d-i debian-installer/exit/halt boolean false + +d-i preseed/early_command string tar -xf /commands.tar && rm /commands.tar && [ ! -x /commands/early_command ] || log-output -t early_command /commands/early_command +d-i preseed/late_command string [ ! -x /commands/late_command ] || log-output -t late_command /commands/late_command -- 2.39.2