From c5a3f6749b14a5ffe3249d3b7ba2e76ba871e73a Mon Sep 17 00:00:00 2001 From: xking Date: Sat, 4 Mar 2023 20:49:44 +0800 Subject: [PATCH] fix --- .gitignore | 5 ++ README.md | 36 +++++++++++-- make-preseed-iso.sh | 90 ++++++++++++++++++++++++++++++++ preseed.cfg | 122 ++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 250 insertions(+), 3 deletions(-) create mode 100644 .gitignore create mode 100644 make-preseed-iso.sh create mode 100644 preseed.cfg diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b4d7039 --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +# Object file +*.o + +# Ada Library Information +*.ali diff --git a/README.md b/README.md index 16ca500..cd539f3 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,34 @@ -# debian_11-bullseye-preseed +# Debian fully automatic install through ISO remastering +Script and configuration to remaster a debian netinst ISO for 100% unattended install -编写 debian 11 的自定义应答文件 -从https://github.com/JaeGerW2016/debian_11-bullseye-preseed 转载 \ No newline at end of file +Usage: +1. Download a [debian "netinst"](https://www.debian.org/CD/netinst/) image (tested with bullseye) +2. Adapt the preseed.cfg file to your needs. (This one installs just SSH and sudo) +3. Add grub config `ipv6.disable=1 cgroup_enable=memory swapaccount=1` +4. Adapt the ssh public key and root password to your own +5. Adapt the locale and timezone in your favor +6. Run: +``` +./make-preseed-iso.sh debian-11.0.0-amd64-netinst.iso +``` +This will create a new ISO image named `preseed-debian-11.0.0-amd64-netinst.iso` that +installs debian on the first available disk without intervention, not even a boot menu prompt. + +### WARNING: This deletes stuff! + +The preseed.cfg that in this repository ***completely erases the first disk\*\**** + +> ** as returned by `list-devices disk`, excluding usb + +Also... open the script and read what it does. I made this for myself because I'm tired of hitting +enter 40 times everytime I need to install debian. + +The location of the initrd is hardcoded to 'install.amd', this needs to be changed if you are using an iso +for other than amd64. + +The configuration for the boot menu options is specific to bullseye in the case of a UEFI system because grub uses the position of the entry to specify the default option. + +### More on how to preseed +* https://wiki.debian.org/DebianInstaller/Preseed +* https://wiki.debian.org/DebianInstaller/Preseed/EditIso +* https://wiki.debian.org/RepackBootableISO diff --git a/make-preseed-iso.sh b/make-preseed-iso.sh new file mode 100644 index 0000000..102fa30 --- /dev/null +++ b/make-preseed-iso.sh @@ -0,0 +1,90 @@ +#!/bin/bash + +set -e + +function extract_iso() { + echo "Extracting iso: $1..." + mkdir isofiles + 7z x $1 -oisofiles +} + +function add_preseed_to_initrd() { + echo "Adding preseed.cfg to initrd..." + chmod +w isofiles/install.amd/ -R + gunzip isofiles/install.amd/initrd.gz + echo preseed.cfg | cpio -H newc -o -A -F isofiles/install.amd/initrd + gzip isofiles/install.amd/initrd + chmod -w isofiles/install.amd/ -R +} + +function make_auto_the_default_isolinux_boot_option() { + tmp_isolinux_cfg=$(mktemp --tmpdir isolinux.XXXXX) + + echo "Setting 'auto' as default ISOLINUX boot entry..." + sed 's/timeout 0/timeout 3/g' isofiles/isolinux/isolinux.cfg >$tmp_isolinux_cfg + echo "default auto" >>$tmp_isolinux_cfg + chmod +w isofiles/isolinux/isolinux.cfg + cat $tmp_isolinux_cfg >isofiles/isolinux/isolinux.cfg + chmod -w isofiles/isolinux/isolinux.cfg + rm $tmp_isolinux_cfg +} + +function make_auto_the_default_grub_boot_option() { + echo "Setting 'auto' as default GRUB boot entry..." + chmod +w isofiles/boot/grub/grub.cfg + # The index for the grub menus is zero-based for the + # Root menu, but 1-based for the rest, so 2>5 is the + # second menu (advanced options) => fifth option (auto) + echo 'set default="2>5"' >>isofiles/boot/grub/grub.cfg + echo "set timeout=3" >>isofiles/boot/grub/grub.cfg + chmod -w isofiles/boot/grub/grub.cfg +} + +function recompute_md5_checksum() { + echo "Calculating new md5 checksum..." + echo " -- You can safely ignore the warning about a 'file system loop' below" + cd isofiles + chmod +w md5sum.txt + find . -follow -type f ! -name md5sum.txt -print0 | xargs -0 md5sum >md5sum.txt + chmod -w md5sum.txt + cd .. +} + +function generate_new_iso_and_cleanup() { + local orig_iso="$1" + local new_iso="$2" + + echo "Generating new iso: $new_iso..." + dd if="$orig_iso" bs=1 count=432 of=mbr_template.bin + + chmod +w isofiles/isolinux/isolinux.bin + xorriso -as mkisofs -r \ + -V 'Debian AUTO amd64' \ + -o "$new_iso" \ + -J -joliet-long \ + -cache-inodes \ + -isohybrid-mbr mbr_template.bin \ + -b isolinux/isolinux.bin \ + -c isolinux/boot.cat \ + -boot-load-size 4 -boot-info-table \ + -no-emul-boot -eltorito-alt-boot \ + -e boot/grub/efi.img -no-emul-boot \ + -isohybrid-gpt-basdat \ + -isohybrid-apm-hfsplus \ + isofiles + + chmod +w isofiles -R + rm -rf isofiles mbr_template.bin +} + +orig_iso="$1" +new_iso="./preseed-$(basename $orig_iso)" + +extract_iso "$orig_iso" +add_preseed_to_initrd +make_auto_the_default_isolinux_boot_option +make_auto_the_default_grub_boot_option +recompute_md5_checksum +generate_new_iso_and_cleanup "$orig_iso" "$new_iso" + +echo "DONE." diff --git a/preseed.cfg b/preseed.cfg new file mode 100644 index 0000000..6567c34 --- /dev/null +++ b/preseed.cfg @@ -0,0 +1,122 @@ +#_preseed_V1 + +# +# Preseed configuration for debian 11/bullseye +# +# ATTENTION: This preseed configuration ERASES the target disks +# without any confirmation whatsoever. +# + +# Locale +d-i debian-installer/locale string en_US +d-i debian-installer/locale string en_US.UTF-8 +d-i keyboard-configuration/xkb-keymap select us + + +# Network +d-i hw-detect/load_firmware boolean false +d-i netcfg/enable boolean true +d-i netcfg/choose_interface select auto +d-i netcfg/hostname string unassigned-preseed +d-i netcfg/get_hostname string unassigned-preseed +d-i netcfg/get_domain string local + + +# Apt +d-i apt-setup/cdrom/set-first boolean false +d-i apt-setup/cdrom/set-next boolean false +d-i apt-setup/cdrom/set-failed boolean false +d-i mirror/country string manual +d-i mirror/http/hostname string ftp.cn.debian.org +d-i mirror/http/directory string /debian +d-i mirror/http/proxy string + + +# Users/passwords +d-i passwd/root-login boolean true +d-i passwd/make-user boolean false +d-i passwd/root-password password Xking123456;a +d-i passwd/root-password-again password Xking123456;a + + +# Clock +d-i clock-setup/cst boolean true +d-i time/zone string Asia/Shanghai +d-i clock-setup/ntp boolean true + + +# Disk partition +d-i partman/early_command string \ + BOOT_DEV=$(list-devices disk | head -1) ; \ + debconf-set partman-auto/disk $BOOT_DEV + +d-i partman-auto/method string regular +d-i partman-auto/choose_recipe select atomic +d-i partman-auto/expert_recipe string \ + 50 100 50 fat32 \ + $primary{ } \ + method{ efi } \ + format{ } \ + . \ + 1000 8000 -1 ext4 \ + $primary{ } \ + method{ format } \ + format{ } \ + use_filesystem{ } \ + filesystem{ ext4 } \ + mountpoint{ / } \ + . \ + 2048 2048 2048 linux-swap \ + $primary{ } \ + method{ swap } \ + format{ } \ + . + + +d-i partman-lvm/device_remove_lvm boolean true +d-i partman-md/device_remove_md boolean true +d-i partman/confirm_nooverwrite boolean true +d-i partman-efi/non_efi_system boolean true +d-i partman/confirm_write_new_label boolean true +d-i partman/confirm boolean true +d-i partman/choose_partition select Finish partitioning and write changes to disk + + +# Packages +d-i base-installer/install-recommends boolean false +d-i base-installer/kernel/image string linux-image-amd64 +d-i apt-setup/use_mirror boolean true +tasksel tasksel/first multiselect standard, ssh-server +d-i pkgsel/include string vim sudo +d-i pkgsel/upgrade select safe-upgrade +popularity-contest popularity-contest/participate boolean true + + +# Boot +d-i grub-installer/only_debian boolean true +d-i debian-installer/add-kernel-opts string cgroup_enable=memory swapaccount=1 +d-i grub-installer/with_other_os boolean true +d-i grub-installer/force-efi-extra-removable boolean true +d-i grub-installer/progress/step_force_efi_removable boolean true +d-i grub-installer/bootdev string default + + +# Custom late commands +d-i preseed/late_command string \ + HOST_SERIAL="debian-$(head /dev/urandom | tr -dc a-z | head -c10)" ; \ + sed -i "s/unassigned-preseed/$HOST_SERIAL/g" /target/etc/hostname ; \ + sed -i "s/unassigned-preseed/$HOST_SERIAL/g" /target/etc/hosts ; \ + in-target sh -c 'mkdir -pv --mode=0700 /root/.ssh'; \ + in-target sh -c 'echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8flq0BNF/ijRyWJVoF0RgP7VmgO3JhZUB6fbIEPhN3uImfCyn8X5U8cQOBZ8jn5F4eAkpFu/9K4c/bqrMKtapcHg8uIXJjyYW2otsw+tO6OkPcjOQKL2rpSuDa8fPHFvQuA1xJE/qO/IpdW6hGgWg8nFeLxJ+dE5b6QXszIr4q39iMKRcgWKoWy5PEd1KmHYt7WvwsgpcnKCCQTUnxHWrRljM/IgzQ7zjVZ1/8uUPYjqDzc11bN6lUwSEGLiYuVKdyus9osiPJlKwFr+rdxZhqrgErZlffgEpG+oi5yE0YynbJSloqsy7kQVzon0c9pyixQnBvJ58IHtgWXmlPPVswT11MgpIhSO8suPmmJ41f89Y7d/jDuqEeUu/pfJ3OW3O4AvYHxlQlRMFT3r+SOt0BvI1nUocYaashlB3+6zpDwkHU5WaC00u30s+0lfZ1fQ4EEE4rYKTztHgpk/BVS5Z5f+vG/gMOC7W7E0kVCFmRz3ZPc30MVq7WtV2pS6fQ5U= XkingServer" > /root/.ssh/authorized_keys'; \ + in-target chown --recursive root:root /root/.ssh; \ + in-target chmod 0600 /root/.ssh/authorized_keys; \ + in-target update-alternatives --set editor /usr/bin/vim.basic; \ + in-target sed -i -e 's/^\(PasswordAuthentication\).*/\1 yes/g' -e 's/^\(PermitRootLogin\).*/\1 yes/g' /etc/ssh/sshd_config; \ + in-target sed -i -e '/^GRUB_HIDDEN_TIMEOUT=/d' -e 's/^\(GRUB_HIDDEN_TIMEOUT_QUIET\)=true/\1=false/' /etc/default/grub; \ + in-target dhclient -6 eth0 + in-target systemctl enable --now sshd; \ + in-target update-grub + + +# Finish +d-i finish-install/reboot_in_progress note