2 # Copyright (C) 2016 Ian Kelling
5 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
9 Usage: ${0##*/} OPTIONS
11 Given a tftproot, setup a preseed in it.
13 -c Disable ssh network console. ssh user = installer. pw = test.
14 -d Do debian ubuntu 14.04, default is jessie.
15 -g GRUB_DISK Default is sda. Not used in interactive partitioning.
16 -h|--help Print this help
17 -i TFTP_IP Ip of tftp server. this is required.
18 -p Stop for interactive partitioning.
19 -t DIR Tftp root. Default is current dir.
20 -u USER Username for the os install. Default is ${SUDO_USER:-$USER}
26 interactive_partition
=false
27 user
=${SUDO_USER:-$USER}
31 while [[ $1 == -* ]]; do
33 -c) net_console
=false
; shift ;;
34 -d) distro
=ubuntu-14.04
; shift ;;
35 -g) grub_disk
=$2; shift 2 ;;
37 -p) interactive_partition
=true
; shift ;;
39 -u) user
=$2; shift 2;;
41 -*|
-h|
--help) usage
;;
47 rm -rf !(netboot.
tar.gz
)
48 preseed
=example-preseed.txt
49 neboot_path
=main
/installer-amd64
/current
/images
/netboot
/netboot.
tar.gz
52 wget
-q https
://help.ubuntu.com
/lts
/installation-guide
/$preseed
53 wget
-qN http
://archive.ubuntu.com
/ubuntu
/dists
/trusty
/$neboot_path
54 sed -ri --follow-symlinks 's!^tasksel tasksel/first multiselect .*!#\0!' $preseed
55 echo 'tasksel tasksel/first multiselect ubuntu-server, openssh-server' >>$preseed
58 wget
-q https
://www.debian.org
/releases
/jessie
/$preseed
59 wget
-qN http
://ftp.
nl.debian.org
/debian
/dists
/jessie
/$neboot_path
60 cat >>$preseed <<'EOF'
61 tasksel tasksel/first multiselect ssh-server
63 if ! $interactive_partition; then
65 d-i grub-installer/bootdev string /dev/$grub_disk
70 tar xzf netboot.
tar.gz
73 # if you set priority=critical, you can avoid a few of these questions. but
74 # then you need to set the hostname in dhcp options
75 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755848
76 # questions you can avoid setting in boot parameters:
77 # console-setup/ask_detect=false keyboard-configuration/layoutcode=us
79 # also, it asks about partition size. I don't know the preseeded answer,
80 # as it just says "2.0 TB" in get-selections. I would need to figure out
81 # how to accept the default.
83 # you can also see what got configured on a system with this command:
84 # sudo apt-get install debconf-utils
85 # debconf-get-selections --installer
88 # keymap=us is only needed for debian.
89 pxe_cfg
=${distro%-*}-installer/amd64
/boot-screens
/txt.cfg
90 sed="sed -ri --follow-symlinks"
91 $sed "s#^[[:space:]]*append[[:space:]]#\0auto priority=critical locale=en_US.UTF-8 netcfg/choose_interface=auto url=tftp://$ip/example-preseed.txt keymap=us#" $pxe_cfg
92 # various google results say timeout x will result in doing the default thing,
93 # but that doesn't happen. no idea why. Maybe it needed to be part of the label.
94 echo 'totaltimeout 1' |
tee -a $pxe_cfg
96 if $interactive_partition; then
97 $sed 's/^d-i[[:space:]]partman.*/#\0/' $preseed
98 # at least in ubuntu, this does automatic selection of boot device,
99 # and on a server where we setup raid, it choose sda, and failed
100 # and the whole installation could not be salvaged.
101 $sed 's/^d-i[[:space:]]grub-installer.*/#\0/' $preseed
104 $sed "s#(^d-i time/zone string US/).*#\1Pacific#" $preseed
105 $sed '/^xserver-xorg/,/[^\\$]/ s/.*/#\0/' $preseed
106 # we set the locale in kernel args. maybe we don't need to. this overrides it.
107 $sed 's!^d-i[[:space:]]debian-installer/locale[[:space:]].*!#\0!' $preseed
109 # for secure pass, set the shadow option with mkpasswd -s -m sha-512 < passfile
111 # the example config says this option shoudl work, but it doesn't. tried it with http too,
112 # and tried naming it authorized_keys.
113 #d-i network-console/authorized_keys_url tftp://tftp@10.0.0.107/id_rsa.pub
115 if $net_console; then
116 cat >> $preseed <<EOF
117 d-i anna/choose_modules string network-console
118 # this doesn't work. todo: ask debian about it
119 #d-i network-console/authorized_keys_url http://10.0.0.2/authorized_keys
120 d-i network-console/password password test
121 d-i network-console/password-again password test
125 cat >> $preseed <<EOF
126 d-i hw-detect/load_firmware boolean true
127 d-i partman/default_filesystem string ext4
128 d-i passwd/user-fullname string $user
129 d-i passwd/username string $user
130 # cleartext password for testing.
131 d-i passwd/user-password password $user
132 d-i passwd/user-password-again password $user
133 d-i passwd/root-password password $user
134 d-i passwd/root-password-again password $user
135 d-i pkgsel/update-policy select unattended-upgrades
136 d-i preseed/late_command string \
137 in-target sed -i 's/^%sudo.*$/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' /etc/sudoers; \
138 in-target mkdir -p /home/$user/.ssh; \
139 in-target /bin/sh -c "echo '$(cat ~/.ssh/id_rsa.pub)' >> /home/$user/.ssh/authorized_keys"; \
140 in-target chown -R $user:$user /home/$user; \
141 in-target chmod -R go-rwx /home/$user/.ssh/authorized_keys; \
142 in-target cp -r /home/$user/.ssh /root; \
143 in-target usermod -a -G sudo $user;