-
-
Notifications
You must be signed in to change notification settings - Fork 554
/
debian.cfg
180 lines (141 loc) · 7.11 KB
/
debian.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
#_preseed_V1
# shellcheck disable=SC1091,SC2148
# https://www.debian.org/releases/stable/amd64/apbs04.zh-cn.html
# https://www.debian.org/releases/stable/example-preseed.txt
# https://preseed.debian.net/debian-preseed/bookworm/amd64-main-full.txt
# 需要留意 kali initrd 自带的 /preseed.cfg
# 下面这行语句无效,因为本行后面有反斜杠,前面有空格(安装器认为不算注释)\
d-i debian-installer/locale string en_US
# B.4.1. 本地化
d-i debian-installer/locale string en_US
d-i keyboard-configuration/xkb-keymap select us
# B.4.2. 网络设置
d-i netcfg/get_hostname string unassigned-hostname
d-i netcfg/get_domain string unassigned-domain
d-i netcfg/hostname string localhost
# B.4.3. 网络控制台
# B.4.4. 镜像设置
d-i mirror/country string manual
# d-i mirror/http/hostname string deb.debian.org
# B.4.5. 帐号设置
d-i passwd/make-user boolean false
# 单纯为了跳过设置,实际上是在 partman/early_command 里设置密码,preseed/early_command 无法设置密码
d-i passwd/root-password password ''
d-i passwd/root-password-again password ''
# kali 需要下面这行,否则会提示输入用户名
d-i passwd/root-login boolean true
# B.4.6. 时钟与时区设置
d-i time/zone string Asia/Shanghai
# B.4.7. 分区
d-i partman-auto/method string regular
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
# vm 原有系统是 bios + gpt,切换成 efi,用 iso 重装,需要确认此项
# 用脚本重装的话,强制安装在第二个硬盘上也可能会遇到?
d-i partman-efi/non_efi_system boolean true
### Description: Do you want to return to the partitioning menu?
# You have not selected any partitions for use as swap space. Enabling swap
# space is recommended so that the system can make better use of the
# available physical memory, and so that it behaves better when physical
# memory is scarce. You may experience installation problems if you do not
# have enough physical memory.
# .
# If you do not go back to the partitioning menu and assign a swap partition,
# the installation will continue without swap space.
# 坑的一比
# 不是确认是否 no_swap
# 而是 recipe no_swap 时,确认是否返回上一级重新分区
# 选择 true 就一直死循环
d-i partman-basicfilesystems/no_swap boolean false
# 最小值 膨胀权重 最大值
# https://salsa.debian.org/installer-team/partman-auto/-/blob/master/recipes/atomic?ref_type=heads
# https://salsa.debian.org/installer-team/partman-auto/-/blob/master/recipes-amd64-efi/atomic?ref_type=heads
# shellcheck disable=SC1083,SC2086,SC2154
d-i partman-auto/expert_recipe_efi string efi :: \
106 1 106 free \
$iflabel{ gpt } method{ efi } format{ } . \
1 1 -1 $default_filesystem \
method{ format } format{ } use_filesystem{ } $default_filesystem{ } mountpoint{ / } .
# shellcheck disable=SC1083,SC2086,SC2154
d-i partman-auto/expert_recipe_bios string bios :: \
1 1 1 free \
$iflabel{ gpt } method{ biosgrub } . \
1 1 -1 $default_filesystem \
method{ format } format{ } use_filesystem{ } $default_filesystem{ } mountpoint{ / } .
# B.4.8. 基本系统安装
# B.4.9. 设置 apt
d-i apt-setup/non-free boolean true
d-i apt-setup/non-free-firmware boolean true
d-i apt-setup/contrib boolean true
d-i apt-setup/enable-source-repositories boolean false
# kali 不要设置
# d-i apt-setup/security_host string security.debian.org
# B.4.10. 选择软件包
tasksel tasksel/first multiselect ssh-server
d-i pkgsel/upgrade select none
# B.4.11. 安装 bootloader
# 添加 bootx64.efi
d-i grub2/force_efi_extra_removable boolean true
# B.4.12. 完成安装
d-i finish-install/reboot_in_progress note
# B.4.13. 预置其他的软件包
# 其他设置
# d-i anna/standard_modules boolean false
# d-i anna/choose_modules string network-console
# d-i network-console/password password 123@@@
# d-i network-console/password-again password 123@@@
# B.5.1. 安装过程中运行用户命令
# 注意所有命令都会合并成一行命令
# 最后的 true; \ 没什么用,只是让 vscode 代码高亮不报错误
# 有 /cdrom/simple-cdd 才安装 simple-cdd-profiles
# 不然安装时 control 脚本会报错:
# Loading simple-cdd-profiles failed for unknown reasons
d-i preseed/early_command string true; \
if [ -d /cdrom/simple-cdd ]; then anna-install simple-cdd-profiles; fi
# debian 11 initrd 没有 xargs awk
# debian 12 initrd 没有 xargs
# efi 分区大小未改变时,不会被格式化,因此需要手动删除旧系统的 efi 文件
# os-prober 卡太久,因此跳过
d-i partman/early_command string true; \
eval "$(grep -o 'extra_confhome=[^ ]*' /proc/cmdline | sed 's/^extra_//')"; \
postinst=/var/lib/dpkg/info/bootstrap-base.postinst; \
cp $postinst $postinst.orig; \
true >$postinst; \
swapfile=/target/swapfile; \
mem=$(grep ^MemTotal: /proc/meminfo | { read -r _ y _; echo "$y"; }); \
mem=$((mem / 1024)); \
swap_size=$((512 - mem)); \
[ $swap_size -gt 0 ] && echo "fallocate -l ${swap_size}M $swapfile; mkswap $swapfile; swapon $swapfile" >>$postinst; \
echo "swapoff -a; rm -f $swapfile" >/usr/lib/finish-install.d/95swapoff; \
chmod a+x /usr/lib/finish-install.d/95swapoff; \
echo "rm -rf /target/boot/efi/*; $postinst.orig" >>$postinst; \
xda=$(sh /get-xda.sh); \
debconf-set partman-auto/disk "/dev/$xda"; \
debconf-set grub-installer/bootdev "/dev/$xda"; \
rm -rf /usr/sbin/fdisk /usr/sbin/sfdisk; \
ttys=$(sh /ttys.sh console=); \
debconf-set debian-installer/add-kernel-opts "$ttys"; \
eths=$(cd /dev/netconf/ && ls); \
sh /can_use_cloud_kernel.sh "$xda" $eths || debconf-set base-installer/kernel/image "$(debconf-get base-installer/kernel/image | sed 's/-cloud//')"; \
[ -d /sys/firmware/efi ] && debconf-set partman-auto/expert_recipe "$(debconf-get partman-auto/expert_recipe_efi)"; \
[ -d /sys/firmware/efi ] || debconf-set partman-auto/expert_recipe "$(debconf-get partman-auto/expert_recipe_bios)"; \
debconf-set passwd/root-password-crypted "$(cat /configs/password-linux-sha512)"; \
true >/bin/os-prober
# kali ssh 默认关闭
# 另一种方法处理 cloudcone
# if [ "$link_grub_dir" = 1 ]; then mkdir /target/boot/grub2; echo 'chainloader (hd0)+1' >/target/boot/grub2/grub.cfg; fi; \
d-i preseed/late_command string true; \
eval "$(grep -o 'extra_link_grub_dir=[^ ]*' /proc/cmdline | sed 's/^extra_//')"; \
eval "$(grep -o 'extra_ssh_port=[^ ]*' /proc/cmdline | sed 's/^extra_//')"; \
if [ "$link_grub_dir" = 1 ]; then ln -s grub /target/boot/grub2; fi; \
in-target systemctl enable ssh; \
echo "PermitRootLogin yes" >/target/etc/ssh/sshd_config.d/01-permitrootlogin.conf || \
echo "PermitRootLogin yes" >>/target/etc/ssh/sshd_config; \
if [ -n "$ssh_port" ] && ! [ "$ssh_port" = 22 ]; then \
echo "Port $ssh_port" >/target/etc/ssh/sshd_config.d/01-change-ssh-port.conf || \
echo "Port $ssh_port" >>/target/etc/ssh/sshd_config; \
fi