Skip to main content

Installation automatisé de Debian 10

Prérequis

Il nous faut les deux paquets suivant :

  • xorriso : extraction de l'iso
  • genisoimage : création de l'iso personnalisé
apt update && apt -y install xorriso genisoimage

Download de l'image Debian

curl -LO# https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-10.8.0-amd64-netinst.iso

Extraction de l'ISO

xorriso -osirrox on -indev debian-10.8.0-amd64-netinst.iso -extract / isofiles/

Download du tamplate de pré configuration

curl -#L https://www.debian.org/releases/stable/example-preseed.txt -o preseed.cfg

Configuration du fichier de pré configuration

Les locales

#### Contents of the preconfiguration file (for buster)
### Localization
# Preseeding only locale sets language, country and locale.
d-i debian-installer/locale string en_US

# The values can also be preseeded individually for greater flexibility.
#d-i debian-installer/language string en
#d-i debian-installer/country string NL
#d-i debian-installer/locale string en_GB.UTF-8
# Optionally specify additional locales to be generated.
d-i localechooser/supported-locales multiselect en_US.UTF-8, fr_FR.UTF-8

# Keyboard selection.
d-i keyboard-configuration/xkb-keymap select fr(latin9)
# d-i keyboard-configuration/toggle select No toggling

Le réseau

Dans mon cas, je laisse en mode DHCP pour IPv4 et IPv6 et le système va choisir de lui même son interface IP.

Il est possible d'attribuer des IP fixes.

d-i netcfg/get_hostname string Nom de la machine
d-i netcfg/get_domain string Votre.Domaine

Si le réseau est configuré en IPv6, le nom de la machine sera son adresse IP, pour y remédier, il faut forcer le nom sur cette ligne
d-i netcfg/hostname string Nom de la machine

 

### Network configuration
# Disable network configuration entirely. This is useful for cdrom
# installations on non-networked devices where the network questions,
# warning and long timeouts are a nuisance.
#d-i netcfg/enable boolean false

# netcfg will choose an interface that has link if possible. This makes it
# skip displaying a list if there is more than one interface.
d-i netcfg/choose_interface select auto

# To pick a particular interface instead:
#d-i netcfg/choose_interface select eth1

# To set a different link detection timeout (default is 3 seconds).
# Values are interpreted as seconds.
#d-i netcfg/link_wait_timeout string 10

# If you have a slow dhcp server and the installer times out waiting for
# it, this might be useful.
#d-i netcfg/dhcp_timeout string 60
#d-i netcfg/dhcpv6_timeout string 60

# If you prefer to configure the network manually, uncomment this line and
# the static network configuration below.
#d-i netcfg/disable_autoconfig boolean true

# If you want the preconfiguration file to work on systems both with and
# without a dhcp server, uncomment these lines and the static network
# configuration below.
#d-i netcfg/dhcp_failed note
#d-i netcfg/dhcp_options select Configure network manually

# Static network configuration.
#
# IPv4 example
#d-i netcfg/get_ipaddress string 192.168.1.42
#d-i netcfg/get_netmask string 255.255.255.0
#d-i netcfg/get_gateway string 192.168.1.1
#d-i netcfg/get_nameservers string 192.168.1.1
#d-i netcfg/confirm_static boolean true
#
# IPv6 example
#d-i netcfg/get_ipaddress string fc00::2
#d-i netcfg/get_netmask string ffff:ffff:ffff:ffff::
#d-i netcfg/get_gateway string fc00::1
#d-i netcfg/get_nameservers string fc00::1
#d-i netcfg/confirm_static boolean true

# Any hostname and domain names assigned from dhcp take precedence over
# values set here. However, setting the values still prevents the questions
# from being shown, even if values come from dhcp.
d-i netcfg/get_hostname string install
d-i netcfg/get_domain string lab.lan

# If you want to force a hostname, regardless of what either the DHCP
# server returns or what the reverse DNS entry for the IP is, uncomment
# and adjust the following line.
d-i netcfg/hostname string install

# Disable that annoying WEP key dialog.
d-i netcfg/wireless_wep string
# The wacky dhcp hostname that some ISPs use as a password of sorts.
#d-i netcfg/dhcp_hostname string radish

# If non-free firmware is needed for the network or other hardware, you can
# configure the installer to always try to load it, without prompting. Or
# change to false to disable asking.
#d-i hw-detect/load_firmware boolean true

Console réseau

En ce qui me concerne cela n'a pas d'intérêt

### Network console
# Use the following settings if you wish to make use of the network-console
# component for remote installation over SSH. This only makes sense if you
# intend to perform the remainder of the installation manually.
#d-i anna/choose_modules string network-console
#d-i network-console/authorized_keys_url string http://10.0.0.1/openssh-key
#d-i network-console/password password r00tme
#d-i network-console/password-again password r00tme

Configuration du miroir d'installation

Par défaut on est sur un serveur aux USA, j'ai configuré pour passer sur un miroir situé en France

### Mirror settings
# If you select ftp, the mirror/country string does not need to be set.
#d-i mirror/protocol string ftp
d-i mirror/country string manual
d-i mirror/http/hostname string ftp.fr.debian.org
d-i mirror/http/directory string /debian
d-i mirror/http/proxy string

# Suite to install.
#d-i mirror/suite string testing
# Suite to use for loading installer components (optional).
#d-i mirror/udeb/suite string testing

Configuration utilisateurs

Dans mon cas, je ne configure que le compte root avec le mot hacher en sha-512 via la commande :

mkpasswd -m sha-512

Le résultat de la commande remplacera le champ : [crypt(3) hash]

### Account setup
# Skip creation of a root account (normal user account will be able to
# use sudo).
#d-i passwd/root-login boolean false
# Alternatively, to skip creation of a normal user account.
d-i passwd/make-user boolean false

# Root password, either in clear text
#d-i passwd/root-password password r00tme
#d-i passwd/root-password-again password r00tme
# or encrypted using a crypt(3)  hash.
d-i passwd/root-password-crypted password (crypt(3) hash)

# To create a normal user account.
#d-i passwd/user-fullname string Debian User
#d-i passwd/username string debian
# Normal user's password, either in clear text
#d-i passwd/user-password password insecure
#d-i passwd/user-password-again password insecure
# or encrypted using a crypt(3) hash.
#d-i passwd/user-password-crypted password [crypt(3) hash]
# Create the first user with the specified UID instead of the default.
#d-i passwd/user-uid string 1010

# The user account will be added to some standard initial groups. To
# override that, use this.
#d-i passwd/user-default-groups string audio cdrom video

Time zone

### Clock and time zone setup
# Controls whether or not the hardware clock is set to UTC.
# d-i clock-setup/utc boolean true

# You may set this to any valid setting for $TZ; see the contents of
# /usr/share/zoneinfo/ for valid values.
d-i time/zone string Europe/Paris

# Controls whether to use NTP to set the clock during the install
d-i clock-setup/ntp boolean true
# NTP server to use. The default is almost always fine here.
#d-i clock-setup/ntp-server string ntp.example.com

Partitionnement

Table en GPT
d-i partman-basicfilesystems/choose_label string gpt
d-i partman-basicfilesystems/default_label string gpt
d-i partman-partitioning/choose_label string gpt
d-i partman-partitioning/default_label string gpt
d-i partman/choose_label string gpt
d-i partman/default_label string gpt
partman-partitioning partman-partitioning/choose_label select gpt

 

Post installation

Pour mes besoins je dois installer l'agent zabbix.

# script post install 
d-i preseed/late_command string \
in-target wget https://repo.zabbix.com/zabbix/5.0/debian/pool/main/z/zabbix-release/zabbix-release_5.0-1+buster_all.deb; \
in-target dpkg -i zabbix-release_5.0-1+buster_all.deb; \
in-target apt update; \
in-target apt install -y zabbix-agent

Création de l'ISO personnalisé

Modification du boot loader

Cette modification permet de ne pas avoir le menu de sélection et de passer directement sur l'installation automatique

BIOS : isolinux

Modification du fichier isofiles/isolinux/isolinux.cfg en commentant ou enlevant la ligne default vesamenu.c32

UEFI : grub

Modification non faite, car je suis en vm

Ajout du fichier de pré configuration dans initrd

chmod +w -R isofiles/install.amd/
gunzip isofiles/install.amd/initrd.gz
echo preseed.cfg | cpio -H newc -o -A -F isofiles/install.amd/initrd gzip isofiles/install.amd/initrd
chmod -w -R isofiles/install.amd/

Génération du checksum MD5

cd isofiles/
chmod a+w md5sum.txt
md5sum `find -follow -type f` > md5sum.txt
chmod a-w md5sum.txt
cd ..

Création de l'ISO

chmod a+w isofiles/isolinux/isolinux.bin
genisoimage -r -J -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -o debian-10-unattended.iso isofiles

 

 

Back to top