| 1 | #### Contents of the preconfiguration file (for squeeze) |
| 2 | ### Localization |
| 3 | # Preseeding only locale sets language, country and locale. |
| 4 | d-i debian-installer/locale string en_US |
| 5 | |
| 6 | # The values can also be preseeded individually for greater flexibility. |
| 7 | #d-i debian-installer/language string en |
| 8 | #d-i debian-installer/country string NL |
| 9 | #d-i debian-installer/locale string en_GB.UTF-8 |
| 10 | # Optionally specify additional locales to be generated. |
| 11 | #d-i localechooser/supported-locales en_US.UTF-8, nl_NL.UTF-8 |
| 12 | |
| 13 | # Keyboard selection. |
| 14 | #d-i console-tools/archs select at |
| 15 | d-i console-keymaps-at/keymap select us |
| 16 | d-i keyboard-configuration/xkb-keymap select us |
| 17 | # Example for a different keyboard architecture |
| 18 | #d-i console-keymaps-usb/keymap select mac-usb-us |
| 19 | |
| 20 | ### Network configuration |
| 21 | # Disable network configuration entirely. This is useful for cdrom |
| 22 | # installations on non-networked devices where the network questions, |
| 23 | # warning and long timeouts are a nuisance. |
| 24 | #d-i netcfg/enable boolean false |
| 25 | |
| 26 | # netcfg will choose an interface that has link if possible. This makes it |
| 27 | # skip displaying a list if there is more than one interface. |
| 28 | d-i netcfg/choose_interface select auto |
| 29 | |
| 30 | # To pick a particular interface instead: |
| 31 | #d-i netcfg/choose_interface select eth1 |
| 32 | |
| 33 | # If you have a slow dhcp server and the installer times out waiting for |
| 34 | # it, this might be useful. |
| 35 | #d-i netcfg/dhcp_timeout string 60 |
| 36 | |
| 37 | # If you prefer to configure the network manually, uncomment this line and |
| 38 | # the static network configuration below. |
| 39 | d-i netcfg/disable_dhcp boolean true |
| 40 | |
| 41 | # If you want the preconfiguration file to work on systems both with and |
| 42 | # without a dhcp server, uncomment these lines and the static network |
| 43 | # configuration below. |
| 44 | #d-i netcfg/dhcp_failed note |
| 45 | #d-i netcfg/dhcp_options select Configure network manually |
| 46 | |
| 47 | # Static network configuration. |
| 48 | d-i netcfg/get_nameservers string 216.187.125.130 216.187.123.131 |
| 49 | d-i netcfg/get_ipaddress string 69.90.123.72 |
| 50 | d-i netcfg/get_netmask string 255.255.255.224 |
| 51 | d-i netcfg/get_gateway string 69.90.123.65 |
| 52 | d-i netcfg/confirm_static boolean true |
| 53 | |
| 54 | # Any hostname and domain names assigned from dhcp take precedence over |
| 55 | # values set here. However, setting the values still prevents the questions |
| 56 | # from being shown, even if values come from dhcp. |
| 57 | #d-i netcfg/get_hostname string testkvm1 |
| 58 | d-i netcfg/get_domain string hcoop.net |
| 59 | |
| 60 | # Disable that annoying WEP key dialog. |
| 61 | d-i netcfg/wireless_wep string |
| 62 | # The wacky dhcp hostname that some ISPs use as a password of sorts. |
| 63 | #d-i netcfg/dhcp_hostname string radish |
| 64 | |
| 65 | # If non-free firmware is needed for the network or other hardware, you can |
| 66 | # configure the installer to always try to load it, without prompting. Or |
| 67 | # change to false to disable asking. |
| 68 | #d-i hw-detect/load_firmware boolean true |
| 69 | |
| 70 | ### Network console |
| 71 | # Use the following settings if you wish to make use of the network-console |
| 72 | # component for remote installation over SSH. This only makes sense if you |
| 73 | # intend to perform the remainder of the installation manually. |
| 74 | #d-i anna/choose_modules string network-console |
| 75 | #d-i network-console/password password r00tme |
| 76 | #d-i network-console/password-again password r00tme |
| 77 | |
| 78 | ### Mirror settings |
| 79 | # If you select ftp, the mirror/country string does not need to be set. |
| 80 | #d-i mirror/protocol string ftp |
| 81 | d-i mirror/country string manual |
| 82 | d-i mirror/http/hostname string http.us.debian.org |
| 83 | d-i mirror/http/directory string /debian |
| 84 | d-i mirror/http/proxy string |
| 85 | |
| 86 | # Suite to install. |
| 87 | d-i mirror/suite string squeeze |
| 88 | # Suite to use for loading installer components (optional). |
| 89 | #d-i mirror/udeb/suite string testing |
| 90 | |
| 91 | ### Account setup |
| 92 | # Skip creation of a root account (normal user account will be able to |
| 93 | # use sudo). |
| 94 | #d-i passwd/root-login boolean true |
| 95 | # Alternatively, to skip creation of a normal user account. |
| 96 | d-i passwd/make-user boolean false |
| 97 | |
| 98 | # Root password, either in clear text |
| 99 | #d-i passwd/root-password password f00bar |
| 100 | #d-i passwd/root-password-again password r00tme |
| 101 | # or encrypted using an MD5 hash. |
| 102 | #d-i passwd/root-password-crypted password [MD5 hash] |
| 103 | |
| 104 | # To create a normal user account. |
| 105 | #d-i passwd/user-fullname string Debian User |
| 106 | #d-i passwd/username string debian |
| 107 | # Normal user's password, either in clear text |
| 108 | #d-i passwd/user-password password insecure |
| 109 | #d-i passwd/user-password-again password insecure |
| 110 | # or encrypted using an MD5 hash. |
| 111 | #d-i passwd/user-password-crypted password [MD5 hash] |
| 112 | # Create the first user with the specified UID instead of the default. |
| 113 | #d-i passwd/user-uid string 1010 |
| 114 | |
| 115 | # The user account will be added to some standard initial groups. To |
| 116 | # override that, use this. |
| 117 | #d-i passwd/user-default-groups string audio cdrom video |
| 118 | |
| 119 | ### Clock and time zone setup |
| 120 | # Controls whether or not the hardware clock is set to UTC. |
| 121 | d-i clock-setup/utc boolean true |
| 122 | |
| 123 | # You may set this to any valid setting for $TZ; see the contents of |
| 124 | # /usr/share/zoneinfo/ for valid values. |
| 125 | d-i time/zone string US/Eastern |
| 126 | |
| 127 | # Controls whether to use NTP to set the clock during the install |
| 128 | d-i clock-setup/ntp boolean true |
| 129 | # NTP server to use. The default is almost always fine here. |
| 130 | #d-i clock-setup/ntp-server string ntp.example.com |
| 131 | |
| 132 | ### Partitioning |
| 133 | ## Partitioning example |
| 134 | # If the system has free space you can choose to only partition that space. |
| 135 | # This is only honoured if partman-auto/method (below) is not set. |
| 136 | #d-i partman-auto/init_automatically_partition select biggest_free |
| 137 | |
| 138 | # Alternatively, you may specify a disk to partition. If the system has only |
| 139 | # one disk the installer will default to using that, but otherwise the device |
| 140 | # name must be given in traditional, non-devfs format (so e.g. /dev/hda or |
| 141 | # /dev/sda, and not e.g. /dev/discs/disc0/disc). |
| 142 | # For example, to use the first SCSI/SATA hard disk: |
| 143 | #d-i partman-auto/disk string /dev/sda |
| 144 | # In addition, you'll need to specify the method to use. |
| 145 | # The presently available methods are: |
| 146 | # - regular: use the usual partition types for your architecture |
| 147 | # - lvm: use LVM to partition the disk |
| 148 | # - crypto: use LVM within an encrypted partition |
| 149 | d-i partman-auto/method string lvm |
| 150 | |
| 151 | # If one of the disks that are going to be automatically partitioned |
| 152 | # contains an old LVM configuration, the user will normally receive a |
| 153 | # warning. This can be preseeded away... |
| 154 | d-i partman-lvm/device_remove_lvm boolean true |
| 155 | # The same applies to pre-existing software RAID array: |
| 156 | d-i partman-md/device_remove_md boolean true |
| 157 | # And the same goes for the confirmation to write the lvm partitions. |
| 158 | d-i partman-lvm/confirm boolean true |
| 159 | |
| 160 | # You can choose one of the three predefined partitioning recipes: |
| 161 | # - atomic: all files in one partition |
| 162 | # - home: separate /home partition |
| 163 | # - multi: separate /home, /usr, /var, and /tmp partitions |
| 164 | #d-i partman-auto/choose_recipe select atomic |
| 165 | |
| 166 | # Or provide a recipe of your own... |
| 167 | # If you have a way to get a recipe file into the d-i environment, you can |
| 168 | # just point at it. |
| 169 | #d-i partman-auto/expert_recipe_file string /hd-media/recipe |
| 170 | |
| 171 | # If not, you can put an entire recipe into the preconfiguration file in one |
| 172 | # (logical) line. This example creates a small /boot partition, suitable |
| 173 | # swap, and uses the rest of the space for the root partition: |
| 174 | #d-i partman-auto/expert_recipe string \ |
| 175 | # boot-root :: \ |
| 176 | # 40 50 100 ext3 \ |
| 177 | # $primary{ } $bootable{ } \ |
| 178 | # method{ format } format{ } \ |
| 179 | # use_filesystem{ } filesystem{ ext3 } \ |
| 180 | # mountpoint{ /boot } \ |
| 181 | # . \ |
| 182 | # 500 10000 1000000000 ext3 \ |
| 183 | # method{ format } format{ } \ |
| 184 | # use_filesystem{ } filesystem{ ext3 } \ |
| 185 | # mountpoint{ / } \ |
| 186 | # . \ |
| 187 | # 64 512 300% linux-swap \ |
| 188 | # method{ swap } format{ } \ |
| 189 | # . |
| 190 | |
| 191 | d-i partman-auto/expert_recipe string \ |
| 192 | hcoop-default :: \ |
| 193 | \ |
| 194 | 1 1 1 free \ |
| 195 | $iflabel{ gpt } \ |
| 196 | method{ biosgrub } . \ |
| 197 | \ |
| 198 | 128 512 256 ext2 \ |
| 199 | $defaultignore{ } \ |
| 200 | $bootable{ } \ |
| 201 | method{ format } \ |
| 202 | format{ } \ |
| 203 | use_filesystem{ } \ |
| 204 | filesystem{ ext2 } \ |
| 205 | mountpoint{ /boot } . \ |
| 206 | \ |
| 207 | 500 3000 90000000 $default_filesystem \ |
| 208 | $lvmok{ } \ |
| 209 | $bootable{ } \ |
| 210 | method{ format } \ |
| 211 | format{ } \ |
| 212 | use_filesystem{ } \ |
| 213 | $default_filesystem{ } \ |
| 214 | mountpoint{ / } . \ |
| 215 | \ |
| 216 | 5500 5000 5500 ext3 \ |
| 217 | $lvmok{ } \ |
| 218 | method{ format } \ |
| 219 | format{ } \ |
| 220 | use_filesystem{ } \ |
| 221 | filesystem{ ext3 } \ |
| 222 | mountpoint{ /var/cache/openafs } . \ |
| 223 | \ |
| 224 | 96 512 150% linux-swap \ |
| 225 | $lvmok{ } \ |
| 226 | method{ swap } \ |
| 227 | format{ } . \ |
| 228 | \ |
| 229 | 1000 300 1500 $default_filesystem \ |
| 230 | $lvmok{ } \ |
| 231 | method{ format } \ |
| 232 | format{ } \ |
| 233 | use_filesystem{ } \ |
| 234 | $default_filesystem{ } \ |
| 235 | mountpoint{ /tmp } . |
| 236 | |
| 237 | |
| 238 | # The full recipe format is documented in the file partman-auto-recipe.txt |
| 239 | # included in the 'debian-installer' package or available from D-I source |
| 240 | # repository. This also documents how to specify settings such as file |
| 241 | # system labels, volume group names and which physical devices to include |
| 242 | # in a volume group. |
| 243 | |
| 244 | # This makes partman automatically partition without confirmation, provided |
| 245 | # that you told it what to do using one of the methods above. |
| 246 | d-i partman-partitioning/confirm_write_new_label boolean true |
| 247 | d-i partman/choose_partition select finish |
| 248 | d-i partman/confirm boolean true |
| 249 | d-i partman/confirm_nooverwrite boolean true |
| 250 | |
| 251 | ## Partitioning using RAID |
| 252 | # The method should be set to "raid". |
| 253 | #d-i partman-auto/method string raid |
| 254 | # Specify the disks to be partitioned. They will all get the same layout, |
| 255 | # so this will only work if the disks are the same size. |
| 256 | #d-i partman-auto/disk string /dev/sda /dev/sdb |
| 257 | |
| 258 | # Next you need to specify the physical partitions that will be used. |
| 259 | #d-i partman-auto/expert_recipe string \ |
| 260 | # multiraid :: \ |
| 261 | # 1000 5000 4000 raid \ |
| 262 | # $primary{ } method{ raid } \ |
| 263 | # . \ |
| 264 | # 64 512 300% raid \ |
| 265 | # method{ raid } \ |
| 266 | # . \ |
| 267 | # 500 10000 1000000000 raid \ |
| 268 | # method{ raid } \ |
| 269 | # . |
| 270 | |
| 271 | # Last you need to specify how the previously defined partitions will be |
| 272 | # used in the RAID setup. Remember to use the correct partition numbers |
| 273 | # for logical partitions. RAID levels 0, 1, 5, 6 and 10 are supported; |
| 274 | # devices are separated using "#". |
| 275 | # Parameters are: |
| 276 | # <raidtype> <devcount> <sparecount> <fstype> <mountpoint> \ |
| 277 | # <devices> <sparedevices> |
| 278 | |
| 279 | #d-i partman-auto-raid/recipe string \ |
| 280 | # 1 2 0 ext3 / \ |
| 281 | # /dev/sda1#/dev/sdb1 \ |
| 282 | # . \ |
| 283 | # 1 2 0 swap - \ |
| 284 | # /dev/sda5#/dev/sdb5 \ |
| 285 | # . \ |
| 286 | # 0 2 0 ext3 /home \ |
| 287 | # /dev/sda6#/dev/sdb6 \ |
| 288 | # . |
| 289 | |
| 290 | # For additional information see the file partman-auto-raid-recipe.txt |
| 291 | # included in the 'debian-installer' package or available from D-I source |
| 292 | # repository. |
| 293 | |
| 294 | # This makes partman automatically partition without confirmation. |
| 295 | d-i partman-md/confirm boolean true |
| 296 | d-i partman-partitioning/confirm_write_new_label boolean true |
| 297 | d-i partman/choose_partition select finish |
| 298 | d-i partman/confirm boolean true |
| 299 | d-i partman/confirm_nooverwrite boolean true |
| 300 | |
| 301 | ## Controlling how partitions are mounted |
| 302 | # The default is to mount by UUID, but you can also choose "traditional" to |
| 303 | # use traditional device names, or "label" to try filesystem labels before |
| 304 | # falling back to UUIDs. |
| 305 | #d-i partman/mount_style select uuid |
| 306 | |
| 307 | ### Base system installation |
| 308 | # Configure APT to not install recommended packages by default. Use of this |
| 309 | # option can result in an incomplete system and should only be used by very |
| 310 | # experienced users. |
| 311 | #d-i base-installer/install-recommends boolean false |
| 312 | |
| 313 | # Select the initramfs generator used to generate the initrd for 2.6 kernels. |
| 314 | #d-i base-installer/kernel/linux/initramfs-generators string initramfs-tools |
| 315 | |
| 316 | # The kernel image (meta) package to be installed; "none" can be used if no |
| 317 | # kernel is to be installed. |
| 318 | d-i base-installer/kernel/image string linux-image-2.6-amd64 |
| 319 | |
| 320 | ### Apt setup |
| 321 | # You can choose to install non-free and contrib software. |
| 322 | #d-i apt-setup/non-free boolean true |
| 323 | #d-i apt-setup/contrib boolean true |
| 324 | # Uncomment this if you don't want to use a network mirror. |
| 325 | #d-i apt-setup/use_mirror boolean false |
| 326 | # Select which update services to use; define the mirrors to be used. |
| 327 | # Values shown below are the normal defaults. |
| 328 | d-i apt-setup/services-select multiselect security, volatile |
| 329 | d-i apt-setup/security_host string security.debian.org |
| 330 | d-i apt-setup/volatile_host string volatile.debian.org |
| 331 | |
| 332 | # Additional repositories, local[0-9] available |
| 333 | d-i apt-setup/local0/repository string \ |
| 334 | http://debian.hcoop.net/ stable main hcoop-config |
| 335 | d-i apt-setup/local0/comment string HCoop native packages |
| 336 | # Enable deb-src lines |
| 337 | d-i apt-setup/local0/source boolean true |
| 338 | # backports |
| 339 | d-i apt-setup/local1/repository string \ |
| 340 | http://debian.hcoop.net/ squeeze-backports main |
| 341 | d-i apt-setup/local1/comment string HCoop backport packages |
| 342 | # Enable deb-src lines |
| 343 | d-i apt-setup/local1/source boolean true |
| 344 | # Official backports |
| 345 | d-i apt-setup/local2/repository string \ |
| 346 | http://backports.debian.org/debian-backports squeeze-backports main |
| 347 | d-i apt-setup/local2/comment string Debian backports |
| 348 | # Enable deb-src lines |
| 349 | d-i apt-setup/local2/source boolean true |
| 350 | |
| 351 | # URL to the public key of the local repository; you must provide a key or |
| 352 | # apt will complain about the unauthenticated repository and so the |
| 353 | # sources.list line will be left commented out |
| 354 | #d-i apt-setup/local0/key string http://local.server/key |
| 355 | |
| 356 | # By default the installer requires that repositories be authenticated |
| 357 | # using a known gpg key. This setting can be used to disable that |
| 358 | # authentication. Warning: Insecure, not recommended. |
| 359 | # ul: THIS IS VERY VERY BAD AND MUST BE FIXME FIXME FIXME |
| 360 | d-i debian-installer/allow_unauthenticated boolean true |
| 361 | |
| 362 | ### Package selection |
| 363 | tasksel tasksel/first multiselect SSH server, Standard system utilities |
| 364 | # If the desktop task is selected, install the kde and xfce desktops |
| 365 | # instead of the default gnome desktop. |
| 366 | #tasksel tasksel/desktop multiselect kde, xfce |
| 367 | |
| 368 | # Individual additional packages to install |
| 369 | d-i pkgsel/include string build-essential less sudo vim emacs23-nox etckeeper changetrack openssh-server debsums logcheck bzip2 denyhosts rkhunter openafs-client ntp nscd krb5-user libpam-krb5 kstart ssmtp libpam-afs-session openafs-krb5 ferm libnss-afs hcoop-nsswitch-config hcoop-common-config hcoop-firewall-config hcoop-krb5-config hcoop-openssh-server-config \ |
| 370 | mlton-compiler mlton-tools libssl-dev libpcre3-dev # domtool deps, a metapackage would be useful here |
| 371 | # Whether to upgrade packages after debootstrap. |
| 372 | # Allowed values: none, safe-upgrade, full-upgrade |
| 373 | d-i pkgsel/upgrade select safe-upgrade |
| 374 | |
| 375 | # Some versions of the installer can report back on what software you have |
| 376 | # installed, and what software you use. The default is not to report back, |
| 377 | # but sending reports helps the project determine what software is most |
| 378 | # popular and include it on CDs. |
| 379 | #popularity-contest popularity-contest/participate boolean false |
| 380 | |
| 381 | ### Finishing up the installation |
| 382 | # During installations from serial console, the regular virtual consoles |
| 383 | # (VT1-VT6) are normally disabled in /etc/inittab. Uncomment the next |
| 384 | # line to prevent this. |
| 385 | #d-i finish-install/keep-consoles boolean true |
| 386 | |
| 387 | # Avoid that last message about the install being complete. |
| 388 | d-i finish-install/reboot_in_progress note |
| 389 | |
| 390 | # This will prevent the installer from ejecting the CD during the reboot, |
| 391 | # which is useful in some situations. |
| 392 | #d-i cdrom-detect/eject boolean false |
| 393 | |
| 394 | # This is how to make the installer shutdown when finished, but not |
| 395 | # reboot into the installed system. |
| 396 | #d-i debian-installer/exit/halt boolean true |
| 397 | # This will power off the machine instead of just halting it. |
| 398 | #d-i debian-installer/exit/poweroff boolean true |
| 399 | |
| 400 | ### Preseeding other packages |
| 401 | # Depending on what software you choose to install, or if things go wrong |
| 402 | # during the installation process, it's possible that other questions may |
| 403 | # be asked. You can preseed those too, of course. To get a list of every |
| 404 | # possible question that could be asked during an install, do an |
| 405 | # installation, and then run these commands: |
| 406 | # debconf-get-selections --installer > file |
| 407 | # debconf-get-selections >> file |
| 408 | |
| 409 | libpam-runtime libpam-runtime/profiles multiselect krb5, unix, afs-session |
| 410 | |
| 411 | #debconf debconf/frontend select Dialog |
| 412 | debconf debconf/priority select critical |
| 413 | |
| 414 | #openafs-client openafs-client/run-client boolean true |
| 415 | #openafs-client openafs-client/dynroot boolean true |
| 416 | |
| 417 | openafs-client openafs-client/thiscell string hcoop.net |
| 418 | openafs-client openafs-client/cachesize string 500000 |
| 419 | openafs-client openafs-client/fakestat boolean true |
| 420 | |
| 421 | # warning: used to shut the installer up, but we're actually shipping |
| 422 | # a static kerberos config! |
| 423 | krb5-config krb5-config/add_servers_realm string HCOOP.NET |
| 424 | # krb5 1.10 still does not support distributing the admin server |
| 425 | # location via DNS. Remove when it does. |
| 426 | krb5-config krb5-config/admin_server string kerberos-adm.hcoop.net |
| 427 | |
| 428 | ssmtp ssmtp/root string logs |
| 429 | ssmtp ssmtp/rewritedomain string hcoop.net |
| 430 | ssmtp ssmtp/mailhub string mail |
| 431 | |
| 432 | rkhunter rkhunter/cron_daily_run boolean true |
| 433 | rkhunter rkhunter/cron_db_update boolean true |
| 434 | |
| 435 | #### Advanced options |
| 436 | ### Running custom commands during the installation |
| 437 | # d-i preseeding is inherently not secure. Nothing in the installer checks |
| 438 | # for attempts at buffer overflows or other exploits of the values of a |
| 439 | # preconfiguration file like this one. Only use preconfiguration files from |
| 440 | # trusted locations! To drive that home, and because it's generally useful, |
| 441 | # here's a way to run any shell command you'd like inside the installer, |
| 442 | # automatically. |
| 443 | |
| 444 | # This first command is run as early as possible, just after |
| 445 | # preseeding is read. |
| 446 | #d-i preseed/early_command string anna-install some-udeb |
| 447 | # This command is run immediately before the partitioner starts. It may be |
| 448 | # useful to apply dynamic partitioner preseeding that depends on the state |
| 449 | # of the disks (which may not be visible when preseed/early_command runs). |
| 450 | #d-i partman/early_command \ |
| 451 | # string debconf-set partman-auto/disk "$(list-devices disk | head -n1)" |
| 452 | # This command is run just before the install finishes, but when there is |
| 453 | # still a usable /target directory. You can chroot to /target and use it |
| 454 | # directly, or use the apt-install and in-target commands to easily install |
| 455 | # packages and run commands in the target system. |
| 456 | #d-i preseed/late_command string apt-install zsh; in-target chsh -s /bin/zsh |
| 457 | |