# Preseed file # # Copyright © 2013,2014 Guilhem Moulin # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . ################################################################################ # Fripost specific options # Which script should be used for partitioning? The path should be absolute, # and the script must be executable. (This is mandatory) d-i fripost/partition-script string /cdrom/include/partition.sh # Which kind of data fill the disk with before encryption? 'none' means disks # will NOT be wiped, otherwise use /dev/{zero,urandom,random} as the source # data to fill disks with. Beware that the later two may drain the entropy # pool of the system! (Default: zero) #d-i fripost/wipe-device string zero # Should the system disk be fully encrypted? (Excluding /boot.) (Default: true) #d-i fripost/encrypt boolean true # Password for full-disk encryption? If left empty (recommended, and the # default), a SSH daemon will be fired up and the automatic install will be # interupted, waiting for the user to dump the password on the standard input. #d-i fripost/encryption-password string # Listening [address:]port for dropbear? If port is a range (e.g., 1024-65535), # a random port in that range is chosen. Leaving the question empty is # equivalent to specifying the range of registered port 1024-49151. This is only # used for remote (SSH) unlocking of encrypted disks. (Default: 22) #d-i fripost/initrd-ssh-port string 22 # Use the same key for dropbear and OpenSSH? If False, generate a dedicated key # for dropbear. (Default: false) #d-i fripost/dropbear-use-openssh-key boolean false # Keep /media and its kids' entries in the fstab? /media (and its related # entries in the fstab) can safely be removed on a headless server. (Default: # false) #d-i fripost/keep-media-directory boolean false # Display the final notice before rebooting? It's good to show SSH # fingerprints, because it defeats MiTM-attacks. (Default: true) #d-i fripost/final-notice boolean true ################################################################################ # Network. You probably want to change the host and domain names. d-i netcfg/choose_interface select auto d-i netcfg/get_hostname string civett d-i netcfg/get_domain string fripost.org ################################################################################ # Users. You probably want to change the user name and password. adduser adduser/homedir-permission boolean false d-i passwd/root-login boolean false d-i passwd/shadow boolean true d-i passwd/user-fullname string Leif-Jöran Olsson d-i passwd/username string ljo # TODO: should be generated by preseed.sh: echo ... | mkpasswd -s -m SHA-512 d-i passwd/user-password-crypted password $6$bf9/Eo6Tyz$sEq8aa225jvvAO5CF.PGtJuZyXfU2AykqqFvCs1n8vaj5yoiy04jtivvgO6H2UavnVkbm7nH3ZRGxuLPGehYs1 ################################################################################ # Locales d-i debian-installer/locale string en_US.UTF-8 d-i localechooser/supported-locales multiselect sv_SE.UTF-8 d-i keyboard-configuration/xkb-keymap string locales locales/default_environment_locale string en_US.UTF-8 locales locales/locales_to_be_generated string en_US.UTF-8 UTF-8, sv_SE.UTF-8 UTF-8 ################################################################################ # Assume the clock is UTC. Always use NTP. d-i clock-setup/utc boolean true d-i clock-setup/ntp boolean true d-i clock-setup/ntp-server string 0.se.pool.ntp.org d-i time/zone string Europe/Stockholm ################################################################################ # dpkg/APT (install minimal system) # Debian archive mirror hostname (installer only): d-i mirror/country string manual d-i mirror/http/hostname string ftp.se.debian.org d-i mirror/http/directory string /debian d-i mirror/http/proxy string popularity-contest popularity-contest/participate boolean true d-i base-installer/kernel/image string linux-image-amd64 d-i base-installer/kernel/linux/initramfs-generators string initramfs-tools postfix postfix/main_mailer_type string No configuration postfix postfix/mailname string localhost.localdomain # A subset of 'standard' is interesting: tasksel --task-packages standard tasksel tasksel/first string d-i pkgsel/include string git heirloom-mailx python-apt etckeeper \ bash bash-completion \ bind9-host curl screen \ postfix vim-nox d-i pkgsel/upgrade select safe-upgrade d-i preseed/early_command string anna-install fripost-partman fripost-postinst d-i preseed/late_command string /bin/in-target /usr/bin/update-alternatives --set editor /usr/bin/vim.nox