{{>toc}}

h1. Preseed

h2. Documentation

This page document a preseed setup in an environment where you already have a DHCP server. The idea is to add a PXE server that will do only the PXE part of the work.

Assuming :

* on the PXE server : apt-get install dnsmasq 

* you have a DHCP (no PXE) server at 10.2.255.254

* your PXE server interface is eth0

* your PXE server IP on eth0 is 10.2.137.101

* you have an http proxy which will be useful to cache locally all downloaded packages, here : http://cache.ut-capitole.fr:3128

* the machine to be installed have an /dev/sda large enough for a 20GB (20000000) bootable root partition

h2. Files

h3. dnsmasq

<pre>

root@c1:~# cat /etc/dnsmasq.d/pxeu.conf

# disable dns

port=0

interface=eth0

# replace with real dhcp server

#dhcp-range=192.168.1.0,proxy

dhcp-range=10.2.255.254,proxy

# Tell PXE clients not to use multicast discovery

dhcp-option=vendor:PXEClient,6,2b

dhcp-no-override

# Enable this for better debugging

#log-dhcp

enable-tftp

tftp-root=/var/lib/tftpboot

pxe-service=x86PC, "Install Linux", pxelinux

</pre>

h3. tftpboot

Run the following script:

<pre>

root@c1:~# cat pxe-setup.sh 

#!/bin/bash

set -x

YOURMIRROR=archive.ubuntu.com

ARCH=amd64

VENDOR=ubuntu

DIST=trusty

DEST=/var/lib/tftpboot

mkdir -p $DEST

cd $DEST

rm -rf netboot.tar.gz Release* SHA* ${VENDOR}-installer version.info pxelinux.0 pxelinux.cfg ldlinux.c32

wget -q http://"$YOURMIRROR"/${VENDOR}/dists/${DIST}/main/installer-"$ARCH"/current/images/netboot/netboot.tar.gz

wget -q http://"$YOURMIRROR"/${VENDOR}/dists/${DIST}/main/installer-"$ARCH"/current/images/SHA256SUMS

wget -q http://"$YOURMIRROR"/${VENDOR}/dists/${DIST}/Release

wget -q http://"$YOURMIRROR"/${VENDOR}/dists/${DIST}/Release.gpg

tar -xzf netboot.tar.gz

</pre>

h3. preseed.cfg

<pre>

root@c1:/var/lib/tftpboot# cat preseed.cfg

### Localization

# Preseeding only locale sets language, country and locale.

d-i debian-installer/locale string en_US.UTF-8

# Keyboard selection.

# Disable automatic (interactive) keymap detection.

d-i console-setup/ask_detect boolean false

d-i keyboard-configuration/layoutcode string fr

### Network configuration

# netcfg will choose an interface that has link if possible. This makes it

# skip displaying a list if there is more than one interface.

d-i netcfg/choose_interface select auto

# Just in case our DHCP server is busy.

d-i netcfg/dhcp_timeout string 60

# Any hostname and domain names assigned from dhcp take precedence over

# values set here. However, setting the values still prevents the questions

# from being shown, even if values come from dhcp.

d-i netcfg/get_hostname string unassigned-hostname

d-i netcfg/get_domain string unassigned-domain

# Disable that annoying WEP key dialog.

d-i netcfg/wireless_wep string

# Always install the server kernel

d-i	base-installer/kernel/override-image string linux-server

### Mirror settings

# Alternatively: by default, the installer uses CC.archive.ubuntu.com where

# CC is the ISO-3166-2 code for the selected country. You can preseed this

# so that it does so without asking.

d-i mirror/http/mirror select archive.ubuntu.com

d-i mirror/http/proxy string http://cache.ut-capitole.fr:3128

### Clock and time zone setup

# Controls whether or not the hardware clock is set to UTC.

d-i clock-setup/utc boolean true

# You may set this to any valid setting for $TZ; see the contents of

# /usr/share/zoneinfo/ for valid values.

d-i time/zone string Etc/UTC

# Controls whether to use NTP to set the clock during the install

d-i clock-setup/ntp boolean true

### Partitioning

d-i partman-auto/disk string /dev/sda

# The presently available methods are:

# - regular: use the usual partition types for your architecture

# - lvm:     use LVM to partition the disk

# - crypto:  use LVM within an encrypted partition

d-i partman-auto/method string regular

# If one of the disks that are going to be automatically partitioned

# contains an old LVM configuration, the user will normally receive a

# warning. This can be preseeded away...

d-i partman-lvm/device_remove_lvm boolean true

# The same applies to pre-existing software RAID array:

d-i partman-md/device_remove_md boolean true

# And the same goes for the confirmation to write the lvm partitions.

d-i partman-lvm/confirm boolean true

# For LVM partitioning, you can select how much of the volume group to use

# for logical volumes.

#d-i partman-auto-lvm/guided_size string max

# You can choose one of the three predefined partitioning recipes:

# - atomic: all files in one partition

# - home:   separate /home partition

# - multi:  separate /home, /usr, /var, and /tmp partitions

# d-i partman-auto/choose_recipe select atomic

d-i partman-auto/expert_recipe string root :: 2048 30720 20000000 ext4 \

			$primary{ } $bootable{ } \

			method{ format } format{ } \

			use_filesystem{ } filesystem{ ext4 } \

			mountpoint{ / } .

partman-basicfilesystems partman-basicfilesystems/no_swap boolean false

d-i partman-basicfilesystems partman-basicfilesystems/no_swap boolean false 

# If you just want to change the default filesystem from ext3 to something

# else, you can do that without providing a full recipe.

d-i partman/default_filesystem string ext4

# This makes partman automatically partition without confirmation, provided

# that you told it what to do using one of the methods above.

d-i partman-partitioning/confirm_write_new_label boolean true

d-i partman/choose_partition select finish

d-i partman/confirm boolean true

d-i partman/confirm_nooverwrite boolean true

### Base system installation

### Account setup

d-i passwd/root-password password root

d-i passwd/root-password-again password root

# To create a normal user account.

d-i passwd/user-fullname string guest

d-i passwd/username string guest

d-i passwd/user-password password guest

d-i passwd/user-password-again password guest

# The installer will warn about weak passwords. If you are sure you know

# what you're doing and want to override it, uncomment this.

d-i user-setup/allow-password-weak boolean true

# Set to true if you want to encrypt the first user's home directory.

d-i user-setup/encrypt-home boolean false

### Apt setup

# You can choose to install restricted and universe software, or to install

# software from the backports repository.

#d-i apt-setup/restricted boolean true

#d-i apt-setup/universe boolean true

#d-i apt-setup/backports boolean true

# Uncomment this if you don't want to use a network mirror.

#d-i apt-setup/use_mirror boolean false

# Select which update services to use; define the mirrors to be used.

# Values shown below are the normal defaults.

#d-i apt-setup/services-select multiselect security

#d-i apt-setup/security_host string security.ubuntu.com

#d-i apt-setup/security_path string /ubuntu

# Additional repositories, local[0-9] available

#d-i apt-setup/local0/repository string \

#       http://local.server/ubuntu squeeze main

#d-i apt-setup/local0/comment string local server

# Enable deb-src lines

#d-i apt-setup/local0/source boolean true

# URL to the public key of the local repository; you must provide a key or

# apt will complain about the unauthenticated repository and so the

# sources.list line will be left commented out

#d-i apt-setup/local0/key string http://local.server/key

### Package selection

tasksel	tasksel/force-tasks	string standard,server,desktop

tasksel tasksel/first multiselect standard,server,desktop

# Individual additional packages to install

d-i pkgsel/include string openssh-server tftp-hpa software-properties-common python-apt python-pycurl python-setuptools

# Whether to upgrade packages after debootstrap.

# Allowed values: none, safe-upgrade, full-upgrade

d-i pkgsel/upgrade select full-upgrade

# Language pack selection

d-i pkgsel/language-packs multiselect en

# No language support packages

d-i	pkgsel/install-language-support	boolean false

# Policy for applying updates. May be "none" (no automatic updates),

# "unattended-upgrades" (install security updates automatically), or

# "landscape" (manage system with Landscape).

d-i pkgsel/update-policy select unattended-upgrades

# Verbose output and no boot splash screen

d-i	debian-installer/quiet	boolean false

d-i	debian-installer/splash	boolean false

### Boot loader installation

# This is fairly safe to set, it makes grub install automatically to the MBR

# if no other operating system is detected on the machine.

d-i grub-installer/only_debian boolean true

# This one makes grub-installer install to the MBR if it also finds some other

# OS, which is less safe as it might not be able to boot that other OS.

d-i grub-installer/with_other_os boolean true

# Wait for two seconds in grub

d-i	grub-installer/timeout string 2

# Use the following option to add additional boot parameters for the

# installed system (if supported by the bootloader installer).

# Note: options passed to the installer will be added automatically.

# d-i debian-installer/add-kernel-opts string vga=normal nomodeset audit=0 intel_idle.max_cstate=0 processor.max_cstate=1 cgroup_enable=memory swapaccount=1

### Finishing up the installation

# Avoid that last message about the install being complete.

d-i finish-install/reboot_in_progress note

#### Advanced options

### Running custom commands during the installation

# d-i preseeding is inherently not secure. Nothing in the installer checks

# for attempts at buffer overflows or other exploits of the values of a

# preconfiguration file like this one. Only use preconfiguration files from

# trusted locations! To drive that home, and because it's generally useful,

# here's a way to run any shell command you'd like inside the installer,

# automatically.

# This first command is run as early as possible, just after

# preseeding is read.

#d-i preseed/early_command string anna-install some-udeb

# This command is run immediately before the partitioner starts. It may be

# useful to apply dynamic partitioner preseeding that depends on the state

# of the disks (which may not be visible when preseed/early_command runs).

#d-i partman/early_command \

#       string debconf-set partman-auto/disk "$(list-devices disk | head -n1)"

# This command is run just before the install finishes, but when there is

# still a usable /target directory. You can chroot to /target and use it

# directly, or use the apt-install and in-target commands to easily install

# packages and run commands in the target system.

#d-i preseed/late_command string \

#    in-target tftp 172.16.0.1 -c get postpreseed.sh; \

#    in-target chmod +x postpreseed.sh; \

#    in-target /bin/bash -x postpreseed.sh; \

#    in-target rm -f postpreseed.sh;

</pre>

h3. default

<pre>

root@c1:/var/lib/tftpboot/pxelinux.cfg# cat default 

DEFAULT ubuntu-installer/amd64/boot-screens/vesamenu.c32

label Boot local disk

	LOCALBOOT 0x80

label install

	kernel ubuntu-installer/amd64/linux

	append auto=true priority=critical initrd=ubuntu-installer/amd64/initrd.gz locale=en_GB.UTF-8 kbd-chooser/method=gb netcfg/choose_interface=auto url=tftp://10.2.137.101/preseed.cfg

</pre>