From 40a0623ad05136ba671fbf42b92dd77d52b37e29 Mon Sep 17 00:00:00 2001 From: phg Date: Wed, 4 Feb 2026 21:10:13 +0100 Subject: [PATCH] Debian build works; Manual LUKS passphrase entry still required --- debian/13-trixie/debian-trixie.pkr.hcl | 1 + debian/13-trixie/http/preseed.cfg | 139 +++++++++++++++++++------ variables-common.pkr.hcl | 6 ++ 3 files changed, 117 insertions(+), 29 deletions(-) diff --git a/debian/13-trixie/debian-trixie.pkr.hcl b/debian/13-trixie/debian-trixie.pkr.hcl index d2fdede..1ccb88f 100644 --- a/debian/13-trixie/debian-trixie.pkr.hcl +++ b/debian/13-trixie/debian-trixie.pkr.hcl @@ -82,6 +82,7 @@ source "proxmox-iso" "debian-13-trixie" { # PACKER Autoinstall Settings http_directory = "debian/13-trixie/http" + http_interface = "${var.source_proxmox_http_interface}" # SSH Settings ssh_username = "root" diff --git a/debian/13-trixie/http/preseed.cfg b/debian/13-trixie/http/preseed.cfg index 99e0a78..ac49ad3 100644 --- a/debian/13-trixie/http/preseed.cfg +++ b/debian/13-trixie/http/preseed.cfg @@ -1,78 +1,159 @@ -# Language -d-i debian-installer/locale string en_US.UTF-8 +#_preseed_V1 -# Keyboard +### Localization +d-i debian-installer/locale string en_US.UTF-8 d-i keyboard-configuration/xkb-keymap select us +### Unattended d-i auto-install/enable boolean true +d-i debconf/priority select critical d-i debian-installer/framebuffer boolean false -# Network +### Network d-i netcfg/choose_interface select ens18 -d-i netcfg/get_hostname string debian_foobar +d-i netcfg/get_hostname string debian-13-template d-i netcfg/get_domain string d-i netcfg/wireless_wep string d-i netcfg/disable_dhcp boolean false -# Root Password +### Root Password (no user) d-i passwd/make-user boolean false d-i passwd/root-password password packer d-i passwd/root-password-again password packer -# Turn CD Off +### Mirror / APT d-i apt-setup/cdrom/set-first boolean false d-i apt-setup/cdrom/set-next boolean false d-i apt-setup/cdrom/set-failed boolean false -d-i apt-setup/local0/repository string http://deb.debian.org/debian/ trixie main contrib non-free -popularity-contest popularity-contest/participate boolean false - -### Mirror settings d-i mirror/country string manual d-i mirror/http/hostname string ftp.de.debian.org d-i mirror/http/directory string /debian d-i mirror/http/proxy string -# Timezone +# If you want an explicit suite: +# d-i mirror/suite string trixie + +# Your extra repo line (updated to also include non-free-firmware for trixie) +d-i apt-setup/local0/repository string http://ftp.de.debian.org/debian/ trixie main contrib non-free non-free-firmware +popularity-contest popularity-contest/participate boolean false + +d-i apt-setup/contrib boolean true +d-i apt-setup/non-free boolean true +d-i apt-setup/non-free-firmware boolean true +d-i apt-setup/security_host string security.debian.org +d-i apt-setup/services-select multiselect security, updates + +### Timezone d-i clock-setup/utc boolean true d-i time/zone string UTC d-i clock-setup/ntp boolean true -# Storage -d-i partman-auto/method string lvm +### Storage (UEFI + /boot + LUKS/LVM) +# Pick first detected disk automatically +d-i preseed/early_command string \ + DISK="$(list-devices disk | head -n1)"; \ + debconf-set partman-auto/disk "$DISK"; + +# "crypto" = LVM within an encrypted partition [oai_citation:3‡Debian](https://www.debian.org/releases/stable/amd64/apbs04.en.html) +d-i partman-auto/method string crypto d-i partman-auto-lvm/guided_size string max +d-i partman-auto-lvm/new_vg_name string vg0 + +# Cleanup old metadata if present d-i partman-lvm/device_remove_lvm boolean true d-i partman-md/device_remove_md boolean true + +# Confirmations d-i partman-lvm/confirm boolean true d-i partman-lvm/confirm_nooverwrite boolean true -d-i partman-auto/choose_recipe select atomic +d-i partman-md/confirm boolean true +d-i partman-md/confirm_nooverwrite boolean true + +# LUKS password +d-i partman-crypto/passphrase password packer +d-i partman-crypto/passphrase-again password packer +d-i partman-crypto/weak_passphrase boolean true +d-i partman-crypto/confirm boolean true +d-i partman-auto-crypto/erase_disks boolean false + +# Ensure GPT +d-i partman-partitioning/choose_label select gpt +d-i partman-partitioning/default_label string gpt + +# Force UEFI (if needed in your environment) +d-i partman-efi/non_efi_system boolean true + +# Do NOT go back to partitioning menu if a partition/LV has no filesystem +d-i partman-basicmethods/method_only boolean false + +# Accept installing without swap (answer "No" to the warning) +d-i partman-basicfilesystems/no_swap boolean false +d-i partman-basicfilesystems/no_swap seen true + +# Custom recipe +# NOTE: Avoid putting comments inside this expert_recipe block; d-i can ignore it. [oai_citation:4‡Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/796185/debian-preseed-install-auto-creates-swap) +d-i partman-auto/choose_recipe select luks-lvm +d-i partman-auto/expert_recipe string \ + luks-lvm :: \ + 1075 1075 1075 fat32 \ + $primary{ } \ + $iflabel{ gpt } \ + $reusemethod{ } \ + method{ efi } \ + format{ } \ + filesystem{ fat32 } \ + mountpoint{ /boot/efi } \ + . \ + 1075 1075 1075 ext4 \ + $primary{ } \ + $defaultignore{ } \ + method{ format } \ + format{ } \ + use_filesystem{ } \ + filesystem{ ext4 } \ + mountpoint{ /boot } \ + . \ + 25770 25770 25770 ext4 \ + $lvmok{ } \ + lv_name{ root } \ + method{ format } \ + format{ } \ + use_filesystem{ } \ + filesystem{ ext4 } \ + mountpoint{ / } \ + . \ + 1 10000 -1 ext4 \ + $lvmok{ } \ + lv_name{ reserved } \ + method{ keep } \ + . + d-i partman-partitioning/confirm_write_new_label boolean true d-i partman/choose_partition select finish d-i partman/confirm boolean true d-i partman/confirm_nooverwrite boolean true -# Software -d-i debconf debconf/frontend select noninteractive +### Software +d-i debconf/frontend select noninteractive tasksel tasksel/first multiselect standard, ssh-server -d-i apt-setup/contrib boolean true -d-i apt-setup/non-free boolean true -d-i apt-setup/security_host string security.debian.org -d-i apt-setup/services-select multiselect security, updates - - d-i pkgsel/include string qemu-guest-agent cloud-init curl vim d-i pkgsel/upgrade select full-upgrade d-i pkgsel/update-policy select none d-i pkgsel/updatedb boolean true -d-i preseed/late_command string \ - in-target sed -e 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' -i /etc/ssh/sshd_config - -# Bootloader +### Bootloader d-i grub-installer/only_debian boolean true d-i grub-installer/with_other_os boolean true -d-i grub-installer/bootdev string default +d-i grub-installer/bootdev string default -# Finish +### Late command (single declaration; multiple commands chained) +# 1) Remove filler LV so vg0 has free space after install +# 2) Enable root ssh login (same intent as your original) +d-i preseed/late_command string \ + lvremove -f /dev/vg0/reserved || true; \ + in-target sed -i 's/^#PermitRootLogin .*/PermitRootLogin yes/' /etc/ssh/sshd_config || true + +### Finish d-i finish-install/reboot_in_progress note diff --git a/variables-common.pkr.hcl b/variables-common.pkr.hcl index ad0edd8..7021f69 100644 --- a/variables-common.pkr.hcl +++ b/variables-common.pkr.hcl @@ -9,3 +9,9 @@ variable "proxmox_skip_tls_verify" { default = false description = "Whether to skip TLS verification for Proxmox API" } + +variable "source_proxmox_http_interface" { + type = string + default = "en18" + description = "The network interface to use for the Proxmox HTTP source" +}