annttu/setup.sh

## setup.sh
#!/bin/bash

# Setup Debian PXEinstall environment

export MYIP=10.66.6.1 # TODO: Setup this
export MYINTERFACE=$(netstat -ie | grep -B1 "$MYIP" | head -n1 | awk '{print $1}')

if [ -z "$MYINTERFACE" ]
then
     echo "Setup ip $MYIP first"
     exit 1
fi

apt-get install --no-install-recommends -y tftpd-hpa isc-dhcp-server nginx

mkdir /srv/tftp
cd /srv/tftp
wget http://ftp.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/netboot.tar.gz
tar -xf netboot.tar.gz
rm netboot.tar.gz

cat > debian-installer/amd64/boot-screens/txt.cfg <<EOF
default preseed-install

label preseed-install
	menu label ^Preseed Install
	menu default
	kernel debian-installer/amd64/linux
	initrd debian-installer/amd64/initrd.gz
	append vga=788 nofb nomodeset auto=true priority=critical url=http://$MYIP/preseed console-setup/layoutcode=fi interface=auto

label install
	menu label ^Install
	menu default
	kernel debian-installer/amd64/linux
	append vga=788 initrd=debian-installer/amd64/initrd.gz --- quiet
EOF

cat > /var/www/html/preseed <<EOF
d-i debian-installer/locale string en_US.UTF-8
d-i keymap select fi
d-i debian-installer/language string en
d-i keyboard-configuration/xkb-keymap select fi
d-i debian-installer/country string FI

d-i console-setup/ask_detect boolean false
d-i console-setup/layoutcode string fi
d-i clock-setup/utc boolean true
d-i time/zone string Europe/Helsinki

d-i netcfg/dhcp_timeout string 10
d-i netcfg/dhcpv6_timeout string 2

base-config     apt-setup/non-free      boolean true
d-i mirror/country string manual
d-i mirror/http/hostname string ftp.fi.debian.org
d-i mirror/http/directory string /debian
d-i mirror/http/proxy string


d-i passwd/root-login boolean true
d-i passwd/make-user boolean false


# clock is set to UTC
d-i clock-setup/utc boolean true
# timezone is EET
d-i time/zone string EET
# use ntp to setup clock
d-i clock-setup/ntp boolean true

# install base system
d-i base-installer/install-recommends boolean false
# Ei standard systeemiä!
#tasksel tasksel/first multiselect manual
#tasksel/skip-tasks multiselect server, standard, laptop
tasksel tasksel/tasks multiselect
tasksel tasksel/first multiselect SSH Server
#tasksel tasksel/skip-tasks standard, server, laptop
d-i pkgsel/include string openssh-server screen vim-nox aptitude python sudo
# Ei paiviteta viela
d-i pkgsel/upgrade select none

d-i pkgsel/updatedb boolean false

popularity-contest popularity-contest/participate boolean false

d-i apt-setup/non-free boolean true
d-i apt-setup/contrib boolean true

d-i apt-setup/services-select multiselect security, volatile
d-i apt-setup/security_host string security.debian.org
d-i apt-setup/volatile_host string volatile.debian.org


### Misc options
# Disable that annoying WEP key dialog.
d-i netcfg/wireless_wep string
# Allow non-free firmware
d-i hw-detect/load_firmware boolean true
# Avoid that last message about the install being complete.
d-i finish-install/reboot_in_progress note

d-i preseed/late_command string cp -pr /tmp/preserve /target/tmp/ ; wget -O /target/root/post.sh -q "http://$MYIP/debian-post.sh" ; in-target sh /root/post.sh ; rm /target/root/post.sh
EOF


cat > /var/www/html/debian-post.sh <<EOT
#!/bin/bash

apt-get install --no-install-recommends -y lsb-release openssh-server sudo

mkdir -p /root/.ssh
chmod 700 /root/.ssh

cat >> /root/.ssh/authorized_keys <<EOF
YOUR_SSH_KEY_HERE!!!!!
EOF

chmod 600 /root/.ssh/authorized_keys
EOT

sed -i'' -e 's#TFTP_DIRECTORY=.*#TFTP_DIRECTORY="/srv/tftp"#' -e 's#TFTP_ADDRESS="'$MYIP':69"#' /etc/default/tftpd-hpa

mv /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.orig

cat > /etc/dhcp/dhcpd.conf <<EOF
ddns-update-style none;

option domain-name "pxe.install";
option domain-name-servers 8.8.8.8,8.8.4.4;

default-lease-time 600;
max-lease-time 7200;
authoritative;

log-facility local7;

allow booting;

subnet 10.66.6.0 netmask 255.255.255.0 {
    range 10.66.6.100 10.66.6.200;
    option routers 10.66.6.1;
    filename "pxelinux.0";
    next-server $MYIP;
}
EOF

sed -i'' -e 's#INTERFACES=.*#INTERFACES="'$MYINTERFACE'"#' /etc/default/isc-dhcp-server

systemctl restart isc-dhcp-server

# Setup nat and input rules
export OUTERFACE="$(netstat -nr |egrep "^0.0.0.0" |awk '{print $8}')"
iptables -t nat -A POSTROUTING -o "$OUTERFACE" -j MASQUERADE
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i "$MYINTERFACE" -o "$OUTERFACE" -j ACCEPT

iptables -A INPUT -i "$MYINTERFACE" -j ACCEPT

sysclt -w net.ipv4.ip_forward=1

echo done

## update_installer.sh
#!/bin/bash

set -x

TFTPROOT=/srv/tftpboot

wget http://ftp.fi.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/bootnetx64.efi -O ${TFTPROOT}/debian-installer/amd64/bootnetx64.efi
wget http://ftp.fi.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/linux -O ${TFTPROOT}/debian-installer/amd64/linux
wget http://ftp.fi.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/pxelinux.0 -O ${TFTPROOT}/debian-installer/amd64/pxelinux.0

# Patch non free firmware
wget http://cdimage.debian.org/cdimage/unofficial/non-free/firmware/stable/current/firmware.tar.gz -O /tmp/stable_firmware.tar.gz
wget http://ftp.fi.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz -O /tmp/stable_initrd_orig.gz
rm -r /tmp/stable_firmware
mkdir /tmp/stable_firmware
tar -C /tmp/stable_firmware -zxf /tmp/stable_firmware.tar.gz

cd /tmp/stable_firmware
for i in *.deb
do
   dpkg -x $i pallo
   cd pallo
   pax -x sv4cpio -s '%lib%/lib%' -w lib | gzip -c >> ../firmware.gz
   cd ..
done
# TODO unpack per deb
cat /tmp/stable_initrd_orig.gz /tmp/stable_firmware/firmware.gz > /tmp/stable_initrd.gz

mv /tmp/stable_initrd.gz ${TFTPROOT}/debian-installer/amd64/initrd.gz
	#!/bin/bash

	# Setup Debian PXEinstall environment

	export MYIP=10.66.6.1 # TODO: Setup this
	export MYINTERFACE=$(netstat -ie \| grep -B1 "$MYIP" \| head -n1 \| awk '{print $1}')

	if [ -z "$MYINTERFACE" ]
	then
	echo "Setup ip $MYIP first"
	exit 1
	fi

	apt-get install --no-install-recommends -y tftpd-hpa isc-dhcp-server nginx

	mkdir /srv/tftp
	cd /srv/tftp
	wget http://ftp.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/netboot.tar.gz
	tar -xf netboot.tar.gz
	rm netboot.tar.gz

	cat > debian-installer/amd64/boot-screens/txt.cfg <<EOF
	default preseed-install

	label preseed-install
	menu label ^Preseed Install
	menu default
	kernel debian-installer/amd64/linux
	initrd debian-installer/amd64/initrd.gz
	append vga=788 nofb nomodeset auto=true priority=critical url=http://$MYIP/preseed console-setup/layoutcode=fi interface=auto

	label install
	menu label ^Install
	menu default
	kernel debian-installer/amd64/linux
	append vga=788 initrd=debian-installer/amd64/initrd.gz --- quiet
	EOF

	cat > /var/www/html/preseed <<EOF
	d-i debian-installer/locale string en_US.UTF-8
	d-i keymap select fi
	d-i debian-installer/language string en
	d-i keyboard-configuration/xkb-keymap select fi
	d-i debian-installer/country string FI

	d-i console-setup/ask_detect boolean false
	d-i console-setup/layoutcode string fi
	d-i clock-setup/utc boolean true
	d-i time/zone string Europe/Helsinki

	d-i netcfg/dhcp_timeout string 10
	d-i netcfg/dhcpv6_timeout string 2

	base-config apt-setup/non-free boolean true
	d-i mirror/country string manual
	d-i mirror/http/hostname string ftp.fi.debian.org
	d-i mirror/http/directory string /debian
	d-i mirror/http/proxy string


	d-i passwd/root-login boolean true
	d-i passwd/make-user boolean false


	# clock is set to UTC
	d-i clock-setup/utc boolean true
	# timezone is EET
	d-i time/zone string EET
	# use ntp to setup clock
	d-i clock-setup/ntp boolean true

	# install base system
	d-i base-installer/install-recommends boolean false
	# Ei standard systeemiä!
	#tasksel tasksel/first multiselect manual
	#tasksel/skip-tasks multiselect server, standard, laptop
	tasksel tasksel/tasks multiselect
	tasksel tasksel/first multiselect SSH Server
	#tasksel tasksel/skip-tasks standard, server, laptop
	d-i pkgsel/include string openssh-server screen vim-nox aptitude python sudo
	# Ei paiviteta viela
	d-i pkgsel/upgrade select none

	d-i pkgsel/updatedb boolean false

	popularity-contest popularity-contest/participate boolean false

	d-i apt-setup/non-free boolean true
	d-i apt-setup/contrib boolean true

	d-i apt-setup/services-select multiselect security, volatile
	d-i apt-setup/security_host string security.debian.org
	d-i apt-setup/volatile_host string volatile.debian.org


	### Misc options
	# Disable that annoying WEP key dialog.
	d-i netcfg/wireless_wep string
	# Allow non-free firmware
	d-i hw-detect/load_firmware boolean true
	# Avoid that last message about the install being complete.
	d-i finish-install/reboot_in_progress note

	d-i preseed/late_command string cp -pr /tmp/preserve /target/tmp/ ; wget -O /target/root/post.sh -q "http://$MYIP/debian-post.sh" ; in-target sh /root/post.sh ; rm /target/root/post.sh
	EOF


	cat > /var/www/html/debian-post.sh <<EOT
	#!/bin/bash

	apt-get install --no-install-recommends -y lsb-release openssh-server sudo

	mkdir -p /root/.ssh
	chmod 700 /root/.ssh

	cat >> /root/.ssh/authorized_keys <<EOF
	YOUR_SSH_KEY_HERE!!!!!
	EOF

	chmod 600 /root/.ssh/authorized_keys
	EOT

	sed -i'' -e 's#TFTP_DIRECTORY=.*#TFTP_DIRECTORY="/srv/tftp"#' -e 's#TFTP_ADDRESS="'$MYIP':69"#' /etc/default/tftpd-hpa

	mv /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.orig

	cat > /etc/dhcp/dhcpd.conf <<EOF
	ddns-update-style none;

	option domain-name "pxe.install";
	option domain-name-servers 8.8.8.8,8.8.4.4;

	default-lease-time 600;
	max-lease-time 7200;
	authoritative;

	log-facility local7;

	allow booting;

	subnet 10.66.6.0 netmask 255.255.255.0 {
	range 10.66.6.100 10.66.6.200;
	option routers 10.66.6.1;
	filename "pxelinux.0";
	next-server $MYIP;
	}
	EOF

	sed -i'' -e 's#INTERFACES=.*#INTERFACES="'$MYINTERFACE'"#' /etc/default/isc-dhcp-server

	systemctl restart isc-dhcp-server

	# Setup nat and input rules
	export OUTERFACE="$(netstat -nr \|egrep "^0.0.0.0" \|awk '{print $8}')"
	iptables -t nat -A POSTROUTING -o "$OUTERFACE" -j MASQUERADE
	iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
	iptables -A FORWARD -i "$MYINTERFACE" -o "$OUTERFACE" -j ACCEPT

	iptables -A INPUT -i "$MYINTERFACE" -j ACCEPT

	sysclt -w net.ipv4.ip_forward=1

	echo done
	#!/bin/bash

	set -x

	TFTPROOT=/srv/tftpboot

	wget http://ftp.fi.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/bootnetx64.efi -O ${TFTPROOT}/debian-installer/amd64/bootnetx64.efi
	wget http://ftp.fi.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/linux -O ${TFTPROOT}/debian-installer/amd64/linux
	wget http://ftp.fi.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/pxelinux.0 -O ${TFTPROOT}/debian-installer/amd64/pxelinux.0

	# Patch non free firmware
	wget http://cdimage.debian.org/cdimage/unofficial/non-free/firmware/stable/current/firmware.tar.gz -O /tmp/stable_firmware.tar.gz
	wget http://ftp.fi.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz -O /tmp/stable_initrd_orig.gz
	rm -r /tmp/stable_firmware
	mkdir /tmp/stable_firmware
	tar -C /tmp/stable_firmware -zxf /tmp/stable_firmware.tar.gz

	cd /tmp/stable_firmware
	for i in *.deb
	do
	dpkg -x $i pallo
	cd pallo
	pax -x sv4cpio -s '%lib%/lib%' -w lib \| gzip -c >> ../firmware.gz
	cd ..
	done
	# TODO unpack per deb
	cat /tmp/stable_initrd_orig.gz /tmp/stable_firmware/firmware.gz > /tmp/stable_initrd.gz

	mv /tmp/stable_initrd.gz ${TFTPROOT}/debian-installer/amd64/initrd.gz