Last active
March 29, 2024 13:02
-
-
Save annttu/a5b9a57bf03bfc1361ea806fa1bdd116 to your computer and use it in GitHub Desktop.
Debian PXE install
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Setup Debian PXEinstall environment | |
export MYIP=10.66.6.1 # TODO: Setup this | |
export MYINTERFACE=$(netstat -ie | grep -B1 "$MYIP" | head -n1 | awk '{print $1}') | |
if [ -z "$MYINTERFACE" ] | |
then | |
echo "Setup ip $MYIP first" | |
exit 1 | |
fi | |
apt-get install --no-install-recommends -y tftpd-hpa isc-dhcp-server nginx | |
mkdir /srv/tftp | |
cd /srv/tftp | |
wget http://ftp.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/netboot.tar.gz | |
tar -xf netboot.tar.gz | |
rm netboot.tar.gz | |
cat > debian-installer/amd64/boot-screens/txt.cfg <<EOF | |
default preseed-install | |
label preseed-install | |
menu label ^Preseed Install | |
menu default | |
kernel debian-installer/amd64/linux | |
initrd debian-installer/amd64/initrd.gz | |
append vga=788 nofb nomodeset auto=true priority=critical url=http://$MYIP/preseed console-setup/layoutcode=fi interface=auto | |
label install | |
menu label ^Install | |
menu default | |
kernel debian-installer/amd64/linux | |
append vga=788 initrd=debian-installer/amd64/initrd.gz --- quiet | |
EOF | |
cat > /var/www/html/preseed <<EOF | |
d-i debian-installer/locale string en_US.UTF-8 | |
d-i keymap select fi | |
d-i debian-installer/language string en | |
d-i keyboard-configuration/xkb-keymap select fi | |
d-i debian-installer/country string FI | |
d-i console-setup/ask_detect boolean false | |
d-i console-setup/layoutcode string fi | |
d-i clock-setup/utc boolean true | |
d-i time/zone string Europe/Helsinki | |
d-i netcfg/dhcp_timeout string 10 | |
d-i netcfg/dhcpv6_timeout string 2 | |
base-config apt-setup/non-free boolean true | |
d-i mirror/country string manual | |
d-i mirror/http/hostname string ftp.fi.debian.org | |
d-i mirror/http/directory string /debian | |
d-i mirror/http/proxy string | |
d-i passwd/root-login boolean true | |
d-i passwd/make-user boolean false | |
# clock is set to UTC | |
d-i clock-setup/utc boolean true | |
# timezone is EET | |
d-i time/zone string EET | |
# use ntp to setup clock | |
d-i clock-setup/ntp boolean true | |
# install base system | |
d-i base-installer/install-recommends boolean false | |
# Ei standard systeemiä! | |
#tasksel tasksel/first multiselect manual | |
#tasksel/skip-tasks multiselect server, standard, laptop | |
tasksel tasksel/tasks multiselect | |
tasksel tasksel/first multiselect SSH Server | |
#tasksel tasksel/skip-tasks standard, server, laptop | |
d-i pkgsel/include string openssh-server screen vim-nox aptitude python sudo | |
# Ei paiviteta viela | |
d-i pkgsel/upgrade select none | |
d-i pkgsel/updatedb boolean false | |
popularity-contest popularity-contest/participate boolean false | |
d-i apt-setup/non-free boolean true | |
d-i apt-setup/contrib boolean true | |
d-i apt-setup/services-select multiselect security, volatile | |
d-i apt-setup/security_host string security.debian.org | |
d-i apt-setup/volatile_host string volatile.debian.org | |
### Misc options | |
# Disable that annoying WEP key dialog. | |
d-i netcfg/wireless_wep string | |
# Allow non-free firmware | |
d-i hw-detect/load_firmware boolean true | |
# Avoid that last message about the install being complete. | |
d-i finish-install/reboot_in_progress note | |
d-i preseed/late_command string cp -pr /tmp/preserve /target/tmp/ ; wget -O /target/root/post.sh -q "http://$MYIP/debian-post.sh" ; in-target sh /root/post.sh ; rm /target/root/post.sh | |
EOF | |
cat > /var/www/html/debian-post.sh <<EOT | |
#!/bin/bash | |
apt-get install --no-install-recommends -y lsb-release openssh-server sudo | |
mkdir -p /root/.ssh | |
chmod 700 /root/.ssh | |
cat >> /root/.ssh/authorized_keys <<EOF | |
YOUR_SSH_KEY_HERE!!!!! | |
EOF | |
chmod 600 /root/.ssh/authorized_keys | |
EOT | |
sed -i'' -e 's#TFTP_DIRECTORY=.*#TFTP_DIRECTORY="/srv/tftp"#' -e 's#TFTP_ADDRESS="'$MYIP':69"#' /etc/default/tftpd-hpa | |
mv /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.orig | |
cat > /etc/dhcp/dhcpd.conf <<EOF | |
ddns-update-style none; | |
option domain-name "pxe.install"; | |
option domain-name-servers 8.8.8.8,8.8.4.4; | |
default-lease-time 600; | |
max-lease-time 7200; | |
authoritative; | |
log-facility local7; | |
allow booting; | |
subnet 10.66.6.0 netmask 255.255.255.0 { | |
range 10.66.6.100 10.66.6.200; | |
option routers 10.66.6.1; | |
filename "pxelinux.0"; | |
next-server $MYIP; | |
} | |
EOF | |
sed -i'' -e 's#INTERFACES=.*#INTERFACES="'$MYINTERFACE'"#' /etc/default/isc-dhcp-server | |
systemctl restart isc-dhcp-server | |
# Setup nat and input rules | |
export OUTERFACE="$(netstat -nr |egrep "^0.0.0.0" |awk '{print $8}')" | |
iptables -t nat -A POSTROUTING -o "$OUTERFACE" -j MASQUERADE | |
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT | |
iptables -A FORWARD -i "$MYINTERFACE" -o "$OUTERFACE" -j ACCEPT | |
iptables -A INPUT -i "$MYINTERFACE" -j ACCEPT | |
sysclt -w net.ipv4.ip_forward=1 | |
echo done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -x | |
TFTPROOT=/srv/tftpboot | |
wget http://ftp.fi.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/bootnetx64.efi -O ${TFTPROOT}/debian-installer/amd64/bootnetx64.efi | |
wget http://ftp.fi.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/linux -O ${TFTPROOT}/debian-installer/amd64/linux | |
wget http://ftp.fi.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/pxelinux.0 -O ${TFTPROOT}/debian-installer/amd64/pxelinux.0 | |
# Patch non free firmware | |
wget http://cdimage.debian.org/cdimage/unofficial/non-free/firmware/stable/current/firmware.tar.gz -O /tmp/stable_firmware.tar.gz | |
wget http://ftp.fi.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz -O /tmp/stable_initrd_orig.gz | |
rm -r /tmp/stable_firmware | |
mkdir /tmp/stable_firmware | |
tar -C /tmp/stable_firmware -zxf /tmp/stable_firmware.tar.gz | |
cd /tmp/stable_firmware | |
for i in *.deb | |
do | |
dpkg -x $i pallo | |
cd pallo | |
pax -x sv4cpio -s '%lib%/lib%' -w lib | gzip -c >> ../firmware.gz | |
cd .. | |
done | |
# TODO unpack per deb | |
cat /tmp/stable_initrd_orig.gz /tmp/stable_firmware/firmware.gz > /tmp/stable_initrd.gz | |
mv /tmp/stable_initrd.gz ${TFTPROOT}/debian-installer/amd64/initrd.gz | |
This was copied from functional script back in 2016 but Debian installer haven't changed a lot after that so this might work without modifications or with minor tweaks.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
is this script fully functional i would like to use it