vrillusions/_README.mkd

## _README.mkd

      
    Raw
  

              _README.mkd
            
          
    December 13, 2016 - This gist has been moved to a dedicated github repo, https://github.com/vrillusions/ubuntu-kickstart, no more updates will be posted to this gist.

  
## ks-1404minimalvm.cfg
#
#Generic Kickstart template for Ubuntu
#Platform: x86 and x86-64
#
# Customized for Server 14.04 minimal vm install
#
# Usage:
# - Look through config for any changes you want to do. You may want to change
#   the initial admin user. Currently username is ubuntu and password is
#   ChangeMe. Also may want to change the list of installed packages. Tried to
#   keep it as minimal as possible.
# - Place this somewhere that the vm will be able to see. Web server on LAN
#   would work best.
# - OPTIONAL: If you are going to make a bunch of these then may want to setup
#   a local apt proxy. Install apt-cacher-ng on some system and edit the line
#   below.
# - Create a vm with 8gb drive. You can make a larger one but should have 8
#   minimum. Also tip for people setting up in vmware the kernel has support
#   for VMXNET3 compiled in so you can use it for initial install.
# - Boot up from iso.
# - Hit F4 and choose 'Install a minimal virtual machine'
#   - This is required even though we set it below.
# - Press F6 and hit escape so you edit the boot line. Add the following to the
#   end before the --. For example if you did include the '--' the end of boot
#   line would be:
#
#       ks=http://your-server.example.com/ks-minimalvm.cfg --
#
# - That's it! It will grab an ip via dhcp on eth0 and setup the system.
#
# Tweaks:
# - Some people would argue I made too many partitions. Feel free to adjust if
#   you set things up differently. I highly recommend at least a /var and /home
#   to make sure neither of those filling up will halt the whole system.
# - After partitioning with an 8gb volume you'll have about 1gb left in lvm to
#   either expand one of the existing vms or to add a new partition. Again my
#   suggesting is a second drive for /opt and/or /srv. If you mess up the OS
#   you can unmount the second drive and mount it on a new vm that has the OS
#   rebuilt on it.
# - The post script adds the noatime,nodev to options. In some circumstances
#   you need the access time (most common use is the mail spool to know when
#   you last checked for mail). In those instances you may want to change it to
#   relatime for home and/or var.
# - The post script will set the default umask from 022 to 027. This means
#   files created will not be world-readable. This is good to have for security
#   but if you don't want that comment it out.
#
# License:
# I'm pretty sure this falls under being so small it's not copyrightable but
# just in case anyone is worried I am licensing this under creative commons
# CC-0 (public domain), the full license text is availabe at
# https://creativecommons.org/publicdomain/zero/1.0/
#
# References:
# - http://petersmithphotog.no-ip.biz/wiki/index.php/Unattended_Install
# - https://help.ubuntu.com/14.04/installation-guide/amd64/ch04s06.html

# Load the minimal server preseed off cdrom
# This should be done when you follow directions above
preseed preseed/file=/cdrom/preseed/ubuntu-server-minimalvm.seed

# Use proxy. Install apt-cacher-ng somewhere. Uncomment this and adjust the
# url as appropriate (default port is 3142)
#preseed mirror/http/proxy string http://192.168.1.2:3142/

# System language
lang en_US

# Language modules to install
langsupport en_US

# System keyboard
keyboard us

# System mouse
mouse

# System timezone
timezone America/New_York

# Root password
rootpw --disabled

# Initial user (will have sudo so no need for root)
#user jdoe --fullname "John Doe" --password hunter2
user ubuntu --fullname "Ubuntu User" --password ChangeMe

# Reboot after installation
reboot

# Use text mode install
text

# Install OS instead of upgrade
install

# Installation media
cdrom

# Ignore errors about unmounting current drive (happens if reinstalling)
# BUG: this just seems to default the selection to yes?
# Both without owner:
#preseed partman/unmount_active boolean true
# And with owner:
#preseed --owner partman-base partman/unmount_active boolean true
# When I run the debconf-get-selections --installer it shows the owner as unknown

# System bootloader configuration
bootloader --location=mbr

# Clear the Master Boot Record
zerombr yes

# Partition clearing information
clearpart --all --initlabel

# Advanced partition
# The last lv specified will take up the remaining space of the vg. To get
# around that add up all your disk sizes and set this value. It appears to
# factor in the size of non lvm partitions as well.
preseed partman-auto-lvm/guided_size string 7680MB
part /boot --fstype=ext4 --size=512 --asprimary
part pv.1 --grow --size=1 --asprimary
volgroup vg0 --pesize=4096 pv.1
logvol / --fstype=ext4 --name=root --vgname=vg0 --size=1024
logvol /usr --fstype=ext4 --name=usr --vgname=vg0 --size=2048
logvol /var --fstype=ext4 --name=var --vgname=vg0 --size=1536
logvol swap --name=swap --vgname=vg0 --size=2048 --maxsize=2048
logvol /home --fstype=ext4 --name=home --vgname=vg0 --size=512

# Don't install recommended items by default
preseed base-installer/install-recommends boolean false

# System authorization infomation
# The enablemd5 has to be there although it will still use salted sha256
auth  --useshadow  --enablemd5

# Network information
network --bootproto=dhcp --device=eth0

# Firewall configuration
firewall --disabled --trust=eth0 --ssh


# Policy for applying updates. May be "none" (no automatic updates),
# "unattended-upgrades" (install security updates automatically), or
# "landscape" (manage system with Landscape).
preseed pkgsel/update-policy select unattended-upgrades

# Do not configure the X Window System
skipx

# Additional packages to install
# - Uncomment the open-vm-tools line if this is going to run in vmware and are
#   not going to use vmware-tools that's distributed with it. Don't think the
#   --no-install-recommends is needed to not install desktop tools but doesn't
#   hurt anything
%packages
# Since I don't install recommended it leaves out some things that should
# probably be installed like openssl and python 2.7
ca-certificates
openssl
python
wget
tcpd
# End all the recommended packages that are still useful
openssh-server
#open-vm-tools --no-install-recommends
curl
screen
vim


%post
# Why vim doens't just set background=dark by default is beyond me
echo "set background=dark" >>/etc/vim/vimrc.local

# Change default umask from 022 to 027 (not world readable). Remove this line
# if you don't want that
sed -i -e 's/^\(UMASK\W*\)[0-9]\+$/\1027/' /etc/login.defs

# Add noatime to /etc/fstab
sed -i -e 's/\(errors=remount-ro\)/noatime,\1/' /etc/fstab
sed -i -e 's/\(boot.*defaults\)/\1,noatime,nodev/' /etc/fstab
sed -i -e 's/\(home.*defaults\)/\1,noatime,nodev/' /etc/fstab
sed -i -e 's/\(usr.*defaults\)/\1,noatime,nodev/' /etc/fstab
# Not 100% sure if /var can be nodev
sed -i -e 's/\(var.*defaults\)/\1,noatime,nodev/' /etc/fstab

# Clean up
apt-get -qq -y autoremove
apt-get clean
rm -f /var/cache/apt/*cache.bin
rm -f /var/lib/apt/lists/*
	#
	#Generic Kickstart template for Ubuntu
	#Platform: x86 and x86-64
	#
	# Customized for Server 14.04 minimal vm install
	#
	# Usage:
	# - Look through config for any changes you want to do. You may want to change
	# the initial admin user. Currently username is ubuntu and password is
	# ChangeMe. Also may want to change the list of installed packages. Tried to
	# keep it as minimal as possible.
	# - Place this somewhere that the vm will be able to see. Web server on LAN
	# would work best.
	# - OPTIONAL: If you are going to make a bunch of these then may want to setup
	# a local apt proxy. Install apt-cacher-ng on some system and edit the line
	# below.
	# - Create a vm with 8gb drive. You can make a larger one but should have 8
	# minimum. Also tip for people setting up in vmware the kernel has support
	# for VMXNET3 compiled in so you can use it for initial install.
	# - Boot up from iso.
	# - Hit F4 and choose 'Install a minimal virtual machine'
	# - This is required even though we set it below.
	# - Press F6 and hit escape so you edit the boot line. Add the following to the
	# end before the --. For example if you did include the '--' the end of boot
	# line would be:
	#
	# ks=http://your-server.example.com/ks-minimalvm.cfg --
	#
	# - That's it! It will grab an ip via dhcp on eth0 and setup the system.
	#
	# Tweaks:
	# - Some people would argue I made too many partitions. Feel free to adjust if
	# you set things up differently. I highly recommend at least a /var and /home
	# to make sure neither of those filling up will halt the whole system.
	# - After partitioning with an 8gb volume you'll have about 1gb left in lvm to
	# either expand one of the existing vms or to add a new partition. Again my
	# suggesting is a second drive for /opt and/or /srv. If you mess up the OS
	# you can unmount the second drive and mount it on a new vm that has the OS
	# rebuilt on it.
	# - The post script adds the noatime,nodev to options. In some circumstances
	# you need the access time (most common use is the mail spool to know when
	# you last checked for mail). In those instances you may want to change it to
	# relatime for home and/or var.
	# - The post script will set the default umask from 022 to 027. This means
	# files created will not be world-readable. This is good to have for security
	# but if you don't want that comment it out.
	#
	# License:
	# I'm pretty sure this falls under being so small it's not copyrightable but
	# just in case anyone is worried I am licensing this under creative commons
	# CC-0 (public domain), the full license text is availabe at
	# https://creativecommons.org/publicdomain/zero/1.0/
	#
	# References:
	# - http://petersmithphotog.no-ip.biz/wiki/index.php/Unattended_Install
	# - https://help.ubuntu.com/14.04/installation-guide/amd64/ch04s06.html

	# Load the minimal server preseed off cdrom
	# This should be done when you follow directions above
	preseed preseed/file=/cdrom/preseed/ubuntu-server-minimalvm.seed

	# Use proxy. Install apt-cacher-ng somewhere. Uncomment this and adjust the
	# url as appropriate (default port is 3142)
	#preseed mirror/http/proxy string http://192.168.1.2:3142/

	# System language
	lang en_US

	# Language modules to install
	langsupport en_US

	# System keyboard
	keyboard us

	# System mouse
	mouse

	# System timezone
	timezone America/New_York

	# Root password
	rootpw --disabled

	# Initial user (will have sudo so no need for root)
	#user jdoe --fullname "John Doe" --password hunter2
	user ubuntu --fullname "Ubuntu User" --password ChangeMe

	# Reboot after installation
	reboot

	# Use text mode install
	text

	# Install OS instead of upgrade
	install

	# Installation media
	cdrom

	# Ignore errors about unmounting current drive (happens if reinstalling)
	# BUG: this just seems to default the selection to yes?
	# Both without owner:
	#preseed partman/unmount_active boolean true
	# And with owner:
	#preseed --owner partman-base partman/unmount_active boolean true
	# When I run the debconf-get-selections --installer it shows the owner as unknown

	# System bootloader configuration
	bootloader --location=mbr

	# Clear the Master Boot Record
	zerombr yes

	# Partition clearing information
	clearpart --all --initlabel

	# Advanced partition
	# The last lv specified will take up the remaining space of the vg. To get
	# around that add up all your disk sizes and set this value. It appears to
	# factor in the size of non lvm partitions as well.
	preseed partman-auto-lvm/guided_size string 7680MB
	part /boot --fstype=ext4 --size=512 --asprimary
	part pv.1 --grow --size=1 --asprimary
	volgroup vg0 --pesize=4096 pv.1
	logvol / --fstype=ext4 --name=root --vgname=vg0 --size=1024
	logvol /usr --fstype=ext4 --name=usr --vgname=vg0 --size=2048
	logvol /var --fstype=ext4 --name=var --vgname=vg0 --size=1536
	logvol swap --name=swap --vgname=vg0 --size=2048 --maxsize=2048
	logvol /home --fstype=ext4 --name=home --vgname=vg0 --size=512

	# Don't install recommended items by default
	preseed base-installer/install-recommends boolean false

	# System authorization infomation
	# The enablemd5 has to be there although it will still use salted sha256
	auth --useshadow --enablemd5

	# Network information
	network --bootproto=dhcp --device=eth0

	# Firewall configuration
	firewall --disabled --trust=eth0 --ssh


	# Policy for applying updates. May be "none" (no automatic updates),
	# "unattended-upgrades" (install security updates automatically), or
	# "landscape" (manage system with Landscape).
	preseed pkgsel/update-policy select unattended-upgrades

	# Do not configure the X Window System
	skipx

	# Additional packages to install
	# - Uncomment the open-vm-tools line if this is going to run in vmware and are
	# not going to use vmware-tools that's distributed with it. Don't think the
	# --no-install-recommends is needed to not install desktop tools but doesn't
	# hurt anything
	%packages
	# Since I don't install recommended it leaves out some things that should
	# probably be installed like openssl and python 2.7
	ca-certificates
	openssl
	python
	wget
	tcpd
	# End all the recommended packages that are still useful
	openssh-server
	#open-vm-tools --no-install-recommends
	curl
	screen
	vim


	%post
	# Why vim doens't just set background=dark by default is beyond me
	echo "set background=dark" >>/etc/vim/vimrc.local

	# Change default umask from 022 to 027 (not world readable). Remove this line
	# if you don't want that
	sed -i -e 's/^\(UMASK\W*\)[0-9]\+$/\1027/' /etc/login.defs

	# Add noatime to /etc/fstab
	sed -i -e 's/\(errors=remount-ro\)/noatime,\1/' /etc/fstab
	sed -i -e 's/\(boot.*defaults\)/\1,noatime,nodev/' /etc/fstab
	sed -i -e 's/\(home.*defaults\)/\1,noatime,nodev/' /etc/fstab
	sed -i -e 's/\(usr.*defaults\)/\1,noatime,nodev/' /etc/fstab
	# Not 100% sure if /var can be nodev
	sed -i -e 's/\(var.*defaults\)/\1,noatime,nodev/' /etc/fstab

	# Clean up
	apt-get -qq -y autoremove
	apt-get clean
	rm -f /var/cache/apt/*cache.bin
	rm -f /var/lib/apt/lists/*