preseed.cfg

#_preseed_V1

# Debian Ansible Server Preseed File
# Author: keybase.io/ubzy
# Targeted for: Debian 11 Bullseye
# Short link: https://git.io/fjiG3

### Localization
d-i debian-installer/language string en
d-i debian-installer/country string GB
d-i debian-installer/locale string en_GB.UTF-8

# Keyboard selection.
d-i keyboard-configuration/xkb-keymap select gb
d-i keyboard-configuration/modelcode gb

### Network configuration
d-i netcfg/choose_interface select auto

# If non-free firmware is needed for the network or other hardware, you can
# configure the installer to always try to load it, without prompting. Or
# change to false to disable asking.
d-i hw-detect/load_firmware boolean true

### Mirror settings
# If you select ftp, the mirror/country string does not need to be set.
d-i mirror/protocol string ftp.uk.debian.org

### Account setup
# Skip creation of a root account (normal user account will be able to use sudo).
d-i passwd/root-login boolean false
# Alternatively, to skip creation of a normal user account.
#d-i passwd/make-user boolean false

# To create a normal user account.
d-i passwd/user-fullname string ansible
d-i passwd/username string ansible
d-i passwd/user-password-crypted password $6$hO9YIYfF8ZoH$svXan1M9lzBYNBDXjGy6STht.ldNVjwVci3lygRjrUs0RYrF5SpwuWJJD.TRM.6lIkpy0.g0LrEnjYdLV/KwS.
# Create the first user with the specified UID instead of the default.
#d-i passwd/user-uid string 1010

# The user account will be added to some standard initial groups. To
# override that, use this.
#d-i passwd/user-default-groups string audio cdrom video

### Clock and time zone setup
# Controls whether or not the hardware clock is set to UTC.
d-i clock-setup/utc boolean true

# You may set this to any valid setting for $TZ; see the contents of
# /usr/share/zoneinfo/ for valid values.
d-i time/zone string Europe/London

# Controls whether to use NTP to set the clock during the install
d-i clock-setup/ntp boolean true
# NTP server to use. The default is almost always fine here.
#d-i clock-setup/ntp-server string ntp.example.com

### Partitioning
d-i partman-auto/method string lvm
d-i partman-auto-lvm/guided_size string max
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-auto/choose_recipe select atomic
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman-efi/non_efi_system boolean true
d-i partman-partitioning/choose_label string gpt
d-i partman-partitioning/default_label string gpt

# When disk encryption is enabled, skip wiping the partitions beforehand.
#d-i partman-auto-crypto/erase_disks boolean false

# This makes partman automatically partition without confirmation.
d-i partman-md/confirm boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true

### Base system installation
# Configure APT to not install recommended packages by default. Use of this
# option can result in an incomplete system and should only be used by very
# experienced users.
d-i base-installer/install-recommends boolean false
d-i apt-setup/services-select multiselect security, updates
d-i apt-setup/security_host string security.debian.org

### Package selection
tasksel tasksel/first multiselect standard

# Individual additional packages to install
d-i pkgsel/include string openssh-server sudo
d-i pkgsel/upgrade select full-upgrade

# Some versions of the installer can report back on what software you have
# installed, and what software you use. The default is not to report back,
# but sending reports helps the project determine what software is most
# popular and should be included on the first CD/DVD.
popularity-contest popularity-contest/participate boolean false

### Boot loader installation
# Grub is the boot loader (for x86).

# This is fairly safe to set, it makes grub install automatically to the UEFI
# partition/boot record if no other operating system is detected on the machine.
d-i grub-installer/only_debian boolean true

# This one makes grub-installer install to the UEFI partition/boot record, if
# it also finds some other OS, which is less safe as it might not be able to
# boot that other OS.
d-i grub-installer/with_other_os boolean true

# Due notably to potential USB sticks, the location of the primary drive can
# not be determined safely in general, so this needs to be specified:
#d-i grub-installer/bootdev  string /dev/sda
# To install to the primary device (assuming it is not a USB stick):
d-i grub-installer/bootdev  string default

# Avoid that last message about the install being complete.
d-i finish-install/reboot_in_progress note

#### Advanced options
d-i preseed/late_command string \
in-target sh -c "mkdir -p /root/.ssh ; \
wget -O /root/.ssh/authorized_keys https://github.com/ubzyhd.keys ; \
sed -i '/#PermitRootLogin prohibit-password/c PermitRootLogin prohibit-password' /etc/ssh/sshd_config ; \
sed -i '/#PubkeyAuthentication yes/c PubkeyAuthentication yes' /etc/ssh/sshd_config ; \
sed -i '/GRUB_TIMEOUT=5/c GRUB_TIMEOUT=2' /etc/default/grub; update-grub ;"