ubaidulislam · June 21, 2022 20:20
diff --git a/preseed.cfg b/preseed.cfg
 #_preseed_V1

 # Debian Ansible Server Preseed File
 # Author: keybase.io/ubzy
 # Targeted for: Debian 11 Bullseye
 # Short link: https://git.io/fjiG3

 ### Localization
 d-i debian-installer/language string en
 d-i debian-installer/country string GB
 d-i debian-installer/locale string en_GB.UTF-8

 # Keyboard selection.
 d-i keyboard-configuration/xkb-keymap select gb
 d-i keyboard-configuration/modelcode gb

 ### Network configuration
 d-i netcfg/choose_interface select auto

 # If non-free firmware is needed for the network or other hardware, you can
 # configure the installer to always try to load it, without prompting. Or
 # change to false to disable asking.
 d-i hw-detect/load_firmware boolean true

 ### Mirror settings
 # If you select ftp, the mirror/country string does not need to be set.
 d-i mirror/protocol string ftp.uk.debian.org

 ### Account setup
 # Skip creation of a root account (normal user account will be able to use sudo).
 d-i passwd/root-login boolean false
 # Alternatively, to skip creation of a normal user account.
 #d-i passwd/make-user boolean false

 # To create a normal user account.
 d-i passwd/user-fullname string ansible
 d-i passwd/username string ansible
 d-i passwd/user-password-crypted password $6$hO9YIYfF8ZoH$svXan1M9lzBYNBDXjGy6STht.ldNVjwVci3lygRjrUs0RYrF5SpwuWJJD.TRM.6lIkpy0.g0LrEnjYdLV/KwS.
 # Create the first user with the specified UID instead of the default.
 #d-i passwd/user-uid string 1010

 # The user account will be added to some standard initial groups. To
 # override that, use this.
 #d-i passwd/user-default-groups string audio cdrom video

 ### Clock and time zone setup
 # Controls whether or not the hardware clock is set to UTC.
 d-i clock-setup/utc boolean true

 # You may set this to any valid setting for $TZ; see the contents of
 # /usr/share/zoneinfo/ for valid values.
 d-i time/zone string Europe/London

 # Controls whether to use NTP to set the clock during the install
 d-i clock-setup/ntp boolean true
 # NTP server to use. The default is almost always fine here.
 #d-i clock-setup/ntp-server string ntp.example.com

 ### Partitioning
 d-i partman-auto/method string lvm
 d-i partman-auto-lvm/guided_size string max
 d-i partman-lvm/device_remove_lvm boolean true
 d-i partman-md/device_remove_md boolean true
 d-i partman-lvm/confirm boolean true
 d-i partman-lvm/confirm_nooverwrite boolean true
 d-i partman-auto/choose_recipe select atomic
 d-i partman-partitioning/confirm_write_new_label boolean true
 d-i partman/choose_partition select finish
 d-i partman/confirm boolean true
 d-i partman/confirm_nooverwrite boolean true
 d-i partman-efi/non_efi_system boolean true
 d-i partman-partitioning/choose_label string gpt
 d-i partman-partitioning/default_label string gpt

 # When disk encryption is enabled, skip wiping the partitions beforehand.
 #d-i partman-auto-crypto/erase_disks boolean false

 # This makes partman automatically partition without confirmation.
 d-i partman-md/confirm boolean true
 d-i partman-partitioning/confirm_write_new_label boolean true
 d-i partman/choose_partition select finish
 d-i partman/confirm boolean true
 d-i partman/confirm_nooverwrite boolean true

 ### Base system installation
 # Configure APT to not install recommended packages by default. Use of this
 # option can result in an incomplete system and should only be used by very
 # experienced users.
 d-i base-installer/install-recommends boolean false
 d-i apt-setup/services-select multiselect security, updates
 d-i apt-setup/security_host string security.debian.org

 ### Package selection
 tasksel tasksel/first multiselect standard

 # Individual additional packages to install
 d-i pkgsel/include string openssh-server sudo
 d-i pkgsel/upgrade select full-upgrade

 # Some versions of the installer can report back on what software you have
 # installed, and what software you use. The default is not to report back,
 # but sending reports helps the project determine what software is most
 # popular and should be included on the first CD/DVD.
 popularity-contest popularity-contest/participate boolean false

 ### Boot loader installation
 # Grub is the boot loader (for x86).

 # This is fairly safe to set, it makes grub install automatically to the UEFI
 # partition/boot record if no other operating system is detected on the machine.
 d-i grub-installer/only_debian boolean true

 # This one makes grub-installer install to the UEFI partition/boot record, if
 # it also finds some other OS, which is less safe as it might not be able to
 # boot that other OS.
 d-i grub-installer/with_other_os boolean true

 # Due notably to potential USB sticks, the location of the primary drive can
 # not be determined safely in general, so this needs to be specified:
 #d-i grub-installer/bootdev  string /dev/sda
 # To install to the primary device (assuming it is not a USB stick):
 d-i grub-installer/bootdev  string default

 # Avoid that last message about the install being complete.
 d-i finish-install/reboot_in_progress note

 #### Advanced options
 d-i preseed/late_command string \
 in-target sh -c "mkdir -p /root/.ssh ; \
 wget -O /root/.ssh/authorized_keys https://github.com/ubzyhd.keys ; \
 sed -i '/#PermitRootLogin prohibit-password/c PermitRootLogin prohibit-password' /etc/ssh/sshd_config ; \
 sed -i '/#PubkeyAuthentication yes/c PubkeyAuthentication yes' /etc/ssh/sshd_config ; \
 sed -i '/GRUB_TIMEOUT=5/c GRUB_TIMEOUT=2' /etc/default/grub; update-grub ;"
	#_preseed_V1

	# Debian Ansible Server Preseed File
	# Author: keybase.io/ubzy
	# Targeted for: Debian 11 Bullseye
	# Short link: https://git.io/fjiG3

	### Localization
	d-i debian-installer/language string en
	d-i debian-installer/country string GB
	d-i debian-installer/locale string en_GB.UTF-8

	# Keyboard selection.
	d-i keyboard-configuration/xkb-keymap select gb
	d-i keyboard-configuration/modelcode gb

	### Network configuration
	d-i netcfg/choose_interface select auto

	# If non-free firmware is needed for the network or other hardware, you can
	# configure the installer to always try to load it, without prompting. Or
	# change to false to disable asking.
	d-i hw-detect/load_firmware boolean true

	### Mirror settings
	# If you select ftp, the mirror/country string does not need to be set.
	d-i mirror/protocol string ftp.uk.debian.org

	### Account setup
	# Skip creation of a root account (normal user account will be able to use sudo).
	d-i passwd/root-login boolean false
	# Alternatively, to skip creation of a normal user account.
	#d-i passwd/make-user boolean false

	# To create a normal user account.
	d-i passwd/user-fullname string ansible
	d-i passwd/username string ansible
	d-i passwd/user-password-crypted password $6$hO9YIYfF8ZoH$svXan1M9lzBYNBDXjGy6STht.ldNVjwVci3lygRjrUs0RYrF5SpwuWJJD.TRM.6lIkpy0.g0LrEnjYdLV/KwS.
	# Create the first user with the specified UID instead of the default.
	#d-i passwd/user-uid string 1010

	# The user account will be added to some standard initial groups. To
	# override that, use this.
	#d-i passwd/user-default-groups string audio cdrom video

	### Clock and time zone setup
	# Controls whether or not the hardware clock is set to UTC.
	d-i clock-setup/utc boolean true

	# You may set this to any valid setting for $TZ; see the contents of
	# /usr/share/zoneinfo/ for valid values.
	d-i time/zone string Europe/London

	# Controls whether to use NTP to set the clock during the install
	d-i clock-setup/ntp boolean true
	# NTP server to use. The default is almost always fine here.
	#d-i clock-setup/ntp-server string ntp.example.com

	### Partitioning
	d-i partman-auto/method string lvm
	d-i partman-auto-lvm/guided_size string max
	d-i partman-lvm/device_remove_lvm boolean true
	d-i partman-md/device_remove_md boolean true
	d-i partman-lvm/confirm boolean true
	d-i partman-lvm/confirm_nooverwrite boolean true
	d-i partman-auto/choose_recipe select atomic
	d-i partman-partitioning/confirm_write_new_label boolean true
	d-i partman/choose_partition select finish
	d-i partman/confirm boolean true
	d-i partman/confirm_nooverwrite boolean true
	d-i partman-efi/non_efi_system boolean true
	d-i partman-partitioning/choose_label string gpt
	d-i partman-partitioning/default_label string gpt

	# When disk encryption is enabled, skip wiping the partitions beforehand.
	#d-i partman-auto-crypto/erase_disks boolean false

	# This makes partman automatically partition without confirmation.
	d-i partman-md/confirm boolean true
	d-i partman-partitioning/confirm_write_new_label boolean true
	d-i partman/choose_partition select finish
	d-i partman/confirm boolean true
	d-i partman/confirm_nooverwrite boolean true

	### Base system installation
	# Configure APT to not install recommended packages by default. Use of this
	# option can result in an incomplete system and should only be used by very
	# experienced users.
	d-i base-installer/install-recommends boolean false
	d-i apt-setup/services-select multiselect security, updates
	d-i apt-setup/security_host string security.debian.org

	### Package selection
	tasksel tasksel/first multiselect standard

	# Individual additional packages to install
	d-i pkgsel/include string openssh-server sudo
	d-i pkgsel/upgrade select full-upgrade

	# Some versions of the installer can report back on what software you have
	# installed, and what software you use. The default is not to report back,
	# but sending reports helps the project determine what software is most
	# popular and should be included on the first CD/DVD.
	popularity-contest popularity-contest/participate boolean false

	### Boot loader installation
	# Grub is the boot loader (for x86).

	# This is fairly safe to set, it makes grub install automatically to the UEFI
	# partition/boot record if no other operating system is detected on the machine.
	d-i grub-installer/only_debian boolean true

	# This one makes grub-installer install to the UEFI partition/boot record, if
	# it also finds some other OS, which is less safe as it might not be able to
	# boot that other OS.
	d-i grub-installer/with_other_os boolean true

	# Due notably to potential USB sticks, the location of the primary drive can
	# not be determined safely in general, so this needs to be specified:
	#d-i grub-installer/bootdev string /dev/sda
	# To install to the primary device (assuming it is not a USB stick):
	d-i grub-installer/bootdev string default

	# Avoid that last message about the install being complete.
	d-i finish-install/reboot_in_progress note

	#### Advanced options
	d-i preseed/late_command string \
	in-target sh -c "mkdir -p /root/.ssh ; \
	wget -O /root/.ssh/authorized_keys https://github.com/ubzyhd.keys ; \
	sed -i '/#PermitRootLogin prohibit-password/c PermitRootLogin prohibit-password' /etc/ssh/sshd_config ; \
	sed -i '/#PubkeyAuthentication yes/c PubkeyAuthentication yes' /etc/ssh/sshd_config ; \
	sed -i '/GRUB_TIMEOUT=5/c GRUB_TIMEOUT=2' /etc/default/grub; update-grub ;"