From 9665293dcd73b0ab4a4f3c6d9e71e5e0dc7956a7 Mon Sep 17 00:00:00 2001
From: Raphael Dannecker <raphael.dannecker@steinbeisschule-reutlingen.de>
Date: Fri, 4 Apr 2025 12:26:27 +0200
Subject: [PATCH] Add example inventory and preseeding for debian installer

---
 inventory-sample.yml |   6 ++
 misc/preseed.cfg     | 151 +++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 157 insertions(+)
 create mode 100644 inventory-sample.yml
 create mode 100644 misc/preseed.cfg

diff --git a/inventory-sample.yml b/inventory-sample.yml
new file mode 100644
index 0000000..81b7386
--- /dev/null
+++ b/inventory-sample.yml
@@ -0,0 +1,6 @@
+---
+all:
+  vars:
+    domain: "{{ ansible_domain }}"
+  hosts:
+    localhost:
diff --git a/misc/preseed.cfg b/misc/preseed.cfg
new file mode 100644
index 0000000..cc51ae0
--- /dev/null
+++ b/misc/preseed.cfg
@@ -0,0 +1,151 @@
+#### Preconfiguration file
+##
+##  The following preseeding might be used to install a basic system
+##  completely automatically.
+##
+##  A user 'ansible' is set up and ssh login with public key
+##  authentication is configured.  The idea is to allow further
+##  customization of the system after installation using ansible.
+##
+##  Modify at least the public ssh key in 'authorized_keys' (see
+##  below).
+##
+##  For more examples and comments consult:
+##    https://www.debian.org/releases/stable/example-preseed.txt
+##
+
+## To change default values:
+#d-i foo/bar seen false
+#d-i foo/bar string value
+
+## Useful boot parameters:
+## DEBCONF_DEBUG=5
+## locale?=de_DE
+
+## To set the hostname manually during installation, use priority=high
+## as boot parameter and uncomment this line:
+d-i debconf/priority string critical
+
+## Preseeding only locale sets language, country and locale:
+d-i debian-installer/locale string de_DE
+d-i keyboard-configuration/xkb-keymap select de
+
+## Use hostname assigned by DHCP:
+d-i netcfg/get_hostname string unassigned-hostname
+d-i netcfg/get_domain string unassigned-domain
+
+## Skip root account:
+d-i passwd/root-login boolean false
+
+# If non-free firmware is needed for the network or other hardware, you can
+# configure the installer to always try to load it, without prompting. Or
+# change to false to disable asking.
+#d-i hw-detect/load_firmware boolean true
+
+### Apt setup
+d-i apt-setup/non-free-firmware boolean true
+d-i apt-setup/non-free boolean true
+d-i apt-setup/contrib boolean true
+
+d-i mirror/country string manual
+d-i mirror/http/hostname string deb.debian.org
+d-i mirror/http/directory string /debian
+#d-i mirror/http/proxy string http://10.167.0.253:3142/
+#d-i mirror/http/proxy string http://192.168.1.17:3142/
+#d-i mirror/http/proxy string http://aptcache.steinbeisschule-reutlingen.de:3142/
+d-i mirror/http/proxy string http://aptcache.pn.steinbeis.schule:3142/
+
+# NTP server to use:
+d-i clock-setup/ntp-server string server.pn.steinbeis.schule
+
+### Backports:
+#apt-setup-udeb apt-setup/services-select multiselect security, updates, backports
+apt-setup-udeb apt-setup/services-select multiselect security, updates
+
+### Ansible User
+d-i passwd/user-fullname string Ansible User
+d-i passwd/username string ansible
+d-i passwd/user-password password insecure
+d-i passwd/user-password-again password insecure
+#d-i passwd/user-password-crypted password [crypt(3) hash]
+
+### Do not ask about support for non-efi systems:
+d-i partman-efi/non_efi_system boolean true
+
+### Leave this empty to use the only available hard drive:
+d-i partman-auto/disk string
+#d-i partman-auto/disk string /dev/sdd
+#d-i partman-auto/disk string /dev/vda
+
+### Regular partitions:
+d-i partman-auto/method string regular
+d-i partman-auto/choose_recipe select atomic
+## This makes partman automatically partition without confirmation:
+d-i partman-partitioning/confirm_write_new_label boolean true
+d-i partman/choose_partition select finish
+d-i partman/confirm boolean true
+d-i partman/confirm_nooverwrite boolean true
+
+# ### Enable to set up LVM:
+# d-i partman-auto/method string lvm
+# ## Use only 50% of the available physical volume size and then
+# ## adjust the logical volume sizes later with ansible, if needed:
+# d-i partman-auto-lvm/guided_size PERCENT 50%
+# # If one of the disks that are going to be automatically partitioned
+# # contains an old LVM configuration, the user will normally receive a
+# # warning. This can be preseeded away...
+# d-i partman-lvm/device_remove_lvm boolean true
+# # The same applies to pre-existing software RAID array:
+# d-i partman-md/device_remove_md boolean true
+# # And the same goes for the confirmation to write the lvm partitions.
+# d-i partman-lvm/confirm boolean true
+# d-i partman-lvm/confirm_nooverwrite boolean true
+# # You can choose one of the three predefined partitioning recipes:
+# # - atomic: all files in one partition
+# # - home:   separate /home partition
+# # - multi:  separate /home, /var, and /tmp partitions
+# d-i partman-auto/choose_recipe select multi
+
+# Enable popcon:
+popularity-contest popularity-contest/participate boolean true
+
+### Package selection
+#tasksel tasksel/first multiselect standard, ssh-server, gnome-desktop, print-server
+tasksel tasksel/first multiselect standard, ssh-server, kde-desktop
+
+### Individual additional packages to install
+#d-i pkgsel/include string firmware-linux ansible git
+d-i pkgsel/include string ansible git firmware-linux
+#d-i pkgsel/include string firmware-linux ansible/buster-backports git
+#d-i pkgsel/include string firmware-linux
+
+### GRUB on default disk:
+d-i grub-installer/bootdev string default
+
+### This command is run just before the install finishes:
+d-i preseed/late_command string \
+      if [ -n "$playbook" ] ; then \
+        mkdir -v /target/dev/shm ; \
+        in-target mount -v -t tmpfs tmpfs /dev/shm ; \
+        echo "$vaultpw" > /target/dev/shm/vaultpw ; \
+        in-target ansible-pull --verbose --purge --extra-vars="run_in_installer=true" \
+           --vault-password-file /dev/shm/vaultpw -l localhost \
+           -i inventory_sample.yml --url=https://codeberg.org/DigitalSouveraeneSchule/lmn-client.git -C fvs $playbook ; \
+      fi
+#
+## When installing in combination with ansible-pull,
+## export your ansible playbook like:
+##
+##   git daemon --verbose --export-all \
+##       --base-path=/dir/of/playbook -- /dir/of/playbook
+##
+## Conditions may be applied in the playbook like:
+##    when: run_in_installer|default(false)|bool
+##    when: not run_in_installer|default(false)|bool
+
+### Avoid that last message about the install being complete.
+d-i finish-install/reboot_in_progress note
+
+## Do not modify boot order (netboot first): 
+grub-efi-amd64 grub2/update_nvram boolean false
+##grub-efi-amd64 grub2/force_efi_extra_removable boolean true