緣由

在 P 社, 曾利用 ansible + cobbler 弄了自動重灌, 但想把它 改為 shell script 直接處理, 結果差不多被我弄出來, 完成度大概 90%

準備中

  • 任何 Debian/ubuntu LiveCD iso 檔開機, 或是我自己做的客制化 LiveCD ISO 檔 (客制的, 下一篇再放出來)
  • 準備要安裝的硬碟, 分割如下
    • 只切一個 /
    • 留夠用的 swap, 隨便算
Disklabel type: gpt
Disk identifier: xxxxx-oooo-yyyy

Device        Start      End  Sectors  Size Type
/dev/sda1      2048     4095     2048    1M BIOS boot
/dev/sda2      4096 29364223 29360128   14G Linux filesystem
/dev/sda3  29364224 31457246  2093023 1022M Linux swap
  • 參考文件: https://www.debian.org/releases/stretch/amd64/apds03.html.en

步驟

  • LiveCD 開機後
mkfs.xfs /dev/sda2
mkdir /mnt/debinst
mount /dev/sda2 /mnt/debinst

/usr/sbin/debootstrap --arch amd64 bullseye /mnt/debinst http://ftp.tw.debian.org/debian/

mount -t proc proc /mnt/debinst/proc
mount --bind /sys /mnt/debinst/sys

LANG=C.UTF-8 chroot /mnt/debinst /bin/bash
  • chroot into /mnt/debinst
apt install makedev
cd /dev ; MAKEDEV generic

# config fstab, 以後再修更笨蛋的方法
root@debian-live:/etc# blkid /dev/sda2
/dev/sda2: UUID="bf085625-2d11-4a2c-994e-ca99ab30659b" BLOCK_SIZE="512" TYPE="xfs"
root@debian-live:/etc# blkid /dev/sda3
/dev/sda3: UUID="d0b7e806-de0c-4e24-8b26-ea909989cf65" TYPE="swap"

echo '# file system    mount point   type    options                  dump pass
UUID="bf085625-2d11-4a2c-994e-ca99ab30659b"    /     xfs   noatime    0    1
UUID="d0b7e806-de0c-4e24-8b26-ea909989cf65"    none  swap  sw         0    0' > /etc/fstab

# timezone
ln -fs /usr/share/zoneinfo/Asia/Taipei /etc/localtime

# network
INT=`ip link | awk -F: '0 !~ "lo|vir|wl|^[^0-9]"{print2;getline}'`
echo "#
auto lo
iface lo inet loopback

auto INT
ifaceINT inet dhcp

source /etc/network/interfaces.d/*" > /etc/network/interfaces

echo '#
nameserver 8.8.8.8
nameserver 168.95.1.1' > /etc/resolv.conf

echo 'DebianHostName' > /etc/hostname

echo '#
127.0.0.1       localhost
127.0.1.1       DebianHostName
::1             localhost ip6-localhost ip6-loopback
ff02::1         ip6-allnodes
ff02::2         ip6-allrouters' > /etc/hosts

echo '#
deb http://ftp.tw.debian.org/debian/ bullseye main contrib non-free
deb-src http://ftp.tw.debian.org/debian/ bullseye main contrib non-free

deb http://security.debian.org/debian-security bullseye-security main contrib non-free
deb-src http://security.debian.org/debian-security bullseye-security main contrib non-free

deb http://opensource.nchc.org.tw/debian/ bullseye-updates main contrib non-free
deb-src http://opensource.nchc.org.tw/debian/ bullseye-updates main contrib non-free' > /etc/apt/sources.list

apt update
apt install -y xfsprogs locales console-setup linux-image-amd64 grub-pc smartmontools vim sudo nload net-tools ssh

echo '#
LANG="en_US.UTF-8"
LANGUAGE="en_US:en"' > /etc/default/locale

echo '#
XKBMODEL="pc105"
XKBLAYOUT="us"
XKBVARIANT=""
XKBOPTIONS=""

BACKSPACE="guess"' > /etc/default/keyboard

cat << EOF > /etc/default/grub
GRUB_DEFAULT=0
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX_DEFAULT="nomodeset"
GRUB_CMDLINE_LINUX=""
GRUB_TERMINAL=console
GRUB_GFXMODE=640x480
GRUB_GFXPAYLOAD_LINUX=keep
EOF

grub-install /dev/sda
update-initramfs -u
update-grub

#sed -i 's;^\(root:\)\*:;\1:;' /etc/shadow

adduser --disabled-password --gecos "" firstuser
# 密碼部份, 需要再想一個更笨蛋的方法
sed -i 's;^\(firstuser:\)\*:;\1hash password:;' /etc/shadow

echo '#
firstuser ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/local

tasksel install standard
  • 重開機, 退 LiveCD, 就能進入剛灌好的 Debian
    • root 沒有密碼, single user mode 可能無法用, 要修爛掉時, 建議改用 PXE / LiveCD 進系統修
    • 利用 firstuser 登入, 即可 sudo 取得 root permission
    • 建議把 firstuser 密碼也拿掉, 改用 ssh public key 登入, 安全度會高很多
弄了一個無互動的自動裝 Debian 的步驟

No related posts.

發表迴響

這個網站採用 Akismet 服務減少垃圾留言。進一步了解 Akismet 如何處理網站訪客的留言資料

Verified by MonsterInsights