The preseed file

#### Contents of the preconfiguration file (for &releasename;)

### Localization
# Locale sets language and country.
d-i debian-installer/locale string en_US.UTF-8
d-i localechooser/supported-locales multiselect en_GB.UTF-8, en_GB, en_GB.ISO-8859-15, en_US, en_US.ISO-8859-15, nl_NL.UTF-8, nl_NL, nl_NL@euro

# Keyboard selection.
# Disable automatic (interactive) keymap detection.
d-i console-setup/ask_detect boolean false
#d-i console-setup/modelcode string pc105
d-i console-setup/layoutcode string us

### Network configuration
# netcfg will choose an interface that has link if possible. This makes it
# skip displaying a list if there is more than one interface.
d-i netcfg/choose_interface select auto

# If you have a slow dhcp server and the installer times out waiting for
# it, this might be useful.
#d-i netcfg/dhcp_timeout string 60

# If you prefer to configure the network manually, uncomment this line and
# the static network configuration below.
#d-i netcfg/disable_dhcp boolean true

# If you want the preconfiguration file to work on systems both with and
# without a dhcp server, uncomment these lines and the static network
# configuration below.
#d-i netcfg/dhcp_failed note
#d-i netcfg/dhcp_options select Configure network manually

# Static network configuration.
#d-i netcfg/get_nameservers string 192.168.1.1
#d-i netcfg/get_ipaddress string 192.168.1.42
#d-i netcfg/get_netmask string 255.255.255.0
#d-i netcfg/get_gateway string 192.168.1.1
#d-i netcfg/confirm_static boolean true

# Any hostname and domain names assigned from dhcp take precedence over
# values set here. However, setting the values still prevents the questions
# from being shown, even if values come from dhcp.
d-i netcfg/get_hostname string unassigned-hostname
d-i netcfg/get_domain string unassigned-domain

# Disable that annoying WEP key dialog.
d-i netcfg/wireless_wep string
# The wacky dhcp hostname that some ISPs use as a password of sorts.
#d-i netcfg/dhcp_hostname string radish

# If non-free firmware is needed for the network or other hardware, you can
# configure the installer to always try to load it, without prompting. Or
# change to false to disable asking.
d-i hw-detect/load_firmware boolean true

### Mirror settings
# If you select ftp, the mirror/country string does not need to be set.
#d-i mirror/protocol string ftp
d-i mirror/country string manual
d-i mirror/http/hostname string osmirror.mydomain.com 1
d-i mirror/http/directory string /ubuntu
d-i mirror/http/proxy string

# Alternatively: by default, the installer uses CC.archive.ubuntu.com where
# CC is the ISO-3166-2 code for the selected country. You can preseed this
# so that it does so without asking.
#d-i mirror/http/mirror select CC.archive.ubuntu.com

# Suite to install.
#d-i mirror/suite string &releasename; 2
# Suite to use for loading installer components (optional).
#d-i mirror/udeb/suite string &releasename;
# Components to use for loading installer components (optional).
d-i mirror/udeb/components multiselect main, restricted

d-i anna/choose_modules string parted-udeb fat-modules partman-basicfilesystems 3

### Clock and time zone setup
# Controls whether or not the hardware clock is set to UTC.
d-i clock-setup/utc boolean true

# You may set this to any valid setting for $TZ; see the contents of
# /usr/share/zoneinfo/ for valid values.
d-i time/zone string Europe/Amsterdam

# Controls whether to use NTP to set the clock during the install
d-i clock-setup/ntp boolean true
# NTP server to use. The default is almost always fine here.
d-i clock-setup/ntp-server string ntp0.rug.nl

### Partitioning
# If the system has free space you can choose to only partition that space.
# Alternatives: custom, some_device, some_device_crypto, some_device_lvm.
d-i partman-auto/init_automatically_partition select biggest_free 4

# Alternatively, you can specify a disk to partition. The device name must
# be given in traditional non-devfs format.
# Note: A disk must be specified, unless the system has only one disk.
# For example, to use the first SCSI/SATA hard disk:
#d-i partman-auto/disk string /dev/sda
# In addition, you'll need to specify the method to use.
# The presently available methods are: "regular", "lvm" and "crypto"
# "regular" even in Trusty still implies using the entire disk. So we cannot use it -JB 20140620
#d-i partman-auto/method string regular

# If one of the disks that are going to be automatically partitioned
# contains an old LVM configuration, the user will normally receive a
# warning. This can be preseeded away...
d-i partman-lvm/device_remove_lvm boolean true
# The same applies to pre-existing software RAID array:
d-i partman-md/device_remove_md boolean true
# And the same goes for the confirmation to write the lvm partitions.
d-i partman-lvm/confirm boolean true

# For LVM partitioning, you can select how much of the volume group to use
# for logical volumes.
#d-i partman-auto-lvm/guided_size string max
#d-i partman-auto-lvm/guided_size string 10GB
#d-i partman-auto-lvm/guided_size string 50%

# You can choose one of the three predefined partitioning recipes:
# - atomic: all files in one partition
# - home:   separate /home partition
# - multi:  separate /home, /usr, /var, and /tmp partitions
#d-i partman-auto/choose_recipe select atomic

# Or provide a recipe of your own...
# The recipe format is documented in the file devel/partman-auto-recipe.txt.
# If you have a way to get a recipe file into the d-i environment, you can
# just point at it.
d-i partman-auto/expert_recipe_file string /tmp/partman-recipe.txt 5

# If you just want to change the default filesystem from ext3 to something
# else, you can do that without providing a full recipe.
#d-i partman/default_filesystem string ext4

# This makes partman automatically partition without confirmation, provided
# that you told it what to do using one of the methods above.
d-i partman/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
partman-base partman/confirm boolean true
partman-partitioning partman-partitioning/confirm_copy boolean true
partman-base partman/confirm_nooverwrite boolean true
#partman-target partman/mount_style select label
partman-target partman/mount_style select traditional
#d-i partman/mount_style select uuid

### Base system installation
# The kernel image (meta) package to be installed; "none" can be used if no
# kernel is to be installed.
#d-i base-installer/kernel/image string linux-generic

### Account setup
# Skip creation of a root account (normal user account will be able to
# use sudo). The default is false; preseed this to true if you want to set
# a root password.
#d-i passwd/root-login boolean false
# Alternatively, to skip creation of a normal user account.
#d-i passwd/make-user boolean false

# Root password, either in clear text
#d-i passwd/root-password password r00tme
#d-i passwd/root-password-again password r00tme
# or encrypted using an MD5 hash.
d-i passwd/root-password-crypted password $6$aXDFT7RV$g/dpndOivAKblsvIu45jyyHwugBoKd4jVNQvhmvzgta2GO/knr7YDNAlfsPclpFyx7i/o175dhsmfpCalNm3m.

# To create a normal user account.
#d-i passwd/user-fullname string Ubuntu User
#d-i passwd/username string ubuntu
# Normal user's password, either in clear text
#d-i passwd/user-password password insecure
#d-i passwd/user-password-again password insecure
# or encrypted using an MD5 hash.
#d-i passwd/user-password-crypted password [MD5 hash]
# Create the first user with the specified UID instead of the default.
#d-i passwd/user-uid string 1010

d-i passwd/user-fullname string Preseed User
d-i passwd/username string preseed
d-i passwd/user-password-crypted password !* 6

# The installer will warn about weak passwords. If you are sure you know
# what you're doing and want to override it, uncomment this.
#d-i user-setup/allow-password-weak boolean true

# The user account will be added to some standard initial groups. To
# override that, use this.
#d-i passwd/user-default-groups string audio cdrom video

# Set to true if you want to encrypt the first user's home directory.
d-i user-setup/encrypt-home boolean false

### Apt setup
# You can choose to install restricted and universe software, or to install
# software from the backports repository.
d-i apt-setup/restricted boolean true
d-i apt-setup/universe boolean true
d-i apt-setup/multiverse boolean true
#d-i apt-setup/backports boolean true
d-i apt-setup/partner boolean true
# Uncomment this if you don't want to use a network mirror.
#d-i apt-setup/use_mirror boolean false
# Select which update services to use; define the mirrors to be used.
# Values shown below are the normal defaults.
d-i apt-setup/services-select multiselect security
d-i apt-setup/security_host string security.ubuntu.com
d-i apt-setup/security_path string /ubuntu

# Additional repositories, local[0-9] available
#d-i apt-setup/local0/repository string \
#       http://local.server/ubuntu &releasename; main
#d-i apt-setup/local0/comment string local server
# Enable deb-src lines
#d-i apt-setup/local0/source boolean true
# URL to the public key of the local repository; you must provide a key or
# apt will complain about the unauthenticated repository and so the
# sources.list line will be left commented out
#d-i apt-setup/local0/key string http://local.server/key

# By default the installer requires that repositories be authenticated
# using a known gpg key. This setting can be used to disable that
# authentication. Warning: Insecure, not recommended.
#d-i debian-installer/allow_unauthenticated string true

### Package selection
tasksel tasksel/first multiselect ubuntu-desktop

# Individual additional packages to install
d-i pkgsel/include string {{ local.packages }} 7
# Whether to upgrade packages after debootstrap.
# Allowed values: none, safe-upgrade, full-upgrade
d-i pkgsel/upgrade select full-upgrade

# Language pack selection
#d-i pkgsel/language-packs multiselect de, en, zh

# Policy for applying updates. May be "none" (no automatic updates),
# "unattended-upgrades" (install security updates automatically), or
# "landscape" (manage system with Landscape).
#d-i pkgsel/update-policy select none

# Some versions of the installer can report back on what software you have
# installed, and what software you use. The default is not to report back,
# but sending reports helps the project determine what software is most
# popular and include it on CDs.
popularity-contest popularity-contest/participate boolean true

# By default, the system's locate database will be updated after the
# installer has finished installing most packages. This may take a while, so
# if you don't want it, you can set this to "false" to turn it off.
#d-i pkgsel/updatedb boolean true

### Boot loader installation
# Grub is the default boot loader (for x86). If you want lilo installed
# instead, uncomment this:
#d-i grub-installer/skip boolean true
# To also skip installing lilo, and install no bootloader, uncomment this
# too:
#d-i lilo-installer/skip boolean true

# This is fairly safe to set, it makes grub install automatically to the MBR
# if no other operating system is detected on the machine.
d-i grub-installer/only_debian boolean true

# This one makes grub-installer install to the MBR if it also finds some other
# OS, which is less safe as it might not be able to boot that other OS.
d-i grub-installer/with_other_os boolean true

# Alternatively, if you want to install to a location other than the mbr,
# uncomment and edit these lines:
#d-i grub-installer/only_debian boolean false
#d-i grub-installer/with_other_os boolean false
#d-i grub-installer/bootdev  string (hd0,0)
# To install grub to multiple disks:
#d-i grub-installer/bootdev  string (hd0,0) (hd1,0) (hd2,0)

# Optional password for grub, either in clear text
#d-i grub-installer/password password r00tme
#d-i grub-installer/password-again password r00tme
# or encrypted using an MD5 hash, see grub-md5-crypt(8).
d-i grub-installer/password-crypted password $1$gwxTB/$PtYFfdGgOXw.lLQ06ge05/

### Finishing up the installation
# During installations from serial console, the regular virtual consoles
# (VT1-VT6) are normally disabled in /etc/inittab. Uncomment the next
# line to prevent this.
#d-i finish-install/keep-consoles boolean true

# Avoid that last message about the install being complete.
#d-i finish-install/reboot_in_progress note 8

# This will prevent the installer from ejecting the CD during the reboot,
# which is useful in some situations.
#d-i cdrom-detect/eject boolean false

# This is how to make the installer shutdown when finished, but not
# reboot into the installed system.
#d-i debian-installer/exit/halt boolean true
# This will power off the machine instead of just halting it.
#d-i debian-installer/exit/poweroff boolean true

### X configuration
# X can detect the right driver for some cards, but if you're preseeding,
# you override whatever it chooses. Still, vesa will work most places.
#xserver-xorg xserver-xorg/config/device/driver select vesa

# A caveat with mouse autodetection is that if it fails, X will retry it
# over and over. So if it's preseeded to be done, there is a possibility of
# an infinite loop if the mouse is not autodetected.
#xserver-xorg xserver-xorg/autodetect_mouse boolean true

# Monitor autodetection is recommended.
xserver-xorg xserver-xorg/autodetect_monitor boolean true
# Uncomment if you have an LCD display.
#xserver-xorg xserver-xorg/config/monitor/lcd boolean true
# X has three configuration paths for the monitor. Here's how to preseed
# the "medium" path, which is always available. The "simple" path may not
# be available, and the "advanced" path asks too many questions.
xserver-xorg xserver-xorg/config/monitor/selection-method \
       select medium
xserver-xorg xserver-xorg/config/monitor/mode-list \
       select 1024x768 @ 60 Hz

### Preseeding other packages
# Depending on what software you choose to install, or if things go wrong
# during the installation process, it's possible that other questions may
# be asked. You can preseed those too, of course. To get a list of every
# possible question that could be asked during an install, do an
# installation, and then run these commands:
#   debconf-get-selections --installer > file
#   debconf-get-selections >> file

# Postfix - JB 20090918
postfix postfix/main_mailer_type select Satellite system
postfix postfix/relayhost string smtp.rug.nl

# Zabbix-agent -JB 20100124
zabbix-agent zabbix-agent/server string zabbix.mydomain.com

# php-adodb thinks itself important -JB
d-i libphp-adodb/pathmove note

# System-wide default paper size
libpaper1 libpaper/defaultpaper select a4

# This might override the kernel boot parameter setting (it does!) -JB 20090918
#debconf debconf/priority select critical

# Another EULA
googleearth shared/accepted-googleearth-eula boolean true

# Yet another EULA -JB 20110127
ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula boolean true

## Do the OEM thing
#d-i oem-config/enable boolean false true
#oem-config-check oem-config/enable boolean true

#### Advanced options
### Running custom commands during the installation
# d-i preseeding is inherently not secure. Nothing in the installer checks
# for attempts at buffer overflows or other exploits of the values of a
# preconfiguration file like this one. Only use preconfiguration files from
# trusted locations! To drive that home, and because it's generally useful,
# here's a way to run any shell command you'd like inside the installer,
# automatically.

# This first command is run as early as possible, just after
# preseeding is read.
#d-i preseed/early_command string anna-install some-udeb
d-i preseed/early_command string \
  wget -P /tmp {{ url_dir }}/partman-recipe.txt 9

# This command is run immediately before the partitioner starts. It may be
# useful to apply dynamic partitioner preseeding that depends on the state
# of the disks (which may not be visible when preseed/early_command runs).
#d-i partman/early_command string debconf-set partman-auto/disk "$(list-devices disk | head -n1)"
d-i partman/early_command string \
  wget -P /tmp {{ url_dir }}/partman_early_command.sh && sh /tmp/partman_early_command.sh 9

# This command is run just before the install finishes, but when there is
# still a usable /target directory. You can chroot to /target and use it
# directly, or use the apt-install and in-target commands to easily install
# packages and run commands in the target system.
#d-i preseed/late_command string apt-install zsh; in-target chsh -s /bin/zsh
d-i preseed/late_command string \
  wget -P /tmp {{ url_dir }}/plc_nit.sh \9
  && sh /tmp/plc_nit.sh \10
  && in-target wget -nd -P /tmp {{ url_dir }}/preseed_late_command.sh \ 11
  && in-target sh /tmp/preseed_late_command.sh
    

1

Don't forget to replace with your nearest mirror.

2

If you uncomment this, you want to replace &releasename by an actual release name, e.g. 'trusty'. We PXEboot the Trusty installer straight from the mirror, and it installs Trusty by default. Hence this value is not specified.

It is possible though to use the installer for one version to install another. And in that case, you want to use this setting.

3

These udebs are used by our repartitioning script.

4

We use biggest_free, because our Partman setup is peculiar. This preseed handles dual-boot by virtue of a fixed partitioning scheme.

Just before the partitioning starts, a script partitioner.sh (not included here) is run. It handles either of three cases: an empty disk (I), or a disk with Windows C: in /dev/sda1 and D: in /dev/sda5 in /dev/sda2 (II), or a disk with C: in /dev/sda1, D: in /dev/sda2, and Linux in logical partitions in /dev/sda2(III). After the script has run, C: will be untouched, and there will be enough space for Linux partitions. This empty space is where the preseed tells the installer to put /dev/sda2 (extended) and the logical Linux partitions.

A side effect of this is that there must not be any other, empty, disks on the system. For if there are any, they will likely have the largest free space, and the installer will put Linux there.

5

The partman_early_command script fetched this recipe from a server and puts it in /tmp.

6

The preseed demands a default user, so we provide one. But its password is invalid, so it cannot log in. We use scripts later on to add actual users.

7

You see double curlies here because this file is actually a template that Python will turn into a fianl preseed file. It will replace the {{ local.packages }} with a space separated list of hundreds of packages that we want on our PCs.

8

Our installation show a reboot prompt at the end. We need to prevent automatic reboot, because we want to draw an image from the machine before it has booted for the first time. It is also convenient to be able to inspect the machine after the installation has finished, but with the machine still running.

If you want the installation to be really automatic, uncomment this line.

9

Replace {{ url_dir }} with the location where your partman recipe is. In our case, the curlies make Python do it for us.

10

This script is not run in-target. So it sees the installer environment, as opposed to the installed environment. We find that there is little purpose for such a script, except perhaps to copy back to the new installation some files that were saved from an old one before repartitioning. (E.g. ssh keys, printer configuration and the like.)

11

This script copies an entire directory of small scripts, and executes them all inside the freshly installed OS. It even runs Puppet there, although Puppet isn't too well suited for that.