updated readme

README.md

@@ -15,6 +15,34 @@ Variables:
 * debianunattended_additional_packages: git nano wget bash-completion curl socat multitail python-apt-common software-properties-common
 * debianunattended_proxystring: http://hostname:port
 * debianunattended_mirror: ftp.de.debian.org
+* debianunattended_ntpserver: ntp.domain.tld
+* debianunattended_partman_auto_method | default('regular')
+* debianunattended_partman_disk1: vda
+* debianunattended_partman_disk2: vdb
+* debianunattended_partman_auto_disk: /dev/{{ debianunattended_partman_disk1 }} /dev/{{ debianunattended_partman_disk2 }}
+* debianunattended_partman_auto_expert_recipe | default('')
+* debianunattended_partman_auto_raid_recipe | default('')
+
+```
+RAID1-Example on 2 disks:
+debianunattended_partman_auto_method: raid
+debianunattended_partman_disk1: vda
+debianunattended_partman_disk1: vdb
+debianunattended_partman_auto_disk: /dev/{{ debianunattended_partman_disk1 }} /dev/{{ debianunattended_partman_disk1 }}
+debianunattended_partman_auto_expert_recipe: |
+  d-i partman-auto/expert_recipe string \
+    multiraid :: \
+      8192 8192 8192 raid $primary{ } $bootable{ } method{ raid } . \
+      8192 8192 -1 raid method{ raid } . \
+      8192 8192 8192 raid method{ raid } .
+
+debianunattended_partman_auto_raid_recipe: |
+  d-i partman-auto-raid/recipe string \
+    1 2 0 ext3 /boot /dev/{{ debianunattended_partman_disk1 }}1#/dev/{{ debianunattended_partman_disk1 }}1 . \
+    1 2 0 ext3 / /dev/{{ debianunattended_partman_disk1 }}5#/dev/{{ debianunattended_partman_disk1 }}5 . \
+    1 2 0 swap - /dev/{{ debianunattended_partman_disk1 }}6#/dev/{{ debianunattended_partman_disk1 }}6 .
+
+```
 #backup-ip-address for environment without dhcp
 * debianunattended_staticip_ipaddress: 192.168.1.42
 * debianunattended_staticip_netmask: 255.255.255.0
@@ -22,4 +50,6 @@ Variables:
 * debianunattended_staticip_nameservers: 192.168.1.1
 * debianunattended_mirror: ftp.de.debian.org
 
-Many Thanks to https://www.librebyte.net/en/systems-deployment/unattended-debian-installation/
+Many Thanks to
+* https://www.librebyte.net/en/systems-deployment/unattended-debian-installation
+* https://www.bishnet.net/tim/blog/2015/01/29/understanding-partman-autoexpert_recipe

tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 - name: check if iso exists
   stat:
-    path: "{{ playbook_dir }}/debian-11.4.0-amd64-netinst-unattended-{{ inventory_hostname }}.iso"
+    path: "{{ playbook_dir }}/debian-11.5.0-amd64-netinst-unattended-{{ inventory_hostname }}.iso"
   delegate_to: localhost
   register: iso_exists
 
@@ -26,8 +26,8 @@
 
 - name: Download ISO Image
   get_url:
-    url: "https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-11.4.0-amd64-netinst.iso"
-    dest: "/opt/ansiblepackages/debianunattended/debian-11.4.0-amd64-netinst.iso"
+    url: "https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-11.5.0-amd64-netinst.iso"
+    dest: "/opt/ansiblepackages/debianunattended/debian-11.5.0-amd64-netinst.iso"
   delegate_to: localhost
 
 - name: delete old stuff
@@ -37,7 +37,7 @@
   delegate_to: localhost
 
 - name: extract ISO Image
-  command: "xorriso -osirrox on -indev /opt/ansiblepackages/debianunattended/debian-11.4.0-amd64-netinst.iso  -extract / /opt/ansiblepackages/debianunattended/{{ inventory_hostname }}/isofiles/"
+  command: "xorriso -osirrox on -indev /opt/ansiblepackages/debianunattended/debian-11.5.0-amd64-netinst.iso  -extract / /opt/ansiblepackages/debianunattended/{{ inventory_hostname }}/isofiles/"
   args:
     creates: "/opt/ansiblepackages/debianunattended/{{ inventory_hostname }}/isofiles/install.amd/initrd.gz"
   delegate_to: localhost
@@ -48,6 +48,19 @@
     dest: "/opt/ansiblepackages/debianunattended/{{ inventory_hostname }}/preseed.cfg"
   delegate_to: localhost
 
+- name: generate /opt/ansiblepackages/debianunattended/{{ inventory_hostname }}/isofiles/boot/grub/grub.cfg
+  template:
+    src: grub.cfg.j2
+    dest: "/opt/ansiblepackages/debianunattended/{{ inventory_hostname }}/isofiles/boot/grub/grub.cfg"
+  delegate_to: localhost
+
+- name: edit /opt/ansiblepackages/debianunattended/{{ inventory_hostname }}/isofiles/isolinux/isolinux.cfg
+  ansible.builtin.lineinfile:
+    path: /opt/ansiblepackages/debianunattended/{{ inventory_hostname }}/isofiles/isolinux/isolinux.cfg
+    state: absent
+    line: 'default vesamenu.c32'
+  delegate_to: localhost
+
 - name: generate /opt/ansiblepackages/debianunattended/{{ inventory_hostname }}/md5sum.sh
   template:
     src: md5sum.sh.j2
@@ -134,5 +147,5 @@
   delegate_to: localhost
 
 - name: genisoimage
-  command: "genisoimage -r -J -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -o {{ playbook_dir }}/debian-11.4.0-amd64-netinst-unattended-{{ inventory_hostname }}.iso /opt/ansiblepackages/debianunattended/{{ inventory_hostname }}/isofiles"
+  command: "genisoimage -r -J -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -o {{ playbook_dir }}/debian-11.5.0-amd64-netinst-unattended-{{ inventory_hostname }}.iso /opt/ansiblepackages/debianunattended/{{ inventory_hostname }}/isofiles"
   delegate_to: localhost

templates/grub.cfg.j2

@@ -0,0 +1,160 @@
+set timeout_style=hidden
+set timeout=0
+set default=1
+
+if loadfont $prefix/font.pf2 ; then
+  set gfxmode=800x600
+  set gfxpayload=keep
+  insmod efi_gop
+  insmod efi_uga
+  insmod video_bochs
+  insmod video_cirrus
+  insmod gfxterm
+  insmod png
+  terminal_output gfxterm
+fi
+
+if background_image /isolinux/splash.png; then
+  set color_normal=light-gray/black
+  set color_highlight=white/black
+elif background_image /splash.png; then
+  set color_normal=light-gray/black
+  set color_highlight=white/black
+else
+  set menu_color_normal=cyan/blue
+  set menu_color_highlight=white/blue
+fi
+
+insmod play
+play 960 440 1 0 4 440 1
+set theme=/boot/grub/theme/1
+menuentry --hotkey=g 'Graphical install' {
+    set background_color=black
+    linux    /install.amd/vmlinuz vga=788 --- quiet 
+    initrd   /install.amd/gtk/initrd.gz
+}
+menuentry --hotkey=i 'Install' {
+    set background_color=black
+    linux    /install.amd/vmlinuz vga=788 --- quiet 
+    initrd   /install.amd/initrd.gz
+}
+submenu --hotkey=a 'Advanced options ...' {
+    set menu_color_normal=cyan/blue
+    set menu_color_highlight=white/blue
+    set theme=/boot/grub/theme/1-1
+    set gfxpayload=keep
+    menuentry '... Graphical expert install' {
+        set background_color=black
+        linux    /install.amd/vmlinuz priority=low vga=788 --- 
+        initrd   /install.amd/gtk/initrd.gz
+    }
+    menuentry '... Graphical rescue mode' {
+        set background_color=black
+        linux    /install.amd/vmlinuz vga=788 rescue/enable=true --- quiet  
+        initrd   /install.amd/gtk/initrd.gz
+    }
+    menuentry '... Graphical automated install' {
+        set background_color=black
+        linux    /install.amd/vmlinuz auto=true priority=critical vga=788 --- quiet 
+        initrd   /install.amd/gtk/initrd.gz
+    }
+    menuentry --hotkey=x '... Expert install' {
+        set background_color=black
+        linux    /install.amd/vmlinuz priority=low vga=788 --- 
+        initrd   /install.amd/initrd.gz
+    }
+    menuentry --hotkey=r '... Rescue mode' {
+        set background_color=black
+        linux    /install.amd/vmlinuz vga=788 rescue/enable=true --- quiet 
+        initrd   /install.amd/initrd.gz
+    }
+    menuentry --hotkey=a '... Automated install' {
+        set background_color=black
+        linux    /install.amd/vmlinuz auto=true priority=critical vga=788 --- quiet 
+        initrd   /install.amd/initrd.gz
+    }
+    submenu --hotkey=s '... Speech-enabled advanced options ...' {
+        set menu_color_normal=cyan/blue
+        set menu_color_highlight=white/blue
+        set theme=/boot/grub/theme/1-1-1
+        set gfxpayload=keep
+        menuentry --hotkey=x '... Expert speech install' {
+            set background_color=black
+            linux    /install.amd/vmlinuz priority=low vga=788 speakup.synth=soft --- 
+            initrd   /install.amd/gtk/initrd.gz
+        }
+        menuentry --hotkey=r '... Rescue speech mode' {
+            set background_color=black
+            linux    /install.amd/vmlinuz vga=788 rescue/enable=true speakup.synth=soft --- quiet  
+            initrd   /install.amd/gtk/initrd.gz
+        }
+        menuentry --hotkey=a '... Automated speech install' {
+            set background_color=black
+            linux    /install.amd/vmlinuz auto=true priority=critical vga=788 speakup.synth=soft --- quiet 
+            initrd   /install.amd/gtk/initrd.gz
+        }
+    }
+}
+submenu --hotkey=d 'Accessible dark contrast installer menu ...' {
+    set menu_color_normal=white/black
+    set menu_color_highlight=yellow/black
+    set color_normal=white/black
+    set color_highlight=yellow/black
+    background_image
+    set theme=/boot/grub/theme/dark-1-2
+    set gfxpayload=keep
+    menuentry --hotkey=g '... Graphical install' {
+        set background_color=black
+        linux    /install.amd/vmlinuz vga=788 theme=dark --- quiet 
+        initrd   /install.amd/gtk/initrd.gz
+    }
+    menuentry --hotkey=i '... Install' {
+        set background_color=black
+        linux    /install.amd/vmlinuz vga=788 theme=dark --- quiet 
+        initrd   /install.amd/initrd.gz
+    }
+    submenu --hotkey=a '... Advanced options ...' {
+        set menu_color_normal=white/black
+        set menu_color_highlight=yellow/black
+        set color_normal=white/black
+        set color_highlight=yellow/black
+        background_image
+        set theme=/boot/grub/theme/dark-1-2-1
+        set gfxpayload=keep
+        menuentry '... Graphical expert install' {
+            set background_color=black
+            linux    /install.amd/vmlinuz priority=low vga=788 theme=dark --- 
+            initrd   /install.amd/gtk/initrd.gz
+        }
+        menuentry '... Graphical rescue mode' {
+            set background_color=black
+            linux    /install.amd/vmlinuz vga=788 rescue/enable=true theme=dark --- quiet 
+            initrd   /install.amd/gtk/initrd.gz
+        }
+        menuentry '... Graphical automated install' {
+            set background_color=black
+            linux    /install.amd/vmlinuz auto=true priority=critical vga=788 theme=dark --- quiet 
+            initrd   /install.amd/gtk/initrd.gz
+        }
+        menuentry --hotkey=x '... Expert install' {
+            set background_color=black
+            linux    /install.amd/vmlinuz priority=low vga=788 theme=dark --- 
+            initrd   /install.amd/initrd.gz
+        }
+        menuentry --hotkey=r '... Rescue mode' {
+            set background_color=black
+            linux    /install.amd/vmlinuz vga=788 rescue/enable=true theme=dark --- quiet 
+            initrd   /install.amd/initrd.gz
+        }
+        menuentry --hotkey=a '... Automated install' {
+            set background_color=black
+            linux    /install.amd/vmlinuz auto=true priority=critical vga=788 theme=dark --- quiet 
+            initrd   /install.amd/initrd.gz
+        }
+    }
+}
+menuentry --hotkey=s 'Install with speech synthesis' {
+    set background_color=black
+    linux    /install.amd/vmlinuz vga=788 speakup.synth=soft --- quiet 
+    initrd   /install.amd/gtk/initrd.gz
+}

templates/md5sum.sh.j2

@@ -1,3 +1,3 @@
 #!/bin/sh
-cd /opt/ansiblepackages/debianunattended/isofiles
+cd /opt/ansiblepackages/debianunattended/{{ inventory_hostname }}/isofiles
 md5sum $(find -follow -type f) > md5sum.txt

templates/preseed.cfg.j2

@@ -37,6 +37,7 @@ d-i netcfg/choose_interface select auto
 #d-i netcfg/dhcp_timeout string 60
 #d-i netcfg/dhcpv6_timeout string 60
 
+# Automatic network configuration is the default.
 # If you prefer to configure the network manually, uncomment this line and
 # the static network configuration below.
 #d-i netcfg/disable_autoconfig boolean true
@@ -67,7 +68,7 @@ d-i netcfg/choose_interface select auto
 # values set here. However, setting the values still prevents the questions
 # from being shown, even if values come from dhcp.
 d-i netcfg/get_hostname string {{ inventory_hostname }}
-d-i netcfg/get_domain string unassigned-domain
+d-i netcfg/get_domain string {{ dns_domain | default('unassigned-domain') }}
 
 # If you want to force a hostname, regardless of what either the DHCP
 # server returns or what the reverse DNS entry for the IP is, uncomment
@@ -94,7 +95,9 @@ d-i netcfg/wireless_wep string
 #d-i network-console/password-again password r00tme
 
 ### Mirror settings
+# Mirror protocol:
 # If you select ftp, the mirror/country string does not need to be set.
+# Default value for the mirror protocol: http.
 #d-i mirror/protocol string ftp
 d-i mirror/country string manual
 d-i mirror/http/hostname string {{ debianunattended_mirror | default('ftp.de.debian.org') }}
@@ -140,12 +143,16 @@ d-i clock-setup/utc boolean true
 
 # You may set this to any valid setting for $TZ; see the contents of
 # /usr/share/zoneinfo/ for valid values.
-d-i time/zone string {{ debianunattended_time_zone }}
+d-i time/zone string {{ debianunattended_time_zone | default('EU/Berlin') }}
 
 # Controls whether to use NTP to set the clock during the install
 d-i clock-setup/ntp boolean true
 # NTP server to use. The default is almost always fine here.
+{% if debianunattended_ntpserver is defined %}
+d-i clock-setup/ntp-server string {{ debianunattended_ntpserver }}
+{% else %}
 #d-i clock-setup/ntp-server string ntp.example.com
+{% endif %}
 
 ### Partitioning
 ## Partitioning example
@@ -164,7 +171,7 @@ d-i clock-setup/ntp boolean true
 # - regular: use the usual partition types for your architecture
 # - lvm:     use LVM to partition the disk
 # - crypto:  use LVM within an encrypted partition
-d-i partman-auto/method string regular
+d-i partman-auto/method string {{ debianunattended_partman_auto_method | default('regular') }}
 
 # You can define the amount of space that will be used for the LVM volume
 # group. It can either be a size with its unit (eg. 20 GB), a percentage of
@@ -185,8 +192,9 @@ d-i partman-lvm/confirm_nooverwrite boolean true
 # - atomic: all files in one partition
 # - home:   separate /home partition
 # - multi:  separate /home, /var, and /tmp partitions
+{% if debianunattended_partman_auto_expert_recipe is not defined %}
 d-i partman-auto/choose_recipe select atomic
-
+{% endif %}
 # Or provide a recipe of your own...
 # If you have a way to get a recipe file into the d-i environment, you can
 # just point at it.
@@ -242,7 +250,7 @@ d-i partman/confirm_nooverwrite boolean true
 # Force UEFI booting ('BIOS compatibility' will be lost). Default: false.
 #d-i partman-efi/non_efi_system boolean true
 # Ensure the partition table is GPT - this is required for EFI
-#d-i partman-partitioning/choose_label string gpt
+#d-i partman-partitioning/choose_label select gpt
 #d-i partman-partitioning/default_label string gpt
 
 # When disk encryption is enabled, skip wiping the partitions beforehand.
@@ -252,10 +260,14 @@ d-i partman/confirm_nooverwrite boolean true
 # The method should be set to "raid".
 #d-i partman-auto/method string raid
 # Specify the disks to be partitioned. They will all get the same layout,
-# so this will only work if the disks are the same size.
+# so this will only work if the disks are the same size.preseed
 #d-i partman-auto/disk string /dev/sda /dev/sdb
+{% if debianunattended_partman_auto_disk is defined %}
+d-i partman-auto/disk string {{ debianunattended_partman_auto_disk }}
+{% endif %}
 
 # Next you need to specify the physical partitions that will be used. 
+{{ debianunattended_partman_auto_expert_recipe | default('') }}
 #d-i partman-auto/expert_recipe string \
 #      multiraid ::                                         \
 #              1000 5000 4000 raid                          \
@@ -276,6 +288,7 @@ d-i partman/confirm_nooverwrite boolean true
 # <raidtype> <devcount> <sparecount> <fstype> <mountpoint> \
 #          <devices> <sparedevices>
 
+{{ debianunattended_partman_auto_raid_recipe | default('') }}
 #d-i partman-auto-raid/recipe string \
 #    1 2 0 ext3 /                    \
 #          /dev/sda1#/dev/sdb1       \
@@ -297,6 +310,8 @@ d-i partman-partitioning/confirm_write_new_label boolean true
 d-i partman/choose_partition select finish
 d-i partman/confirm boolean true
 d-i partman/confirm_nooverwrite boolean true
+d-i partman/confirm_nochanges boolean true
+d-i partman-md/confirm_nooverwrite boolean true
 
 ## Controlling how partitions are mounted
 # The default is to mount by UUID, but you can also choose "traditional" to
@@ -315,15 +330,23 @@ d-i partman/confirm_nooverwrite boolean true
 #d-i base-installer/kernel/image string linux-image-686
 
 ### Apt setup
+# Choose, if you want to scan additional installation media
+# (default: false).
+d-i apt-setup/cdrom/set-first boolean false
 # You can choose to install non-free and contrib software.
 d-i apt-setup/non-free boolean true
 d-i apt-setup/contrib boolean true
+# Uncomment the following line, if you don't want to have the sources.list
+# entry for a DVD/BD installation image active in the installed system
+# (entries for netinst or CD images will be disabled anyway, regardless of
+# this setting).
+d-i apt-setup/disable-cdrom-entries boolean true
 # Uncomment this if you don't want to use a network mirror.
 #d-i apt-setup/use_mirror boolean false
 # Select which update services to use; define the mirrors to be used.
 # Values shown below are the normal defaults.
-d-i apt-setup/services-select multiselect security, updates
-d-i apt-setup/security_host string security.debian.org
+#d-i apt-setup/services-select multiselect security, updates
+#d-i apt-setup/security_host string security.debian.org
 
 # Additional repositories, local[0-9] available
 #d-i apt-setup/local0/repository string \
@@ -353,13 +376,17 @@ d-i apt-setup/security_host string security.debian.org
 #tasksel tasksel/first multiselect standard, web-server, kde-desktop
 tasksel tasksel/first multiselect standard
 
+# Or choose to not get the tasksel dialog displayed at all (and don't install
+# any packages):
+#d-i pkgsel/run_tasksel boolean false
+
 # Individual additional packages to install
 d-i pkgsel/include string openssh-server build-essential {{ debianunattended_additional_packages | default('') }}
 # Whether to upgrade packages after debootstrap.
 # Allowed values: none, safe-upgrade, full-upgrade
 d-i pkgsel/upgrade select full-upgrade
 
-# Some versions of the installer can report back on what software you have
+# You can choose, if your system will report back on what software you have
 # installed, and what software you use. The default is not to report back,
 # but sending reports helps the project determine what software is most
 # popular and should be included on the first CD/DVD.
@@ -381,7 +408,7 @@ d-i grub-installer/with_other_os boolean true
 # not be determined safely in general, so this needs to be specified:
 #d-i grub-installer/bootdev  string /dev/sda
 # To install to the primary device (assuming it is not a USB stick):
-d-i grub-installer/bootdev  string default
+d-i grub-installer/bootdev  string {{ debianunattended_partman_auto_disk | default('default') }}
 
 # Alternatively, if you want to install to a location other than the UEFI
 # parition/boot record, uncomment and edit these lines:
@@ -465,12 +492,12 @@ pkgsel/updatedb boolean true
 
 {% if debianunattended_staticip_ipaddress is defined %}
 #static IPv4 address?
-d-i netcfg/disable_autoconfig boolean false
+d-i netcfg/disable_autoconfig boolean true
 d-i netcfg/dhcp_failed note
 d-i netcfg/dhcp_options select Configure network manually
-d-i netcfg/get_ipaddress string { debianunattended_staticip_ipaddress }
-d-i netcfg/get_netmask string { debianunattended_staticip_netmask }
-d-i netcfg/get_gateway string { debianunattended_staticip_gateway }
-d-i netcfg/get_nameservers string { debianunattended_staticip_nameservers }
+d-i netcfg/get_ipaddress string {{ debianunattended_staticip_ipaddress }}
+d-i netcfg/get_netmask string {{ debianunattended_staticip_netmask }}
+d-i netcfg/get_gateway string {{ debianunattended_staticip_gateway }}
+d-i netcfg/get_nameservers string {{ debianunattended_staticip_nameservers }}
 d-i netcfg/confirm_static boolean true
 {% endif %}