debian etch pxe network install

Using debian instead of ubuntu at the new job and needed to rebuild my old network installs. Etch takes things a little differently than gutsy used to.

pxelinux.cfg/default:

LABEL etch_i386_install_auto
kernel debian/etch/i386/linux
append vga=normal initrd=debian/etch/i386/initrd.gz preseed/url=http://debian.yourdomain.local/preseed/standard.cfg debian-installer/locale=en_US console-keymaps-at/keymap=us
netcfg/get_hostname=unassigned netcfg/get_domain=yourdomain.local —

Otherwise I’m just pulling bits from my old configs. If you haven’t set this all up before, this is a good howto on pxe booting server installs using syslinux/pxelinux (my dhcp server is Windows, just remember to set DHCP options 66 to the pxe server IP and ‘pxelinux.0’ respectively). Note that I couldn’t get the netcfg lines to work in the preseed file, I assume because it’s technically coming before it grabs the preseed file.

Note that I’ve also used apt-mirror to create a local repository. Don’t forget you’ll need d-i (debian-installer) so you’ll need something like this for a mirror.list:

deb http://ftp.us.debian.org/debian/ etch main main/debian-installer
deb-src http://ftp.us.debian.org/debian/ etch main

deb http://security.us.debian.org/ etch/updates main contrib
deb-src http://security.us.debian.org/ etch/updates main contrib

You could probably do without the deb-src. I wasn’t really thinking at the time and included those lines. My last job all over our boxes had like 2.5TB of space on them so I stopped worrying about such things but at my new job all our storage is in SANs and I haven’t convinced anyone to let me abuse the non-crappy ones yet. Anyways, the above mirror came out to about 29GB.

You’ll need to set up a series of symlinks in apache to get it to serve this all up the way a real mirror would. I wish apt-mirror was smarter about this, especially at my last job where I had lots of local repositories and nests of links to get it all working and right now the SAN where this repo is stored doesn’t support symlinks so I’m still left with a nasty mess of them to get everything where I want it to be. I haven’t gotten around to getting the security mirror working but I’ll warn you that I think it needs to be a separate virtualhost under apache because the “d-i apt-setup/security_host string” preseed command takes a hostname, not a structure like a repository string does (hostname folder release). You can disable security updates on install and just use puppet, cfengine or whatever to take care of this later if you prefer anyways. Or do it like it’s done here, this works for me:

d-i apt-setup/security_host string
d-i apt-setup/local0/repository string http://yourhostserver/debian-security etch/updates main

When configuring passwords with something like:

d-i passwd/root-password-crypted password [md5’d password goes here]
d-i passwd/make-user boolean false

Note that you can create the md5 string with ‘openssl passwd -1’ or ‘grub-md5-crypt’ depending on whats on your box already, and yes keep the word ‘password’ after ‘root-password-crypted’

For the record my preseed ended up looking like this:

# based off of:
# http://loftninjas.org/blog/2007/10/ubuntu-lvm-network-install-part-2.html
# see also: http://www.debian.org/releases/etch/example-preseed.txt

# keymap/language/local/network done on kernel bootline since it’s before we fetch this preseed file

# prevents silly questions like asking about popularity-contest
d-i debconf/priority string critical

# set local tz, set hardware clock to utc
d-i time/zone string US/Pacific
d-i clock-setup/utc boolean true

# Install source
d-i mirror/country string enter information manually
d-i mirror/http/hostname string FIXME
d-i mirror/http/directory string /debian/
d-i mirror/codename string etch
d-i mirror/http/proxy string

d-i apt-setup/local0/repository string http://FIXME debian etch
d-i apt-setup/local0/comment string local debian etch repository
d-i apt-setup/local1/repository string http://FIXME security etch/updates main
d-i apt-setup/local1/comment string local debian etch security repository
d-i apt-setup/security_host string

# this should choose the most minimal install known so far
tasksel tasksel/first multiselect standard

# install additional apps
d-i pkgsel/include string tcpdump vim

d-i grub-installer/only_debian boolean true

# specifc to etch, not the same with sarge
# install to the first scsi disk, automatically, single partition, with swap, no lvm
d-i partman-auto/init_automatically_partition select Guided – use entire disk
d-i partman-auto/disk string /dev/sda
d-i partman-auto/method string regular
d-i partman-auto/choose_recipe select All files in one partition (recommended for new users)
d-i partman/confirm_write_new_label boolean true
d-i partman/choose_partition select Finish partitioning and write changes to disk
d-i partman/confirm boolean true

# root password in md5, don’t ask to create a normal user
d-i passwd/root-password-crypted password FIXME
d-i passwd/make-user boolean false

# Avoid that last message about the install being complete.
d-i finish-install/reboot_in_progress note

Now just gotta figure out why Windows Server 2003 R2 SP2 crashes because of lsass.exe whenever the new SFU/Services For Unix identity crap updates a changed password.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload the CAPTCHA.