1 files changed, 80 insertions, 0 deletions

diff --git a/packer/debian-server-bookworm/http/preseed.cfg b/packer/debian-server-bookworm/http/preseed.cfg
new file mode 100644
index 0000000..cf696e0
--- /dev/null
+++ b/packer/debian-server-bookworm/http/preseed.cfg
@@ -0,0 +1,80 @@
+### Debian Preseed File for Unattended Installation
+
+### Enable automatic installation
+d-i auto-install/enable boolean true
+
+### Set language, country, and locale
+d-i debian-installer/language string en
+d-i debian-installer/country string US
+d-i debian-installer/locale string en_US.UTF-8
+
+### Console and keyboard configuration
+d-i console-setup/ask_detect boolean false
+d-i debconf/frontend select noninteractive
+d-i keyboard-configuration/xkb-keymap select us
+d-i keymap select us
+
+### Network configuration
+d-i netcfg/choose_interface select auto
+d-i netcfg/get_hostname string debian
+d-i netcfg/get_domain string local
+
+### Set time zone and clock settings
+d-i clock-setup/utc boolean true
+d-i time/zone string UTC
+
+### Configure package mirrors
+d-i mirror/country string FR
+d-i mirror/http/hostname string httpredir.debian.org
+d-i mirror/http/directory string /debian/
+d-i mirror/http/proxy string
+d-i apt-setup/use_mirror boolean true
+
+### Partitioning (Use entire disk, no LVM, no swap)
+d-i partman-auto/method string regular
+d-i partman-auto/choose_recipe select atomic
+d-i partman-partitioning/confirm_write_new_label boolean true
+d-i partman/choose_partition select finish
+d-i partman/confirm boolean true
+d-i partman/confirm_nooverwrite boolean true
+d-i partman-basicfilesystems/no_swap boolean true
+
+### User setup (Create user "mas", disable root login)
+d-i passwd/user-fullname string mas
+d-i passwd/username string mas
+d-i passwd/user-password-crypted password !
+d-i passwd/root-login boolean false
+d-i user-setup/allow-password-weak boolean true
+d-i user-setup/encrypt-home boolean false
+
+### Select base installation packages
+tasksel tasksel/first multiselect standard, ssh-server
+
+### Install additional packages
+d-i pkgsel/include string openssh-server qemu-guest-agent sudo neovim tmux
+
+### SSH setup (Disable password authentication, allow only SSH key)
+d-i preseed/late_command string \
+    in-target mkdir -p /home/mas/.ssh && \
+    in-target chmod 700 /home/mas/.ssh && \
+    in-target /bin/sh -c "echo 'ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCtB9NZgJMVovVR4foT0OOV9GdHeHZoPtK1TGko2W4wli/reKjpUYBhlSPWbaWD9WUbl0RRqdzkODy1fB001zxs= mas@TMV2' >> /home/mas/.ssh/authorized_keys" && \
+    in-target chmod 600 /home/mas/.ssh/authorized_keys && \
+    in-target chown -R mas:mas /home/mas/.ssh && \
+    in-target usermod -aG sudo mas && \
+    in-target sed -i '/^%sudo/c\%sudo ALL=(ALL:ALL) NOPASSWD:ALL' /etc/sudoers && \
+    in-target sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication yes/' /etc/ssh/sshd_config && \
+    in-target sed -i 's|^#\?AuthorizedKeysFile.*|AuthorizedKeysFile %h/.ssh/authorized_keys|' /etc/ssh/sshd_config && \
+    in-target sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication no/' /etc/ssh/sshd_config && \
+    in-target systemctl restart ssh && \
+    in-target sed -i '/^deb cdrom:/s/^/#/' /etc/apt/sources.list
+
+### Configure GRUB bootloader
+d-i grub-installer/only_debian boolean true
+d-i grub-installer/with_other_os boolean false
+d-i grub-installer/bootdev string default
+
+### Disable popularity contest (privacy setting)
+popularity-contest popularity-contest/participate boolean false
+
+### Automatically reboot after installation completes
+d-i finish-install/reboot_in_progress note