Thread: Creating 'install.conf' for OpenBSD automatic installations
View Single Post
  #1   (View Single Post)  
Old 15th December 2014
J65nko J65nko is offline
Administrator
  
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,131
Default Creating 'install.conf' for OpenBSD automatic installations
In OpenBSD autoinstall I posted about my first experiences with the autoinstall(8) procedure. At the end of that thread I mentioned how a shell script could generate a customized install.conf file.

The result of my endeavours is presented here as mk-install.conf.sh. Included is a Makefile to prefix the generated install.conf with a MAC address and to upload to a webserver directory. See autoinstall(8) for the role of a MAC address in the naming of install.conf

The environment, in which this was developed and tested, consisted of a Linux Mint (Ubuntu and thus Debian derative) server acting as KVM host for the OpenBSD current (2014-12-12) guest installs.
An OpenBSD box, 'hercules.utp.xnet" (192.168.222.20) was configured as PXE/TFTP and web server. My OpenBSD router at 192.168.222.10 acted as DHCP server.

Things mk-install.conf.sh does not (yet) do:
  • Multiple network interfaces
  • IPv6 configuration
  • Configure a vlan interface
  • Regular (non-root) user creation
  • Multiple sources for the file sets

Some of these things, like vlan I never use because a VLAN capable switch is still missing from my hardware collection. And defining user accounts, I prefer to handle in a siteXX.tgz.

On the other hand it supports some features that the average OpenBSD user probably does not use regulary:
  • Serial console configuration
  • Selection of siteXX.tgz and siteXX-hostname.tgz and the need for handling the failing checksum and verification.

An example of a generated installation response file:
Code:
Terminal type? = vt220
System hostname = diogenes 
Which network interface do you wish to configure? = vio0 
IPv4 address for = dhcp 
Password for root account? = $2a$10$8ZnU7QJ4yYt7tk3TXyzGfuGYYjKN3Ae0BGZQ/I5hN1U/v/6DVXgpK 
Public ssh key for root account? = ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCMPEpNB1XOPiaIcv2NJhG1c5Os595IebooZdnloA0OT+npTyk9FQbysijlFq+GWyc7Wu27qaELlhikj//qAyGc= adriaan@hercules.utp.xnet
Start sshd(8) by default? = yes
Start ntpd(8) by default? = yes
NTP server? (hostname or 'default') = default
Do you expect to run the X Window System? = yes
Do you want the X Window System to be started by xdm(1)? = no
Do you want to suspend on lid close? = no
Change the default console to com0? = yes
Which speed should com0 use? (or 'done') = 19200
What timezone are you in? = Europe/Amsterdam
Setup a user? = no 
Which disk is the root disk? = sd0 
Use DUIDs rather than device names in fstab? = yes
Use (W)hole disk or (E)dit the MBR? = W
Use (A)uto layout, (E)dit auto layout, or create (C)ustom layout? = a
Which disk do you wish to initialize? = done
Location of sets? = http
HTTP proxy URL? = none
HTTP Server? = hercules.utp.xnet
Server directory? = snapshots/i386
Set name(s)? = -all bsd bsd.rd bsd.mp base56.tgz site56.tgz done
Checksum test for site56.tgz failed. Continue anyway? = yes
Unverified sets: site56.tgz. Continue without verification? = yes 
Checksum test for site56-diogenes.tgz failed. Continue anyway? = yes
Unverified sets: site56-diogenes.tgz. Continue without verification? = yes 
Location of sets? = done
I realized that since the install script ask for Set name(s)?, they could be enumerated in one single answer:
Code:
Select sets by entering a set name, a file name pattern or 'all'. De-select
sets by prepending a '-' to the set name, file name pattern or 'all'. Selected
sets are labelled '[X]'.
    [X] bsd           [X] base56.tgz    [X] xbase56.tgz   [X] xserv56.tgz
    [X] bsd.rd        [X] comp56.tgz    [X] xshare56.tgz  [ ] site56.tgz
    [X] bsd.mp        [X] man56.tgz     [X] xfont56.tgz
Set name(s)? (or 'abort' or 'done') [done] -all bsd bsd.rd bsd.mp base56.tgz site56.tgz done
Get/Verify SHA256.sig   100% |**************************|  2067       00:00
Signature Verified
Get/Verify bsd          100% |**************************| 10295 KB    00:00
Get/Verify bsd.rd       100% |**************************|  6773 KB    00:00
Get/Verify bsd.mp       100% |**************************| 10327 KB    00:00
Get/Verify base56.tgz   100% |**************************| 51053 KB    00:01
Get/Verify site56.tgz   100% |**************************|  4915       00:00
Checksum test for site56.tgz failed. Continue anyway? [no] yes
Unverified sets: site56.tgz. Continue without verification? [no] yes
Installing bsd          100% |**************************| 10295 KB    00:00
Installing bsd.rd       100% |**************************|  6773 KB    00:00
Installing bsd.mp       100% |**************************| 10327 KB    00:00
Installing base56.tgz   100% |**************************| 51053 KB    00:03
Extracting etc.tgz      100% |**************************|   110 KB    00:00
Installing site56.tgz   100% |**************************|  4915       00:00
Location of sets? (disk http or 'done') [done] done
Saving configuration files...done.
Making all device nodes...done.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Last edited by J65nko; 15th December 2014 at 02:25 AM. Reason: Added OpenBSD current (2014-12-12) as OS/installer version
Reply With Quote