commit 5b5d9a7a8dfab632d5321ff14ccae992e9fd96eb
author Zack Williams <zdw@opennetworking.org> Fri Nov 06 13:59:06 2020 -0700
committer Zack Williams <zdw@opennetworking.org> Mon Nov 09 10:58:10 2020 -0700
tree 93152b108d367780f22bf966b7e88e9e7def1fe8

Initial commit of pxeboot role

- iPXE menu that can be chainloaded
- Memtest and Ubuntu 18.04 targets
- preseed created on a per-serial basis

Change-Id: I6f231ad615025c50963110945a06378936ecf26f

templates/ubuntu1804_preseed.cfg.j2

diff --git a/templates/ubuntu1804_preseed.cfg.j2 b/templates/ubuntu1804_preseed.cfg.j2
new file mode 100644
index 0000000..10fb4a3
--- /dev/null
+++ b/templates/ubuntu1804_preseed.cfg.j2
@@ -0,0 +1,123 @@
+#_preseed_V1
+{#
+SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
+SPDX-License-Identifier: Apache-2.0
+#}
+# preseed docs: https://help.ubuntu.com/18.04/installation-guide/amd64/apbs04.html
+
+# enable automatic install
+d-i auto-install/enable boolean true
+
+# ask only critical level questions
+d-i debconf/priority select critical
+
+# locale and keyboard
+d-i debian-installer/locale string en_US.UTF-8
+d-i console-setup/ask_detect boolean false
+d-i keyboard-configuration/xkb-keymap select us
+
+# clock
+d-i clock-setup/utc boolean true
+d-i time/zone string Etc/UTC
+d-i clock-setup/ntp boolean true
+d-i clock-setup/ntp-server string ntp.ubuntu.com
+
+# network and hostname
+d-i netcfg/choose_interface select auto
+d-i netcfg/hostname string {{ item['hostname'] }}
+d-i netcfg/domain string {{ item['domain'] }}
+d-i hw-detect/load_firmware boolean true
+
+## Storage
+# overwrite previous partitions
+d-i partman-lvm/device_remove_lvm boolean true
+d-i partman-lvm/confirm boolean true
+d-i partman-lvm/confirm_nooverwrite boolean true
+d-i partman-md/device_remove_md boolean true
+d-i partman-md/confirm boolean true
+
+# use lvm
+d-i partman-auto/method string lvm
+d-i partman-auto/init_automatically_partition select biggest_free
+d-i partman-auto-lvm/guided_size string max
+d-i partman-auto-lvm/new_vg_name string primary
+
+# use gpt
+d-i partman-basicfilesystems/choose_label string gpt
+d-i partman-basicfilesystems/default_label string gpt
+d-i partman-partitioning/choose_label string gpt
+d-i partman-partitioning/default_label string gpt
+d-i partman/choose_label string gpt
+d-i partman/default_label string gpt
+
+# use ext4
+d-i partman/default_filesystem string ext4
+
+# partitioning
+d-i partman-auto/choose_recipe select atomic
+d-i partman-partitioning/confirm_write_new_label boolean true
+d-i partman/alignment select optimal
+d-i partman/choose_partition select finish
+d-i partman/confirm boolean true
+d-i partman/confirm_nooverwrite boolean true
+
+# fix issue with grub hang on install
+#  https://bugs.launchpad.net/ubuntu/+source/os-prober/+bug/1663645
+d-i partman/early_command string \
+  while /bin/true; do sleep 0.01; rm -f /target/etc/grub.d/30_os-prober; done &
+
+d-i grub-installer/only_debian boolean true
+
+## Software
+# install mirror
+d-i mirror/country string manual
+d-i mirror/protocol select http
+d-i mirror/http/hostname string us.archive.ubuntu.com
+d-i mirror/http/directory string /ubuntu
+d-i mirror/http/proxy string
+
+# Use the HWE kernel
+d-i base-installer/kernel/image select linux-generic-hwe-18.04
+base-installer base-installer/kernel/image select linux-generic-hwe-18.04
+
+# install openssh and python3
+d-i pkgsel/include string openssh-server python3
+
+# don't install any predefined package groups
+d-i tasksel/first multiselect none
+
+# upgrade all packages on install
+d-i pkgsel/upgrade select full-upgrade
+
+# don't allow root login over SSH
+openssh-server openssh-server/permit-root-login boolean true
+openssh-server openssh-server/password-authentication boolean true
+
+# don't automatically install updates on running system
+pkgsel pkgsel/update-policy select none
+
+# verbose boot, no splashscreen
+d-i debian-installer/quiet boolean false
+d-i debian-installer/splash boolean false
+
+## Users
+# disable root account
+d-i passwd/root-login boolean false
+d-i passwd/root-password-crypted password !!
+
+# create user
+d-i passwd/username string onfadmin
+d-i passwd/user-fullname string ONFAdmin
+d-i passwd/user-password-crypted password {{ preseed_onfadmin_pw_crypt }}
+
+# add SSH pubkey key to user, secure SSHd
+d-i preseed/late_command string \
+  in-target mkdir -p --mode=0700 /home/onfadmin/.ssh ;\
+  in-target sh -c 'echo "{{ preseed_onfadmin_ssh_pubkey }}" > /home/onfadmin/.ssh/authorized_keys';\
+  in-target chmod 0600 /home/onfadmin/.ssh/authorized_keys;\
+  in-target chown -R onfadmin:onfadmin /home/onfadmin/.ssh;\
+  in-target sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin no/g' /etc/ssh/sshd_config;\
+  in-target sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config;
+
+## Reboot
+d-i finish-install/reboot_in_progress note