Default variables

Preseed server configuration

preseed_dependencies

Should the debops.preseed role manage it’s own dependencies (nginx)? If you want to setup them yourself, you should change this to False.

preseed_dependencies: True
preseed_subdomain

Name of the subdomain which will be used to serve Preseed files

preseed_subdomain: 'seed'
preseed_base_domain

Full base domain on which Preseed files are located, required for download of postinst scripts.

preseed_base_domain: '{{ preseed_subdomain + "." + ansible_domain }}'
preseed_domains

A set of domains configured in nginx which server Preseed files. First element of the list should be a “normal” domain, the rest are regex expressions which look up correct subdirectories to serve files.

preseed_domains:
  - '{{ preseed_base_domain }}'
  - '{{ "~^(?<preseed>.+)\." + preseed_base_domain | replace(".","\.") + "$" }}'
  - '{{ "~^(?<preseed>.+)\." + ansible_domain      | replace(".","\.") + "$" }}'
  - '{{ "~^(?<preseed>.+)\." + preseed_subdomain   | replace(".","\.") + "$" }}'
  - '{{ "~^(?<preseed>.+)$" }}'
preseed_www

Path to main directory where Preseed files are served from

preseed_www: '{{ ansible_local.nginx.www + "/preseed/configs" }}'
preseed_www_webserver

Path to “current” Preseed root directory, configured in the webserver

preseed_www_webserver: '{{ preseed_www + "/$preseed" }}'
preseed_nginx_auth_realm

Text displayed in the web browser login dialog when debops.nginx access policy is enabled.

preseed_nginx_auth_realm: 'Preseed access is restricted'
preseed_nginx_access_policy

Name of the nginx access policy to configure for Preseed server. See debops.nginx role for more details.

preseed_nginx_access_policy: ''
preseed_user

System user account which owns the Preseed files

preseed_user: 'preseed'
preseed_group

System group which owns the Preseed files

preseed_group: 'preseed'
preseed_home

Home directory of the Pressed user account

preseed_home: '{{ ansible_local.root.home + "/" + preseed_user }}'

Default Preseed list

preseed_distribution

Linux distribution configured by default for preseeding

preseed_distribution: '{{ ansible_distribution }}'
preseed_release

Linux distribution release configured by default for preseeding

preseed_release: '{{ ansible_distribution_release }}'
preseed_configs

List of Preseed definitions. See preseed_configs for more details.

preseed_configs:

  # Debian - default configuration which will ask the user for disk
  # configuration during installation.
  - name: 'debian'
    type: 'debian'
    release: 'wheezy'

  - name: 'debian'
    type: 'debian'
    release: 'jessie'

  # Automated Debian configuration which will format the first disk as a ``/``
  # (system) partition. Useful for virtual machines, but nothing else. Use at
  # your own risk.
  - name: 'debian-vm'
    type: 'debian-destroy'
    release: 'wheezy'

  - name: 'debian-vm'
    type: 'debian-destroy'
    release: 'jessie'

Administrator account options

preseed_admin

Enable or disable creation of an administrator account using a postinst script.

preseed_admin: True
preseed_admin_system

If enabled, administrator account will be created as a “system” account (UID < 1000, usually ~104). If disabled (default), administrator account will be a regular user account (UID >= 1000).

preseed_admin_system: True
preseed_admin_name

Name of the administrator account. By default the same as the user that runs Ansible, taken from Ansible Controller.

preseed_admin_name: '{{ ansible_ssh_user if ansible_ssh_user != "root" else lookup("env","USER") }}'
preseed_admin_groups

Default system groups to add the administrator account to. They will be created if not present.

preseed_admin_groups: [ 'admins', 'staff', 'adm' ]
preseed_admin_home

Home directory of the administrator account, when it’s a regular user account.

preseed_admin_home: '{{ "/home/" + preseed_admin_name }}'
preseed_admin_system_home

Home directory of the administrator account, when it’s a system account.

preseed_admin_system_home: '{{ ansible_local.root.home + "/" + preseed_admin_name }}'
preseed_admin_home_group

Specify administrator account home directory group

preseed_admin_home_group: '{{ preseed_admin_groups[0] }}'
preseed_admin_home_mode

Specify permissions for administrator account home directory

preseed_admin_home_mode: '0750'
preseed_admin_comment

A contents of the GECOS field of the administrator account.

preseed_admin_comment: "System Administrator"
preseed_admin_shell

Shell set by default on administrator account.

preseed_admin_shell: '/bin/bash'
preseed_sudo

If enabled, specified admin group will be configured in sudo to allow access to root account without password.

preseed_sudo: True
preseed_sudo_group

Name of the system group which will be configured with passwordless sudo access. By default it’s the first group set in preseed_admin_groups.

preseed_sudo_group: '{{ preseed_admin_groups[0] }}'
preseed_admin_sshkeys

List of SSH public keys installed on administrator account, as well as the root account.

preseed_admin_sshkeys: [ '{{ lookup("pipe", "ssh-add -L | grep ^ssh || cat ~/.ssh/id_rsa.pub || true") }}' ]

Debian Preseed configuration

This is a non-exhaustive list of parameters that can be used to configure Debian Preseed provided with the role. More parameters can be found inside the preseed.cfg as well as the postinst.sh script.

preseed_debian_locale

Default locale configuration enabled during installation.

preseed_debian_locale: 'en_US.UTF-8'
preseed_debian_keyboard_keymap

Keyboard layout enabled during installation. The current keymap layout can be looked up via setxkbmap -query.

preseed_debian_keyboard_keymap: 'en'
preseed_debian_language

Default interface language enabled during installation.

preseed_debian_language: 'English'
preseed_debian_timezone

Time zone configured on the host during installation.

preseed_debian_timezone: 'Etc/UTC'
preseed_debian_ntp_server

NTP server to get the time from when installing. If False, the default will not be changed.

preseed_debian_ntp_server: False
preseed_debian_mirror_hostname

Address of HTTP mirror used during installation.

preseed_debian_mirror_hostname: 'http.debian.net'
preseed_debian_mirror_directory

Subdirectory on the HTTP mirror which holds the Debian repository.

preseed_debian_mirror_directory: '/debian'
preseed_debian_mirror_proxy

Proxy server to use for APT. Be careful when you set because of a bug which causes this proxy to be used for all programs and not just apt as one might expect. The default scripts use a workaround to still allow the apt proxy preseeding.

preseed_debian_mirror_proxy: ''
preseed_debian_packages

List of base Debian packages to install on the new host

preseed_debian_packages: [ 'ed', 'python', 'python-apt', 'lsb-release',
                           'make', 'sudo', 'gnupg-curl', 'git', 'wget',
                           'curl', 'rsync', 'netcat-openbsd', 'vlan',
                           'bridge-utils', 'openssh-server', 'bsdutils',
                           'python-pycurl', 'python-httplib2', 'acl',
                           'apt-transport-https', 'python-pip', 'resolvconf' ]
preseed_debian_root_password_length

Length of the root account password generated by Ansible

preseed_debian_root_password_length: '32'
preseed_debian_root_password

Encrypted random root password generated by Ansible and saved in secret/ directory. See debops.secret role for more details.

preseed_debian_root_password: "{{ lookup('password', secret + '/credentials/' + ansible_fqdn +
                                  '/preseed/debian/root/password encrypt=sha512_crypt length=' +
                                  preseed_debian_root_password_length) }}"

SaltStack options

preseed_salt

Enable SaltStack support, salt-minion will be installed on the host and started at boot.

preseed_salt: False
preseed_salt_packages

List of packages to install for Salt

preseed_salt_packages: [ 'salt-minion' ]
preseed_salt_options

Additional options for Salt defined as a text block; they will be added to /etc/salt/minion.d/ansible.conf file.

preseed_salt_options: ''