Aaron Goulding <agould...@backblaze.com> writes: > Hello everyone! > > I am currently trying to test some changes to a UDEB package (specifically > a modified version of partman-auto-crypto). My hope is to integrate this > change with our PXE and preseed environment to perform automatic encrypted > OS installation without the LVM requirement. > > I'd like to see if I can make use of preseed/early_command to pull this > UDEB in from an (internal) web server and install it in place of the > standard package. The goal is to avoid having to rebuild the entire > installer each time.
It is possible to setup an APT repository (using aptly, reprepro, etc.) containing your modified udeb, and then preseed: apt-setup/_DEVEL_/repository in order to use it (which is a special case of the local[0-9] repository settings that anna & net-retriever can use as an additional source for udebs) This is a recent NOT INTENDED FOR PRODUCTION[1] addition to D-I, and isn't really documented, and also is a little bit fiddly to setup, but you're in luck because I just recently finished getting the our salsa-CI pipeline to support it, so if you want to set it up locally you can look at the scripting for that. However, if you don't mind experimenting in public, there's a _much_ easier way. Just fork the project on salsa.debian.org, and whenever you push changes to it you should get a pipeline like this: https://salsa.debian.org/installer-team/partman-auto-crypto/-/pipelines/572984 in which you'll see that there's an `aptly` job, which if you explore that, you'll find has artifacts that include the newly built udeb, and the keys for the repo: https://salsa.debian.org/installer-team/partman-auto-crypto/-/jobs/4638083/artifacts/browse/aptly/pool/main/p/partman-auto-crypto/ https://installer-team.pages.debian.net/-/partman-auto-crypto/-/jobs/4638083/artifacts/aptly/index.html Towards the right of the pipeline (in the `D-I` Downstream child -- click on the `>`) you'll see a `mini-ISO` job, which has a mini.iso as one of it's artifacts: https://salsa.debian.org/installer-team/partman-auto-crypto/-/jobs/4638103/artifacts/file/debian/output/debian-202306XX+salsaci+20230901+6-amd64-gtkmini.iso (you can get to that via the Artifacts: Browse on the right of the jobs page, and following about 5 more links). That mini.iso has been configured to include a /preseed.cfg that points it back to the `aptly` repo, so that it'll automatically get the udeb from that pipeline (or at least it will until a new release of partman-auto-crypto happens, which would be version '36' and so would supersede the `35+salsaci+20230901+5` version of this package) You can of course do all that in-house, but there are quite a few moving parts to make all that happen, so if the mini.iso would be enough to satisfy your needs, I'd use it -- if not, you could at least look at how that works, and then build your own. The bit that does the magic in debian-installer is here: https://salsa.debian.org/installer-team/debian-installer/-/blob/b2328bbbb5d5a712adb1c11e91e675c2a82c915d/debian/salsa-ci.yml#L78-L105 the thing that sets up an aptly repo is mostly here: https://salsa.debian.org/salsa-ci-team/pipeline/-/blob/master/salsa-ci.yml#L750 and the glue that sticks them together is here: https://salsa.debian.org/philh/branch2repo Cheers, Phil. [1] it's a somewhat evil hack, subject to change whenever a better way of doing it is thought up. -- Philip Hands -- https://hands.com/~phil
signature.asc
Description: PGP signature