msw/CISS.debian.live.builder
SHA256
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity
Files
b2282d347501a134baec647b49a88a09e41045d537c09dde2053eefa8ee37a4d
CISS.debian.live.builder/config/includes.chroot/preseed/.cfg/partitioning.cfg
Marc S. Weidner b2282d3475 V8.02.512.2025.05.30 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-05-30 00:28:39 +02:00

360 lines
16 KiB
Bash
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# SPDX-Version: 3.0
# SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
# SPDX-FileCopyrightText: 20242025; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-FileType: SOURCE
# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
# SPDX-PackageName: CISS.debian.live.builder
# SPDX-Security-Contact: security@coresecret.eu
###########################################################################################
# Partitioning CISS.partitioning #
###########################################################################################
# If the system has free space you can choose to only partition that space. This is only
# honoured if partman-auto/method is NOT set. Alternatively, choose 'use_entire_disk':
# d-i partman-auto/init_automatically_partition select biggest_free
# Alternatively, you may specify a disk to partition.
###d-i partman-auto/disk string /dev/sda
# In addition, you'll need to specify the method to use. Presently available methods are:
# - regular : use the usual partition types for your architecture
# - lvm : use LVM to partition the disk
# - crypto : use LVM within an encrypted partition
###d-i partman-auto/method string crypto
# When disk encryption is enabled, skip wiping the partitions beforehand:
###d-i partman-auto-crypto/erase_disks boolean false
# You can define the amount of space that will be used for the LVM volume group. It can
# either be a size with its unit (eg. 20 GB), a percentage of free space or 'max' keyword:
###d-i partman-auto-lvm/guided_size string max
# Name of the volume group for the new system:
###d-i partman-auto-lvm/new_vg_name string vg_ciss
# Force UEFI booting ('BIOS compatibility' will be lost). Default: false:
###d-i partman-efi/non_efi_system boolean false
# If one of the disks that are going to be automatically partitioned contains an old LVM
# configuration, the user will normally receive a warning. This can be preseeded away:
###d-i partman-lvm/device_remove_lvm boolean true
# The same applies to pre-existing software RAID array:
###d-i partman-md/device_remove_md boolean true
# And the same goes for the confirmation to write the lvm partitions:
###d-i partman-lvm/confirm boolean true
###d-i partman-lvm/confirm_nooverwrite boolean true
###########################################################################################
# This makes partman automatically partition without confirmation, provided that it was #
# told what to do using one of the methods specified. #
###########################################################################################
# The following debconfvariables are often important for the basic configuration and for #
# mounting after manual partitioning. These ensure that the installer does not attempt to #
# make changes or overwrite already mounted partitions. They help to 'switch off' the #
# installer when it tries to apply partitioning automatically. #
###########################################################################################
# Confirm whether you actually want to create a new partition table and write it to disk:
###d-i partman-partitioning/confirm_write_new_label boolean true
###d-i partman/choose_partition select finish
###d-i partman/confirm boolean true
###d-i partman/confirm_nooverwrite boolean true
# Ensure the partition table is GPT - this is required for EFI:
###d-i partman-partitioning/choose_label select gpt
###d-i partman-partitioning/default_label string gpt
# This setting ensures that partitions without a mount point do not trigger a warning dialogue.
###d-i partman-basicfilesystems/no_mount_point boolean true
# This setting tells the Debian installer not to issue a warning if no swap partition is set up.
###d-i partman-basicfilesystems/no_swap boolean true
# Encryption settings
# d-i partman-crypto/passphrase password < set by ./preseed/.ash/0_di_preseed_include_command.sh >
# d-i partman-crypto/passphrase-again password < set by ./preseed/.ash/0_di_preseed_include_command.sh >
###d-i partman-crypto/passphrase password DEFAULT
###d-i partman-crypto/passphrase-again password DEFAULT
###d-i partman-crypto/weak_passphrase boolean true
# https://preseed.debian.net/debian-preseed/bookworm/amd64-main-full.txt
###d-i partman-crypto/entropy entropy 256
# debconf-set-selections -c ./preseed/.cfg/partitioning.cfg: "warning: Unknown type entropy, skipping line" therefore as string:
###d-i partman-crypto/entropy string 256
# Are you sure you want to use a random key?
###d-i partman-crypto/use_random_for_nonswap boolean false
###########################################################################################
# This command is run immediately before the partitioner starts. It may be useful to #
# apply dynamic partitioner preseeding that depends on the state of the disks (which may #
# not be visible when preseed/early_command runs). #
###########################################################################################
# d-i partman/early_command string /sh /.ciss/install/.ash/2_di_partman_early_command.sh
###d-i partman-auto/expert_recipe string \
\
511MiB 511MiB 511MiB EFS \
label{ ESP } \
$defaultignore{ } \
$primary{ } \
$bootable{ } \
method{ efi } \
format{ } \
use_filesystem{ } \
filesystem{ EFS } \
device{ /dev/sda } \
mountpoint{ /boot } \
. \
rescue :: \
3584MiB 3584MiB 3584MiB ext4 \
label{ rescue } \
$defaultignore{ } \
$primary{ } \
method{ format } \
format{ } \
use_filesystem{ } \
filesystem{ ext4 } \
device{ /dev/sda } \
mountpoint{ /mnt/rescue } \
. \
crypt_boot :: \
4096MiB 4096MiB 4096MiB ext4 \
label{ boot } \
$defaultignore{ } \
$primary{ } \
method{ format } \
format{ } \
use_filesystem{ } \
filesystem{ ext4 } \
device{ /dev/sda } \
mountpoint{ /boot } \
. \
crypt_ephemeral_swap :: \
4096MiB 4096MiB 4096MiB none \
label{ crypt_swap } \
$defaultignore{ } \
$primary{ } \
method{ keep } \
device{ /dev/sda } \
. \
crypt_ephemeral_tmp :: \
4096MiB 4096MiB 4096MiB none \
label{ crypt_tmp } \
$defaultignore{ } \
$primary{ } \
method{ keep } \
device{ /dev/sda } \
. \
crypt_home :: \
32768MiB 32768MiB 32768MiB crypto \
$primary{ } \
method{ crypto } \
format{ } \
use_filesystem{ } \
filesystem{ btrfs } \
label{ btrfs_home } \
options/subvol{ @snapshots } \
device{ /dev/sda } \
mountpoint{ /home } \
. \
crypt_root :: \
32768MiB 32768MiB 32768MiB crypto \
$primary{ } \
method{ crypto } \
format{ } \
use_filesystem{ } \
filesystem{ btrfs } \
label{ btrfs_root } \
options/subvol{ @snapshots } \
device{ /dev/sda } \
mountpoint{ / } \
. \
crypt_usr :: \
40960MiB 40960MiB 40960MiB crypto \
$primary{ } \
method{ crypto } \
format{ } \
use_filesystem{ } \
filesystem{ btrfs } \
label{ btrfs_usr } \
options/subvol{ @snapshots } \
device{ /dev/sda } \
mountpoint{ /usr } \
. \
crypt_var :: \
40960MiB 40960MiB 40960MiB crypto \
$primary{ } \
method{ crypto } \
format{ } \
use_filesystem{ } \
filesystem{ btrfs } \
label{ btrfs_var } \
options/subvol{ @snapshots } \
device{ /dev/sda } \
mountpoint{ /var } \
. \
crypt_var_log :: \
16384MiB 16384MiB 16384MiB crypto \
$primary{ } \
method{ crypto } \
format{ } \
use_filesystem{ } \
filesystem{ btrfs } \
label{ btrfs_var_log } \
options/subvol{ @snapshots } \
device{ /dev/sda } \
mountpoint{ /var/log } \
. \
crypt_var_log_audit :: \
16384MiB 16384MiB 16384MiB crypto \
$primary{ } \
method{ crypto } \
format{ } \
use_filesystem{ } \
filesystem{ btrfs } \
label{ btrfs_var_log_audit } \
options/subvol{ @snapshots } \
device{ /dev/sda } \
mountpoint{ /var/log/audit } \
. \
crypt_var_tmp :: \
16384MiB 16384MiB 16384MiB crypto \
$primary{ } \
method{ crypto } \
format{ } \
use_filesystem{ } \
filesystem{ btrfs } \
label{ btrfs_var_tmp } \
options/subvol{ @snapshots } \
device{ /dev/sda } \
mountpoint{ /var/tmp } \
. \
installer_tmp :: \
1024MiB 16384MiB -1 ext4 \
$defaultignore{ } \
$primary{ } \
method{ format } \
format{ } \
use_filesystem{ } \
filesystem{ ext4 } \
mountpoint{ /tmp } \
device{ /dev/sda } \
label{ installer_tmp } \
.
###########################################################################################
#d-i partman-auto/choose_recipe select ciss-2025-btrfs-ultra
#d-i partman-auto/expert_recipe string \
ciss-2025-btrfs-ultra :: \
ESP : \
511 511 511 free \
$defaultignore{ } \
$primary{ } \
$bootable{ } \
method{ efi } format{ } \
label{ ESP } \
. \
boot : \
3584 3584 3584 ext4 \
$defaultignore{ } \
$primary{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /boot } \
label{ boot } \
. \
crypt_ephemeral_swap : \
4096 4096 4096 none \
$defaultignore{ } \
$primary{ } \
method{ keep } \
label{ crypt_sda3 } \
. \
crypt_ephemeral_tmp : \
4096 4096 4096 none \
$defaultignore{ } \
$primary{ } \
method{ keep } \
label{ crypt_sda4 } \
. \
lv_home : \
32768 32768 32768 btrfs \
$lvmok{ } \
lv_name{ lv_home } \
method{ format } format{ } \
use_filesystem{ } filesystem{ btrfs } \
label{ btrfs_home } \
options/subvol{ @snapshots } \
mountpoint{ /home } \
. \
lv_root : \
32768 32768 32768 btrfs \
$lvmok{ } \
lv_name{ lv_root } \
method{ format } format{ } \
use_filesystem{ } filesystem{ btrfs } \
label{ btrfs_root } \
options/subvol{ @snapshots } \
mountpoint{ / } \
. \
lv_usr : \
65536 65536 65536 btrfs \
$lvmok{ } } \
lv_name{ lv_usr } \
method{ format } format{ } \
use_filesystem{ } filesystem{ btrfs } \
label{ btrfs_usr } \
options/subvol{ @snapshots } \
mountpoint{ /usr } \
. \
lv_var : \
65536 65536 65536 btrfs \
$lvmok{ } \
lv_name{ lv_var } \
method{ format } format{ } \
use_filesystem{ } filesystem{ btrfs } \
label{ btrfs_var } \
options/subvol{ @snapshots } \
mountpoint{ /var } \
. \
lv_var_log : \
16384 16384 16384 btrfs \
$lvmok{ } \
lv_name{ lv_var_log } \
method{ format } format{ } \
use_filesystem{ } filesystem{ btrfs } \
label{ btrfs_var_log } \
options/subvol{ @snapshots } \
mountpoint{ /var/log } \
. \
lv_var_log_audit : \
16384 16384 16384 \
$lvmok{ } \
lv_name{ lv_var_log_audit } \
method{ format } format{ } \
use_filesystem{ } filesystem{ btrfs } \
label{ btrfs_var_log_audit } \
options/subvol{ @snapshots } \
mountpoint{ /var/log/audit } \
. \
lv_var_tmp : \
1 16384 -1 \
$lvmok{ } \
lv_name{ lv_var_tmp } \
method{ format } format{ } \
use_filesystem{ } filesystem{ btrfs } \
label{ btrfs_var_tmp } \
options/subvol{ @snapshots } \
mountpoint{ /var/tmp } \
. \
rescue : \
1024 8192 -1 \
$defaultignore{ } \
$primary{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /tmp } \
label{ rescue } \
.
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
Reference in New Issue View Git Blame Copy Permalink