s8n/production-deb
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
production-deb/variants/server.cfg
obsidian-ai 0f5bbf004a fork: production-deb v0.1.0 from debian-s8ns-prefs-iso server variant 
Server-only canonical production Debian build. Drops laptop/vanilla
variants. Interactive LUKS + hostname at install. user/123 forced rotate.
DVD-1 offline base. S8N_LOGS log-capture partition.

Lineage: forked from s8n/debian-s8ns-prefs-iso commit d4be55f.
2026-05-08 13:53:38 +01:00

34 lines
1 KiB
INI
Raw Permalink Blame History

# server.cfg — sourced by build.sh
# Variant: headless, hardened, SSH-only. Drop-in replacement for veilor-server with
# forky kernel + my prefs.
#
# Server is "deploy at console" — admin sets LUKS passphrase + hostname in person.
# - INTERACTIVE_LUKS=1: omit partman-crypto/passphrase from preseed → d-i prompts
# - INTERACTIVE_HOSTNAME=1: omit netcfg/get_hostname → d-i prompts (overridable
# via kernel cmdline `hostname=NAME` at boot)
# - USER_PW_PLAIN_DEFAULT=123: weak baked password + chage -d 0 forces rotate on
# first SSH login. Yescrypt-random would block console-only first login.
# - PRESEED_PRIORITY=high: missing-preseed questions surface as prompts instead
# of falling back to (potentially wrong) defaults.
VARIANT_NAME="server"
VARIANT_VOLID="S8N_SERVER"
GRUB_PARAMS="quiet"
PRESEED_PRIORITY="high"
INTERACTIVE_LUKS=1
INTERACTIVE_HOSTNAME=1
USER_PW_PLAIN_DEFAULT="123"
DEFAULT_DISK="/dev/nvme0n1"
TASKSEL_TASKS="standard, ssh-server"
PACKAGES_LIST="server.list"
POST_INSTALL_SCRIPTS=(
"00-base.sh"
"20-ssh.sh"
"30-tailscale.sh"
)
Reference in a new issue View git blame Copy permalink