http://www.phys.ethz.ch/~franklin/Projects/dphys2/INSTALL copyright ETH Zuerich Physics Deparement, use under either BSD or GPL license author Neil Franklin, last modification 2003.08.04 To install/config/use dphys2 do the following: Install on Admin System ======================= 1. Download and unpack the distribution archive file into any directory from: http://www.phys.ethz.ch/~franklin/Projects/dphys2/dphys2.tar.gz I presently use this command sequence for this: cd /usr/local/tar rm -f dphys2.tar.gz wget http://www.phys.ethz.ch/~franklin/Projects/dphys2/dphys2.tar.gz cd /usr/local/src rm -rf dphys2 tar zxpf ../tar/dphys2.tar.gz cd dphys2 Configuration of Installer ========================== 2. *PERMISSIONS* Switch to being root which is needed for generating the disk images, else they will have screwed up file owners 3. In the dphys2 directory edit the configuration file: setup-dphys2 This one file tells dphys2 all it needs to know about your site and subnet specific details (the rest should default to sensible stuff): - what work directory to use for processing root floppy (CONF_PREFIX, CONF_DPHYS2, CONF_WORKDIR) Note1: this directory must be root writable (not an root-squash NFS mount) Note2: this must be on a filesystem with at least 50MB free space - which Debian mirror you are using (CONF_DEBSERVER) and the base path on that mirror (CONF_DEBDIR) - which kernel version you want, 2.2 or 2.4 (CONF_KERNEL_24) - layout of keyboard, filename relative to /usr/share/keymaps/ (CONF_KEYBD) - select what disk to install on: - either what HD to install on (CONF_DISK) - or leave this empty to auto-select (hda if it exists, else uses sda) - what network card drivers you want to include (CONF_MODULESNET) - network setup: - either enable #CONF_DHCP=yes if your have DHCP - or set domain specific network stuff, domain name (CONF_DOMAIN) and DNS servers (CONF_NAMESERVER1 to CONF_NAMESERVER4) [comment out not wanted ones] and subnet specific network stuff (CONF_NETMASK, CONF_NETWORK, CONF_GATEWAY, CONF_BROADCAST) - desired passwords (CONF_PASSWORD_LILO, CONF_PASSWORD_ROOT) - your time zone info (CONF_TIMEZOME_AREA, CONF_TIMEZOME_PLACE) - your preference on what packages to use (CONF_USE_CONTRIB, CONF_USE_NON_FREE, CONF_USE_PROPOSED) - your Debian mirror(s) for non-US, security and local packages (CONF_DEBSERVER_NON_US, CONF_DEBDIR_NON_US, CONF_DEBSERVER_SECURITY CONF_DEBDIR_SECURITY, CONF_DEBSERVER_LOCAL, CONF_DEBDIR_LOCAL) 4. If you want to automagically run an user script at the end of the first install stage (or indirectly have this install/run stuff in 2nd stage): - uncomment and possibly set the filename (CONF_ENDFIRSTRUN_SCRIPT) See the sample endfirstrun script for what can be done here. It adds further scripts to be run in the second stage, setting up debconf and installing packages and configs we regard as indispensable. 5. *SECURITY* Ensure that the dphys2-setup file is protected and remains so. Else you will compromise your LILO (if used) and root (is used) passwords: chmod 600 dphys2-setup 6. Create the modified root floppy image by typing: make # this must run as user root, else permissions are lost 7. *HARDWARE* Get yourself 2 formatted but empty floppy disks. Only 1 needed if you already have an Debian rescue disk. 8. Get the first floppy and install the modified root image to it with: make install 9. *GOTCHA* You will need to repeat steps "edit" to "make install" for each subnet, to generate an different floppy for each subnet. So this requires n+1 floppies if you have n subnets. Or n floppies if you already have an Debian rescue disk. Write on each floppy which is for which subnet. Confusing them costs an re-install and such time loss is annoying :-). 10. If you have not already got an standard(!) Debian rescue floppy you can simply make one on the second (or n+1th) floppy with: make rescue # download rescue image make installrescue # write rescue image to 2nd / rescue floppy 11. *FACULTATIVE*: Clean up work directory, and reclaim your 50MBytes with: make clean Actual Installing on Target =========================== 12. *TARGET* Go to your target system, and boot it from the rescue floppy, load the kernel without any options, and wait for it to demand an root floppy. 13. Insert the modified root floppy , press enter, and wait for it to be read in, and the dphys2 banner to be displayed. 14. Eject the root floppy, so that the host can auto-reboot from HD later on. 15. Enter your desired hostname. 16. If you are not using DHCP: Enter your desired IP address. 17. *AUTOMATIC* At end of first stage install (in a few minutes time), the host will automatically reboot into 2nd stage of install and continue with that, until it is finished (in a few more minutes time). 18. You can now log in with root and your password (there is no normal user), and have an fully installed Debian woody base system in front of you. Have fun with apt-get. 19. Only the steps "target" to "login" need to be repeated for each host. This is why hostname (and without DHCP IP address) are typed in, to not have to repeat all the floppy generating stuff before. Thats all folks! Facultative stuff after Install =============================== This section describes what we do after the base install, to also automate the complete install and operation/update of our systems. YOu may be interested in also doing it this way. Central to this is the CONF_ENDFIRSTRUN_SCRIPT variable in setup-dphys2, and the included endfirstrun [1] script, which it installs and runs. This script inserts a few additional scripts into Debians scripts that run in the 2nd install stage, after the reboot. [1] http://www.phys.ethz.ch/~franklin/Projects/dphys2/endfirstrun These additional scripts: - set debconf to minimal user questions (use defaults) - automatically install oinetd, so the package server can authentificate if root (our installer) or some user is demanding packages - automatically install an package with name dphys-host-`hostname`. We have one such dphys-host-`hostname` package for every host. You would use -host-`hostname` for your hosts. Set the CONF_HOST_TO_PKG_PREFIX variable to customise this. These packages are stored here on our CONF_DEBSERVER_LOCAL local packages server, in its CONF_DEBDIR_LOCAL directory, in the "non-free" section. "non-free" is used here by policy for "packages not intended for anyone outside of us to download", which are only given out to our IP addresses, only with proper MAC address, and only to root user (as checked with oidentd). We use makepackage [2] to make then and Makefile.debian-local [3] to build the package site. [2] http://www.phys.ethz.ch/~franklin/Projects/dphys2/makepackage [3] http://www.phys.ethz.ch/~franklin/Projects/dphys2/Makefile.debian-local The dphys-host-`hostname` package installs some host specific stuff (such as its ssh hostkeys, and X config) into /usr/lib/dphys-host, and then by its postinst script changes some /etc config and copies configs in. But dphys-host-`hostname` mainly contains an dependancy on our self-made site package dphys-site. This package itsself, via dependancies fetches ssh, X and a few other basic things, and also installs host independant config files into /usr/lib/dphys-site and via postinst sets up more /etc stuff. Most importantly dphys-site also depends on an other self-made package called dphys-admin[4]. This package contains an script dphys-setup.pl [5] that takes an package list (also on the access restricted part of package server) from our webserver, and installs all packages on this list. It can also by special lines in this list be gotten to remove or force reinstall packages. [4] in http://debian.ethz.ch/pub/debian-local/dists/woody/local/main/binary-all/admin/ [5] http://www.phys.ethz.ch/~franklin/Projects/dphys2/dphys-setup.pl dphys-admin also contains an nightly cron job (and an init script in case power was down over night) that ensures that the package list is updated and then any new stuff installed). Our entire site configuration and software has been reengineered and stored in form of quite a few own dphys-* packages [6] and the dphys-admin config file and the dphys-site config files. This gives us nearly fully automatic system administration, just add file+NIS/LDAP servers and user files/accounts. [6] in http://debian.ethz.ch/pub/debian-local/dists/woody/local/ public available ones in main, restricted access in non-free Presently only workstations are installed with dphys2. But one could easily also reengineer our servers (except the package server :-)) software and configs into packages, included by the servers dphys-host-`hostname` package.