Todo

  • /etc/motd

1. Choices

1.1. have up-to-date mirrors available

Todo

sync mirrors

Todo

check mirrors

1.2. critical base packages

locales

to get localization binaries for system messages

apt-utils

otherwise packages configuration gets delayed

dialog

to have user interaction possible with APT

1.3. decide the desired type of system

  • will the system run

    • 64 bits?

    • 32 bits?

    • both?

  • will the system be run by

    • a physical machine?

    • a virtual machine?

    • a container?

    • a container inside a virtual machine?

  • will the system be stored

    • read-write, as a file system on a dedicated partition?

    • read-only, as a single file loaded in RAM at boot time?

2. Install required tools

debootstrap

generate a minimal base file system

squashfs-tools

archive or unarchive a file system image

apt install debootstrap squashfs-tools

3. Create a base file hierarchy

3.1. prepare the system's directory

  • become root

su
  • make root directory

mkdir '/squashfs-root'

3.2. generate the minimal base

debootstrap \
--arch 'amd64' \
--variant 'minbase' \
--include 'locales,apt-utils,dialog' \
'bookworm' \
'/squashfs-root' \
'https://deb.debian.org/debian'

4. Configure preinstalled packages

4.1. apt

configuration

  • /etc/apt/apt.conf

Acquire::AllowInsecureRepositories False;
Acquire::AllowWeakRepositories False;
Acquire::AllowDowngradeToInsecureRepositories False;
Acquire::Check-Valid-Until False;
APT::Install-Recommends False;
APT::Install-Suggests False;
APT::Get::Show-Versions True;
Dir::Etc::SourceParts "";
Dpkg::Progress True;

preferences

  • /etc/apt/preferences

Todo

preferences

sources

  • /etc/apt/sources.list

deb [arch=amd64] https://deb.debian.org/debian bookworm main contrib non-free
deb [arch=amd64] https://deb.debian.org/debian bookworm-backports main contrib non-free
deb [arch=amd64] https://deb.debian.org/debian bookworm-updates main contrib non-free
deb [arch=amd64] https://deb.debian.org/debian-security bookworm-security main contrib non-free

4.2. locales

define default locale

  • /etc/default/locale

LANG=en_US.UTF-8
LANGUAGE=en_US:en
LC_CTYPE="fr_FR.UTF-8"
LC_NUMERIC="fr_FR.UTF-8"
LC_TIME="fr_FR.UTF-8"
LC_COLLATE="fr_FR.UTF-8"
LC_MONETARY="fr_FR.UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_PAPER="fr_FR.UTF-8"
LC_NAME="fr_FR.UTF-8"
LC_ADDRESS="fr_FR.UTF-8"
LC_TELEPHONE="fr_FR.UTF-8"
LC_MEASUREMENT="fr_FR.UTF-8"
LC_IDENTIFICATION="fr_FR.UTF-8"

define locales to generate

  • /etc/locale.gen

en_US.UTF-8 UTF-8
fr_FR.UTF-8 UTF-8

generate locales

locale-gen

4.3. [configure command shell](../bash/index.md)

4.4. redefine hostname

  • /etc/hostname

hostname

4.5. provide known file systems

  • /etc/fstab

RAM volume for temporary files

tmpfs /tmp tmpfs auto,mode=1777 0 0

5. Install additional packages

5.1. switch into context

for f in 'dev' 'dev/pts' 'proc' 'sys' ; do
    mount --bind "/${f}" "/squashfs-root/${f}"
done
chroot '/squashfs-root'

5.2. define default console setup

  • /usr/share/consolefonts

  • /etc/default/console-setup

ACTIVE_CONSOLES="/dev/tty[1-6]"

CHARMAP="UTF-8"

CODESET="Uni3"
FONTFACE="Terminus"
FONTSIZE="16x32"

VIDEOMODE=

5.3. define default keyboard layout(s)

  • /etc/default/keyboard

XKBMODEL="pc105"
XKBLAYOUT="fr"
XKBVARIANT="oss"
XKBOPTIONS=""

BACKSPACE="guess"
XKBMODEL="pc105"
XKBLAYOUT="fr,fr"
XKBVARIANT="oss,bepo"
XKBOPTIONS="terminate:ctrl_alt_bksp"

BACKSPACE="guess"

5.4. user, guest, sudo

apt-get install sudo

useradd -s /bin/bash user
mkdir /home/user
chown user: /home/user
adduser user sudo

useradd -s /bin/bash guest
chown guest: /home/guest

5.5. authentications: passwords, SSH keys

Todo

files

5.6. upgrade system

  • in any case :

apt-get update
apt-get upgrade
  • if needed by backported packages :

apt-get dist-upgrade

5.7. apply system type elements

systemd-sysv

sans quoi le système ne démarrera pas complètement

linux-image-amd64

s’il ne s’agit pas d’un conteneur

live-boot

si à destination de boot live

apt-get install --target-release 'bookworm-backports' 'linux-image-amd64'
apt-get install 'live-boot'

5.8. initialization settings

apt-get install --target-release 'bookworm-backports' 'systemd-sysv'
  • /etc/sysctl.conf

# maximum mappable memory space for linux containers
vm.max_map_count=1048576
# percentage of RAM remaining before swap usage
vm.swappiness=0

5.9. install useful packages

apt-get install \
bash-completion \
lxc \
less nano vim \
pciutils usbutils \
python3 \
squashfs-tools
apt-get install \
--target-release 'bookworm-backports' \
debootstrap

5.10. install other packages

[Choix de paquets commentés](packages.md)

apt-get install "package1" …
apt-get install --target-release 'bookworm-backports' "package1" 

5.11. setup troubleshooting if needed

define root password

passwd

setup console

apt-get install console-setup

5.12. properly switch back from context

  • empty APT's cache

apt-get clean
  • exit the environment

exit
  • untie links to host system

for f in 'sys' 'proc' 'dev/pts' 'dev' ; do
    umount --lazy "/squashfs-root/${f}"
done

5.13. clean up commands history

  • root/.bash_history

6. Configure installed packages

Todo

files

7. Archive prepared file system

mksquashfs \
'/squashfs-root' \
'filesystem.squashfs' \
-noappend \
-b '1M' \
-comp 'zstd' \
-Xcompression-level 22