On Thu, Jan 11, 2007 at 09:17:00AM +1100, Amos Shapira wrote: > On 11/01/07, Oron Peled <[EMAIL PROTECTED]> wrote: > > > >You also get all the other benefits without extra work: > >- Repeatability + traceability of the install/update. > >- rpmverify (who moved my cheese?) > >- Package signing (not only for security, also to mitigate the > > usual errors -- mixing test/production software etc.) > >- Interactive/automated/half-automated install with same mechanism > > (kickstart) means you don't have to develop/debug separate solution > > for each scenario. > >- Install via http/ftp/nfs/cd/extra-disk all the same. > > > I've been harboring throughts about software to do just that, with a small > twist that I'm more interested in Debian-based packages, though I can > imagine that the back-end might be changeable. > > What I'm thinking about is the stage BEFORE that - i.e. how to automate/ease > the creation of the packages which should be installed. > > For instance - have a central repository saying "mail servers should be > installed <THIS> way", where <THIS> says which packages should be installed > and how to tweak debconf and other configuration files. This should be done > in a declarative way, not a script (e.g. an XML file). The configuration > file syntax can be expanded by a global module repository as well as > per-package "private" extensions. > > Another file will say "machine mail01 is a <mail server> + it has IP address > a.b.c.d" and probably some other instance-specific values which will be used > to complete the <mail server> "template".
Your keyword here is preseed . > > The software I'm thinking about will take all this configuration information > and build a host-specific package (or maybe a "task" in debian world?) which > the host will just apt-get (either after a PXE boot or manually upgrade with > apt-get/aptitude), causing all the changes to be deployed on it. Host-specific configuration: http://dilab.debian.net:800/~joey/d-i/preseed/ (the actual selection is done by hostname in netboot.cfg) In there you can define some extra packages to install (this one is from appendix B of the install manual): # Individual additional packages to install #d-i pkgsel/include string openssh-server build-essential You can probably automate this to: task-$hostname . Look at sample preseed configurations. However, those are all install-time settings. What happens if you accidentally remove such a package? You can also define an extra apt mirror with your own packages. What I'm trying to figure, though, is how to get past apt-secure: how to add my keys to the ones trusted by the installed system. -- Tzafrir Cohen | [EMAIL PROTECTED] | VIM is http://tzafrir.org.il | | a Mutt's [EMAIL PROTECTED] | | best ICQ# 16849755 | | friend t ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
