Debian自动化部署实战指南（从零开始掌握无人值守安装与批量配置）

# preseed.cfg 示例（简化版）d-i debian-installer/locale string en_USd-i keyboard-configuration/xkb-keymap select usd-i netcfg/get_hostname string unassigned-hostnamed-i netcfg/get_domain string unassigned-domaind-i mirror/country string manuald-i mirror/http/hostname string http.us.debian.orgd-i mirror/http/directory string /debiand-i mirror/http/proxy string# 分区设置（全部使用 LVM）d-i partman-auto/method string lvmd-i partman-lvm/device_remove_lvm boolean trued-i partman-md/device_remove_md boolean trued-i partman-lvm/confirm boolean trued-i partman-lvm/confirm_nooverwrite boolean trued-i partman-auto/choose_recipe select atomicd-i partman-partitioning/confirm_write_new_label boolean trued-i partman/choose_partition select finishd-i partman/confirm boolean trued-i partman/confirm_nooverwrite boolean true# root 密码（建议使用加密哈希）d-i passwd/root-password-crypted password $6$rounds=40000$...（此处为加密后的密码）# 创建普通用户d-i passwd/user-fullname string deployerd-i passwd/username string deployerd-i passwd/user-password-crypted password $6$rounds=40000$...（同上）# 软件包选择tasksel tasksel/first multiselect standard, ssh-serverd-i pkgsel/include string openssh-server curl wget vimd-i finish-install/reboot_in_progress note    

# site.yml---- hosts: all  become: yes  tasks:    - name: Update apt cache      apt:        update_cache: yes        cache_valid_time: 3600    - name: Install common packages      apt:        name:          - vim          - htop          - curl          - ufw        state: present    - name: Enable UFW      ufw:        state: enabled        policy: deny    - name: Allow SSH through UFW      ufw:        rule: allow        port: '22'        proto: tcp    - name: Deploy monitoring agent      copy:        src: files/agent.conf        dest: /etc/agent.conf      notify: restart agent  handlers:    - name: restart agent      service:        name: agent        state: restarted    

ansible-playbook -i inventory.ini site.yml