From 8136635a6fd71118fefde8fb160994245ed67dfb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C5=A1per=20Fele-=C5=BDor=C5=BE?= Date: Thu, 21 Aug 2025 00:14:07 +0200 Subject: [PATCH] Add unattended install files --- unattended_install/ubuntu/autoinstall.yml | 194 ++++++++++++ unattended_install/win/autounattend.xml | 356 ++++++++++++++++++++++ 2 files changed, 550 insertions(+) create mode 100644 unattended_install/ubuntu/autoinstall.yml create mode 100644 unattended_install/win/autounattend.xml diff --git a/unattended_install/ubuntu/autoinstall.yml b/unattended_install/ubuntu/autoinstall.yml new file mode 100644 index 0000000..d3d80e8 --- /dev/null +++ b/unattended_install/ubuntu/autoinstall.yml @@ -0,0 +1,194 @@ +#cloud-config +autoinstall: + apt: + disable_components: [] + fallback: offline-install + geoip: true + mirror-selection: + primary: + - country-mirror + - arches: &id001 + - amd64 + - i386 + uri: http://archive.ubuntu.com/ubuntu/ + - arches: &id002 + - s390x + - arm64 + - armhf + - powerpc + - ppc64el + - riscv64 + uri: http://ports.ubuntu.com/ubuntu-ports + preserve_sources_list: false + security: + - arches: *id001 + uri: http://security.ubuntu.com/ubuntu/ + - arches: *id002 + uri: http://ports.ubuntu.com/ubuntu-ports + codecs: + install: true + drivers: + install: true + identity: + hostname: ucilnica + password: $6$TlnOwdSPWxPW4DBb$.QyE0mgGQ8y7eavPpa/RgakcsBbwDRXobcYdZJMek3yNuGmVKdYEMfVG.biguVblI08dNfSa/JgOxMgl2IqHb. + realname: IT FRI + username: local_admin + kernel: + package: linux-generic + keyboard: + layout: si + toggle: null + variant: '' + locale: en_US.UTF-8 + network: + ethernets: + ens18: + dhcp4: true + version: 2 + oem: + install: auto + source: + id: xubuntu-desktop + search_drivers: true + ssh: + allow-pw: true + authorized-keys: [] + install-server: false + storage: + config: + - ptable: gpt + path: /dev/vda + preserve: true + name: '' + grub_device: false + id: disk-vda + type: disk + - device: disk-vda + size: 639631360 + flag: boot + number: 1 + preserve: true + grub_device: true + offset: 1048576 + partition_type: c12a7328-f81f-11d2-ba4b-00a0c93ec93b + partition_name: EFI system partition + path: /dev/vda1 + uuid: 269e71a1-6ae2-4591-a060-b6ac82ffe698 + id: partition-vda1 + type: partition + - device: disk-vda + size: 16777216 + flag: msftres + number: 2 + preserve: true + grub_device: false + offset: 642777088 + partition_type: e3c9e316-0b5c-4db8-817d-f92df00215ae + partition_name: Microsoft reserved partition + path: /dev/vda2 + uuid: ab263f9b-a6ef-4131-946c-8db62cc2fce3 + id: partition-vda2 + type: partition + - device: disk-vda + size: 354904178688 + number: 3 + preserve: true + grub_device: false + offset: 659554304 + partition_type: ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 + partition_name: Basic data partition + path: /dev/vda3 + uuid: 1e6326a1-a4d4-4225-820a-eca56bfbba1b + id: partition-vda3 + type: partition + - device: disk-vda + size: 762314752 + number: 4 + preserve: true + grub_device: false + offset: 355563732992 + partition_type: de94bba4-06d1-4d40-a16a-bfd50179d6ac + path: /dev/vda4 + uuid: 53e306ac-91a6-4841-81a7-d965910fd1c6 + id: partition-vda4 + type: partition + - device: disk-vda + size: 120000086016 + wipe: superblock + flag: linux + number: 5 + preserve: true + grub_device: false + offset: 356326047744 + partition_type: 0fc63daf-8483-4772-8e79-3d69d8477de4 + path: /dev/vda5 + uuid: 9db5f9d0-33a0-4ca0-9562-649c24ca7499 + id: partition-vda5 + type: partition + - fstype: btrfs + volume: partition-vda5 + preserve: false + id: format-0 + type: format + - path: / + device: format-0 + id: mount-0 + type: mount + - fstype: vfat + volume: partition-vda1 + preserve: true + id: format-partition-vda1 + type: format + - path: /boot/efi + device: format-partition-vda1 + id: mount-1 + type: mount + - device: disk-vda + size: 8000634880 + wipe: superblock + flag: linux + number: 6 + preserve: true + grub_device: false + offset: 476326133760 + partition_type: 0fc63daf-8483-4772-8e79-3d69d8477de4 + path: /dev/vda6 + uuid: 2c990bfc-89d7-43b7-bb1b-0151d44f72cb + id: partition-vda6 + type: partition + - fstype: btrfs + volume: partition-vda6 + preserve: false + id: format-1 + type: format + - path: /home + device: format-1 + id: mount-2 + type: mount + - device: disk-vda + size: 19256049664 + number: 7 + preserve: true + grub_device: false + offset: 484326768640 + partition_type: ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 + partition_name: Basic data partition + path: /dev/vda7 + uuid: 3cc1570d-e2ed-4337-b520-f57bbe953c66 + id: partition-vda7 + type: partition + timezone: Europe/Ljubljana + updates: security + packages: + - openssh-server + late-commands: + - 'echo "#cloud-config" >> /target/etc/cloud/cloud.cfg.d/99-ssh_keys.cfg' + - 'echo "users:" >> /target/etc/cloud/cloud.cfg.d/99-ssh_keys.cfg' + - 'echo " - name: local_admin" >> /target/etc/cloud/cloud.cfg.d/99-ssh_keys.cfg' + - 'echo " ssh_authorized_keys:" >> /target/etc/cloud/cloud.cfg.d/99-ssh_keys.cfg' + - 'echo " - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM2Tn8+rH+fkFkBycxYrJ7TzhXQhuf3U+w23JFlZoRiX polz@povzpetnik" >> /target/etc/cloud/cloud.cfg.d/99-ssh_keys.cfg' + - 'echo " - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDRpoWIH5u2g12IM39WNRzLsPksfSjfL/82fPnuZwZ7H polz@it-polz" >> /target/etc/cloud/cloud.cfg.d/99-ssh_keys.cfg' + - 'echo " - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCq7NrrDD53pe9Zpn/dRSPxWQLDIZ9INS0kz/ps/9fGsM8/H/J7jr/ecj0j0jfYig6QdV8G7VnpLWjcuJ65ul3u2rnQSN78Ms/hxlAhmyahQtBA2q2D2zqI2PDWsKAySWmfFg+2W5fYmE1+F9GEB0OWNOuClmfo2A1c8Ve76qSiehHgjYo0G1CQrXkmE00GBLqyqkbyyStLa9DUfaDwrbOu4tJChHo4jDGuLH5QCYcN+RRXjwPQKgk0L2yfu1479L0XqhbEo+KHoIZH501fkoE+gUKVyLERvkhKSiCgPhJmAgRN1bRsiyTwvQzoED4q1RwFmG0AKg0U5bHnAAOd77uyuIYmcFiaRGHROQ9ZbyB9tJ07QrFlzRkderDd5Z18mO7LtgDjFZ2B2DlRY6zxMiUqJyDRnHjDF3+3DTlHIUCC3aEtoYS8MPyRL1b8XenIqswXkM+vkYFeKh2ynjNu3C6VqDCXZFvIi6f1X0ojZXRrDmbiON8Y74HjxP0z6TB1U30= polz@ucilnicenfs-2020" >> /target/etc/cloud/cloud.cfg.d/99-ssh_keys.cfg' + - 'curtin in-target -- sed -i "s/\\(%sudo.*\\) ALL/\\1 NOPASSWD: ALL/" /etc/sudoers' + version: 1 diff --git a/unattended_install/win/autounattend.xml b/unattended_install/win/autounattend.xml new file mode 100644 index 0000000..bfb33fe --- /dev/null +++ b/unattended_install/win/autounattend.xml @@ -0,0 +1,356 @@ + + + + + + + + en-US + + 0409:00000424 + en-US + en-US + en-US + + + + + + 0 + 3 + + + + + + YNMGQ-8RYV3-4PGQ3-C8XTP-7CFBY + OnError + + true + + false + + + 1 + cmd.exe /c ">>"X:\diskpart.txt" (echo:REM)" + + + 2 + cmd.exe /c "diskpart.exe /s "X:\diskpart.txt" >>"X:\diskpart.log" || ( type "X:\diskpart.log" & echo diskpart encountered an error. & pause & exit /b 1 )" + + + + + + + + ucilnica + Central Europe Standard Time + + + + + 1 + powershell.exe -WindowStyle Normal -NoProfile -Command "$xml = [xml]::new(); $xml.Load('C:\Windows\Panther\unattend.xml'); $sb = [scriptblock]::Create( $xml.unattend.Extensions.ExtractScript ); Invoke-Command -ScriptBlock $sb -ArgumentList $xml;" + + + 2 + powershell.exe -WindowStyle Normal -NoProfile -Command "Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\Specialize.ps1' -Raw | Invoke-Expression;" + + + 3 + reg.exe load "HKU\DefaultUser" "C:\Users\Default\NTUSER.DAT" + + + 4 + powershell.exe -WindowStyle Normal -NoProfile -Command "Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\DefaultUser.ps1' -Raw | Invoke-Expression;" + + + 5 + reg.exe unload "HKU\DefaultUser" + + + + + + + + + 0409:00000424 + en-US + en-US + en-US + + + + + + local_admin + FRI IT + Administrators + + 6tfc5rdx + true</PlainText> + </Password> + </LocalAccount> + <LocalAccount wcm:action="add"> + <Name>Student</Name> + <DisplayName>Student</DisplayName> + <Group>Users</Group> + <Password> + <Value>vaje</Value> + <PlainText>true</PlainText> + </Password> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + <AutoLogon> + <Username>local_admin</Username> + <Enabled>true</Enabled> + <LogonCount>1</LogonCount> + <Password> + <Value>6tfc5rdx</Value> + <PlainText>true</PlainText> + </Password> + </AutoLogon> + <OOBE> + <ProtectYourPC>3</ProtectYourPC> + <HideEULAPage>true</HideEULAPage> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + <HideOnlineAccountScreens>false</HideOnlineAccountScreens> + </OOBE> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <Order>1</Order> + <CommandLine>powershell.exe -WindowStyle Normal -NoProfile -Command "Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\FirstLogon.ps1' -Raw | Invoke-Expression;"</CommandLine> + </SynchronousCommand> + </FirstLogonCommands> + </component> + </settings> + <Extensions xmlns="https://schneegans.de/windows/unattend-generator/"> + <ExtractScript> +param( + [xml] $Document +); + +foreach( $file in $Document.unattend.Extensions.File ) { + $path = [System.Environment]::ExpandEnvironmentVariables( $file.GetAttribute( 'path' ) ); + mkdir -Path( $path | Split-Path -Parent ) -ErrorAction 'SilentlyContinue'; + $encoding = switch( [System.IO.Path]::GetExtension( $path ) ) { + { $_ -in '.ps1', '.xml' } { [System.Text.Encoding]::UTF8; } + { $_ -in '.reg', '.vbs', '.js' } { [System.Text.UnicodeEncoding]::new( $false, $true ); } + default { [System.Text.Encoding]::Default; } + }; + $bytes = $encoding.GetPreamble() + $encoding.GetBytes( $file.InnerText.Trim() ); + [System.IO.File]::WriteAllBytes( $path, $bytes ); +} + </ExtractScript> + <File path="C:\Windows\Setup\Scripts\VirtIoGuestTools.ps1"> +&amp; { + foreach( $letter in 'DEFGHIJKLMNOPQRSTUVWXYZ'.ToCharArray() ) { + $exe = "${letter}:\virtio-win-guest-tools.exe"; + if( Test-Path -LiteralPath $exe ) { + Start-Process -FilePath $exe -ArgumentList '/passive', '/norestart' -Wait; + return; + } + } + 'VirtIO Guest Tools image (virtio-win-*.iso) is not attached to this VM.'; +} *&gt;&amp;1 &gt;&gt; 'C:\Windows\Setup\Scripts\VirtIoGuestTools.log'; + </File> + <File path="C:\Windows\Setup\Scripts\unattend-01.ps1"> +Get-WindowsCapability -Name OpenSSH.Server* -Online | + Add-WindowsCapability -Online + +$firewallParams = @{ + Name = 'sshd-Server-In-TCP' + DisplayName = 'Inbound rule for OpenSSH Server (sshd) on TCP port 22' + Action = 'Allow' + Direction = 'Inbound' + Enabled = 'True' # This is not a boolean but an enum + Profile = 'Any' + Protocol = 'TCP' + LocalPort = 22 +} +New-NetFirewallRule @firewallParams + +$shellParams = @{ + Path = 'HKLM:\SOFTWARE\OpenSSH' + Name = 'DefaultShell' + Value = 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' + PropertyType = 'String' + Force = $true +} +New-ItemProperty @shellParams + +# Set default to powershell.exe +$shellParams = @{ + Path = 'HKLM:\SOFTWARE\OpenSSH' + Name = 'DefaultShell' + Value = 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' + PropertyType = 'String' + Force = $true +} +New-ItemProperty @shellParams + +# Set time to UTC +$shellParams = @{ + Path = 'HKLM:\SYSTEM\CurrentControlSet\Control\TimeZoneInformation' + Name = 'RealTimeIsUniversal' + Value = '00000001' + PropertyType = 'dword' + Force = $true +} +New-ItemProperty @shellParams + + +Set-Service -Name sshd -StartupType Automatic -Status Running + </File> + <File path="C:\Windows\Setup\Scripts\unattend-02.ps1"> +Set-Service -Name sshd -StartupType Automatic -Status Running + </File> + <File path="C:\Windows\Setup\Scripts\Specialize.ps1"> +$scripts = @( + { + reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f; + }; + { + net.exe accounts /maxpwage:UNLIMITED; + }; + { + netsh.exe advfirewall firewall set rule group="@FirewallAPI.dll,-28752" new enable=Yes; + reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f; + }; + { + reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power" /v HiberbootEnabled /t REG_DWORD /d 0 /f; + }; + { + reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\BitLocker" /v "PreventDeviceEncryption" /t REG_DWORD /d 1 /f; + }; + { + Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\unattend-01.ps1' -Raw | Invoke-Expression; + }; +); + +&amp; { + [float] $complete = 0; + [float] $increment = 100 / $scripts.Count; + foreach( $script in $scripts ) { + Write-Progress -Activity 'Running scripts to customize your Windows installation. Do not close this window.' -PercentComplete $complete; + '*** Will now execute command &#xAB;{0}&#xBB;.' -f $( + $str = $script.ToString().Trim() -replace '\s+', ' '; + $max = 100; + if( $str.Length -le $max ) { + $str; + } else { + $str.Substring( 0, $max - 1 ) + '&#x2026;'; + } + ); + $start = [datetime]::Now; + &amp; $script; + '*** Finished executing command after {0:0} ms.' -f [datetime]::Now.Subtract( $start ).TotalMilliseconds; + "`r`n" * 3; + $complete += $increment; + } +} *&gt;&amp;1 &gt;&gt; "C:\Windows\Setup\Scripts\Specialize.log"; + </File> + <File path="C:\Windows\Setup\Scripts\UserOnce.ps1"> +$scripts = @( + { + Set-WinHomeLocation -GeoId 212; + }; + { + Set-ItemProperty -LiteralPath 'Registry::HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name 'LaunchTo' -Type 'DWord' -Value 1; + }; +); + +&amp; { + [float] $complete = 0; + [float] $increment = 100 / $scripts.Count; + foreach( $script in $scripts ) { + Write-Progress -Activity 'Running scripts to configure this user account. Do not close this window.' -PercentComplete $complete; + '*** Will now execute command &#xAB;{0}&#xBB;.' -f $( + $str = $script.ToString().Trim() -replace '\s+', ' '; + $max = 100; + if( $str.Length -le $max ) { + $str; + } else { + $str.Substring( 0, $max - 1 ) + '&#x2026;'; + } + ); + $start = [datetime]::Now; + &amp; $script; + '*** Finished executing command after {0:0} ms.' -f [datetime]::Now.Subtract( $start ).TotalMilliseconds; + "`r`n" * 3; + $complete += $increment; + } +} *&gt;&amp;1 &gt;&gt; "$env:TEMP\UserOnce.log"; + </File> + <File path="C:\Windows\Setup\Scripts\DefaultUser.ps1"> +$scripts = @( + { + reg.exe add "HKU\DefaultUser\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f; + }; + { + reg.exe add "HKU\DefaultUser\Software\Microsoft\Windows\CurrentVersion\RunOnce" /v "UnattendedSetup" /t REG_SZ /d "powershell.exe -WindowStyle Normal -NoProfile -Command \""Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\UserOnce.ps1' -Raw | Invoke-Expression;\""" /f; + }; +); + +&amp; { + [float] $complete = 0; + [float] $increment = 100 / $scripts.Count; + foreach( $script in $scripts ) { + Write-Progress -Activity 'Running scripts to modify the default user&#x2019;&#x2019;s registry hive. Do not close this window.' -PercentComplete $complete; + '*** Will now execute command &#xAB;{0}&#xBB;.' -f $( + $str = $script.ToString().Trim() -replace '\s+', ' '; + $max = 100; + if( $str.Length -le $max ) { + $str; + } else { + $str.Substring( 0, $max - 1 ) + '&#x2026;'; + } + ); + $start = [datetime]::Now; + &amp; $script; + '*** Finished executing command after {0:0} ms.' -f [datetime]::Now.Subtract( $start ).TotalMilliseconds; + "`r`n" * 3; + $complete += $increment; + } +} *&gt;&amp;1 &gt;&gt; "C:\Windows\Setup\Scripts\DefaultUser.log"; + </File> + <File path="C:\Windows\Setup\Scripts\FirstLogon.ps1"> +$scripts = @( + { + Set-ItemProperty -LiteralPath 'Registry::HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name 'AutoLogonCount' -Type 'DWord' -Force -Value 0; + }; + { + Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\VirtIoGuestTools.ps1' -Raw | Invoke-Expression; + }; + { + Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\unattend-02.ps1' -Raw | Invoke-Expression; + }; +); + +&amp; { + [float] $complete = 0; + [float] $increment = 100 / $scripts.Count; + foreach( $script in $scripts ) { + Write-Progress -Activity 'Running scripts to finalize your Windows installation. Do not close this window.' -PercentComplete $complete; + '*** Will now execute command &#xAB;{0}&#xBB;.' -f $( + $str = $script.ToString().Trim() -replace '\s+', ' '; + $max = 100; + if( $str.Length -le $max ) { + $str; + } else { + $str.Substring( 0, $max - 1 ) + '&#x2026;'; + } + ); + $start = [datetime]::Now; + &amp; $script; + '*** Finished executing command after {0:0} ms.' -f [datetime]::Now.Subtract( $start ).TotalMilliseconds; + "`r`n" * 3; + $complete += $increment; + } +} *&gt;&amp;1 &gt;&gt; "C:\Windows\Setup\Scripts\FirstLogon.log"; + </File> + </Extensions> +</unattend> \ No newline at end of file