.. todo::

 * /etc/motd

Choices
=======

have up-to-date mirrors available
---------------------------------

.. todo:: sync mirrors
.. todo:: check mirrors

critical base packages
----------------------

 +-----------+--------------------------------------------------+
 | locales   | to get localization binaries for system messages |
 +-----------+--------------------------------------------------+
 | apt-utils | otherwise packages configuration gets delayed    |
 +-----------+--------------------------------------------------+
 | dialog    | to have user interaction possible with APT       |
 +-----------+--------------------------------------------------+

decide the desired type of system
---------------------------------

* will the system run

  * 64 bits?
  * 32 bits?
  * both?

* will the system be run by

  * a physical machine?
  * a virtual machine?
  * a container?
  * a container inside a virtual machine?

* will the system be stored

  * read-write, as a file system on a dedicated partition?
  * read-only, as a single file loaded in RAM at boot time?

Install required tools
======================

 ============== ========================================
 debootstrap    generate a minimal base file system
 squashfs-tools archive or unarchive a file system image
 ============== ========================================

 .. code:: shell

  apt install debootstrap squashfs-tools

Create a base file hierarchy
============================

prepare the system's directory
------------------------------

* become root

.. code:: shell

 su

* make root directory

.. code:: shell

 mkdir '/squashfs-root'

generate the minimal base
-------------------------

.. code:: shell

 debootstrap \
 --arch 'amd64' \
 --variant 'minbase' \
 --include 'locales,apt-utils,dialog' \
 'bullseye' \
 '/squashfs-root' \
 'https://deb.debian.org/debian'

Configure preinstalled packages
===============================

apt
---

configuration
^^^^^^^^^^^^^

* /etc/apt/apt.conf

::

 Acquire::AllowInsecureRepositories False;
 Acquire::AllowWeakRepositories False;
 Acquire::AllowDowngradeToInsecureRepositories False;
 Acquire::Check-Valid-Until False;
 APT::Install-Recommends False;
 APT::Install-Suggests False;
 APT::Get::Show-Versions True;
 Dir::Etc::SourceParts "";
 Dpkg::Progress True;

preferences
^^^^^^^^^^^

* /etc/apt/preferences

.. todo:: preferences

sources
^^^^^^^

* /etc/apt/sources.list

::

 deb [arch=amd64] https://deb.debian.org/debian bullseye main contrib non-free
 deb [arch=amd64] https://deb.debian.org/debian bullseye-backports main contrib non-free
 deb [arch=amd64] https://deb.debian.org/debian bullseye-updates main contrib non-free
 deb [arch=amd64] https://deb.debian.org/debian-security bullseye-security main contrib non-free

locales
-------

define default locale
^^^^^^^^^^^^^^^^^^^^^

* /etc/default/locale

::

 LANG=en_US.UTF-8
 LANGUAGE=en_US:en
 LC_CTYPE="fr_FR.UTF-8"
 LC_NUMERIC="fr_FR.UTF-8"
 LC_TIME="fr_FR.UTF-8"
 LC_COLLATE="fr_FR.UTF-8"
 LC_MONETARY="fr_FR.UTF-8"
 LC_MESSAGES="en_US.UTF-8"
 LC_PAPER="fr_FR.UTF-8"
 LC_NAME="fr_FR.UTF-8"
 LC_ADDRESS="fr_FR.UTF-8"
 LC_TELEPHONE="fr_FR.UTF-8"
 LC_MEASUREMENT="fr_FR.UTF-8"
 LC_IDENTIFICATION="fr_FR.UTF-8"

define locales to generate
^^^^^^^^^^^^^^^^^^^^^^^^^^

* /etc/locale.gen

::

 en_US.UTF-8 UTF-8
 fr_FR.UTF-8 UTF-8

generate locales
^^^^^^^^^^^^^^^^

.. code:: shell

 locale-gen

[configure command shell](../bash/index.md)
-------------------------------------------

redefine hostname
-----------------

* /etc/hostname

::

 hostname

provide known file systems
--------------------------

* /etc/fstab

RAM volume for temporary files

::

 tmpfs /tmp tmpfs auto,mode=1777 0 0

Install additional packages
===========================

switch into context
-------------------

.. code:: shell

 for f in 'dev' 'dev/pts' 'proc' 'sys' ; do
     mount --bind "/${f}" "/squashfs-root/${f}"
 done
 chroot '/squashfs-root'

define default console setup
----------------------------

* /usr/share/consolefonts

* /etc/default/console-setup

::

 ACTIVE_CONSOLES="/dev/tty[1-6]"

 CHARMAP="UTF-8"

 CODESET="Uni3"
 FONTFACE="Terminus"
 FONTSIZE="16x32"

 VIDEOMODE=

define default keyboard layout(s)
---------------------------------

* /etc/default/keyboard

::

 XKBMODEL="pc105"
 XKBLAYOUT="fr"
 XKBVARIANT="oss"
 XKBOPTIONS=""

 BACKSPACE="guess"

::

 XKBMODEL="pc105"
 XKBLAYOUT="fr,fr"
 XKBVARIANT="oss,bepo"
 XKBOPTIONS="terminate:ctrl_alt_bksp"

 BACKSPACE="guess"

user, guest, sudo
-----------------

.. code:: shell

 apt-get install sudo

 useradd -s /bin/bash user
 mkdir /home/user
 chown user: /home/user
 adduser user sudo

 useradd -s /bin/bash guest
 chown guest: /home/guest

authentications: passwords, SSH keys
------------------------------------

.. todo:: files

upgrade system
--------------

* in any case :

.. code:: shell

 apt-get update
 apt-get upgrade

* if needed by backported packages :

.. code:: shell

 apt-get dist-upgrade

apply system type elements
--------------------------

================= ==================================================
systemd-sysv      sans quoi le système ne démarrera pas complètement
linux-image-amd64 s’il ne s’agit pas d’un conteneur
live-boot         si à destination de boot live
================= ==================================================

.. code:: shell

 apt-get install --target-release 'bullseye-backports' 'linux-image-amd64'

.. code:: shell

 apt-get install 'live-boot'

----

initialization settings
-----------------------

.. code:: shell

 apt-get install --target-release 'bullseye-backports' 'systemd-sysv'

* /etc/sysctl.conf

.. code:: ini

 # maximum mappable memory space for linux containers
 vm.max_map_count=1048576
 # percentage of RAM remaining before swap usage
 vm.swappiness=0

install useful packages
-----------------------

.. code:: shell

 apt-get install \
 bash-completion \
 lxc \
 less nano vim \
 pciutils usbutils \
 python3 \
 squashfs-tools

.. code:: shell

 apt-get install \
 --target-release 'bullseye-backports' \
 debootstrap

install other packages
----------------------

[Choix de paquets commentés](packages.md)

.. code:: shell

 apt-get install "package1" …
 apt-get install -t stretch-backports "package1" …

setup troubleshooting if needed
-------------------------------

define root password
^^^^^^^^^^^^^^^^^^^^

.. code:: shell

 passwd

setup console
^^^^^^^^^^^^^

.. code:: shell

 apt-get install console-setup

properly switch back from context
---------------------------------

* empty APT's cache

.. code:: shell

 apt-get clean

* exit the environment

.. code:: shell

 exit

* untie links to host system

.. code:: shell

 for f in 'sys' 'proc' 'dev/pts' 'dev' ; do
     umount --lazy "/squashfs-root/${f}"
 done

clean up commands history
-------------------------

* root/.bash_history

Configure installed packages
============================

.. todo:: files

Archive prepared file system
============================

.. code:: shell

 mksquashfs \
 '/squashfs-root' \
 'filesystem.squashfs' \
 -noappend \
 -b '1m' \
 -comp 'zstd' \
 -Xcompression-level 22