1.\" $OpenBSD: autoinstall.8,v 1.17 2016/02/28 18:10:26 rpe Exp $ 2.\" 3.\" Copyright (c) 2013 Robert Peichaer <rpe@openbsd.org> 4.\" 5.\" Permission to use, copy, modify, and distribute this software for any 6.\" purpose with or without fee is hereby granted, provided that the above 7.\" copyright notice and this permission notice appear in all copies. 8.\" 9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16.\" 17.Dd $Mdocdate: February 28 2016 $ 18.Dt AUTOINSTALL 8 19.Os 20.Sh NAME 21.Nm autoinstall 22.Nd unattended OpenBSD installation and upgrade 23.Sh DESCRIPTION 24.Nm 25allows unattended installation or upgrade of 26.Ox 27by automatically responding to installer questions with 28answers from a response file. 29.Nm 30uses DHCP to discover the location of the response 31file and HTTP to fetch the file. 32If that fails, the installer asks for the location which can either be 33a URL or a local path. 34.Pp 35To start unattended installation or upgrade choose '(A)utoinstall' at the 36install prompt. 37If there is only one network interface, the installer fetches the response 38file via that interface. 39If there is more than one network interface, a selection is presented 40and the installer fetches the response file via the selected interface. 41.Pp 42If the machine is netbooted, the 43.Nm 44feature is invoked if the user does not intervene within 45a short time. 46It behaves as if the user selected '(A)utoinstall', but 47always fetches the response file via the netboot interface. 48.Pp 49If either 50.Pa /auto_install.conf 51or 52.Pa /auto_upgrade.conf 53is found during boot, 54.Nm 55behaves as if the machine is netbooted, but uses the local response file. 56In case both files exist, 57.Pa /auto_install.conf 58takes precedence. 59.Pp 60.Nm 61uses HTTP to fetch one of the files 62.Pa install.conf , 63.Ar MAC_address Ns - Ns Pa install.conf 64or 65.Ar hostname Ns - Ns Pa install.conf 66for install answers, or one of 67.Pa upgrade.conf , 68.Ar MAC_address Ns - Ns Pa upgrade.conf 69or 70.Ar hostname Ns - Ns Pa upgrade.conf 71for upgrade answers. 72The URL used to fetch the file is constructed from information provided in 73the 74.Xr dhcpd.conf 5 75statements 76.Ic next-server 77and 78.Ic filename . 79If 80.Ar filename 81is 82.Cm auto_install , 83then the URLs tried are, in order: 84.Sm off 85.Bd -unfilled -offset indent 86.No http:// Ar next-server No / Ar MAC_address No -install.conf 87.No http:// Ar next-server No / Ar hostname No -install.conf 88.No http:// Ar next-server No /install.conf 89.Ed 90.Sm on 91.Pp 92where 93.Ar MAC_address 94is a string of six hex octets separated by colons 95representing the MAC 96address of the interface being used to fetch the files, 97and 98.Ar hostname 99is the hostname assigned to the system by DHCP. 100.Pp 101If 102.Ar filename 103is 104.Cm auto_upgrade , 105the URLs tried are, in order: 106.Sm off 107.Bd -unfilled -offset indent 108.No http:// Ar next-server No / Ar MAC_address No -upgrade.conf 109.No http:// Ar next-server No / Ar hostname No -upgrade.conf 110.No http:// Ar next-server No /upgrade.conf 111.Ed 112.Sm on 113.Pp 114On architectures where the 115.Ic filename 116statement is used to provide the name of the file to netboot 117it is necessary to create symbolic links called 118.Pa auto_install 119and 120.Pa auto_upgrade 121that point to the expected boot program 122and to change the value of the 123.Ic filename 124statement in the 125.Xr dhcpd.conf 5 126file to be 127.Cm auto_install 128or 129.Cm auto_upgrade . 130.Pp 131To use a subdirectory as response file location on the HTTP server, the same 132directory structure containing the symbolic links has to exist in the tftproot 133directory. 134The value of 135.Ic filename 136has to be the full path to these symbolic links, and the HTTP and TFTP servers 137must be on the same machine. 138.Pp 139The response file is a line-oriented ASCII text file. 140The format of each line is: 141.Pp 142.D1 Ar question No = Ar answer 143.Pp 144.Ar question 145is an installer question (not including the question mark) or a non-ambiguous 146part of it, consisting of whitespace separated words. 147.Ar answer 148is the answer to the question. 149Passwords may be in plaintext, encrypted with 150.Xr encrypt 1 , 151or set to 152.Ql ************* 153(13 '*'s) to disable password logins, only permitting alternative access methods 154(for example, 155.Xr ssh 1 156keys). 157.Pp 158If 159.Nm 160does not find an answer in the response file, the default answer as 161provided by the installer is used. 162.Pp 163The response file may contain answers to the following questions, which are 164only available during unattended installation to provide additional installer 165features: 166.Bl -tag -width Ds 167.It Public ssh key for root account = Ar ssh key 168.Ar ssh key 169is stored in 170.Pa /root/.ssh/authorized_keys . 171.It Public ssh key for user puffy = Ar ssh key 172.Ar ssh key 173is stored in 174.Pa ~puffy/.ssh/authorized_keys . 175.It URL to autopartitioning template for disklabel = Ar url 176A template file for 177.Xr disklabel 8 178autopartitioning is fetched from 179.Ar url 180allowing a custom partition layout for the root disk. 181.El 182.Sh FILES 183.Bl -tag -width "/etc/dhcpd.confXXX" -compact 184.It Pa /etc/dhcpd.conf 185.Xr dhcpd 8 186configuration file 187.It Pa install.conf 188response file for unattended installation 189.It Pa upgrade.conf 190response file for unattended upgrade 191.El 192.Sh EXAMPLES 193A typical 194.Pa install.conf 195file will look something like this: 196.Bd -literal -offset indent 197System hostname = server1 198Password for root = $2a$14$Z4xRMg8vDpgYH...GVot3ySoj8yby 199Change the default console to com0 = yes 200Which speed should com0 use = 19200 201Setup a user = puffy 202Password for user = ************* 203Public ssh key for user = ssh-ed25519 AAAAC3NzaC1...g3Aqre puffy@ai 204What timezone are you in = Europe/Stockholm 205Location of sets = http 206HTTP Server = ftp.eu.openbsd.org 207.Ed 208.Pp 209The same file could be used for upgrades by creating a symbolic link called 210.Pa upgrade.conf 211that points to 212.Pa install.conf . 213The upgrade process will only use the answers it needs. 214.Pp 215And an example 216.Xr dhcpd.conf 5 217.Ic host 218declaration: 219.Bd -literal -offset indent 220host foo { 221 hardware ethernet 00:50:60:49:8b:84; 222 fixed-address 192.168.2.180; 223 filename "auto_install"; 224 option host-name "foo"; 225} 226.Ed 227.Sh SEE ALSO 228.Xr dhcpd.conf 5 , 229.Xr diskless 8 230.Sh HISTORY 231The 232.Nm 233feature first appeared in 234.Ox 5.5 . 235.Sh AUTHORS 236.An Robert Peichaer Aq Mt rpe@openbsd.org 237