proxyd43's questions

刚刚使用这个 repo 在 fedora server 35 上安装了 influxdb：

https://repos.influxdata.com/rhel/8/x86_64/stable/

每次我重新启动服务influxdb（默认配置）时，它都会连接到 aws cloudfront 上的随机 IP：

tcp   ESTAB     0      0            192.168.6.233:44522 143.204.224.81:443   users:(("influxd",pid=45731,fd=16)) timer:(keepalive,20sec,0) uid:988 ino:149215 sk:31 cgroup:/system.slice/influxdb.service <->

tcp   ESTAB     0      0            192.168.6.233:47106   18.64.79.51:443   users:(("influxd",pid=45632,fd=16)) timer:(keepalive,12sec,0) uid:988 ino:148945 sk:29 cgroup:/system.slice/influxdb.service <->

我对 influxdb 很陌生，还没有阅读手册。

有人可以向我解释这种行为吗？

谢谢

问候。

我正在尝试使用循环并在剧本中要求在具有特定属性的服务器上创建多个目录：模式所有者组。

我想我已经接近了，但没有得到它的工作。

我收到此错误：

（文件）模块不支持的参数：recursive 支持的参数包括：_diff_peek、_original_basename、access_time、access_time_format、attributes、backup、content、delimiter、directory_mode、follow、force、group、mode、modification_time、modification_time_format、owner、path、recurse、regexp ，remote_src，selevel，serole，setype，seuser，src，状态，unsafe_writes

任何建议将不胜感激：

这是剧本示例：

  - name: ansible create directory with_items example
file:
  path: "{{ item.dest }}"
  mode: "{{item.mode}}"
  owner: "{{item.owner}}"
  group: "{{item.group}}"
  recursive: true   
  state: directory
loop:
  - { dest: '/var/lib/tftpboot/os/uefi/debian11', mode: '0744', owner: 'root', group: 'root' }
  - { dest: '/var/lib/tftpboot/os/uefi/ubuntu2004D', mode: '0744', owner: 'root', group: 'root'}
  - { dest: '/var/lib/tftpboot/os/uefi/f34w', mode: '0744', owner: 'root', group: 'root'}
  - { dest: '/var/lib/tftpboot/os/uefi/f34s', mode: '0744', owner: 'root', group: 'root'}
  - { dest: '/srv/nfs/isos', mode: '0744', owner: 'root', group: 'rpcuser'}
  - { dest: '/srv/nfs/pxe/debian11', mode: '0744', owner: 'root', group: 'rpcuser'}
  - { dest: '/srv/nfs/pxe/ubuntu2004', mode: '0744', owner: 'root', group: 'rpcuser'}
  - { dest: '/srv/nfs/pxe/f34w', mode: '0744', owner: 'root', group: 'rpcuser'}
  - { dest: '/srv/nfs/pxe/f34s', mode: '0744', owner: 'root', group: 'rpcuser'}
  - { dest: '/tmp/debian11', mode: '0744', owner: 'root', group: 'root'}
  - { dest: '/tmp/f34w', mode: '0744', owner: 'root', group: 'root'}
  - { dest: '/tmp/ubuntu2004D', mode: '0744', owner: 'root', group: 'root'}

我正在尝试完全自动化地预置 debian 11 netinstall。我在这里阅读了许多文档：

这是我的引导行（来自 grub.cfg）

set default="autoinstall"
set timeout=3

menuentry "Debian 11 Fully Automated UEFI LVM LUKS BTRFS Remote Decrypt DEBUG TTY4" --id autoinstall {
        set background_color=black
        linux    /debian-installer/amd64/linux auto=true url=tftp://192.168.1.100/preseed/debseed11_crypt.cfg net.ifnames=0 biosdevname=0 ipv6.disable=1 language=en locale=en_US.UTF-8 keymap=fr vga=788 noprompt DEBCONF_DEBUG=5 --- quiet
        initrd   /debian-installer/amd64/initrd.gz
}

这是我的预置文件：

#### Preseed preconfiguration file (for Debian buster)
### Partman early command
### Kernal parameter
#d-i debian-installer/add-kernel-opts string net.ifnames=0 biosdevname=0 hostname=unassigned-hostname domain=unassigned-domain
#d-i debconf/priority critical

#d-i debian-installer/add-kernel-opts string net.ifnames=0 biosdevname=0 console=ttyS0,19200n8
### Localization
d-i debian-installer/locale string en_US
d-i debian-installer/language string en
d-i debian-installer/country string US
#d-i debian-installer/locale string en_US.UTF-8 fr_FR.UTF-8
d-i localechooser/supported-locales multiselect en_US.UTF-8, fr_FR.UTF-8

### Keyboard selection
d-i keyboard-configuration/xkb-keymap select fr

###  Network configuration

# Netcfg choisira une interface connectée si possible. Cela empêchera
# # d'afficher une liste s'il y a plusieurs interfaces.
d-i netcfg/choose_interface select auto

#d-i netcfg/choose_interface select eth0
d-i netcfg/use_dhcp string true
d-i netcfg/link_wait_timeout string 10
d-i netcfg/dhcp_timeout string 60

#d-i netcfg/disable_autoconfig boolean true

d-i netcfg/dhcp_failed note
#d-i netcfg/dhcp_options select auto

#Configure network manually
# IPv4 Static network configuration
#d-i netcfg/get_ipaddress string 192.168.1.120
#d-i netcfg/get_netmask string 255.255.255.0
#d-i netcfg/get_gateway string 192.168.1.1
#d-i netcfg/get_nameservers string 192.168.1.1
#d-i netcfg/confirm_static boolean true

# Set a hostname
#d-i netcfg/get_hostname string zhurong
#d-i netcfg/get_domain string planet.mars
# Force a hostname
#d-i netcfg/hostname string zhurong.planet.mars
# Disable that annoying WEP key dialog
d-i netcfg/wireless_wep string


d-i netcfg/get_hostname unassigned-hostname 
d-i netcfg/get_domain unassigned-domain
d-i netcfg/get_hostname seen true
d-i netcfg/get_domain seen true

### Mirror settings
d-i mirror/country string manual
d-i mirror/http/hostname string httpredir.debian.org
d-i mirror/http/directory string /debian
d-i mirror/http/proxy string

### Account setup
# Skip creation of a normal user account
d-i passwd/make-user boolean false
# Set root password
# or encrypted using a crypt(3)  hash.
d-i passwd/root-password-crypted password $6$47Cx5oMpkh66eYNI$LV76xupgkvZ3rHJCq1NgXKzp3bBDv6g0FmMiSvmUp1jqaIkTEz5F6eA.SRhBzyPReVQEnzZWwFWSdKGBBn.tE1

### Clock and time zone setup
# Set hardware clock to UTC
d-i clock-setup/utc boolean true
# Set timezone
d-i time/zone string Europe/Paris
# Use NTP clock during installation
d-i clock-setup/ntp boolean true

### Partitioning
# LVM LUKS method

# Inhibit partman to fill the disk with random data 
d-i partman-auto-crypto/erase_disks boolean false

#d-i partman/early_command \
#       string dd if=/dev/zero of=/dev/sda bs=512 count=1
d-i partman-auto/method string crypto
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-lvm/confirm boolean true
d-i partman-auto-lvm/guided_size string max
d-i partman-auto-lvm/new_vg_name string debian
d-i partman-auto/disk string /dev/vda
d-i partman-auto/choose_recipe select boot-crypto
d-i partman-crypto/passphrase       password  aaabbbccc
d-i partman-crypto/passphrase-again password  aaabbbccc
d-i partman-auto/expert_recipe string \
boot-crypto :: \
  1024 1024 1024 ext4 \
          $primary{ } $bootable{ } \
          method{ format } format{ } \
          use_filesystem{ } filesystem{ ext4 } \
          mountpoint{ /boot } \
  . \
  8192 8192 8192 linux-swap \
          $lvmok{ } lv_name{ swap } \
          in_vg { debian } \
          method{ swap } format{ } \
  . \
  80896 80896 1000000 btrfs \
          $lvmok{ } lv_name{ root } \
          in_vg { debian } \
          method{ format } format{ } \
          use_filesystem{ } filesystem{ btrfs } \
          mountpoint{ / } \
   . \

#d-i partman-basicfilesystems/no_mount_point boolean false
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true

d-i partman-md/confirm boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true

### Apt setup
d-i apt-setup/cdrom/set-first boolean false
d-i apt-setup/cdrom/set-next boolean false
d-i apt-setup/cdrom/set-failed boolean false
d-i apt-setup/services-select multiselect security, updates
d-i apt-setup/security_host string security.debian.org
### Package selection
tasksel tasksel/first multiselect standard
# Individual additional packages to install
d-i pkgsel/include string openssh-server vim tmux tcpdump dropbear-initramfs cryptsetup-initramfs python3.9
d-i pkgsel/upgrade select full-upgrade
d-i pkgsel/update-policy select none
d-i pkgsel/updatedb boolean true
popularity-contest popularity-contest/participate boolean false


### GRUB STUFF
d-i grub-installer/only_debian boolean true
d-i grub-installer/bootdev  string default

# Note: options passed to the installer will be added automatically. 
#d-i debian-installer/add-kernel-opts string nousb

# Optional password for grub, either in clear text
# #d-i grub-installer/password password r00tme
# #d-i grub-installer/password-again password r00tme
# # or encrypted using an MD5 hash, see grub-md5-crypt(8).
# #d-i grub-installer/password-crypted password [MD5 hash]
#
# # Use the following option to add additional boot parameters for the
# # installed system (if supported by the bootloader installer).
# # Note: options passed to the installer will be added automatically.
# #d-i debian-installer/add-kernel-opts string nousb
#
# ### Finishing up the installation
# # Avoid that last message about the install being complete.
d-i finish-install/reboot_in_progress note


d-i preseed/late_command string \
  mkdir -p -m 700 /target/root/.ssh; \
  echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEe3gF//znGIzq30frI6O9qDn5eM6uqEZZlx7mR5SiS" > /target/root/.ssh/authorized_keys; \
  in-target chown --recursive root:root /root/.ssh; \
  in-target chmod 0644 /root/.ssh/authorized_keys; \
  in-target update-alternatives --set editor /usr/bin/vim.basic; \
  in-target passwd --expire root; \
  in-target echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEe3gF//znGIzq30frI6O9qDn5eM6uqEZZlx7mR5SiS' > /etc/dropbear-initramfs/authorized_keys; \
  in-target sed -i '/*PasswordAuthentication*/c\PasswordAuthentication no' /etc/ssh/sshd_config; \
  in-target sed -i '/*PasswordAuthentication*/c\PasswordAuthentication no' /etc/ssh/sshd_config; \
  in-target systemctl enable --now sshd; \
  in-target sed -i '/*DROPBEAR_OPTIONS=*/c\DROPBEAR_OPTIONS="-I 300 -j -k -p 22 -s -c /bin/cryptroot-unlock "' /etc/dropbear-initramfs/config; \
  in-target sed -i '/*IP=*/c\IP="dhcp"' /etc/initramfs-tools/initramfs.conf; \
  in-target update-initramfs -u;
#

目前我得到 debien 安装程序要求我：

• 主机名
• 域名

我只是想摆脱这些问题。这是我尝试过的：

• 我尝试在 pxe 服务器上的命令行内核选项中使用 priority=critical。
• 我将我的 dhcpd 服务器配置为管理此特定主机的主机名域名。

host curiosity {
hardware ethernet 12:34:45:12:34:56;
fixed-address 192.168.1.90;
option host-name "curiosity";
option domain-name "planet.mars";
}

我知道我可以设置主机名/域变量，一切都会好起来的，但我想制作一个非常通用的预置来部署在多个服务器上。

一些帮助或线索将不胜感激。

提前谢谢你。

编辑：已解决：

顺便说一句，第一个 preseed 并不完美。如果有人对此感兴趣，那就更好了。

它通过 ssh DEBUG TTY4 实现全自动 Debian 11 UEFI LUKS BTRFS 远程解密

#### Preseed preconfiguration file (for Debian bullseye)

# Debian 11 Fully Automated UEFI LVM LUKS BTRFS Remote Decrypt via ssh DEBUG # TTY4


### Partman early command
### Kernel parameter
#d-i debian-installer/add-kernel-opts string net.ifnames=0 biosdevname=0 hostname=unassigned-hostname domain=unassigned-domain
#d-i debconf/priority critical

#d-i debian-installer/add-kernel-opts string net.ifnames=0 biosdevname=0 console=ttyS0,19200n8
### Localization
d-i debian-installer/locale string en_US
d-i debian-installer/language string en
d-i debian-installer/country string US
#d-i debian-installer/locale string en_US.UTF-8 fr_FR.UTF-8
d-i localechooser/supported-locales multiselect en_US.UTF-8, fr_FR.UTF-8

### Keyboard selection
d-i keyboard-configuration/xkb-keymap select fr

###  Network configuration

# Netcfg choisira une interface connectée si possible. Cela empêchera
# # d'afficher une liste s'il y a plusieurs interfaces.
d-i netcfg/choose_interface select auto

#d-i netcfg/choose_interface select eth0
d-i netcfg/use_dhcp string true
d-i netcfg/link_wait_timeout string 10
d-i netcfg/dhcp_timeout string 60

#d-i netcfg/disable_autoconfig boolean true

d-i netcfg/dhcp_failed note
#d-i netcfg/dhcp_options select auto

#Configure network manually
# IPv4 Static network configuration
#d-i netcfg/get_ipaddress string 192.168.1.120
#d-i netcfg/get_netmask string 255.255.255.0
#d-i netcfg/get_gateway string 192.168.1.1
#d-i netcfg/get_nameservers string 192.168.1.1
#d-i netcfg/confirm_static boolean true

# Set a hostname
#d-i netcfg/get_hostname string zhurong
#d-i netcfg/get_domain string planet.mars
# Force a hostname
#d-i netcfg/hostname string zhurong.planet.mars
# Disable that annoying WEP key dialog
d-i netcfg/wireless_wep string

#d-i netcfg/get_hostname=install
d-i netcfg/get_hostname unassigned-hostname 
d-i netcfg/get_domain unassigned-domain
d-i netcfg/get_hostname seen true
d-i netcfg/get_domain seen true

### Mirror settings
d-i mirror/country string manual
d-i mirror/http/hostname string httpredir.debian.org
d-i mirror/http/directory string /debian
d-i mirror/http/proxy string

### Account setup
# Skip creation of a normal user account
d-i passwd/make-user boolean false
# Set root password
# or encrypted using a crypt(3)  hash.
d-i passwd/root-password-crypted password $6$47Cx5oMpkh999YNI$XG76xupgkvZ3rHJCq1NgXKzp3bBfIuj0FmMiSvmUp1jqaIkTEz5F6eA.SRhBzyPReVQEnzZWwFWSdYGCBn.tE1

### Clock and time zone setup
# Set hardware clock to UTC
d-i clock-setup/utc boolean true
# Set timezone
d-i time/zone string Europe/Paris
# Use NTP clock during installation
d-i clock-setup/ntp boolean true

### Partitioning
# LVM LUKS method

# Inhibit partman to fill the disk with random data 
d-i partman-auto-crypto/erase_disks boolean false

#d-i partman/early_command \
#       string dd if=/dev/zero of=/dev/sda bs=512 count=1

# Force UEFI booting ('BIOS compatibility' will be lost). Default: false.
d-i partman-efi/non_efi_system boolean false
# Ensure the partition table is GPT - this is required for EFI
d-i partman-partitioning/choose_label string gpt
d-i partman-partitioning/default_label string gpt

d-i partman-auto/method string crypto
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-lvm/confirm boolean true
d-i partman-auto-lvm/guided_size string max
d-i partman-auto-lvm/new_vg_name string debian
d-i partman-auto/disk string /dev/sda
d-i partman-auto/choose_recipe select boot-crypto
d-i partman-crypto/passphrase       password  aabbcc
d-i partman-crypto/passphrase-again password  aabbcc
d-i partman-auto/expert_recipe string \
boot-crypto :: \
  512 50 512 fat32 \
          $primary{ } $bootable{ } \
          method{ efi } format{ } \
          mountpoint{ /boot/efi } \
  . \
  1024 1024 1024 ext4 \
          $primary{ } $bootable{ } \
          method{ format } format{ } \
          use_filesystem{ } filesystem{ ext4 } \
          mountpoint{ /boot } \
  . \
  8192 8192 8192 linux-swap \
          $lvmok{ } lv_name{ swap } \
          in_vg { debian } \
          method{ swap } format{ } \
  . \
  80896 80896 1000000 btrfs \
          $lvmok{ } lv_name{ root } \
          in_vg { debian } \
          method{ format } format{ } \
          use_filesystem{ } filesystem{ btrfs } \
          mountpoint{ / } \
  . \

#d-i partman-basicfilesystems/no_mount_point boolean false
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true

d-i partman-md/confirm boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true

### Apt setup
d-i apt-setup/cdrom/set-first boolean false
d-i apt-setup/cdrom/set-next boolean false
d-i apt-setup/cdrom/set-failed boolean false
d-i apt-setup/services-select multiselect security, updates
d-i apt-setup/security_host string security.debian.org
### Package selection
tasksel tasksel/first multiselect standard
# Individual additional packages to install
d-i pkgsel/include string openssh-server vim tmux tcpdump dropbear-initramfs cryptsetup-initramfs python3.9
d-i pkgsel/upgrade select full-upgrade
d-i pkgsel/update-policy select none
d-i pkgsel/updatedb boolean true
popularity-contest popularity-contest/participate boolean false


### GRUB STUFF
d-i grub-installer/only_debian boolean true
d-i grub-installer/bootdev  string default

# Note: options passed to the installer will be added automatically. 
#d-i debian-installer/add-kernel-opts string nousb

# Optional password for grub, either in clear text
# #d-i grub-installer/password password r00tme
# #d-i grub-installer/password-again password r00tme
# # or encrypted using an MD5 hash, see grub-md5-crypt(8).
# #d-i grub-installer/password-crypted password [MD5 hash]
#
# # Use the following option to add additional boot parameters for the
# # installed system (if supported by the bootloader installer).
# # Note: options passed to the installer will be added automatically.
# #d-i debian-installer/add-kernel-opts string nousb
#
# ### Finishing up the installation
# # Avoid that last message about the install being complete.
d-i finish-install/reboot_in_progress note


d-i preseed/late_command string \
  mkdir -p -m 700 /target/root/.ssh; \
  echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEe3gF//znGIzq30frI6O9qDn5eM6uqEZZlx7mR5SiS" > /target/root/.ssh/authorized_keys; \
  in-target chown --recursive root:root /root/.ssh; \
  in-target chmod 0644 /root/.ssh/authorized_keys; \
  in-target update-alternatives --set editor /usr/bin/vim.basic; \
  

d-i preseed/late_command string \
  mkdir -p -m 700 /target/root/.ssh; \
  echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEe3gF//znGIzq30frI6O9qDn5eM6uqEZZlx7mR5SiS" > /target/root/.ssh/authorized_keys; \
  in-target chown --recursive root:root /root/.ssh; \
  in-target chmod 0644 /root/.ssh/authorized_keys; \
  in-target update-alternatives --set editor /usr/bin/vim.basic; \
  echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEe3gF//znGIzq30frI6O9qDn5eM6uqEZZlx7mR5SiS' > /target/etc/dropbear-initramfs/authorized_keys; \
  echo 'PasswordAuthentication no' >> /target/etc/ssh/sshd_config.d/setup; \
  echo 'PermitRootLogin prohibit-password' >> /etc/ssh/sshd_config.d/setup; \
  echo 'auto eno1' >> /target/etc/network/interfaces; \
  sed -i 's/eth0/eno1/g' /target/etc/network/interfaces; \
  in-target systemctl enable --now sshd; \
  echo 'DROPBEAR_OPTIONS="-I 300 -j -k -p 22 -s -c /bin/cryptroot-unlock"' >> /target/etc/dropbear-initramfs/config; \
  echo 'IP="dhcp"' >> /target/etc/initramfs-tools/initramfs.conf; \
  in-target update-initramfs -u;

#  in-target passwd --expire root; \

解决 ！