# Debian 13 (Trixie) Distribution Definition # This file defines the osbuild pipeline for creating Debian-based images # QCOW2 image type - bootable virtual machine image qcow2: # Core packages required for a minimal bootable Debian system packages: # Essential system packages - linux-image-amd64 - linux-headers-amd64 - systemd - systemd-sysv - dbus - dbus-user-session # Boot and filesystem tools - initramfs-tools - grub-efi-amd64 - efibootmgr - util-linux - parted - e2fsprogs - dosfstools # OSTree integration - ostree - ostree-grub2 # Basic system utilities - sudo - bash - coreutils - findutils - grep - sed - gawk - tar - gzip - bzip2 - xz-utils # Network and connectivity - network-manager - systemd-resolved - openssh-server - curl - wget # Package management - apt - apt-utils - ca-certificates - gnupg # Security and authentication - passwd - shadow - libpam-modules - libpam-modules-bin # Locale and internationalization - locales - keyboard-configuration - console-setup # Hardware support - udev - kmod - pciutils - usbutils # Logging and monitoring - rsyslog - logrotate # Time and date - systemd-timesyncd - tzdata # osbuild stages that define the build pipeline stages: # Stage 1: Set up Debian filesystem structure - name: org.osbuild.debian-filesystem options: # Debian-specific filesystem layout rootfs_type: ext4 # OSTree integration points ostree_integration: true # Create /home -> /var/home symlink for immutable architecture home_symlink: true # Stage 2: Install packages using APT - name: org.osbuild.apt options: # Use the packages list defined above packages: ${packages} # Debian release release: trixie # Target architecture arch: amd64 # Repository configuration repos: - name: debian url: http://deb.debian.org/debian suite: trixie components: [main, contrib, non-free] - name: debian-security url: http://deb.debian.org/debian-security suite: trixie-security components: [main, contrib, non-free] - name: debian-updates url: http://deb.debian.org/debian suite: trixie-updates components: [main, contrib, non-free] # Stage 3: Handle kernel and initramfs - name: org.osbuild.debian-kernel options: # Kernel package to use kernel_package: linux-image-amd64 # Generate initramfs with OSTree support initramfs_tools: true # OSTree integration ostree_integration: true # Kernel module handling modules_autoload: true # Stage 4: Configure GRUB bootloader - name: org.osbuild.debian-grub options: # GRUB configuration for OSTree ostree_integration: true # UEFI boot support uefi: true # Secure Boot support secure_boot: false # Boot timeout timeout: 5 # Default boot entry default_entry: 0 # Stage 5: System configuration - name: org.osbuild.debian-system-config options: # Set up systemd services systemd_services: - systemd-timesyncd - systemd-resolved - NetworkManager - ssh # Configure networking networking: true # Set up users and groups users: - name: root password: locked - name: debian password: locked groups: [sudo, users] # Configure locale locale: en_US.UTF-8 # Configure timezone timezone: UTC # Desktop image type - includes desktop environment desktop: # Inherit all packages from qcow2 packages: # Include all qcow2 packages - ${qcow2.packages} # Desktop environment packages - task-kde-desktop - sddm - plasma-desktop - kde-applications - firefox-esr - libreoffice - gimp - vlc - transmission-gtk - file-roller - gparted - synaptic - software-properties-kde # Additional desktop utilities - konsole - dolphin - kate - krunner - kwin - plasma-nm - plasma-pa - powerdevil - bluedevil - kscreen - khotkeys - kmenuedit - kcmshell5 - systemsettings # Inherit stages from qcow2 and add desktop-specific stages stages: # Include all qcow2 stages - ${qcow2.stages} # Additional desktop configuration - name: org.osbuild.debian-desktop-config options: # Desktop environment setup desktop_environment: kde # Display manager configuration display_manager: sddm # User session setup user_sessions: true # Desktop applications configuration applications: true # Theme and appearance theme: breeze # Default applications default_apps: browser: firefox-esr file_manager: dolphin terminal: konsole text_editor: kate # Server image type - minimal server configuration server: # Inherit core packages from qcow2 packages: # Include essential qcow2 packages - linux-image-amd64 - linux-headers-amd64 - systemd - systemd-sysv - dbus - initramfs-tools - grub-efi-amd64 - efibootmgr - util-linux - parted - e2fsprogs - dosfstools - ostree - ostree-grub2 - sudo - bash - coreutils - network-manager - systemd-resolved - openssh-server - curl - wget - apt - apt-utils - ca-certificates - locales - udev - kmod - rsyslog - systemd-timesyncd - tzdata # Server-specific packages - nginx - apache2 - mariadb-server - postgresql - redis-server - fail2ban - ufw - htop - iotop - nethogs - iftop - tcpdump - nmap - vim - git - python3 - python3-pip - nodejs - npm # Inherit stages from qcow2 and add server-specific stages stages: # Include all qcow2 stages - ${qcow2.stages} # Additional server configuration - name: org.osbuild.debian-server-config options: # Server hardening security_hardening: true # Firewall configuration firewall: ufw # SSH configuration ssh: port: 22 root_login: false key_auth_only: false # Service configuration services: - nginx - apache2 - mariadb - postgresql - redis - fail2ban # Monitoring setup monitoring: true # Logging configuration logging: rsyslog # Development image type - includes development tools development: # Inherit all packages from desktop packages: # Include all desktop packages - ${desktop.packages} # Development tools - build-essential - gcc - g++ - make - cmake - autoconf - automake - libtool - pkg-config - git - subversion - mercurial - python3-dev - python3-pip - python3-venv - nodejs - npm - yarn - rustc - cargo - golang-go - openjdk-17-jdk - maven - gradle - docker.io - docker-compose - podman - buildah - skopeo - vscode - code - atom - sublime-text - vim - emacs - nano - gdb - valgrind - strace - ltrace - perf - flamegraph - wireshark - tcpdump - nmap - netcat - socat - curl - wget - httpie - jq - yq - sqlite3 - mysql-client - postgresql-client - redis-tools - mongodb-clients - awscli - azure-cli - gcloud - kubectl - helm - terraform - ansible - vagrant - virtualbox - qemu-system - libvirt-clients - virt-manager # Inherit stages from desktop and add development-specific stages stages: # Include all desktop stages - ${desktop.stages} # Additional development configuration - name: org.osbuild.debian-development-config options: # Development environment setup development_tools: true # IDE configuration ides: - vscode - atom - sublime-text # Container runtime setup container_runtime: docker # Development user setup dev_user: debian # Git configuration git: user_name: "Debian Developer" user_email: "developer@debian.local" # SSH key setup ssh_keys: true # Development directories dev_directories: - /home/debian/projects - /home/debian/src - /home/debian/bin # Environment variables env_vars: - name: PATH value: "/home/debian/bin:/usr/local/bin:$PATH" - name: EDITOR value: "vim" - name: VISUAL value: "code"