Build Debian Buster (amd64) LXC / PVE Template

  • install temporary proxmox ve install in KVM VM
  • aptitude install dab
  • make a temporary directory with the following files (based on PVE debian minimal and debian 64-bit vm's):


Suite: buster
CacheDir: ../cache
Source: SUITE main
Source: SUITE-updates main
Source: SUITE/updates main
Architecture: amd64
Name: debian-10.0-tom
Version: 10.4-tom2
Section: system
Maintainer: Tom Dobes <>
Description: Debian Buster for Tom
 The base Debian Buster amd64 install plus common utils.

Side note: Yes, the name really does need to contain 10.0. If it doesn't, dab makes the filename of the resulting template really long by including both debian-10.0 and your name. Argh!


BASEDIR:=$(shell dab basedir)

all: info/init_ok
	dab bootstrap --minimal
	dab install aptitude

	dab install dbus

	dab exec aptitude -y purge dmidecode kmod
	# this was a nice idea, but it's too much of a hassle to fight with it on every aptitude full-upgrade:
	#dab exec dpkg --purge --force-remove-essential e2fsprogs e2fslibs libss2
	dab install locales
	sed -e 's/^# en_US.UTF-8/en_US.UTF-8/' -i ${BASEDIR}/etc/locale.gen
	dab exec dpkg-reconfigure -f noninteractive locales
	echo "LANG=en_US.UTF-8" > ${BASEDIR}/etc/default/locale
	dab install net-tools man-db screen rsync psmisc file patch tcpdump vim strace bzip2 lsof xz-utils wget
	dab install dnsutils
	dab install unattended-upgrades
	echo $\'APT::Periodic::Update-Package-Lists "1";\nAPT::Periodic::Unattended-Upgrade "1";' > ${BASEDIR}/etc/apt/apt.conf.d/20auto-upgrades

	dab exec cp /dev/null /etc/motd
	dab exec systemctl disable ssh.service
	dab exec systemctl enable ssh.socket

	#dab exec systemctl mask proc-sys-fs-binfmt_misc.automount
	#dab exec systemctl mask systemd-binfmt.service
	dab exec systemctl mask systemd-udevd.service

	# Manually creating symlink for localtime required in buster - see
	ln -sf /usr/share/zoneinfo/America/Chicago ${BASEDIR}/etc/localtime
	echo "America/Chicago" > ${BASEDIR}/etc/timezone
	dab exec dpkg-reconfigure -f noninteractive tzdata
	cat sources.list > ${BASEDIR}/etc/apt/sources.list
	dab exec aptitude forget-new
	rm ${BASEDIR}/etc/ssh/ssh_host_*_key*
	dab finalize

info/init_ok: dab.conf
	dab init
	touch $@

.PHONY: clean
	dab clean
	rm -f *~

.PHONY: dist-clean
	dab dist-clean
	rm -f *~

Note that when testing this you need to be sure to run dab init before the commands in the 'all' section. Also, note that it's important that the dpkg-reconfigure for locales go BEFORE setting the contents of the /etc/default/locale file, or else it will get commented out.


deb buster main
deb-src buster main

deb buster/updates main
deb-src buster/updates main

# buster-updates, previously known as 'volatile'
deb buster-updates main
deb-src buster-updates main

# buster-backports, previously on
#deb buster-backports main
#deb-src buster-backports main
  • run make in that directory (Note: Since dab is in /usr/sbin/, this has to be done as root)


  • at the end of this, we don't seem to have a package cache in the VM… maybe related to the sources.list copy which we do to add the deb-src lines? Everything's fine after you run aptitude update once in the VM.
computer/build_debian_buster_amd64_lxc_pve_template.txt · Last modified: 2020/05/10 10:05 by tdobes
Recent changes RSS feed Driven by DokuWiki Valid XHTML 1.0 Valid CSS