A bug with Debian preseed + apt proxy
I use Packer to provision Kali Machines for $DAYJOB and other use.
I build the VM images multiple times a day in my lab at home and my Delivery Environment at $DAYJOB. To speed things up, I use a caching software called apt-cacher-ng. It caches packages used during installs and updates (you can use it with docker too) and takes a Kali
minimal.iso install from roughly 30 minutes 5. I have plenty of bandwidth, but internet speeds have yet to catch up to internal storage.
I plan to write a full article about my configuration (already in a repo, just need to push )
I would randomly have issues where the preseed wouldn't load. I scrapped and rewrote it multiple times trying to figure out where I had gone wrong.
In a preseed, you can set a proxy like so:
d-i mirror/http/proxy string "yourproxyinfo"
However, doing so doesn't just set a proxy for apt (the expected behavior). It sets a proxy for the entire system. For $reasons, debconf will periodically poll the URL for the preseed. So if at any point it requires an answer to a setting and it can't reach the address, it will fail and wait for manual input.
My packer installs use NAT, so once the proxy is set, they are proxying any/all traffic through my apt cache-- which obviously isn't going to be able to talk to my workstation on it's NAT adapter
I haven't figured out exactly when/why debconf re-polls for the preseed. But I found a workaround which has been rock solid thus far.
Instead of setting your
mirror/http/proxy using the normal
d-i line, try this:
d-i preseed/early_command string debconf-set-selections mirror/http/proxy string "$apt_proxy" && export http_proxy=""
By configuring the proxy this way, as soon as debconf enables the proxy it will also disable the system-wide proxy.
tl;dr silly debconf bug kept biting me, but it's resolvable.