In order to create an image, a source must be defined. The source section is defined as follows:
source: downloader: <string> # required url: <string> keys: <array> keyserver: <string> variant: <string> suite: <string> same_as: <boolean> skip_verification: <boolean> components: <array>
downloader field defines a downloader which pulls a rootfs image which will be used as a starting point.
It needs to be one of
url field defines the URL or mirror of the rootfs image.
Although this field is not required, most downloaders will need it. The
rootfs-http downloader also supports local image files when prefixed with
url: file:///home/user/image.tar.gz or
keys field is a list of GPG keys.
These keys can be listed as fingerprints or armored keys.
The latter has the advantage of not having to rely on a key server to download the key from.
The keys are used to verify the downloaded rootfs tarball if downloaded from a insecure source (HTTP).
keyserver defaults to
hkps.pool.sks-keyservers.net if none is provided.
variant field is only used in a few distributions and defaults to
Here’s a list downloaders and their possible variants:
All other downloaders ignore this field.
suite field is only used by the
debootstrap will use
suite instead of
image.release as its first positional argument.
same_as field is set, distrobuilder creates a temporary symlink in
/usr/share/debootstrap/scripts which points to the
same_as file inside that directory.
This can be used if you want to run
debootstrap foo but
foo is missing due to
debootstrap not being up-to-date.
skip_verification is true, the source tarball is not verified.
components field is set,
debootstrap will use packages from the listed components.
If a package set has the
early flag enabled, that list of packages will be installed
while the source is being downloaded. (Note that
early packages are only supported by