diff --git a/_includes/example-preseed-excerpt.txt b/_includes/example-preseed-excerpt.txt
new file mode 100644
index 00000000..89e1f1cc
--- /dev/null
+++ b/_includes/example-preseed-excerpt.txt
@@ -0,0 +1,42 @@
+### Apt setup
+# Choose, if you want to scan additional installation media
+# (default: false).
+d-i apt-setup/cdrom/set-first boolean false
+# You can choose to install non-free firmware.
+#d-i apt-setup/non-free-firmware boolean true
+# You can choose to install non-free and contrib software.
+#d-i apt-setup/non-free boolean true
+#d-i apt-setup/contrib boolean true
+# Uncomment the following line, if you don't want to have the sources.list
+# entry for a DVD/BD installation image active in the installed system
+# (entries for netinst or CD images will be disabled anyway, regardless of
+# this setting).
+#d-i apt-setup/disable-cdrom-entries boolean true
+# Uncomment this if you don't want to use a network mirror.
+#d-i apt-setup/use_mirror boolean false
+# Select which update services to use; define the mirrors to be used.
+# Values shown below are the normal defaults.
+#d-i apt-setup/services-select multiselect security, updates
+#d-i apt-setup/security_host string security.debian.org
+
+# Additional repositories, local[0-9] available
+#d-i apt-setup/local0/repository string \
+#       http://local.server/debian stable main
+#d-i apt-setup/local0/comment string local server
+# Enable deb-src lines
+#d-i apt-setup/local0/source boolean true
+# URL to the public key of the local repository; you must provide a key or
+# apt will complain about the unauthenticated repository and so the
+# sources.list line will be left commented out.
+#d-i apt-setup/local0/key string http://local.server/key
+# or one can provide it in-line by base64 encoding the contents of the
+# key file (with `base64 -w0`) and specifying it thus:
+#d-i apt-setup/local0/key string base64://LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tCi4uLgo=
+# The content of the key file is checked to see if it appears to be ASCII-armoured.
+# If so it will be saved with an ".asc" extension, otherwise it gets a '.gpg' extension.
+# "keybox database" format is currently not supported. (see generators/60local in apt-setup's source)
+
+# By default the installer requires that repositories be authenticated
+# using a known gpg key. This setting can be used to disable that
+# authentication. Warning: Insecure, not recommended.
+#d-i debian-installer/allow_unauthenticated boolean true
diff --git a/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md b/_posts/2024/2024-11-12-Cobbler-v3.3.7-Beginners-Guide.md
similarity index 97%
rename from _posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md
rename to _posts/2024/2024-11-12-Cobbler-v3.3.7-Beginners-Guide.md
index 37d0109d..a8e26635 100644
--- a/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md
+++ b/_posts/2024/2024-11-12-Cobbler-v3.3.7-Beginners-Guide.md
@@ -1,8 +1,8 @@
 ---
 layout: post
-title: Cobbler v3.3.6 Beginner's Guide
+title: Cobbler v3.3.7 Beginner's Guide
 author: Sus-Admin
-summary: Getting started with Cobbler v3.3.6; basic installation, setup and automated PXE client provisioning
+summary: Getting started with Cobbler v3.3.7; basic installation, setup and automated PXE client provisioning
 ---
 
 This guide is intended to accompany and extend the official Cobbler [Installation](https://cobbler.readthedocs.io/en/v3.3.6/installation-guide.html) and [Quick Start](https://cobbler.readthedocs.io/en/v3.3.6/quickstart-guide.html) guides.
@@ -17,7 +17,7 @@ Cobbler is an open-source, system deployment and provisioning software which can
 
 ## Objective
 
-Starting with a fresh installation of Fedora 34 Server (or Workstation - [Fedora download archive](https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/34/Server/x86_64/iso/)), this guide will detail preparing the system for Cobbler v3.3.6 installation from source, including prerequisite/dependency installations and network setup, and then provide all necessary steps to install and configure Cobbler to automatically provision another LAN host with Fedora 34 or 37 Server through PXE network boot.
+Starting with a fresh installation of Fedora 34 Server (or Workstation - [Fedora download archive](https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/34/Server/x86_64/iso/)), this guide will detail preparing the system for Cobbler v3.3.7 installation from source, including prerequisite/dependency installations and network setup, and then provide all necessary steps to install and configure Cobbler to automatically provision another LAN host with Fedora 34 or 37 Server through PXE network boot.
 
 ## Environment
 
@@ -58,14 +58,14 @@ This guide assumes that both the **Cobbler Server** and **PXE Clinet(s)** are ru
 <div class="row mt-3">
     <div class="col-sm mt-3 mt-md-0">
 	    <h3><b>Physical Network Diagram</b></h3>
-        {% include figure.liquid loading="eager" path="images/Cobbler-3.3.6-Beginners_Physical.jpg" class="img-fluid rounded z-depth-1" zoomable=true %}
+        {% include figure.liquid loading="eager" path="images/Cobbler-3.3.7-Beginners_Physical.jpg" class="img-fluid rounded z-depth-1" zoomable=true %}
 		<div class="caption">
             The Cobbler server and PXE client(s) are not shown here, as they are VMs, not physical workstations.
         </div>
     </div>
     <div class="col-sm mt-3 mt-md-0">
 	    <h3><span style="float:right;"><b>Logical Network Diagram</b></span></h3>
-        {% include figure.liquid loading="eager" path="images/Cobbler-3.3.6-Beginners_Logical.jpg" class="img-fluid rounded z-depth-1" zoomable=true %}
+        {% include figure.liquid loading="eager" path="images/Cobbler-3.3.7-Beginners_Logical.jpg" class="img-fluid rounded z-depth-1" zoomable=true %}
 		<div class="caption">
             The VirtualBox host (my Windows 10 laptop) is only shown for completeness, it is not used in the procedures other than the VM settings described above.
         </div>
@@ -78,7 +78,7 @@ This guide assumes that both the **Cobbler Server** and **PXE Clinet(s)** are ru
 
 ## Fedora Server Basics
 
-As stated above, this document outlines the procedures necessary to install and configure Cobbler v3.3.6 on a Fedora 34 host server for local network installations/provisioning through PXE. Additionally, necessary adjustments will be made for security through **selinux** and **firewalld** on the Cobbler server. As such, it is recommended to keep things simple and **limit the number of additional applications installed** to the Cobbler server to **minimize unexpected firewall and selinux complications.**
+As stated above, this document outlines the procedures necessary to install and configure Cobbler v3.3.7 on a Fedora 34 host server for local network installations/provisioning through PXE. Additionally, necessary adjustments will be made for security through **selinux** and **firewalld** on the Cobbler server. As such, it is recommended to keep things simple and **limit the number of additional applications installed** to the Cobbler server to **minimize unexpected firewall and selinux complications.**
 
 ### Updating
 
@@ -143,14 +143,14 @@ yum install make git python3-devel python3-sphinx python3-coverage openssl httpd
 
 > Cobbler is also available through the YUM repos, using `yum install cobbler`
 
-Download **cobbler v3.3.6** source code from the official GitHub repo
+Download **cobbler v3.3.7** source code from the official GitHub repo
 
 ```shell
-wget -P  ~/Downloads/. https://github.com/cobbler/cobbler/archive/refs/tags/v3.3.6.zip
+wget -P  ~/Downloads/. https://github.com/cobbler/cobbler/archive/refs/tags/v3.3.7.zip
 
 mkdir -p /usr/src/cobbler
 cd /usr/src/cobbler
-unzip -d . ~/Downloads/v3.3.6
+unzip -d . ~/Downloads/v3.3.7
 ```
 
 Install the runtime dependencies and enable system services *(systemd will probably report some errors...)*
@@ -171,7 +171,7 @@ yum install grub2-pc grub2-pc-modules grub2-efi-x64-modules grub2-efi-aa64-modul
 Install Cobbler
 
 ```shell
-cd /usr/src/cobbler/cobbler-3.3.6
+cd /usr/src/cobbler/cobbler-3.3.7
 make install
 systemctl restart httpd
 ```
@@ -203,6 +203,12 @@ sed -i "s/pxe_just_once: true/pxe_just_once: false/" /etc/cobbler/settings.yaml
 sed -i "s/enable_ipxe: false/enable_ipxe: true/" /etc/cobbler/settings.yaml
 ```
 
+> Even if you do not enable iPXE above, it won't hurt to symlink the correct file that cobbler points to in the `/etc/cobbler/dhcp.template` file.
+>
+> ```shell
+> ln -s /usr/share/ipxe/undionly.kpxe /var/lib/cobbler/loaders/undionly.kpxe
+> ```
+
 Edit the subnet decaration in **/etc/cobbler/dhcp.tempate** to match the **enp0s8** interface:
 
 ```shell
@@ -443,7 +449,7 @@ systemctl restart tftp httpd
 
 1. Cobbler's [official docs](https://cobbler.readthedocs.io/en/v3.3.6/installation-guide.html#id2) advise that installing and running Cobbler in a virtual environment is not possible, but I have had no issues related to virtualization.
 
-1. Some dependencies are missing from the official [Cobbler docs](https://cobbler.readthedocs.io/en/v3.3.6/installation-guide.html#packages). Have a look at the [dockerfile](https://github.com/cobbler/cobbler/blob/v3.3.6/docker/rpms/Fedora_34/Fedora34.dockerfile) located in cobbler's source code for a more complete list.
+1. Some dependencies are missing from the official [Cobbler docs](https://cobbler.readthedocs.io/en/v3.3.6/installation-guide.html#packages). Have a look at the [dockerfile](https://github.com/cobbler/cobbler/blob/v3.3.7/docker/rpms/Fedora_34/Fedora34.dockerfile) located in cobbler's source code for a more complete list.
 
 1. It's always a good idea to manually install the desired distro (Fedora 34 or 37 Server in the case of this guide) to the desired hardware (VirtualBox VM in this case) before attempting a network installation, to validate compatability.
 
diff --git a/_posts/2024/2024-12-02-Cobbler-v3.3.7-Debian-Deployment-Guide.md b/_posts/2024/2024-12-02-Cobbler-v3.3.7-Debian-Deployment-Guide.md
new file mode 100644
index 00000000..01589b61
--- /dev/null
+++ b/_posts/2024/2024-12-02-Cobbler-v3.3.7-Debian-Deployment-Guide.md
@@ -0,0 +1,372 @@
+---
+layout: post
+title: Cobbler (v3.3.7) Debian Deployment Guide
+author: Sus-Admin
+summary: Deploying Debian Bullseye and Bookworm (11 & 12) via PXE network boot.
+---
+
+This guide assumes that you have a Fedora 34 server or workstation system configured to run Cobbler v3.3.7 similarly to the [Cobbler v3.3.7 Beginner's guide](/_posts/2024/2024-11-12-Cobbler-v3.3.7-Beginners-Guide.md).
+
+## Table of Contents
+{:.no_toc}
+
+1. TOC
+{:toc}
+
+## Objective
+
+Starting where the [Beginner's guide](/_posts/2024/2024-11-12-Cobbler-v3.3.7-Beginners-Guide.md) left off, further configure the Cobbler v3.3.7 server to deploy the latest release of Debian 11 Bullseye and Debian 12 Bookworm via PXE network boot, using the same system and network environment. This guide assumes that you still have `selinux` and `firewalld` configured and enabled as described in the Beginner's guide.
+
+### Caveats
+
+- using the `cobbler check` CLI command, the output recommends installing the **debmirror** package in order to manage Debian deployments and repos with Cobbler. Instead, we will simply import the Debian source installation media (.iso file), which will become available over HTTP, and use that as the local repo mirror to install over the network.
+
+    - This method is not the Cobbler official method, and Debian actually [recommends](https://www.debian.org/mirror/ftpmirror) using something like "apt-cacher-ng" or "squid proxy"
+
+    - The Main Debian repo for the latest release of Debian is about 100 GB at the time of writing, which is why this is *my* preferred method over using **debmirror**, as it only requires the data from a single Debian installer DVD (.iso file)
+
+        - For completeness however, the **debmirror** method will be detailed towards the bottom of this guide, in the **Mirroring with debmirror** section.
+
+- This guide provides a workaround to an issue that is encountered when installing Debian 11 & 12 over the network from a local/private repo where the PXE client (`debian-installer`) does not trust the installation source *(Since Debian developers DO NOT sign the software/repos packaged into official CD/DVD/ISO releases: [https://wiki.debian.org/SecureApt](https://wiki.debian.org/SecureApt) )*.
+
+    - This appears to be a bug in the `debian-installer` (`d-i`); more info provided in the **Tips & Troubleshooting** section below.
+
+    - This issue should not arise when mirroring an official Debian mirror using the **debmirror** method, as recommended by Cobbler
+
+## Cobbler Server Prep
+
+Debian maintainers advise that network booting Debian is [not for novice users](https://www.debian.org/distrib/netinst#netboot), and they're not wrong, but we're no amateurs.
+
+That said, continue at your own risk.
+
+### Dependencies
+
+Download the latest releases of Debian Bookworm and Bullseye
+
+```shell
+cd ~/Downloads && wget https://cdimage.debian.org/debian-cd/current/amd64/iso-dvd/debian-12.8.0-amd64-DVD-1.iso
+cd ~/Downloads && wget https://cdimage.debian.org/mirror/cdimage/archive/11.11.0/amd64/iso-dvd/debian-11.11.0-amd64-DVD-1.iso
+```
+
+Additionally, all Debian releases at the time of writing require the "netboot" initial ramdisk (`initrd`) provided separately by the Debian maintainers in order to properly boot over the network. Furthermore, Debian 11 Bullseye and earlier require the "netboot firmware" image, which is an extension to the netboot `initrd` image containing drivers for non-free firmware, also provided by Debian.
+
+```shell
+wget -O ~/Downloads/Debian12.8-netboot.gz https://ftp.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz
+
+wget -O ~/Downloads/Debian11.11-netboot.gz  https://ftp.debian.org/debian/dists/bullseye/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz
+wget -O ~/Downloads/Debian11.11-firmware.gz https://cdimage.debian.org/cdimage/firmware/bullseye/current/firmware.cpio.gz
+```
+
+> The netboot `initrd.gz` file above is not maintained in the same manner as the main Debian installation media; only the netboot `initrd.gz` image corresponding to the LATEST official release of Debian for any major version (bookworm, bullseye, etc...) will be available on the official [FTP site](https://ftp.debian.org/debian/dists/) above, and not the cdimage [repo](https://cdimage.debian.org/debian-cd/current) or [archive](https://cdimage.debian.org/cdimage/archive/) where the .iso images are acquired from (the images CAN be found on the Debian repo [snapshot archive](https://snapshot.debian.org/archive/debian/), but you'll have to correlate the date with the appropriate release).
+> 
+> All previous releases of the netboot `firmware.cpio.gz` image ARE available on the official [cdimage archive](https://cdimage.debian.org/cdimage/firmware/bullseye/) at the time of writing.
+>
+> Newer releases of the netboot `initrd.gz` and firmware images will not be compatible with previous releases of Debian, as they use different kernel and module versions.
+
+Create a GPG key to sign the local Debian repo mirror, and then export the public key to the public HTTP share on the Cobbler server and restore the SELinux labels.
+
+```shell
+gpg --full-gen-key --batch <(echo "Key-Type: 1"; \
+                             echo "Key-Length: 4096"; \
+                             echo "Subkey-Type: 1"; \
+                             echo "Subkey-Length: 4096"; \
+                             echo "Expire-Date: 0"; \
+                             echo "Name-Real: cobbler"; \
+                             echo "Name-Email: cobbler@fedora.local"; \
+                             echo "%no-protection"; )
+
+gpg --output /var/www/cobbler/pub/cobbler.gpg.asc --armor --export cobbler
+sudo restorecon -R /var/www/cobbler/pub
+```
+
+> for simplicity, this GPG key will not be password protected. This is against cyber-security best practices and should only be implemented in a test environment.
+
+## Debian 12 Bookworm PXE Deployment
+
+mount the Debian 12 Bookworm installation media and import the distro into cobbler:
+
+```shell
+[ -e /mnt/Debian ] || mkdir /mnt/Debian
+mount -t iso9660 -o loop,ro /home/fedora/Downloads/debian-12.8.0-amd64-DVD-1.iso /mnt/Debian
+cobbler import --name Debian12.8 --path /mnt/Debian
+```
+
+Navigate to the imported distro mirror and sign the repo:
+
+```shell
+cd /var/www/cobbler/distro_mirror/Debian12.8/dists/bookworm
+gpg -u cobbler -bao Release.gpg Release
+gpg -u cobbler --clear-sign --output InRelease Release
+```
+
+Concatenate the two `initrd.gz` images in the following order, then configure the new Cobbler Distro to use the combined image:
+
+```shell
+cat /var/www/cobbler/distro_mirror/Debian12.8/install.amd/initrd.gz ~/Downloads/Debian12.8-netboot.gz > /var/www/cobbler/pub/Debian12.8-netboot.gz
+
+cobbler distro edit --name Debian12.8-x86_64 --initrd "/var/www/cobbler/pub/Debian12.8-netboot.gz"
+```
+
+Create a new "preseed" (autoinstall) template from the sample included with Cobbler, and make the necessary changes to install from an unofficial source.
+
+```shell
+cp /var/lib/cobbler/templates/sample.seed /var/lib/cobbler/templates/bookworm-sample.seed
+sed -i 's,# d-i debian-installer/allow_unauthenticated boolean true,d-i debian-installer/allow_unauthenticated boolean true,' /var/lib/cobbler/templates/bookworm-sample.seed
+sed -i 's,# d-i apt-setup/local0/key string http://local.server/key,d-i apt-setup/local0/repository string http://$http_server$install_source_directory\nd-i apt-setup/local0/key string http://$http_server/cblr/pub/cobbler.gpg.asc,' /var/lib/cobbler/templates/bookworm-sample.seed
+```
+
+> This is where the bug mentioned in the **Caveats** section above is introduced. The `apt-setup/local0/key` preseed value *should* allow us to provide the `debian-installer` with a GPG key to use to validate the installation source.
+> 
+> Still confugre it to retrieve the key over HTTP anyway, just in case.
+
+Create a file named `preseed_early_workaround` in the `/var/lib/cobbler/scripts` directory with the following contents which will run on the PXE client to circumvent the bug mentioned in the **Caveats** section above:
+
+```shell
+#!/bin/sh
+while true; do
+	[ -d /target/etc/apt/trusted.gpg.d ] && cd /target/etc/apt/trusted.gpg.d && fetch-url http://10.0.0.10/cblr/pub/cobbler.gpg.asc cobbler.gpg.asc && exit;
+	sleep 1;
+done 2> /dev/null 1> /dev/null &
+```
+
+Optionally, create another preseed script (`/var/lib/cobbler/scripts/preseed_late_sudo_sources`) to run in the post-installation stage which will grant sudo privileges to the "debian" user (created below) and reconfigure the installed system to use Debian's official APT sources instead of our local Cobbler server.
+
+```shell
+#!/bin/sh
+sed -i 's,#PermitRootLogin prohibit-password,PermitRootLogin no,' /etc/ssh/sshd_config
+usermod -aG sudo debian
+sed -i 's,^,#,' /etc/apt/sources.list
+echo 'deb http://deb.debian.org/debian bookworm main non-free-firmware non-free contrib' >> /etc/apt/sources.list
+echo 'deb-src http://deb.debian.org/debian bookworm main non-free-firmware non-free contrib' >> /etc/apt/sources.list
+echo 'deb http://security.debian.org/debian-security bookworm-security main non-free-firmware non-free contrib' >> /etc/apt/sources.list
+echo 'deb-src http://security.debian.org/debian-security bookworm-security main non-free-firmware non-free contrib' >> /etc/apt/sources.list
+echo 'deb http://deb.debian.org/debian bookworm-updates main non-free-firmware non-free contrib' >> /etc/apt/sources.list
+echo 'deb-src http://deb.debian.org/debian bookworm-updates main non-free-firmware non-free contrib' >> /etc/apt/sources.list
+```
+
+Modify the new preseed (autoinstall) template to install desired packages only, setup an additional user "debian", set the workaround script created above to run in the "early" installation stage, and the "preseed_late" script to run in the late stage, if configured, and more aggressively force the installation regardless of any existing installations.
+
+```shell
+sed -i 's,ntp ssh wget,wget curl openssh-server sudo vim\npopularity-contest popularity-contest/participate boolean false,' /var/lib/cobbler/templates/bookworm-sample.seed
+sed -i 's,# d-i apt-setup/services-select multiselect security,d-i apt-setup/services-select multiselect,' /var/lib/cobbler/templates/bookworm-sample.seed
+sed -i 's,d-i partman-auto/method string lvm,d-i partman-efi/non_efi_system boolean true\nd-i partman-auto/method string lvm,' /var/lib/cobbler/templates/bookworm-sample.seed
+sed -i 's,d-i grub-installer/bootdev string default,d-i grub-installer/bootdev string default\nd-i grub-installer/with_other_os boolean true\nd-i grub-installer/force-efi-extra-removable boolean false\nd-i grub-installer/enable_os_prober_otheros_yes boolean false\nd-i grub-installer/enable_os_prober_otheros_no boolean true,' /var/lib/cobbler/templates/bookworm-sample.seed
+sed -i 's,d-i passwd/make-user boolean false,d-i passwd/make-user boolean true\nd-i passwd/user-fullname string Debian Admin\nd-i passwd/username string debian\nd-i passwd/user-password-crypted password $default_password_crypted,' /var/lib/cobbler/templates/bookworm-sample.seed
+sed -i 's,script=preseed_early_default,script=preseed_early_workaround,' /var/lib/cobbler/templates/bookworm-sample.seed
+sed -i 's,script=preseed_late_default,script=preseed_late_sudo_sources,' /var/lib/cobbler/templates/bookworm-sample.seed
+```
+
+Configure the Cobbler Profile to use the new autoinstall (preseed) template:
+
+```shell
+cobbler profile edit --name Debian12.8-x86_64 --autoinstall 'bookworm-sample.seed'
+```
+
+Finally, create a new Cobbler System to PXE boot and automatically install Debian 12 Bookworm, replacing the *"aa:bb:cc:dd:ee:ff"* with the MAC address of your PXE client, being sure not to use a duplicate MAC or IP addresse of any other Cobbler System, then sync up Cobbler.
+
+```shell
+cobbler system add --name "Debian12.8" --profile Debian12.8-x86_64 --hostname "debian12-8" --mac-address "aa:bb:cc:dd:ee:ff" --netboot-enabled true --ip-address "10.0.0.12" --netmask "255.255.255.0" --gateway "10.0.0.1" --name-servers "10.0.0.1 1.1.1.1 8.8.8.8"
+cobbler sync
+```
+
+The **PXE Client** VM can now be powered on, and should automatically boot to PXE and install Debian 12.8 to the VM HDD using the "bookworm-sample.seed" preseed template created above.
+
+## Debian 11 Bullseye PXE Deployment
+
+Take similar steps as above, with the inclusion of the netboot "firmware" image file in the combined `initrd.gz` image file, and using the "bookworm-sample.seed" template created above as a starting point and trimming off a few unsupported preseed settings to import and automatically deploy Debian 11 Bullseye over PXE.
+
+```shell
+[ -e /mnt/Debian ] || mkdir /mnt/Debian
+mount -t iso9660 -o loop,ro /home/fedora/Downloads/debian-11.11.0-amd64-DVD-1.iso /mnt/Debian
+cobbler import --name=Debian11.11 --path=/mnt/Debian
+
+cd /var/www/cobbler/distro_mirror/Debian11.11/dists/bullseye
+gpg -u cobbler -bao Release.gpg Release
+gpg -u cobbler --clear-sign --output InRelease Release
+
+cat /var/www/cobbler/distro_mirror/Debian11.11/install.amd/initrd.gz ~/Downloads/Debian11.11-netboot.gz ~/Downloads/Debian11.11-firmware.gz > /var/www/cobbler/pub/Debian11.11-netboot.gz
+cobbler distro edit --name Debian11.11-x86_64 --initrd "/var/www/cobbler/pub/Debian11.11-netboot.gz"
+
+grep -v "os_prober" /var/lib/cobbler/templates/bookworm-sample.seed > /var/lib/cobbler/templates/bullseye-sample.seed
+cobbler profile edit --name Debian11.11-x86_64 --autoinstall bullseye-sample.seed
+
+cobbler system add --name Debian11.11 --profile Debian11.11-x86_64 --mac-address "aa:bb:cc:dd:ee:ff" --netboot-enabled true
+
+cobbler sync
+```
+
+## Mirroring with debmirror
+
+Mirroring the official Debian repos with the **debmirror** tool is fairly simple, but will require about 100GB of extra disk space on the Cobbler server.
+
+This guide will only provide the steps to mirror the LATEST release of Debian *(Bookworm 12.8 at the time of writing)* with `debmirror`.
+
+similarly to the DVD/ISO method above, both the **netboot** and **DVD/ISO** `initrd.gz` images are still required in the same concatenated manner to properly install over the network, but they must both be downloaded separately of the `debmirror` process.
+
+Since the official Debian repo will be mirrored, the source will be fully valid with trusted signatures, meaning the autoinstall (preseed) file for the PXE client will not need the APT security settings required in the DVD/ISO source method.
+
+Cobbler supports managing repos/sources via the debmirror command natively, which means the `debmirror` package only needs to be installed and configured, then mirroring can be accomplished/managed through Cobbler CLI commands.
+
+- The syntax for mirroring a Debian repo through the `debmirror` command will still be provided below for context in the **Manual debmirror** section, but is not necessary in most cases to mirror Debian locally.
+
+### Setup debmirror
+
+Follow the instructions for supporting Debian deployments/repos given from the `cobbler check` command output (as well as installign Debian keyrings):
+
+```shell
+yum install -y debmirror debian-keyring
+sed -i "s/@arches/#@arches/g" /etc/debmirror.conf
+sed -i "s/@dists/#@dists/g" /etc/debmirror.conf
+cobbler sync
+cobbler check
+```
+
+### Manual debmirror
+
+Sometimes debmirror may fail to download a few files from the configured source, which can cause Cobbler to error out on the `reposync` task/command.
+
+- Usually re-issueing the `reposync` command (and in-turn, the `debmirror` command) after such a failure will complete the download of the missing files.
+
+This manual `debmirror` method may be useful for troubleshooting
+
+```shell
+debmirror -p -v --method http -a amd64 -h ftp.us.debian.org -d stable -s main,main/debian-installer,contrib,non-free,non-free-firmware --nosource --keyring="/usr/share/keyrings/debian-archive-keyring.gpg"  ~/Debian12.8
+```
+
+### Cobbler reposync and debmirror
+
+use the `cobbler repo` and `cobbler reposync` commands in order to mirror Debian lates repo locally:
+
+```shell
+cobbler repo add --name Debian-latest --keep-updated true --mirror-locally true --breed apt --arch x86_64 --mirror "http://ftp.us.debian.org/debian" --apt-components=main,main/debian-installer,non-free-firmware --apt-dists=bookworm --yumopts '--keyring'='/usr/share/keyrings/debian-archive-keyring.gpg'
+cobbler reposync
+```
+
+Configure a new preseed file for installation via the trusted, signed Debian repo:
+
+```shell
+cp /var/lib/cobbler/templates/bookworm-sample.seed /var/lib/cobbler/templates/bookworm-latest.seed
+sed -i 's,d-i apt-setup/local0/repository,#d-i apt-setup/local0/repository,' /var/lib/cobbler/templates/bookworm-latest.seed
+sed -i 's,d-i apt-setup/local0/key,#d-i apt-setup/local0/key,' /var/lib/cobbler/templates/bookworm-latest.seed
+sed -i 's,d-i debian-installer/allow_unauthenticated,#d-i debian-installer/allow_unauthenticated,' /var/lib/cobbler/templates/bookworm-latest.seed
+sed -i 's,script=preseed_early_workaround,script=preseed_early_skip,' /var/lib/cobbler/templates/bookworm-latest.seed
+cp /var/lib/cobbler/scripts/preseed_early_workaround /var/lib/cobbler/scripts/preseed_early_skip
+echo -e '#!/bin/sh\nexit' | tee /var/lib/cobbler/scripts/preseed_early_skip
+```
+
+Download the kernel and 2 initrd files for Debiain latest/current (12.8)
+
+```shell
+wget -O ~/Downloads/debian-stable-initrd.gz http://ftp.us.debian.org/debian/dists/stable/main/installer-amd64/current/images/cdrom/initrd.gz
+wget -O ~/Downloads/debian-stable-netboot-initrd.gz http://ftp.us.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz
+wget -O ~/Downloads/debian-stable-vmlinuz http://ftp.us.debian.org/debian/dists/stable/main/installer-amd64/current/images/cdrom/vmlinuz
+mkdir /var/www/cobbler/pub/Debian12.8-netboot
+cat /home/fedora/Downloads/debian-stable-initrd.gz /home/fedora/Downloads/debian-stable-netboot-initrd.gz > /var/www/cobbler/pub/Debian12.8-netboot/initrd.gz
+cp ~/Downloads/debian-stable-vmlinuz /var/www/cobbler/pub/Debian12.8-netboot/vmlinuz
+```
+
+Add a Cobbler Distro and Profile for the new Debian repo, and the usual HTTP link:
+
+```shell
+cobbler distro add --name Debian-latest --arch x86_64 --autoinstall-meta 'tree'='http://@@http_server@@/cblr/links/Debian-latest' --breed debian --os-version bookworm --initrd "/var/www/cobbler/pub/Debian12.8-netboot/initrd.gz" --kernel "/var/www/cobbler/pub/Debian12.8-netboot/vmlinuz"
+cobbler profile add --name Debian-latest --distro Debian-latest --autoinstall bookworm-latest.seed
+ln -s /var/www/cobbler/repo_mirror/Debian-latest /var/www/cobbler/links/Debian-latest
+cobbler sync
+```
+
+Now the **PXE Client** should be able to boot from a generic/random MAC address and load the new "Debian-latest" Cobbler Profile over GRUB
+
+> Cobbler Systems can now also be added similarly to above in the **Debian 12 Bookworm PXE Deployment** and **Debian 11 Bullseye PXE Deployment** sections above.
+> 
+> ```shell
+> cobbler system add --name Debian-Latest --profile Debian-latest --mac-address "aa:bb:cc:dd:ee:ff" --netboot-enabled true
+> ```
+
+
+## Tips & Troubleshooting
+
+1. The [Cobbler 3.3.7 Beginner's Guide](/_posts/2024/2024-11-12-Cobbler-v3.3.7-Beginners-Guide.md) **Tips & Troubleshooting** section contains some basic recommendations and limitations of Cobbler which will not be repeated here.
+
+1. The `debian-installer` issue mentioned in the **Caveats** section above is primarily marked by a fatal error during the installation process and the log entry `GPG error` in `/var/log/syslog` on the installer system, or, if the workaround script was used, you can install the `debconf-utils` package on the resulting system and use the command `debconf-get-selections --installer | grep "Downloading"` for more info on the error.
+
+    - The error prevents the installation from proceeding using the configured repo mirror, but the `debian-installer` remains running; press **ALT+F2** or **ALT+F3** on the PXE client keyboard to access a privileged shell to conduct some troubleshooting.
+
+    - The issue stems from the below section of the preseed file, retrieved drectly from Debian's official [stable](https://www.debian.org/releases/stable/example-preseed.txt) and [bookworm](https://www.debian.org/releases/bookworm/example-preseed.txt) example preseed files.
+
+<pre>{% include example-preseed-excerpt.txt path="_includes/example-preseed-excerpt.txt" %}</pre>
+
+1. *(continued)*
+    - As seen in the procedures above, `allow_unauthenticated` is set to true, which appears to only permit the installation to START when an untrusted repo mirror is found, but the mirror will be checked again before beginning the `apt-setup` phase, which `allow_unauthenticated` will not override.
+
+        - This means that the `debian-installer` also requires the local APT mirror to be defined using the `d-i apt-setup/local0/repository` & `d-i apt-setup/local0/key` preseed options in order for the PXE client to retrieve the public GPG key for the repo mirror and use it to validate the mirror, which seems to be configured properly through the preseed from Cobbler, verified with the following commands on the `debian-installer` system (and obviously can be done, since the workaround provided in this guide does essentially the same thing):
+
+            ```shell
+            debconf-get apt-setup/local0/repository
+            debconf-get apt-setup/local0/key
+            less /var/lib/preseed/log
+            cat /var/log/syslog | grep "GPG error"
+            cat /var/lib/cdebconf/templates.dat | grep apt-setup
+            cat /var/lib/cdebconf/questions.dat | grep apt-setup
+            ```
+
+        - Alternatively, the preseed comments note that you may provide the GPG key inline in the preseed file as a base64-encoded string with the format `d-i apt-setup/local0/key string base64://<base64-encoded_key>`, however I was not able to get this working either.
+
+    - The snippet from Debian's official preseed sample above mentions "see generators/60local in apt-setup's source" and looking at some of that [source code](https://salsa.debian.org/installer-team/apt-setup/-/blob/master/generators/60local?ref_type=heads), I tried to model the workaround script as closely to the source code as possible, which is why `fetch-url` is used to download the GPG key, instead of `wget` or `curl`.
+
+    - This error consistenly occurs on Debian 11 & 12 installations.
+
+1. References
+
+    - [https://forums.debian.net/viewtopic.php?t=157991](https://forums.debian.net/viewtopic.php?t=157991)
+    - [https://www.debian.org/distrib/netinst](https://www.debian.org/distrib/netinst)
+    - [https://www.debian.org/distrib/netinst#netboot](https://www.debian.org/distrib/netinst#netboot)
+        - [https://deb.debian.org/debian/dists/bookworm/main/installer-amd64/current/images/MANIFEST](https://deb.debian.org/debian/dists/bookworm/main/installer-amd64/current/images/MANIFEST)
+    - [https://wiki.debian.org/PXEBootInstall](https://wiki.debian.org/PXEBootInstall])
+    - [https://wiki.debian.org/DebianInstaller](https://wiki.debian.org/DebianInstaller)
+        - [https://wiki.debian.org/DebianInstaller/NetbootFirmware](https://wiki.debian.org/DebianInstaller/NetbootFirmware)
+        - [https://wiki.debian.org/DebianInstaller/Preseed](https://wiki.debian.org/DebianInstaller/Preseed)
+    - [https://wiki.debian.org/DebianInstaller/NetbootAssistant](https://wiki.debian.org/DebianInstaller/NetbootAssistant)
+    - [https://www.debian.org/releases/stable/amd64/apbs03.en.html](https://www.debian.org/releases/stable/amd64/apbs03.en.html)
+        - [https://www.debian.org/releases/bookworm/amd64/apbs03.en.html](https://www.debian.org/releases/bookworm/amd64/apbs03.en.html)
+    - [https://www.debian.org/releases/bookworm/amd64/ch06s03.en.html](https://www.debian.org/releases/bookworm/amd64/ch06s03.en.html)
+    - [https://www.debian.org/releases/stable/amd64/ch05s04](https://www.debian.org/releases/stable/amd64/ch05s04)
+    - [https://www.debian.org/releases/stable/amd64/ch04s05](https://www.debian.org/releases/stable/amd64/ch04s05)
+        - [https://www.debian.org/releases/stable/amd64/ch04s02.en.html#where-files](https://www.debian.org/releases/stable/amd64/ch04s02.en.html#where-files)
+    - [https://wiki.debian.org/debconf](https://wiki.debian.org/debconf)
+        - [https://packages.debian.org/bookworm/debconf-utils](https://packages.debian.org/bookworm/debconf-utils)
+    - [https://wiki.debian.org/AutomatedInstallation](https://wiki.debian.org/AutomatedInstallation)
+        - [https://fai-project.org/FAIme/](https://fai-project.org/FAIme/)
+    - [https://www.debian.org/releases/stable/amd64/apbs04.en.html](https://www.debian.org/releases/stable/amd64/apbs04.en.html)
+        - [https://www.debian.org/releases/bookworm/amd64/apbs04.en.html](ttps://www.debian.org/releases/bookworm/amd64/apbs04.en.html)
+        - [https://www.debian.org/releases/bookworm/example-preseed.txt](https://www.debian.org/releases/bookworm/example-preseed.txt)
+        - [https://www.debian.org/releases/bullseye/example-preseed.txt](https://www.debian.org/releases/bullseye/example-preseed.txt)
+        - [https://www.debian.org/releases/stable/example-preseed.txt](https://www.debian.org/releases/stable/example-preseed.txt)
+        - [https://preseed.debian.net/debian-preseed/bookworm/amd64-main-full.txt](https://preseed.debian.net/debian-preseed/bookworm/amd64-main-full.txt)
+    - [https://snapshot.debian.org/archive/debian/](https://snapshot.debian.org/archive/debian/)
+    - [https://unix.stackexchange.com/questions/533539/switch-tabs-in-debian-installer-over-serial-console-with-putty](https://unix.stackexchange.com/questions/533539/switch-tabs-in-debian-installer-over-serial-console-with-putty)
+    - [https://cobbler.github.io/blog/2024/06/30/libvirt-ipxe.html](https://cobbler.github.io/blog/2024/06/30/libvirt-ipxe.html)
+    - [https://lists.debian.org/debian-boot/2016/07/msg00199.html](https://lists.debian.org/debian-boot/2016/07/msg00199.html)
+    - [https://wiki.debian.org/MacBook#Debian_installation](https://wiki.debian.org/MacBook#Debian_installation)
+    - [https://wiki.debian.org/DebianInstaller/ReleaseProcess](https://wiki.debian.org/DebianInstaller/ReleaseProcess)
+    - [https://wiki.debian.org/DebianInstaller/Debconf11Summary](https://wiki.debian.org/DebianInstaller/Debconf11Summary)
+    - [https://wiki.debian.org/Debian_Systems_Administration_for_non-Debian_SysAdmins?action=show&redirect=Debian_SystemAdministration_for_non-Debian_SysAdmins](https://wiki.debian.org/Debian_Systems_Administration_for_non-Debian_SysAdmins?action=show&redirect=Debian_SystemAdministration_for_non-Debian_SysAdmins)
+    - [https://ftp.debian.org/debian/](https://ftp.debian.org/debian/)
+    - [https://www.debian.org/mirror/ftpmirror](https://www.debian.org/mirror/ftpmirror)
+    - [https://www.debian.org/mirror/list](https://www.debian.org/mirror/list)
+        - [https://www.debian.org/mirror/list-full](https://www.debian.org/mirror/list-full)
+    - [https://www.debian.org/releases/](https://www.debian.org/releases/)
+    - [https://www.debian.org/distrib/archive](https://www.debian.org/distrib/archive)
+    - [https://help.ubuntu.com/community/Debmirror](https://help.ubuntu.com/community/Debmirror)
+    - [https://github.com/cobbler/cobbler/issues/2437](https://github.com/cobbler/cobbler/issues/2437)
+        - [https://wiki.debian.org/SecureApt](https://wiki.debian.org/SecureApt)
+            - [https://wiki.debian.org/DebianKeyring](https://wiki.debian.org/DebianKeyring)
+                - [https://ftp-master.debian.org/keys.html](https://ftp-master.debian.org/keys.html)
+                - [https://keyring.debian.org/](https://keyring.debian.org/)
+                - [https://db.debian.org/](https://db.debian.org/)
+            - [https://www.reddit.com/r/debian/comments/yusdca/how_do_i_find_the_correct_debian_public_key/](https://www.reddit.com/r/debian/comments/yusdca/how_do_i_find_the_correct_debian_public_key/)
+                - [https://www.debian.org/CD/verify](https://www.debian.org/CD/verify)
+        - [https://serverfault.com/questions/669809/sync-ubuntu-repository-with-cobbler-server-fails](https://serverfault.com/questions/669809/sync-ubuntu-repository-with-cobbler-server-fails)
+        - [https://forums.debian.net/viewtopic.php?t=112820](https://forums.debian.net/viewtopic.php?t=112820)
+            - [https://debian-handbook.info/browse/wheezy/sect.package-authentication.html](https://debian-handbook.info/browse/wheezy/sect.package-authentication.html)
+        - [https://serverfault.com/questions/337278/debian-how-can-i-securely-get-debian-archive-keyring-so-that-i-can-do-an-apt-g](https://serverfault.com/questions/337278/debian-how-can-i-securely-get-debian-archive-keyring-so-that-i-can-do-an-apt-g)
+        - [https://ubuntuforums.org/archive/index.php/t-2217665.html](https://ubuntuforums.org/archive/index.php/t-2217665.html)
diff --git a/images/Cobbler-3.3.6-Beginners_Logical.jpg b/images/Cobbler-3.3.7-Beginners_Logical.jpg
similarity index 100%
rename from images/Cobbler-3.3.6-Beginners_Logical.jpg
rename to images/Cobbler-3.3.7-Beginners_Logical.jpg
diff --git a/images/Cobbler-3.3.6-Beginners_Physical.jpg b/images/Cobbler-3.3.7-Beginners_Physical.jpg
similarity index 100%
rename from images/Cobbler-3.3.6-Beginners_Physical.jpg
rename to images/Cobbler-3.3.7-Beginners_Physical.jpg