User:Jchdel: Difference between revisions
m (Framebuffer-browser?) |
(How to transfrom a diskless USB key in a PXE boot server) |
||
| Line 11: | Line 11: | ||
What about https://github.com/e1z0/Framebuffer-browser on Alpine? I plan to give a try and maybe package it... | What about https://github.com/e1z0/Framebuffer-browser on Alpine? I plan to give a try and maybe package it... | ||
<pre> | |||
#!/bin/sh | |||
set -x | |||
# This script is intended to transform an Alpine Linux USB key running in | |||
# diskless mode into a PXE boot server. | |||
# It will run with a fixed IP 10.33.0.1 on eth0 acting as primary DHCP | |||
# server. | |||
# Only packages present in the local boot media will be available for | |||
# booted boxes. | |||
set -e | |||
mount -o remount,rw /media/usb | |||
# Let's do all downloads first! | |||
sed -i -e '/community/s/^#//' -e '/edge/d' /etc/apk/repositories | |||
apk update | |||
apk add abuild | |||
cd /media/usb/apks/x86_64 | |||
LIST_OF_PACKAGES="aardvark-dns | |||
abuild | |||
acct | |||
acct-openrc | |||
alpine-base | |||
alpine-baselayout | |||
alpine-baselayout-data | |||
alpine-conf | |||
alpine-keys | |||
alpine-release | |||
apk-tools | |||
argon2-libs | |||
attr | |||
bash | |||
blkid | |||
brotli-libs | |||
busybox | |||
busybox-binsh | |||
busybox-mdev-openrc | |||
busybox-openrc | |||
busybox-suid | |||
ca-certificates | |||
ca-certificates-bundle | |||
catatonit | |||
conmon | |||
containers-common | |||
crun | |||
cryptsetup-libs | |||
curl | |||
darkhttpd | |||
device-mapper-libs | |||
e2fsprogs | |||
e2fsprogs-libs | |||
fakeroot | |||
fuse-common | |||
fuse-openrc | |||
fuse-overlayfs | |||
fuse3 | |||
fuse3-libs | |||
glib | |||
gnupg-gpgconf | |||
gpg | |||
gpg-agent | |||
gpgme | |||
gpgsm | |||
ifupdown-ng | |||
ip6tables | |||
ip6tables-openrc | |||
iptables | |||
iptables-openrc | |||
json-c | |||
kmod | |||
kmod-libs | |||
kmod-openrc | |||
lddtree | |||
libacl | |||
libassuan | |||
libblkid | |||
libbz2 | |||
libc-utils | |||
libcap2 | |||
libcom_err | |||
libcrypto3 | |||
libcurl | |||
libedit | |||
libevent | |||
libffi | |||
libgcc | |||
libgcrypt | |||
libgpg-error | |||
libintl | |||
libksba | |||
libmnl | |||
libmount | |||
libnftnl | |||
libseccomp | |||
libslirp | |||
libssl3 | |||
libuuid | |||
linux-firmware-none | |||
linux-lts | |||
linux-pam | |||
lzip | |||
lz4-libs | |||
mdev-conf | |||
mkinitfs | |||
mtools | |||
musl | |||
musl-utils | |||
ncurses-libs | |||
ncurses-terminfo-base | |||
netavark | |||
nghttp2-libs | |||
npth | |||
openrc | |||
openssh | |||
openssh-client-common | |||
openssh-client-default | |||
openssh-keygen | |||
openssh-server | |||
openssh-server-common | |||
openssh-sftp-server | |||
openssl | |||
patch | |||
pcre2 | |||
pkgconf | |||
pinentry | |||
podman | |||
podman-openrc | |||
popt | |||
readline | |||
rsync | |||
rsync-openrc | |||
scanelf | |||
shadow-libs | |||
shadow-subids | |||
slirp4netns | |||
sqlite-libs | |||
ssl_client | |||
syslinux | |||
tar | |||
tmux | |||
vim | |||
xxd | |||
xz-libs | |||
yajl | |||
zlib | |||
zstd-libs" | |||
for p in $LIST_OF_PACKAGES ; do apk fetch $p ; done | |||
apk index -o APKINDEX.tar.gz *.apk | |||
export SUDO="" | |||
abuild-keygen -n -i -a | |||
lbu add ~/.abuild | |||
abuild-sign APKINDEX.tar.gz | |||
grep nginx /etc/apk/world && HTTP_SERVER="" || HTTP_SERVER=darkhttpd | |||
apk add \ | |||
$HTTP_SERVER nfs-utils dnsmasq syslinux | |||
export SUDO="" | |||
abuild-keygen -n -i -a | |||
ALPINE=alpine-netboot-3.17.3-x86_64.tar.gz | |||
if [ -f $ALPINE.sha256 ] | |||
then | |||
mv $ALPINE.sha256 $ALPINE.sha256-previous | |||
else | |||
touch $ALPINE.sha256-previous | |||
fi | |||
while true;do | |||
wget -c https://dl-cdn.alpinelinux.org/alpine/v3.17/releases/x86_64/$ALPINE.sha256 \ | |||
&& break | |||
done | |||
#if [ diff $ALPINE.sha256 $ALPINE.sha256-previous ] | |||
#then | |||
[ -f $ALPINE ] || \ | |||
while true;do | |||
wget -c https://dl-cdn.alpinelinux.org/alpine/v3.17/releases/x86_64/$ALPINE \ | |||
&& break | |||
done | |||
#else | |||
#fi | |||
mkdir -p /media/usb/tftpboot/pxelinux/pxelinux.cfg | |||
# populate TFTP server | |||
rm -fr /tmp/boot | |||
tar xf alpine-netboot-3.17.3-x86_64.tar.gz -C /tmp | |||
cp -r /tmp/boot/* /media/usb/tftpboot/pxelinux/ | |||
# populate HTTP server | |||
#cd /media/usb | |||
#wget -q https://stamp:evensoft@stamp.evensoft.dev/pixie/pxe-default.apkovl.tar.gz | |||
# configure darkhttpd (nginx should already be done by bootstrap-manager) | |||
if [ "$HTTP_SERVER" == "darkhttpd" ]; then | |||
sed -i -e 's+/var/www/localhost/htdocs+/media/usb+' /etc/init.d/darkhttpd | |||
lbu add /etc/init.d/darkhttpd | |||
fi | |||
# populate NFS server | |||
## implicit as we publish /media/usb | |||
# configure NFS for PXE boot | |||
cat << EOF > /etc/exports | |||
# /etc/exports | |||
# | |||
# See exports(5) for a description. | |||
# use exportfs -arv to reread | |||
/media/usb *(ro,no_root_squash,no_subtree_check) | |||
EOF | |||
# configure dnsmasq for PXE boot | |||
cat << EOF > /etc/dnsmasq.d/stamp.conf | |||
# DNS related options | |||
interface=eth0 | |||
listen-address=10.33.0.1 | |||
listen-address=127.0.0.1 | |||
## uplink resolver | |||
server=1.1.1.1 | |||
# DHCP related options | |||
dhcp-range=10.33.0.1,10.33.1.254,12h | |||
## push router | |||
dhcp-option=option:router,10.33.0.1 | |||
## push resolver | |||
dhcp-option=6,10.33.0.1 | |||
# PXE (TFTP) related options | |||
enable-tftp | |||
dhcp-boot=pxelinux/pxelinux.0 | |||
tftp-root=/media/usb/tftpboot | |||
EOF | |||
cp /usr/share/syslinux/pxelinux.0 /media/usb/tftpboot/pxelinux/ | |||
cp /usr/share/syslinux/ldlinux.c32 /media/usb/tftpboot/pxelinux/ | |||
cat << EOF > /media/usb/tftpboot/pxelinux/pxelinux.cfg/default | |||
PROMPT 0 | |||
TIMEOUT 3 | |||
default alpine | |||
LABEL alpine | |||
LINUX vmlinuz-lts | |||
INITRD pxerd | |||
APPEND ip=dhcp alpine_dev=nfs:10.33.0.1:/media/usb/boot modloop=http://10.33.0.1/boot/modloop-lts nomodeset apkovl=http://10.33.0.1/stamp/stamp.apkovl.tar.gz alpine_repo=http://10.33.0.1/apks | |||
EOF | |||
# generate initramfs for PXE | |||
if [ ! -f /media/usb/tftpboot/pxelinux/pxerd ];then | |||
cd /etc/mkinitfs/features.d/ | |||
echo "kernel/drivers/net/virtio_net.ko" >> network.modules | |||
echo "kernel/drivers/net/ethernet/e1000/*.ko" >> network.modules | |||
echo "/usr/share/udhcpc/default.script" > dhcp.files | |||
echo "kernel/net/packet/af_packet.ko" > dhcp.modules | |||
echo "kernel/fs/nfs/*" > nfs.modules | |||
cd /etc/mkinitfs/ | |||
echo 'features="ata base bootchart cdrom cramfs ext2 ext3 ext4 xfs floppy keymap kms raid scsi usb virtio squashfs network dhcp nfs"' > mkinitfs.conf | |||
mkinitfs -o /media/usb/tftpboot/pxelinux/pxerd | |||
fi | |||
# console welcome message | |||
cat << EOF > /etc/motd | |||
This a PXE server intended to deploy a fleet of STAMPs. | |||
EOF | |||
cat << EOF > /etc/network/interfaces | |||
auto lo | |||
iface lo inet loopback | |||
auto eth0 | |||
iface eth0 inet static | |||
address 10.33.0.1 | |||
netmask 255.255.0.0 | |||
EOF | |||
if [ "$HTTP_SERVER" == "darkhttpd" ]; then | |||
# force install from cache at reboot | |||
cat << EOF > /etc/local.d/fix.start | |||
#!/bin/sh | |||
apk add darkhttpd | |||
service darkhttpd start | |||
EOF | |||
chmod +x /etc/local.d/fix.start | |||
fi | |||
# enable services at reboot | |||
[ "$HTTP_SERVER" == "darkhttpd" ] && rc-update add local | |||
[ "$HTTP_SERVER" == "darkhttpd" ] && rc-update add darkhttpd | |||
rc-update add nfs | |||
rc-update add dnsmasq | |||
# persist changes | |||
sync | |||
apk cache -v sync | |||
mount -o remount,ro /media/usb | |||
lbu ci | |||
echo "Press 'Enter' to reboot and act as PXE boot server" | |||
echo "or 'ctrl-c' to go back to the terminal..." | |||
read | |||
reboot | |||
</pre> | |||
Revision as of 13:38, 29 May 2023
My current home/lab setup is
- An Alpine router x86_64 running https://github.com/jchdel/select-fastest-gateway connected to two or three different uplinks
- a switch
- a R-Pi 4 (used as usual desktop) also in 64 bits
- a tower (16 cores x86_64, 128GB RAM) running Alpine, openVSwitch and qemu-kvm
- dual 43" 4K (DP to desktop, HDMI to R-Pi 4)
I plan to run a Xorg desktop headless in some KVM and remotely connect to it from the R-Pi as X station... And to drive other dev and build boxes as KVM.
What about https://github.com/e1z0/Framebuffer-browser on Alpine? I plan to give a try and maybe package it...
#!/bin/sh set -x # This script is intended to transform an Alpine Linux USB key running in # diskless mode into a PXE boot server. # It will run with a fixed IP 10.33.0.1 on eth0 acting as primary DHCP # server. # Only packages present in the local boot media will be available for # booted boxes. set -e mount -o remount,rw /media/usb # Let's do all downloads first! sed -i -e '/community/s/^#//' -e '/edge/d' /etc/apk/repositories apk update apk add abuild cd /media/usb/apks/x86_64 LIST_OF_PACKAGES="aardvark-dns abuild acct acct-openrc alpine-base alpine-baselayout alpine-baselayout-data alpine-conf alpine-keys alpine-release apk-tools argon2-libs attr bash blkid brotli-libs busybox busybox-binsh busybox-mdev-openrc busybox-openrc busybox-suid ca-certificates ca-certificates-bundle catatonit conmon containers-common crun cryptsetup-libs curl darkhttpd device-mapper-libs e2fsprogs e2fsprogs-libs fakeroot fuse-common fuse-openrc fuse-overlayfs fuse3 fuse3-libs glib gnupg-gpgconf gpg gpg-agent gpgme gpgsm ifupdown-ng ip6tables ip6tables-openrc iptables iptables-openrc json-c kmod kmod-libs kmod-openrc lddtree libacl libassuan libblkid libbz2 libc-utils libcap2 libcom_err libcrypto3 libcurl libedit libevent libffi libgcc libgcrypt libgpg-error libintl libksba libmnl libmount libnftnl libseccomp libslirp libssl3 libuuid linux-firmware-none linux-lts linux-pam lzip lz4-libs mdev-conf mkinitfs mtools musl musl-utils ncurses-libs ncurses-terminfo-base netavark nghttp2-libs npth openrc openssh openssh-client-common openssh-client-default openssh-keygen openssh-server openssh-server-common openssh-sftp-server openssl patch pcre2 pkgconf pinentry podman podman-openrc popt readline rsync rsync-openrc scanelf shadow-libs shadow-subids slirp4netns sqlite-libs ssl_client syslinux tar tmux vim xxd xz-libs yajl zlib zstd-libs" for p in $LIST_OF_PACKAGES ; do apk fetch $p ; done apk index -o APKINDEX.tar.gz *.apk export SUDO="" abuild-keygen -n -i -a lbu add ~/.abuild abuild-sign APKINDEX.tar.gz grep nginx /etc/apk/world && HTTP_SERVER="" || HTTP_SERVER=darkhttpd apk add \ $HTTP_SERVER nfs-utils dnsmasq syslinux export SUDO="" abuild-keygen -n -i -a ALPINE=alpine-netboot-3.17.3-x86_64.tar.gz if [ -f $ALPINE.sha256 ] then mv $ALPINE.sha256 $ALPINE.sha256-previous else touch $ALPINE.sha256-previous fi while true;do wget -c https://dl-cdn.alpinelinux.org/alpine/v3.17/releases/x86_64/$ALPINE.sha256 \ && break done #if [ diff $ALPINE.sha256 $ALPINE.sha256-previous ] #then [ -f $ALPINE ] || \ while true;do wget -c https://dl-cdn.alpinelinux.org/alpine/v3.17/releases/x86_64/$ALPINE \ && break done #else #fi mkdir -p /media/usb/tftpboot/pxelinux/pxelinux.cfg # populate TFTP server rm -fr /tmp/boot tar xf alpine-netboot-3.17.3-x86_64.tar.gz -C /tmp cp -r /tmp/boot/* /media/usb/tftpboot/pxelinux/ # populate HTTP server #cd /media/usb #wget -q https://stamp:evensoft@stamp.evensoft.dev/pixie/pxe-default.apkovl.tar.gz # configure darkhttpd (nginx should already be done by bootstrap-manager) if [ "$HTTP_SERVER" == "darkhttpd" ]; then sed -i -e 's+/var/www/localhost/htdocs+/media/usb+' /etc/init.d/darkhttpd lbu add /etc/init.d/darkhttpd fi # populate NFS server ## implicit as we publish /media/usb # configure NFS for PXE boot cat << EOF > /etc/exports # /etc/exports # # See exports(5) for a description. # use exportfs -arv to reread /media/usb *(ro,no_root_squash,no_subtree_check) EOF # configure dnsmasq for PXE boot cat << EOF > /etc/dnsmasq.d/stamp.conf # DNS related options interface=eth0 listen-address=10.33.0.1 listen-address=127.0.0.1 ## uplink resolver server=1.1.1.1 # DHCP related options dhcp-range=10.33.0.1,10.33.1.254,12h ## push router dhcp-option=option:router,10.33.0.1 ## push resolver dhcp-option=6,10.33.0.1 # PXE (TFTP) related options enable-tftp dhcp-boot=pxelinux/pxelinux.0 tftp-root=/media/usb/tftpboot EOF cp /usr/share/syslinux/pxelinux.0 /media/usb/tftpboot/pxelinux/ cp /usr/share/syslinux/ldlinux.c32 /media/usb/tftpboot/pxelinux/ cat << EOF > /media/usb/tftpboot/pxelinux/pxelinux.cfg/default PROMPT 0 TIMEOUT 3 default alpine LABEL alpine LINUX vmlinuz-lts INITRD pxerd APPEND ip=dhcp alpine_dev=nfs:10.33.0.1:/media/usb/boot modloop=http://10.33.0.1/boot/modloop-lts nomodeset apkovl=http://10.33.0.1/stamp/stamp.apkovl.tar.gz alpine_repo=http://10.33.0.1/apks EOF # generate initramfs for PXE if [ ! -f /media/usb/tftpboot/pxelinux/pxerd ];then cd /etc/mkinitfs/features.d/ echo "kernel/drivers/net/virtio_net.ko" >> network.modules echo "kernel/drivers/net/ethernet/e1000/*.ko" >> network.modules echo "/usr/share/udhcpc/default.script" > dhcp.files echo "kernel/net/packet/af_packet.ko" > dhcp.modules echo "kernel/fs/nfs/*" > nfs.modules cd /etc/mkinitfs/ echo 'features="ata base bootchart cdrom cramfs ext2 ext3 ext4 xfs floppy keymap kms raid scsi usb virtio squashfs network dhcp nfs"' > mkinitfs.conf mkinitfs -o /media/usb/tftpboot/pxelinux/pxerd fi # console welcome message cat << EOF > /etc/motd This a PXE server intended to deploy a fleet of STAMPs. EOF cat << EOF > /etc/network/interfaces auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 10.33.0.1 netmask 255.255.0.0 EOF if [ "$HTTP_SERVER" == "darkhttpd" ]; then # force install from cache at reboot cat << EOF > /etc/local.d/fix.start #!/bin/sh apk add darkhttpd service darkhttpd start EOF chmod +x /etc/local.d/fix.start fi # enable services at reboot [ "$HTTP_SERVER" == "darkhttpd" ] && rc-update add local [ "$HTTP_SERVER" == "darkhttpd" ] && rc-update add darkhttpd rc-update add nfs rc-update add dnsmasq # persist changes sync apk cache -v sync mount -o remount,ro /media/usb lbu ci echo "Press 'Enter' to reboot and act as PXE boot server" echo "or 'ctrl-c' to go back to the terminal..." read reboot