... | ... | @@ -229,25 +229,63 @@ Next, the [new-machine](howto/new-machine) procedure was followed. |
|
|
|
|
|
Finally, the following steps need to be performed to populate `/srv`:
|
|
|
|
|
|
* [GRML image](howto/quintex#modified-grml-boot-image-and-web-server) (note that we won't be using the `grml.ipxe` file)
|
|
|
|
|
|
* build the [iPXE image](howto/quintex#modified-ipxe-image) but without the floppy stuff, basically
|
|
|
stop at the `make` command and also add:
|
|
|
* [GRML image](howto/quintex#modified-grml-boot-image-and-web-server), note that we won't be using the `grml.ipxe` file,
|
|
|
so:
|
|
|
|
|
|
apt install debian-keyring &&
|
|
|
wget https://download.grml.org/grml64-small_2022.11.iso &&
|
|
|
wget https://download.grml.org/grml64-small_2022.11.iso.asc &&
|
|
|
gpg --verify --keyring /usr/share/keyrings/debian-keyring.gpg grml64-small_2022.11.iso.asc &&
|
|
|
echo extracting vmlinuz and initrd from ISO... &&
|
|
|
mount grml64-small_2022.11.iso /mnt -o loop &&
|
|
|
cp /mnt/boot/grml64small/* . &&
|
|
|
umount /mnt &&
|
|
|
ln grml64-small_2022.11.iso grml.iso
|
|
|
|
|
|
|
|
|
make -j4 bin-x86_64-pcbios/undionly.kpxe CONFIG=tpa
|
|
|
* build the [iPXE image](howto/quintex#modified-ipxe-image) but without the floppy stuff, basically:
|
|
|
|
|
|
```
|
|
|
apt install build-essential &&
|
|
|
git clone git://git.ipxe.org/ipxe.git &&
|
|
|
cd ipxe/src &&
|
|
|
mkdir config/local/tpa/ &&
|
|
|
cat > config/local/tpa/general.h <<EOF
|
|
|
#define DOWNLOAD_PROTO_HTTPS /* Secure Hypertext Transfer Protocol */
|
|
|
#undef NET_PROTO_STP /* Spanning Tree protocol */
|
|
|
#undef NET_PROTO_LACP /* Link Aggregation control protocol */
|
|
|
#undef NET_PROTO_EAPOL /* EAP over LAN protocol */
|
|
|
#undef CRYPTO_80211_WEP /* WEP encryption (deprecated and insecure!) */
|
|
|
#undef CRYPTO_80211_WPA /* WPA Personal, authenticating with passphrase */
|
|
|
#undef CRYPTO_80211_WPA2 /* Add support for stronger WPA cryptography */
|
|
|
#define NSLOOKUP_CMD /* DNS resolving command */
|
|
|
#define TIME_CMD /* Time commands */
|
|
|
#define REBOOT_CMD /* Reboot command */
|
|
|
#define POWEROFF_CMD /* Power off command */
|
|
|
#define PING_CMD /* Ping command */
|
|
|
#define IPSTAT_CMD /* IP statistics commands */
|
|
|
#define NTP_CMD /* NTP commands */
|
|
|
#define CERT_CMD /* Certificate management commands */
|
|
|
EOF
|
|
|
make -j4 CONFIG=tpa bin-x86_64-efi/ipxe.efi bin-x86_64-pcbios/undionly.kpxe
|
|
|
```
|
|
|
|
|
|
* copy the iPXE files in `/srv/tftp`
|
|
|
* copy the iPXE files in `/srv/tftp`:
|
|
|
|
|
|
cp bin-x86_64-efi/ipxe.efi bin-x86_64-pcbios/undionly.kpxe /srv/tftp/
|
|
|
|
|
|
* create a `/srv/tftp/autoexec.ipxe`:
|
|
|
|
|
|
#!ipxe
|
|
|
|
|
|
dhcp
|
|
|
kernel http://172.30.131.1/vmlinuz
|
|
|
initrd http://172.30.131.1/initrd.img
|
|
|
initrd http://172.30.131.1/grml.iso /grml.iso
|
|
|
imgargs vmlinuz initrd=initrd.magic boot=live config fromiso=/grml.iso live-media-path=/live/grml64-small noprompt noquick noswap console=tty0 console=ttyS1,115200n8
|
|
|
boot
|
|
|
```
|
|
|
#!ipxe
|
|
|
|
|
|
dhcp
|
|
|
kernel http://172.30.131.1/vmlinuz
|
|
|
initrd http://172.30.131.1/initrd.img
|
|
|
initrd http://172.30.131.1/grml.iso /grml.iso
|
|
|
imgargs vmlinuz initrd=initrd.magic boot=live config fromiso=/grml.iso live-media-path=/live/grml64-small noprompt noquick noswap console=tty0 console=ttyS1,115200n8
|
|
|
boot
|
|
|
```
|
|
|
|
|
|
## Upgrades
|
|
|
|
... | ... | |