PXE install w multi-boot, btrfs & Libreboot support
Some things are specific to my home network, and uses files with secrets
-that are not in this repo. Uses pxe or pxe-kexec (on libreboot, I have
-not added a pxe rom, I use a minimal debian stable subvolume which acts
-like a pxe rom). I use this for bare metal and vms, and two scripts
-which can run post boot so I use them on vps distributed image as well.
+that are not in this repo. I use this for bare metal and vms, and two
+scripts which can run post boot so I use them on vps distributed image
+as well.
Features people may find useful: installs encrypted trisquel, debian,
ubuntu, and arch (havne't done recently, probably a bit broken), in a
Utilizes multiple disks, with scripts to automatically decrypt on
intentional reboots, but not after shutdown or power loss.
+Normal install mode for fai is using pxe, but on a libreboot system,
+there is no pxe. The pxe in a normal computer is nonfree firmware. What
+I've done instead:
+
+* Use a live cd to call pxe-kexec, this is described later in this file.
+
+* Use the fai autodiscover iso. This is more automated, so nicer.
+
+* Use an install method above to setup a gnu/linux disk partition that
+ acts like a pxe boot using kexec, but it takes a bit longer. This is
+ the bootstrap partition in my scripts.
+
+Things I haven't tried:
+
+* There is iPXE, which requires standard bios functions, which can be
+ provided by seabios, which can be a libreboot payload.
+
+* The bios chip has enough room for an initrd. This could be setup to
+ work like the partition I use to kexec, but it would be faster, and
+ not require installing to disk.
+
The partititioning and filesystem script is at
fai/config/hooks/partition.DEFAULT. Disks are grouped as ssd or hdd and
raided in raid 1 or raid 0 per configuration. The base partitions are
scripts from https://iankelling.org/git, and of course there are some
hostnames that are specific to my network.
+
+
All scripts meant to be used directly are listed here:
faiserver-disable # Disable the fai nfs server exports
fresize # resize swap or boot partitions in a host
+
# Replacing a raid 10 disk
pxe-server -S HOST fai
host=kw
distro=trisquel
-t=/tmp/d
+t=/dev/shm/t
myfai-chboot default
sudo sed -i 's/^LOGUSER=/#LOGUSER=/' /etc/fai/fai.conf
# config umount required after a failed run, proc umount always required
echo | sudo dd of=$t/etc/machine-id
sudo tar --one-file-system -C $t -cf - . | gzip > /a/bin/fai-basefiles/basefiles/FLIDAS64X.tar.gz
-License stuff:
+
+
+# License
+
The license for the project is GPLv2 or later, mostly because fai is and
I periodically merge the upstream example config, which contains small
scripts. Also, there is a modified encrypt.upstream, which is from the
cat <<EOF
usage: ${0##*/} [-h|--help] [HOST] [DISTRO]
Deploy fai config (the one in nfs) to HOST or default faiserver
-DISTRO is default this distro, or DISTRO for setting up DESKTOP packages.
+Specify DISTRO for setting up DESKTOP packages.
EOF
exit $1
}
fails. Just run again if that happens.
-d Don't do dhcp setup for when we aren't on Ian's home network.
--r Do not boot after install is complete
-n Create new qcow2(s) for vm. Good for testing partitioning
script, to ensure a blank disk.
+-p Use pxe instead of autodiscover iso with fai.
+-r Do not boot after install is complete
-h|--help Print help and exit.
Note: Uses GNU getopt options parsing style
orig_args=("$@")
new_disk=false
-temp=$(getopt -l help dnrh "$@") || usage 1
+pxe=false
+temp=$(getopt -l help dnprh "$@") || usage 1
eval set -- "$temp"
while true; do
case $1 in
-d) dhcp_arg=-d; shift ;;
-n) new_disk=true; shift ;;
+ -p) pxe=true; shift ;;
-r) reboot_arg=--noreboot; shift ;;
-h|--help) usage ;;
--) shift; break ;;
}
_errcatch_cleanup=cleanup
+boot_arg=--pxe
if is_arch_revm; then
e ./pxe-server $dhcp_arg demohost arch
sleep 2
# via osinfo-query os. guessing arch is closest to latest fedora.
variant=fedora22
else
+ if $pxe; then
e ./pxe-server $dhcp_arg demohost fai
sleep 2
+ else
+ boot_arg="--cdrom /a/bin/fai-basefiles/autodiscover.iso"
+ e fai-redep
+ e myfai-chboot default
+fi
# I don't think these variants actually make a diff for us, but I
# use the appropriate one when trying a new distro just in case.
variant=ubuntu14.04
# init_module+0x108/0x1000 [raid6_pq]
#
# uniq is to stop gtk-warning spam
-e s virt-install --os-variant $variant -n $name --pxe -r 2048 --vcpus 1 \
+# e s virt-install --os-variant $variant -n $name --pxe -r 2048 --vcpus 1 \
+# ${disk_arg[*]} -w bridge=br0,mac=52:54:00:9c:ef:ad $reboot_arg \
+# --graphics spice,listen=0.0.0.0 $console_arg |& grep -v '^ *$' | uniq &
+
+
+e s virt-install --os-variant $variant -n $name $boot_arg -r 2048 --vcpus 1 \
${disk_arg[*]} -w bridge=br0,mac=52:54:00:9c:ef:ad $reboot_arg \
--graphics spice,listen=0.0.0.0 $console_arg |& grep -v '^ *$' | uniq &
+
if [[ $SSH_CLIENT ]]; then
fg
fi
#
# Other notable classes:
#
+# INSTALL: for autodiscover iso, this is needed. We could also add it to
+# the autodiscover grub, but then we have to burn a new iso if we want a
+# non-install one. It sets the class for the corresponding INSTALL.var,
+# which sets FAI_ACTION=INSTALL. I'm not sure if this variable overrides
+# FAI_ACTION outside of autodiscover, todo: test it out, if it doesn't,
+# make install be default in 51-multi-boot, and disable it if needed.
+#
# DESKTOP: install a bunch of extra packages. For creating X suffix
# basefiles. See README.
#
elif grep -xFq 'VERSION="9 (stretch)"' /etc/os-release || grep -iE 'flidas|xenail' /etc/os-release ; then
# fai on ubuntu only has official support using the universe repo, but newer
# tends to have less bugs.
- gpg -a --recv-keys 2BF8D9FE074BCDE4; gpg -a --export 2BF8D9FE074BCDE4 | apt-key add -
+ gpg --keyserver hkp://pool.sks-keyservers.net -a --recv-keys 2BF8D9FE074BCDE4; gpg -a --export 2BF8D9FE074BCDE4 | apt-key add -
cat >/etc/apt/sources.list.d/fai.list <<'EOF'
deb http://fai-project.org/download stretch koeln
# nfs-kernel-server. On an android chroot, we don\'t have nfs in the
# kernel, or the ability to install it.
# xorriso is for running fai-cd -a, not strictly need for fai-server
+# perl-tk is for fai-monitor-gui
pkgs=(fai-doc tftpd-hpa tar reprepro squashfs-tools binutils xorriso)
if modprobe nfsd &>/dev/null; then
pkgs+=(nfs-kernel-server)
apt-get install -y ${pkgs[@]}
-apt-get install --no-install-recommends -y fai-server
+# confnew since we edit /etc/fai/NFSROOT in an automated way
+# fai-client is already a fai-server dependency, but make sure it gets upgraded
+apt-get install --no-install-recommends -y -o Dpkg::Options::="--force-confnew" fai-server fai-client
r=http://http.us.debian.org/debian
# like default, but scrap httpredir, and nonfree.
rm -f $NFSROOT/boot/*.bak
mkdir -p $TFTPROOT/pxelinux.cfg
- chmod a+r $NFSROOT/boot/initrd.img-* || die 9 "No initrd was created. Check the package name of the linux-image package in /etc/fai/NFSROOT."
+ if ! chmod a+r $NFSROOT/boot/initrd.img-*; then
+ echo "$0: error: No initrd was created. Check the package name of the linux-image package in /etc/fai/NFSROOT."
+ exit 1
+ fi
cp -p $v $NFSROOT/boot/vmlinu?-* $NFSROOT/boot/initrd.img-* $TFTPROOT
cp -u $pxebin $TFTPROOT
if [ -f $NFSROOT/usr/lib/syslinux/modules/bios/ldlinux.c32 ]; then
# note, this copies the -B arg to
# /srv/fai/nfsroot/var/tmp/base.tar.xz
e fai-setup -evf -B /a/bin/fai-basefiles/basefiles/STRETCH64.tar.xz
+ # fai-setup expert mode avoids writing to /var/log/fai/variables
+ # at least config_src is needed for autodiscover
+ $sed '/^FAI_CONFIGDIR|^FAI_CONFIG_SRC|^LOGUSER/d' /var/log/fai/variables
+ tee -a /var/log/fai/variables <<'EOF'
+LOGUSER=fai
+FAI_CONFIGDIR=/srv/fai/config
+FAI_CONFIG_SRC=nfs://faiserver/srv/fai/config
+EOF
# make the faiserver also the apt proxy server
apt-get -y install apt-cacher-ng
fi
#192.168.1.7 faiserver
192.168.1.8 tp faiserver b8.nz
192.168.1.9 n5
-192.168.1.10 kw
-192.168.1.11 kww
+192.168.1.10 so
192.168.1.12 fz
72.14.176.105 li
45.33.9.11 lj
dhcp-host=00:26:18:97:bb:16,set:frodo,192.168.1.3,frodo
dhcp-host=10:78:d2:da:29:22,set:htpc,192.168.1.4,htpc
dhcp-host=00:1f:16:16:39:24,set:x2,192.168.1.5,x2
+#dhcp-host=00:c0:ca:27:e9:b2,set:kww,192.168.1.11,x2w
#wireless interface
-#dhcp-host=00:22:5f:88:28:27,set:x2,192.168.1.5,x2
-#dhcp-host=00:1f:16:16:39:24,set:kw,192.168.1.10,kw
-#dhcp-host=00:c0:ca:27:e9:b2,set:kww,192.168.1.11,kww
# this is so fai can have an explicit name to use for testing,
# or else any random machine which did a pxe boot would get
# reformatted. The mac is from doing a virt-install, cancelling it,
dhcp-host=52:54:00:9c:ef:ad,set:demohost,192.168.1.6,demohost
#dhcp-host=52:54:00:56:09:f9,set:faiserver,192.168.1.7,faiserver
dhcp-host=80:fa:5b:1c:6e:cf,set:tp,192.168.1.8,tp
-dhcp-host=c4:43:8f:f2:79:1f,set:n5,192.168.1.9,n5
# this is the ip it picks by default if dhcp fails,
# so might as well use it.
# hostname is the name it uses according to telnet
iankelling.org / git / automated-distro-installer / commitdiff