From 16b5d13dba669aad0b677b2cb636edd4ed414782 Mon Sep 17 00:00:00 2001 From: Ian Kelling Date: Thu, 18 Feb 2021 12:26:34 -0500 Subject: [PATCH] fix efi, autodiscover, add a host --- fai-redep | 4 ++ fai/config/hooks/partition.DEFAULT | 27 ++++++-- fai/config/scripts/GRUB_EFI/11-iank | 1 + grub.cfg.autodiscover | 101 ++++++++++------------------ myfai-chboot-local | 2 +- pxe-server | 2 +- wrt-setup-local | 18 ++--- 7 files changed, 73 insertions(+), 82 deletions(-) create mode 120000 fai/config/scripts/GRUB_EFI/11-iank diff --git a/fai-redep b/fai-redep index 0541497..e7aab6d 100755 --- a/fai-redep +++ b/fai-redep @@ -11,6 +11,10 @@ usage() { usage: ${0##*/} [OPTIONS] [HOST] Deploy fai config (the one in nfs) to HOST or default faiserver +Note, for booting from fai-cd, this needs to be called from myfai-chboot or that via pxe-server, +due to setting +echo FAI_ACTION=$fai_action >> /srv/fai/config/class/LAST.var +note FAI_ACTION might be able to be set elsewhere, like in grub for this case -d DISTRO DISTRO for setting up fai class DESKTOP packages, for preinstalling stuff. -t TARGET_HOST Copy only secrets for TARGET_HOST into the config space. Useful for virtual server diff --git a/fai/config/hooks/partition.DEFAULT b/fai/config/hooks/partition.DEFAULT index e9cce50..4646e56 100755 --- a/fai/config/hooks/partition.DEFAULT +++ b/fai/config/hooks/partition.DEFAULT @@ -95,14 +95,15 @@ fi rootn=1 swapn=2 bootn=3 +efin=4 # ext partition so grub can write persistent variables, # so it can do a one time boot. grub can't write to # btrfs or any cow fs because it's more # more complicated to do and they don't want to. -grub_extn=4 +grub_extn=5 # bios boot partition, # https://wiki.archlinux.org/index.php/GRUB -bios_grubn=5 +bios_grubn=6 lastn=$bios_grubn @@ -130,6 +131,7 @@ add-part() { # add partition suffix to $dev bootdev() { add-part $@ $bootn; } rootdev() { add-part $@ $rootn; } swapdev() { add-part $@ $swapn; } +efidev() { add-part $@ $efin; } grub_extdev() { add-part $@ $grub_extn; } bios_grubdev() { add-part $@ $bios_grubn; } @@ -173,12 +175,12 @@ fi hdds=() ssds=() -cd /sys/block -for disk in [sv]d[a-z]; do +# this excludes usb. note: i may encounter some other type in the future. +for disk in $(lsblk -do name,tran -n | awk '$2 ~ "^(sata|nvme)$" { print $1 }'); do if [[ ${disk_excludes[$disk]} ]]; then continue fi - case $(cat $disk/queue/rotational) in + case $(cat /sys/block/$disk/queue/rotational) in 0) ssds+=(/dev/$disk) ;; 1) hdds+=(/dev/$disk) ;; *) echo "$0: error: unknown /sys/block/$disk/queue/rotational: \ @@ -265,6 +267,7 @@ for dev in ${devs[@]}; do boot_devs+=($(bootdev)) fi if [[ $boot_devs && $first ]]; then + first_efi=$(efidev) first_grub_extdev=$(grub_extdev) first=false fi @@ -444,7 +447,7 @@ if $partition; then parted -s $dev mklabel gpt # MiB because parted complains about alignment otherwise. pcmd="parted -a optimal -s -- $dev" - $pcmd mkpart primary ext3 12MiB ${root_end}MiB + $pcmd mkpart primary ext3 524MiB ${root_end}MiB # without naming, systemd gives us misc errors like: # dev-disk-by\x2dpartlabel-primary.device: Dev dev-disk-by\x2dpartlabel-primary.device appeared twice $pcmd name $rootn root @@ -454,6 +457,14 @@ if $partition; then $pcmd name $swapn swap $pcmd mkpart primary "" ${swap_end}MiB ${disk_mib}MiB $pcmd name $bootn boot + # eufi = bloated, half a gig gimme a break. + $pcmd mkpart primary "fat32" 12MiB 524MiB + $pcmd name $efin efi + $pcmd set $efin esp on + # note, this is shown here: https://support.system76.com/articles/bootloader/ + # but not mentioned https://wiki.archlinux.org/index.php/EFI_system_partition + # probably not needed + $pcmd set $bootn boot on # i only need a few k, but googling min size, # I found someone saying that gparted required # required at least 8 because of their hard drive cylinder size. @@ -483,6 +494,9 @@ if $partition; then sleep 1 secs=$((secs +1)) done + + mkfs.fat -F32 $(efidev) + # Holds just a single file, rarely written, so # use ext2, like was often used for the /boot partition. # This exists because grub can only persist data to a non-cow fs. @@ -611,6 +625,7 @@ else $first_root_crypt / btrfs noatime,subvol=root_$DISTRO$mopts 0 0 $first_root_crypt /mnt/root btrfs nofail,noatime,subvolid=0$mopts 0 0 $first_boot_dev /boot btrfs nofail,noatime,subvol=$boot_vol 0 0 +$first_efi /boot/efi vfat nofail 0 0 $first_boot_dev /mnt/boot btrfs nofail,noatime,subvolid=0 0 0 EOF swaps=() diff --git a/fai/config/scripts/GRUB_EFI/11-iank b/fai/config/scripts/GRUB_EFI/11-iank new file mode 120000 index 0000000..e135aad --- /dev/null +++ b/fai/config/scripts/GRUB_EFI/11-iank @@ -0,0 +1 @@ +../GRUB_PC/11-iank \ No newline at end of file diff --git a/grub.cfg.autodiscover b/grub.cfg.autodiscover index 8d10268..9c7054f 100644 --- a/grub.cfg.autodiscover +++ b/grub.cfg.autodiscover @@ -1,89 +1,58 @@ ## grub2 configuration set default="FAI server via dns" -set timeout=2 -set resolution=1024x768 - -if loadfont /boot/grub/unicode.pf2 ; then - insmod png - set gfxmode=640x480 - insmod gfxterm - insmod vbe - terminal_output gfxterm -fi - -if background_image /boot/grub/fai.png ; then - set color_normal=black/black - set color_highlight=red/black - set menu_color_normal=black/black - set menu_color_highlight=black/yellow -else - set menu_color_normal=white/black - set menu_color_highlight=black/yellow -fi +set timeout=20 # make sure we can access partitions insmod part_msdos insmod part_gpt +insmod all_video +insmod gfxterm -if [ ${iso_path} ] ; then - set loopback="findiso=${iso_path}" -fi +set gfxmode=auto +set color_normal=white/black +set color_highlight=red/black +set menu_color_normal=white/black +set menu_color_highlight=black/yellow -menuentry "" --unrestricted { - set gfxpayload=$resolution -} -menuentry " +------------------------------------------------------+" --unrestricted { - set gfxpayload=$resolution -} - -menuentry " | Fully Automatic Installation |" --unrestricted { - set gfxpayload=$resolution - -} -menuentry " | _VERSIONSTRING_ |" --unrestricted { - set gfxpayload=$resolution - -} -menuentry " | (c) Thomas Lange lange@debian.org |" --unrestricted { - set gfxpayload=$resolution -} -menuentry " +------------------------------------------------------+" --unrestricted { - set gfxpayload=$resolution -} -} -menuentry "" --unrestricted { - set gfxpayload=$resolution -} # ian: Added this from fai # note, we could replace faiserver with an ip if we didn't want to mess with dns. # args are copied from myfai-chboot-local. -# Note, for a real cd or usb flash, we probably do not want reboot, so we can remove the disk -# after install is done +# Note, for a real cd or usb flash, if it is the default boot device, we would need to remove the disk +# after install is done very quickly, or else remove the reboot arg here menuentry "FAI server via dns" { set gfxpayload=$resolution - linux /boot/vmlinuz FAI_FLAGS=verbose,sshd,createvt,reboot FAI_CONFIG_SRC=nfs://faiserver/srv/fai/config root=/dev/nfs rw nfsroot=faiserver:/srv/fai/nfsroot,vers=3,nolock aufs rootvol ip=dhcp FAI_FLAGS=verbose,sshd,createvt + search --set=root --file /FAI-CD + linux /boot/vmlinuz FAI_FLAGS=verbose,sshd,createvt,reboot FAI_CONFIG_SRC=nfs://faiserver/srv/fai/config root=/dev/nfs nfsroot=faiserver:/srv/fai/nfsroot,vers=3,nolock rootovl ip=dhcp initrd /boot/initrd.img } - +# ro,noatime,vers=3,rsize=1048576,wsize=same,namelen=255,hard,nolock,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=10.2.0.2,nountvers=3,mountport=49179,mountproto=udp,lock_lock=all,addr=10.2.0.2 menuentry "Autodiscover the FAI server" { - set gfxpayload=$resolution - linux /boot/vmlinuz FAI_FLAGS="menu,verbose,createvt,reboot" fai.discover aufs rootovl root=/dev/nfs ip=dhcp quiet + search --set=root --file /FAI-CD + linux /boot/vmlinuz FAI_FLAGS="menu,verbose,createvt" fai.discover rootovl root=/dev/nfs ip=dhcp quiet initrd /boot/initrd.img } - -menuentry "Boot OS of first partition on first disk" --unrestricted { - if [ -d (cd) ]; then - chainloader (hd0)+1 - fi - - if [ "$root" = "hd1" ]; then - chainloader (hd0)+1 - fi - - if [ "$root" = "hd0" ]; then +menuentry "Boot OS from first partition on first disk" { + if [ "$grub_platform" = "efi" ]; then + if [ -f (hd0,gpt1)/efi/debian/grub.cfg ]; then + configfile (hd0,gpt1)/efi/debian/grub.cfg + elif [ -f (hd1,gpt1)/efi/debian/grub.cfg ]; then + configfile (hd1,gpt1)/efi/debian/grub.cfg + elif [ -f (hd0,gpt2)/boot/grub/grub.cfg ]; then + configfile (hd0,gpt2)/boot/grub/grub.cfg + elif [ -f (hd1,gpt2)/boot/grub/grub.cfg ]; then + configfile (hd1,gpt2)/boot/grub/grub.cfg + else + echo "cannot find grub.cfg" + sleep 7 + fi + # legacy BIOS booting + elif [ -d (cd) ]; then + set root=(hd0) + chainloader +1 + else set root=(hd1) - chainloader (hd1)+1 + chainloader +1 fi } diff --git a/myfai-chboot-local b/myfai-chboot-local index 1845cd0..b9b5537 100755 --- a/myfai-chboot-local +++ b/myfai-chboot-local @@ -108,7 +108,7 @@ kernel=$(fai-chboot -L '^default$' | awk '{print $3}') default_k_args=$(fai-chboot -L '^default$' | \ sed -r "s/^(\S+\s+){3}(.*)/\2/") # example of default_k_args -# initrd=initrd.img-3.16.0-4-amd64 ip=dhcp root=192.168.1.3:/srv/fai/nfsroot aufs FAI_CONFIG_SRC=nfs://faiserver/srv/fai/config FAI_ACTION=install +# initrd=initrd.img-3.16.0-4-amd64 ip=dhcp root=192.168.1.3:/srv/fai/nfsroot FAI_CONFIG_SRC=nfs://faiserver/srv/fai/config FAI_ACTION=install k_args=(FAI_ACTION=$fai_action) if $kgped16; then diff --git a/pxe-server b/pxe-server index 3623cc8..5a15763 100755 --- a/pxe-server +++ b/pxe-server @@ -219,10 +219,10 @@ fi if $set; then set-pxe if [[ $type == fai ]]; then - m myfai-chboot ${chboot_args[@]} $host if $redep; then m fai-redep fi + m myfai-chboot ${chboot_args[@]} $host else # This will fail if faiserver is not setup, so ignore any # failure and don't bother us about it. diff --git a/wrt-setup-local b/wrt-setup-local index fcab6e5..0042003 100755 --- a/wrt-setup-local +++ b/wrt-setup-local @@ -764,10 +764,11 @@ v cedit /etc/dnsmasq.conf < 2.80. currently at 2.80. - # todo: download https://downloads.openwrt.org/snapshots/packages/mipsel_24kc/base/dnsmasq_2.84~~test3-1_mipsel_24kc.ipk + # todo: download https://downloads.openwrt.org/snapshots/packages/mipsel_24kc/base/dnsmasq-full_2.84-1_mipsel_24kc.ipk # and install it. then we can turn off dnssec in systemd-resolved # # Also, reload of dnsmasq seems to break things, wifi -- 2.30.2