Commit 8d0525ff authored by Carl Karsten's avatar Carl Karsten Committed by Stefano Rivera

Have a GRUB menu on PXE (#24)

This is a massive re-work of the PXE setup, breaking it out into the tftp-server role.

There's a fair bit of unrelated stuff in here, but cleaning that up later may be easier than getting CarlFK to jump through git hoops.
parent 4c1d1bc0
......@@ -5,8 +5,18 @@
# https://www.blackmagicdesign.com/support/family/capture-and-playback
# Latest Downloads
# (Linux)
# Desktop Video 10.9.3 (July 16 2017)
# Blackmagic_Desktop_Video_Linux_10.9.3.tar.gz
# Desktop Video 10.9.7 (Sep 7 2017)
# Linux
# Bottom of the form is "Download Only"
# Blackmagic_Desktop_Video_Linux_10.9.7.tar.gz
# cd /srv/pxe/bm
# tar xfv Blackmagic_Desktop_Video_Linux_10.9.7.tar.gz
#
# to find dkms_version
# ls /usr/src/blackmagic*
# blackmagic-10.9.7a2/ blackmagic-io-10.9.7a2/
# I guess :p
#
blackmagic:
#desktopvideo: http://example.net/desktopvideo.deb
#desktopvideo_gui: http://example.net/desktopvideo-gui.deb
......
......@@ -18,3 +18,8 @@ domain: video.debconf.org
#staticips:
# hosts:
# - For the layout of the staticips.hosts variable, see the staticips role
#
default_install_dev: sda
boxes: []
......@@ -23,4 +23,3 @@
port: "{{ ansible_port | default(22) }}"
delay: 1
timeout: 300
become: false
......@@ -52,11 +52,24 @@
tags:
- staticips
- name: configure the dhcp server for pxe
template:
src: templates/pxe.conf.j2
dest: /etc/dnsmasq.d/pxe.conf
notify: restart dnsmasq
- name: configure static hosts
template:
src: templates/machines.conf.j2
dest: /etc/dnsmasq.d/machines.conf
when: staticips.hosts is defined
when: staticips is defined
notify: restart dnsmasq
tags:
- staticips
- name: boxes
template:
src: templates/boxes.conf.j2
dest: /etc/dnsmasq.d/boxes.conf
when: boxes is defined
notify: restart dnsmasq
# /etc/dnsmasq.d/boxes.conf
# {{ ansible_managed }}
dhcp-option-force=209,"partman-auto/disk=/dev/{{default_install_dev}} grub-installer/bootdev=/dev/{{default_install_dev}}"
{% for box in boxes %}
{% if box.comment is defined %}# {{box.hostname}} {{box.comment}}{% endif %}
dhcp-host={{box.mac}},set:{{box.hostname}},{{box.hostname}}{% if box.ip is defined %},{{box.ip}}{% endif %}
{% if box.ip is defined %}host-record={{box.hostname}},{{box.ip}}{% endif %}
{% if box.disk is defined %}dhcp-option-force=tag:{{box.hostname}},209,"partman-auto/disk=/dev/{{box.disk}} grub-installer/bootdev=/dev/{{box.disk}} tasks={{box.tasks|default()}}" {% endif %}
{% endfor %}
......@@ -2,12 +2,10 @@
interface=eth-local
domain={{ domain }}
dhcp-range={{ dhcp_range }}
dhcp-option-force=210,/srv/tftp/
dhcp-boot=pxelinux.0
dhcp-authoritative
enable-tftp
tftp-root=/srv/tftp
{% if eth_local_ip_gateway is defined %}
dhcp-option=option:router,{{ eth_local_ip_gateway }}
{% elif eth_uplink_mac_address is defined %}
......
# /etc/dnsmasq.d/pxe.conf
# {{ ansible_managed }}
# https://wiki.fogproject.org/wiki/index.php?title=BIOS_and_UEFI_Co-Existence#Using_ProxyDHCP_.28dnsmasq.29
# http://forum.ipxe.org/showthread.php?tid=6077
# Tag requests from ipxe client
dhcp-match=set:ipxe,175 # iPXE sends a 175 option.
# tag/respond to legacy bios
dhcp-match=set:bios,60,PXEClient:Arch:00000
dhcp-boot=tag:bios,ipxe/undionly.kpxe #,dc10b,192.168.1.4
dhcp-boot=tag:bios,tag:ipxe,boot/grub/i386-pc/core.0 #,dc10b,192.168.1.4
# tag to efi
dhcp-match=set:efibc,60,PXEClient:Arch:00007
# Chain load ipxe, then grubnetx64.efi
# (doesn't work. grub doesn't request any files from tftp, like boot/grub.cfg so #out )
# dhcp-boot=tag:efibc,ipxe.efi.signed,dc10b,192.168.1.4
# dhcp-boot=tag:efibc,tag:ipxe,grubnetx64.efi.signed,dc10b,192.168.1.4
# skip ipxe, run grubnetx64.efi on first go
dhcp-boot=tag:efibc,ubuntu/zesty/amd64/grubnetx64.efi.signed #,dc10b,192.168.1.4
# {{ ansible_managed }}
our $config;
......
<html>
<--! {{ ansible_managed }} -->
<head>
<title>DebConf17 streaming backend on {{ inventory_hostname }}</title>
</head>
<body>
<p>Hello, I'm {{ inventory_hostname }}, a streaming backend for DebConf17.</p>
</body>
</html>
\ No newline at end of file
</html>
<html>
<--! {{ ansible_managed }} -->
<head>
<title>DebConf17 streaming frontend on {{ inventory_hostname }}</title>
</head>
......
---
netboot_image: https://deb.debian.org/debian/dists/stretch/main/installer-amd64/current/images/netboot/netboot.tar.gz
time_zone: UTC
domain: video.debconf.org
......@@ -17,6 +15,29 @@ user_name: videoteam
playbook_repo: https://anonscm.debian.org/cgit/debconf-video/ansible.git
playbook_branch: master
# To replace the stock inventory with your own, point at your own github repo
# To replace the stock inventory with your own,
# point at your own github repo
#inventory_repo: https://gitlab.com/yourname/ansible-inventory
#inventory_branch: master
# boot image sources
debian_host: ftp.debian.org
ubuntu_host: archive.ubuntu.com
debian_suites: [stretch, buster]
ubuntu_suites: [xenial, zesty, artful]
archs: [amd64]
others:
- label: memtest86+
url: http://www.memtest.org/download/5.01/
filename: memtest86+-5.01.bin.gz
loader: linux16
- label: tomsrtbt
url: http://www.ibiblio.org/pub/Linux/system/recovery/
filename: tomsrtbt-2.0.103.tar.gz
loader: linux16 memdisk
xenial/
\ No newline at end of file
......@@ -2,8 +2,8 @@
set -efx
# This script setups ansible and runs it
# It should be ran at the end of the basic installation of a machine
# This script (late_command.sh) setups ansible and runs it.
# It should be ran at the end of the basic installation of a machine.
# Here is where the parameters come from:
......@@ -22,9 +22,8 @@ inventory_branch=$7
apt install -y ansible git eatmydata
# We clone our ansible repository and copy the ansible config files
cd /home/$user
# clone our ansible repository(s)
# create and run a script to run ansible on the local box.
git clone $playbook_repo /root/playbook-repo
(cd /root/playbook-repo; git checkout $playbook_branch)
......@@ -40,7 +39,8 @@ if [ ! -z ${inventory_repo} ]; then
fi
fi
cat > /usr/local/sbin/ansible-up <<EOF
script=/usr/local/sbin/ansible-up
cat > $script <<EOF
#!/bin/sh
set -euf
......@@ -60,11 +60,6 @@ exec ansible-playbook \\
$PLAYBOOKS \\
"\$@"
EOF
chmod +x /usr/local/sbin/ansible-up
eatmydata ansible-playbook \
-vvvv \
--inventory-file=$INVENTORY \
--connection=local \
--limit=$(hostname) \
$PLAYBOOKS
chmod +x $script
$script
xenial/
\ No newline at end of file
xenial/
\ No newline at end of file
#!/bin/sh
set -eufx
# hook - if ec.sh exists on the server, get it and run it.
if wget -O - ${url}/ec/ | grep "ec.sh"; then
wget $url/ec/ec.sh
chmod u+x ec.sh
./ec.sh
fi
enable-tftp
tftp-root=/srv/tftp
---
- name: download TFTP boot image
get_url:
url: "{{ netboot_image }}"
dest: /srv/tftp/netboot.tar.gz
- name: extract TFTP boot image
unarchive:
src: /srv/tftp/netboot.tar.gz
dest: /srv/tftp
remote_src: true
creates: /srv/tftp/pxelinux.0
- name: inject preseed into menu (find files)
find:
paths: /srv/tftp
recurse: true
patterns: txt.cfg
register: menus
- name: inject preseed into menu (do injection)
lineinfile:
dest: "{{ item.path }}"
regexp: (\s+append\s+.*\s+initrd=\S+)\s+(.*)(---.*)
backrefs: true
line: \1 auto=true interface=auto url={{ eth_local_ip_address }} netcfg/get_domain={{ domain }} preseed/early_command="anna-install eatmydata-udeb" \3
with_items: "{{ menus.files }}"
- name: create d-i directory
file:
path: /srv/pxe/d-i/{{ debian_version }}
path: /srv/pxe/
state: directory
recurse: true
- name: write preseed.cfg
template:
src: preseed.cfg.j2
dest: /srv/pxe/d-i/{{ debian_version }}/preseed.cfg
- name: copy preseed and supporting files
copy:
src: files/{{ item }}
dest: /srv/pxe/
with_items:
- d-i
- ec
- name: generate late_command.sh
template:
src: late_command.sh.j2
dest: /srv/pxe/d-i/late_command.sh
---
- include: webserver.yml
- include: d-i.yml
- include: pxe.yml
---
- name: install the tftp server
apt:
name: dnsmasq
- name: enable tftp
copy:
src: files/tftp.conf
dest: /etc/dnsmasq.d
- name: create boot image directories
file:
path: /srv/tftp/{{item}}
state: directory
recurse: true
mode: 0755
with_items:
- ipxe
- util/cz/exper/live
- name: magicly build /srv/tftp/boot/grub
command: grub-mknetdir
- name: write grub.cfg
template:
src: grub.cfg.j2
dest: /srv/tftp/boot/grub/grub.cfg
- name: create debian suite dirs
file:
path: /srv/tftp/debian/{{ item[0] }}/{{ item[1] }}
state: directory
recurse: true
mode: 0755
with_nested:
- "{{ debian_suites }}"
- "{{ archs }}"
- name: create ubuntu suite dirs
file:
# path: /srv/tftp/ubuntu/{{suite}}/{{arch}}
path: /srv/tftp/ubuntu/{{ item[0] }}/{{ item[1] }}
state: directory
recurse: true
mode: 0755
with_nested:
- "{{ ubuntu_suites }}"
- "{{ archs }}"
- name: download debian netboot images
get_url:
url: http://{{debian_host}}/debian/dists/{{item[0]}}/main/installer-{{item[1]}}/current/images/netboot/debian-installer/{{item[1]}}/{{item[2]}}
dest: /srv/tftp/debian/{{ item[0] }}/{{ item[1] }}/{{ item[2] }}
with_nested:
- "{{ debian_suites }}"
- "{{ archs }}"
- [ 'linux', 'initrd.gz' ]
- name: download ubuntu netboot images
get_url:
url: http://{{ubuntu_host}}/ubuntu/dists/{{item[0]}}/main/installer-{{item[1]}}/current/images/netboot/ubuntu-installer/{{item[1]}}/{{item[2]}}
dest: /srv/tftp/ubuntu/{{ item[0] }}/{{ item[1] }}/{{ item[2] }}
with_nested:
- "{{ ubuntu_suites }}"
- "{{ archs }}"
- [ 'linux', 'initrd.gz' ]
- name: download ubuntu updated netboot images
get_url:
url: http://{{ubuntu_host}}/ubuntu/dists/{{item[0]}}-updates/main/installer-{{item[1]}}/current/images/netboot/ubuntu-installer/{{item[1]}}/{{item[2]}}
dest: /srv/tftp/ubuntu/{{ item[0] }}/{{ item[1] }}/{{ item[2] }}
ignore_errors: true
with_nested:
- "{{ ubuntu_suites }}"
- "{{ archs }}"
- [ 'linux', 'initrd.gz' ]
- name: download ubuntu eufi grubs
get_url:
url: http://{{ubuntu_host}}/ubuntu/dists/{{item[0]}}/main/uefi/grub2-{{item[1]}}/current/grubnetx64.efi.signed
dest: /srv/tftp/ubuntu/{{ item[0] }}/{{ item[1] }}/grubnetx64.efi.signed
with_nested:
- "{{ ubuntu_suites }}"
- [ 'amd64', ]
- name: download ipxe boot loaders
get_url:
url: https://boot.ipxe.org/{{item}}
dest: /srv/tftp/ipxe/{{ item }}
with_items:
- undionly.kpxe
- ipxe.efi
- ipxe.lkrn
- ipxe.pxe
# - ipxe.efi.signed
# nope. see http://forum.ipxe.org/showthread.php?tid=7533
- name: download other stuff
get_url:
url: "{{ item.url }}/{{ item.filename }}"
dest: /srv/tftp/util/{{ item.filename }}
with_items: "{{ others }}"
# /srv/tftp/grub/grub.cfg
# {{ ansible_managed }}
timeout=5
# get extra appends from dhcp
# allows per host config options
net_get_dhcp_option appends ${net_default_interface} 209 string
# spell hostname funny else it collides with, I guess hostname
net_get_dhcp_option hstnam ${net_default_interface} 12 string
tftp=${pxe_default_server}
tasks="tasks=ubuntu-desktop"
ansibles="lc/playbook_repo={{ playbook_repo }} lc/playbook_branch={{ playbook_branch }} lc/inventory_repo={{ inventory_repo }} lc/inventory_branch={{ inventory_branch }}"
append="--- auto=true url=${tftp} DEBCONF_DEBUG=5 hostname=${hstnam} domain= ${appends} ${tasks} interface=${net_default_mac} hw-detect/load_firmware=false ${ansibles} rescue/enable=false"
# defaul pxe item
menuentry "Boot hd0" {
insmod biosdisk
set root=hd0
chainloader +1
}
{% for suite in debian_suites %}
{% for arch in archs %}
menuentry "{{suite}} h:${hstnam} ${appends}" {
linux /debian/{{suite}}/{{arch}}/linux ${append}
initrd /debian/{{suite}}/{{arch}}/initrd.gz
}
{% endfor %}
{% endfor %}
{% for suite in ubuntu_suites %}
{% for arch in archs %}
menuentry "{{suite}} h:${hstnam} ${appends}" {
linux /ubuntu/{{suite}}/{{arch}}/linux ${append}
initrd /ubuntu/{{suite}}/{{arch}}/initrd.gz
}
{% endfor %}
{% endfor %}
menuentry "ipxe" {
linux16 ipxe/ipxe.lkrn
}
menuentry "sbm" {
linux16 syslinux/memdisk
initrd16 util/sbm/sbm.img
}
menuentry "exit" {
exit
}
menuentry "reboot" {
reboot
}
menuentry "clonezilla" {
set gfxpayload=keep
linux util/cz/exper/live/vmlinuz boot=live union=aufs ocs_live_run="ocs-live-general" ocs_live_extra_param="" ocs_lang="" ocs_live_keymap="NONE" nolocales netboot=nfs nfsroot=${tftp}:/srv/tftp/util/cz/exper/ locales= keyboard-layouts=
initrd util/cz/exper/live/initrd.img
}
{% for other in others %}
menuentry "{{other.label}}" {
{{other.loader}} /util/{{other.filename}}
}
{% endfor %}
#!/bin/sh
# {{ ansible_managed }}
set -eufx
# This script setups ansible and runs it
......
# {{ ansible_managed }}
server {
listen 80 default_server;
listen [::]:80 default_server;
......
# {{ ansible_managed }}
[global]
client={{ org }}
show={{ show }}
......
......@@ -12,7 +12,7 @@
apt:
name: "{{ item }}"
state: latest
default_release: "unstable"
# default_release: "unstable"
with_items:
- voctomix-outcasts
when: ansible_distribution == 'Debian'
......
# {{ ansible_managed }}
[Unit]
Description=Voctomix source {{ item.0 }}:\
{{ item.1.connection }} {%- if item.1.audio %} + audio {%- endif %}\
......
# {{ ansible_managed }}
[Unit]
Description=Voctomix cutlist
After=videoteam-voctocore.service
......
# {{ ansible_managed }}
[Unit]
Description=Voctomix tally light for {{ item.camera }}
After=videoteam-voctocore.service
......
......@@ -13,3 +13,5 @@ irc:
- "#debconf"
irc_room_channel: ""
irc_nick: videoteam
streaming:
method: none
#!/bin/sh
# {{ ansible_managed }}
systemctl --user import-environment DISPLAY XAUTHORITY
if which dbus-update-activation-environment >/dev/null 2>&1; then
......
#! /usr/bin/perl
# {{ ansible_managed }}
use X11::Protocol;
use Data::Dumper;
......
......@@ -2,3 +2,9 @@
set -eufx
# hook - if ec.sh exists on the server, get it and run it.
if wget -O - ${url}/ec/ | grep "ec.sh"; then
wget $url/ec/ec.sh
chmod u+x ec.sh
./ec.sh
fi
#!/bin/bash -ex
# serves preseed and late_command
# serves d-i/foo/preseed, ec/early_command.sh and d-i/late_command.sh
# turn off local cache that runs on the same 8000 port
sudo systemctl stop squid-deb-proxy.service
cd ../roles/tftp-server/files/
python -m SimpleHTTPServer
......@@ -18,7 +18,7 @@ inventory_branch=
suite=stretch
bootimg_loc=http://ftp.debian.org/debian/dists/${suite}/main/installer-amd64/current/images
iso=debian-9.1.0-amd64-netinst.iso
iso=debian-9.2.1-amd64-netinst.iso
iso_loc=https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/
# Ubuntu:
......
......@@ -48,13 +48,13 @@ zcat hd-media/boot.img.gz|sudo dcfldd of=/dev/${dev}
pmount /dev/${dev}
# append appends to append
# tee so I can see what gets written out.
# tee so we can see what gets written out.
sed "\|^APPEND|s|$| fb=false ${appends}|" syslinux.cfg | tee /media/${dev}/syslinux.cfg
# copy the preseed files in case of problems serving them over the net.
# just fis the APPEND line and the early/late stuff and off you go.
# just fix the kernel APPEND and the remove the early/late commands.
# (good luck, it is hard.)
cp -a d-i/${suite}/* /media/${dev}
cp -a ../roles/tftp-server/files/d-i/${suite}/* /media/${dev}
case $suite in
......
......@@ -5,10 +5,13 @@
- system-software
- users
- hosts: tftp-server
roles:
- tftp-server
- hosts: dhcp-server
roles:
- dhcp-server
- tftp-server
- squid-deb-proxy
- hosts: nfs-server
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment