forked from Sysdeploy/ipxe_scripts
Split EFI and legacy boot
- needs to work slightly differently
This commit is contained in:
parent
ba9f7e23bf
commit
a77e66c18a
27
embed.ipxe
27
embed.ipxe
|
@ -12,7 +12,7 @@ imgtrust --permanent
|
|||
# For the "focal" part of the URL string, in case that changes in the future.
|
||||
set ubuntu-variant focal
|
||||
|
||||
goto get_arch
|
||||
goto get_platform
|
||||
|
||||
|
||||
#################
|
||||
|
@ -135,6 +135,23 @@ sleep 5
|
|||
exit
|
||||
|
||||
|
||||
# set variables based on whether it's EFI or not
|
||||
:get_platform
|
||||
iseq ${platform} efi && goto is_efi || goto not_efi
|
||||
|
||||
# Attributes for EFI boot
|
||||
:is_efi
|
||||
# hack, see https://github.com/coreos/fedora-coreos-tracker/issues/390#issuecomment-588328137
|
||||
set squashfs squashfs.cpio.gz
|
||||
set initrd boot-initrd,squashfs.cpio.gz
|
||||
goto get_arch
|
||||
|
||||
# this sets different attributes for non-EFI (legacy PC) boot
|
||||
:not_efi
|
||||
set squashfs squashfs
|
||||
set initrd boot-initrd
|
||||
goto get_arch
|
||||
|
||||
|
||||
# Get relevant CPU arch.
|
||||
:get_arch
|
||||
|
@ -186,14 +203,13 @@ goto static_ip_boot_setup
|
|||
# We use HTTP because IPXE's HTTPS implementation is lacking. So we delegate
|
||||
# integrity and validation to imgverify.
|
||||
|
||||
|
||||
# Naming the squashfs download "/squashfs" is required, otherwise the boot
|
||||
# kernel fails to load it in the "root=" part of the kernel cmdline.
|
||||
# However, note that imgverify will fail if you refer to it as "/squashfs"
|
||||
# instead of "squashfs".
|
||||
|
||||
imgfetch http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/squashfs.cpio.gz /squashfs.cpio.gz || goto try_next_card
|
||||
imgverify --signer images.sysdeploy.org squashfs.cpio.gz http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/squashfs.cpio.gz.sig || goto error_handler
|
||||
imgfetch http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/${squashfs} /${squashfs} || goto try_next_card
|
||||
imgverify --signer images.sysdeploy.org ${squashfs} http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/${squashfs}.sig || goto error_handler
|
||||
|
||||
# "--signer" validates against the subject common name field of the signing
|
||||
# certificate. That signing cert must have both the digital signature key
|
||||
|
@ -203,7 +219,6 @@ imgverify --signer images.sysdeploy.org squashfs.cpio.gz http://images.sysdeploy
|
|||
# make sure you pick a common name with a FQDN you control, even if you're
|
||||
# using a custom CA that you import during build.
|
||||
|
||||
|
||||
initrd http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/boot-initrd || goto try_next_card
|
||||
imgverify --signer images.sysdeploy.org boot-initrd http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/boot-initrd.sig || goto error_handler
|
||||
|
||||
|
@ -218,7 +233,7 @@ echo ip-info ${ip-info}
|
|||
|
||||
sleep 1
|
||||
|
||||
boot boot-kernel initrd=boot-initrd,squashfs.cpio.gz rootfstype=squashfs root=/squashfs ip=${ip-info} overlayroot=tmpfs:recurse=0 systemd.clock-usec=${unixtime:int32}000000 ds=nocloud-net;s=https://cloud-init.sysdeploy.org/ || goto error_handler
|
||||
boot boot-kernel initrd=${initrd} rootfstype=squashfs root=/squashfs ip=${ip-info} overlayroot=tmpfs:recurse=0 systemd.clock-usec=${unixtime:int32}000000 ds=nocloud-net;s=https://cloud-init.sysdeploy.org/ || goto error_handler
|
||||
|
||||
# unixtime variable must be used with int32, because that's the only way it
|
||||
# will display as decimal digits. unit32 and string both display as hex.
|
||||
|
|
Loading…
Reference in New Issue
Block a user