diff --git a/embed.ipxe b/embed.ipxe
index 86a8f63..e9d66bc 100644
--- a/embed.ipxe
+++ b/embed.ipxe
@@ -12,7 +12,7 @@ imgtrust --permanent
 # For the "focal" part of the URL string, in case that changes in the future.
 set ubuntu-variant focal
 
-goto get_arch
+goto get_platform
 
 
 #################
@@ -135,6 +135,23 @@ sleep 5
 exit
 
 
+# set variables based on whether it's EFI or not
+:get_platform
+iseq ${platform} efi && goto is_efi || goto not_efi
+
+# Attributes for EFI boot
+:is_efi
+# hack, see https://github.com/coreos/fedora-coreos-tracker/issues/390#issuecomment-588328137
+set squashfs squashfs.cpio.gz
+set initrd boot-initrd,squashfs.cpio.gz
+goto get_arch
+
+# this sets different attributes for non-EFI (legacy PC) boot
+:not_efi
+set squashfs squashfs
+set initrd boot-initrd
+goto get_arch
+
 
 # Get relevant CPU arch.
 :get_arch
@@ -186,14 +203,13 @@ goto static_ip_boot_setup
 # We use HTTP because IPXE's HTTPS implementation is lacking. So we delegate
 #   integrity and validation to imgverify.
 
-
 # Naming the squashfs download "/squashfs" is required, otherwise the boot
 #   kernel fails to load it in the "root=" part of the kernel cmdline.
 # However, note that imgverify will fail if you refer to it as "/squashfs"
 #   instead of "squashfs".
 
-imgfetch http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/squashfs.cpio.gz /squashfs.cpio.gz || goto try_next_card
-imgverify --signer images.sysdeploy.org squashfs.cpio.gz http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/squashfs.cpio.gz.sig || goto error_handler
+imgfetch http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/${squashfs} /${squashfs} || goto try_next_card
+imgverify --signer images.sysdeploy.org ${squashfs} http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/${squashfs}.sig || goto error_handler
 
 # "--signer" validates against the subject common name field of the signing
 #   certificate. That signing cert must have both the digital signature key
@@ -203,7 +219,6 @@ imgverify --signer images.sysdeploy.org squashfs.cpio.gz http://images.sysdeploy
 #   make sure you pick a common name with a FQDN you control, even if you're
 #   using a custom CA that you import during build.
 
-
 initrd http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/boot-initrd || goto try_next_card
 imgverify --signer images.sysdeploy.org boot-initrd http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/boot-initrd.sig || goto error_handler
 
@@ -218,7 +233,7 @@ echo ip-info ${ip-info}
 
 sleep 1
 
-boot boot-kernel initrd=boot-initrd,squashfs.cpio.gz rootfstype=squashfs root=/squashfs ip=${ip-info} overlayroot=tmpfs:recurse=0 systemd.clock-usec=${unixtime:int32}000000 ds=nocloud-net;s=https://cloud-init.sysdeploy.org/ || goto error_handler
+boot boot-kernel initrd=${initrd} rootfstype=squashfs root=/squashfs ip=${ip-info} overlayroot=tmpfs:recurse=0 systemd.clock-usec=${unixtime:int32}000000 ds=nocloud-net;s=https://cloud-init.sysdeploy.org/ || goto error_handler
 
 # unixtime variable must be used with int32, because that's the only way it
 #   will display as decimal digits. unit32 and string both display as hex.