Compare commits

..

70 Commits

Author SHA1 Message Date
c26d9c8dfb
nocloud-net is deprecated
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2024-03-19 09:29:14 +08:00
fd21958883
Download images from bunny.net
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2024-02-20 21:20:49 +08:00
5343bac65e
Revert last 4 commits
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
This reverts commit ce85723f1a.
2024-02-20 16:09:34 +08:00
7401717352
Try to reopen interfaces at the beginning
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2024-02-20 13:16:03 +08:00
9c7265e6d4
Try static IP first, then DHCP
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2024-02-20 12:57:30 +08:00
632556590b
Override DNS even for DHCP
All checks were successful
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2024-02-20 12:36:35 +08:00
ce85723f1a
Reduce reliance on NTP
All checks were successful
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2024-02-20 11:53:31 +08:00
6d3b19dfff
Whitespace change to bump version
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2024-01-30 10:10:50 +08:00
819efecd46
Fix backup.bitmessage.at network device names
Some checks failed
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2024-01-02 21:26:16 +01:00
46eef3e758
Add backup.bitmessage.at
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2023-12-11 13:12:33 +01:00
aa0cbaca9b
Add node9.sysdeploy.org
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2023-11-30 07:46:35 +08:00
ef36aa71a3
Use google DNS for node3.surda.cloud
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2023-09-19 10:55:40 +08:00
a3a1ac2969
Add node3.surda.cloud
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2023-09-15 09:13:43 +08:00
79c62dd58b
Print more verbose info
All checks were successful
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2023-07-27 10:51:38 +08:00
73a2e56742
Add node2.surda.cloud (Menara AIMS)
All checks were successful
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2023-07-24 11:48:52 +08:00
9380a35800
Typo
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2023-05-14 15:09:42 +08:00
6ccd85fe1d
Typo
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2023-05-14 15:03:50 +08:00
05ab34d4a2
Typo
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2023-05-14 14:56:39 +08:00
706c9bae02
Split EFI and non-EFI (WiP)
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2023-05-14 12:13:45 +08:00
1ddc2fd8d6
Move images back to images.sysdeploy.org
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
- and get rid of https
2023-05-14 11:30:37 +08:00
8ffcfa54be
Update IPAX IP addresses
All checks were successful
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
- subnet shrank and the IPs were redistributed
2023-04-02 08:47:12 +08:00
d4656d0809
Bump to jammy
Some checks failed
buildbot/multibuild_parent Build done.
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2023-02-28 17:23:18 +01:00
21ac410f73
Add node5.sysdeploy.org
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-10-18 13:06:32 +08:00
dae1e27063
Remove cert debug
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-20 21:12:45 +08:00
af1a33cbaa
Add Letsencrypt intermediary cert
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-20 20:56:45 +08:00
68244b00fa
Fix ISRG root cert URL and file name
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-20 20:51:33 +08:00
879d196089
Cert fix
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
- reduce cert debug level
- manually add current Letsencrypt certs
2022-09-20 20:47:43 +08:00
343e4a5666
Add x509 debug to ISO
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-20 20:34:05 +08:00
3a82e2f83c
Even more verbose debugging
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-20 20:26:11 +08:00
a85ec6c2cc
More cert debugging
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-20 20:21:04 +08:00
c719212148
Set time before downloading images
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-20 19:59:02 +08:00
3e71d4bdf4
Add cert debugging
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-20 19:51:46 +08:00
90081ecc3a
Fix root cert location (again)
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-20 19:39:53 +08:00
a54d3a5a69
Update root cert path
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-20 19:34:22 +08:00
06e4a2d9ca
Add iPXE root CA cert
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-20 19:28:10 +08:00
f552011aed
Fix sed command line arguments
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-20 18:59:59 +08:00
7bba9f8d84
Typo
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-20 18:58:14 +08:00
b8b71aa1bd
Refactor setting default ipxe compile options
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
- reduce repeating code
- make parser more tolerant
2022-09-20 18:54:44 +08:00
943372ac70
Use whitespace match in sed
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
- it looks like sometimes the config.h uses a space and sometimes a tab
2022-09-20 18:36:13 +08:00
e1c8cbcfbb
Escape spaces
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-20 18:28:00 +08:00
926ffa802f
Fix #undef parser
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
- #undef in general.h is followed by two spaces, breaking the parser
2022-09-20 18:20:18 +08:00
af0a880e4a
Change floppy image to USB image
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-09-19 20:31:35 +08:00
535e6fe061
Revert to default ubuntu images
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
- get rid of EFI squashfs boot, there is no use for it now
- makes it unnecessary to build extra images
2022-09-19 19:36:35 +08:00
438470ad55
Typo in node8.sysdeploy.org
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
- gateway was wrong
2022-08-03 09:50:42 +08:00
61e80eea73
Add node8.sysdeploy.org
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-08-02 22:06:29 +08:00
688d87fcd4
Fix hostname
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
- only in comments, no functional change
2022-07-27 14:59:10 +08:00
d3122e92f7
Add node6.sysdeploy.org
Some checks failed
buildbot/travis_bionic Build done.
buildbot/multibuild_parent Build done.
buildbot/ipxe_x86_build_and_release Build done.
2022-07-27 09:58:01 +08:00
243906ba6b
Fix EFI signing cert (typo)
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2021-12-01 23:04:35 +08:00
ca76f25aa4
EFI signing debug
Some checks failed
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2021-12-01 22:38:38 +08:00
e3ace96932
Fix EFI signing
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2021-12-01 22:30:46 +08:00
93998bd7a7
Add signing to EFI
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2021-12-01 22:14:29 +08:00
255a95b0cd
node4.sysdeploy.org interface name change
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2021-11-29 17:46:45 +08:00
d8762420c8
Add node4.sysdeploy.org MAC
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2021-11-29 15:31:54 +08:00
28edcef522
Add floppy disk image
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2021-11-29 14:58:38 +08:00
f227080af7
V2 cloud-init sysdeploy API with UUID
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2021-11-19 16:37:53 +08:00
a71be1a44e
Typo
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2021-11-03 15:34:48 +08:00
a3d3a33b60
Image verify name fix
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2021-11-03 14:32:43 +08:00
009bbb05d6
Combine initrd and squashfs and unified boot
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
- one one initrd which also includes squashfs
- same procedure for EFI and non-EFI
2021-11-03 14:18:01 +08:00
5623a9dd8c
Redesign EFI boot
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
- I didn't understand correctly how it works, both cpio archives should be
  uncompressed
2021-11-03 13:52:49 +08:00
33c4bfb58e
Redesign EFI boot
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
- concatenating two gzipped cpio archives doesn't work, so we need to do it
  differently
2021-11-03 13:40:02 +08:00
3c694ab4f4
Kernel command line fix for multiple initrd
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2021-11-03 12:36:05 +08:00
a77e66c18a
Split EFI and legacy boot
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
- needs to work slightly differently
2021-11-03 11:10:44 +08:00
ba9f7e23bf
Append squashfs.cpio.gz into initrd
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2021-11-02 23:06:28 +08:00
6cf7728451
Add: node3.sysdeploy.org
All checks were successful
buildbot/travis_bionic Build done.
buildbot/ipxe_x86_build_and_release Build done.
2021-07-31 13:28:22 +08:00
4e2bb6630d
Dummy commit to force buildbot rebuild (removed trailing whitespace in embed.ipxe) 2021-05-29 06:22:13 -07:00
c4a532ebae
Add functionality for BuildBot to build and release IPXE EFI 2021-05-27 23:04:33 -07:00
9655c066f8
Add functions to build PXE bin and upload as release artifact 2021-05-05 05:12:24 -07:00
33fbab7679
Add: correct IP for node2.bitmessage.at 2021-05-05 11:50:00 +02:00
c5e2c6a4a3
Add: node2.bitmessage.at
- at the moment only a fake IP address for testing purposes
- will provide real IP in a future commit
2021-05-02 20:41:02 +02:00
bffbacba14
Fix failure to try second NIC when first NIC is present but has no connectivity 2021-05-01 23:50:28 -07:00
2 changed files with 551 additions and 50 deletions

View File

@ -1,5 +1,6 @@
#!/usr/bin/env bash #!/usr/bin/env bash
LE_CERT=isrgrootx1.pem,isrg-root-x2.pem,lets-encrypt-r3.pem
function clone_ipxe_upstream() { function clone_ipxe_upstream() {
local ipxe_src_dir="$1" local ipxe_src_dir="$1"
@ -28,25 +29,27 @@ function sed_enabled_ipxe_features() {
return 1 return 1
fi fi
sed -i 's/^\/\/\#define\ DOWNLOAD_PROTO_HTTPS/\#define\ DOWNLOAD_PROTO_HTTPS/g' "${ipxe_src_dir}/src/config/general.h" for OPTION in DOWNLOAD_PROTO_HTTPS \
sed -i 's/^\/\/\#define\ NSLOOKUP_CMD/\#define\ NSLOOKUP_CMD/g' "${ipxe_src_dir}/src/config/general.h" NSLOOKUP_CMD \
sed -i 's/^\/\/\#define\ TIME_CMD/\#define\ TIME_CMD/g' "${ipxe_src_dir}/src/config/general.h" TIME_CMD \
sed -i 's/^\/\/\#define\ DIGEST_CMD/\#define\ DIGEST_CMD/g' "${ipxe_src_dir}/src/config/general.h" DIGEST_CMD \
sed -i 's/^\/\/\#define\ REBOOT_CMD/\#define\ REBOOT_CMD/g' "${ipxe_src_dir}/src/config/general.h" REBOOT_CMD \
sed -i 's/^\/\/\#define\ POWEROFF_CMD/\#define\ POWEROFF_CMD/g' "${ipxe_src_dir}/src/config/general.h" POWEROFF_CMD \
sed -i 's/^\/\/\#define\ IMAGE_TRUST_CMD/\#define\ IMAGE_TRUST_CMD/g' "${ipxe_src_dir}/src/config/general.h" IMAGE_TRUST_CMD \
sed -i 's/^\/\/\#define\ NTP_CMD/\#define\ NTP_CMD/g' "${ipxe_src_dir}/src/config/general.h" NTP_CMD \
sed -i 's/^\/\/\#define\ CERT_CMD/\#define\ CERT_CMD/g' "${ipxe_src_dir}/src/config/general.h" CERT_CMD
do
sed -i -r \
"s/^\\/+#define[[:space:]]+$OPTION[[:space:]]/#define $OPTION /g" \
"${ipxe_src_dir}/src/config/general.h"
sed -i -r \
"s/^#undef[[:space:]]+$OPTION[[:space:]]/#define $OPTION /g" \
"${ipxe_src_dir}/src/config/general.h"
done
sed -i 's/^\#undef\ DOWNLOAD_PROTO_HTTPS/\#define\ DOWNLOAD_PROTO_HTTPS/g' "${ipxe_src_dir}/src/config/general.h" echo "Downloading default iPXE CA certificate"
sed -i 's/^\#undef\ NSLOOKUP_CMD/\#define\ NSLOOKUP_CMD/g' "${ipxe_src_dir}/src/config/general.h" cd ipxe/src
sed -i 's/^\#undef\ TIME_CMD/\#define\ TIME_CMD/g' "${ipxe_src_dir}/src/config/general.h" wget https://letsencrypt.org/certs/{isrgrootx1,isrg-root-x2,lets-encrypt-r3}.pem
sed -i 's/^\#undef\ DIGEST_CMD/\#define\ DIGEST_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\#undef\ REBOOT_CMD/\#define\ REBOOT_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\#undef\ POWEROFF_CMD/\#define\ POWEROFF_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\#undef\ IMAGE_TRUST_CMD/\#define\ IMAGE_TRUST_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\#undef\ NTP_CMD/\#define\ NTP_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\#undef\ CERT_CMD/\#define\ CERT_CMD/g' "${ipxe_src_dir}/src/config/general.h"
return 0 return 0
} }
@ -81,7 +84,7 @@ function make_ipxe_lkrn() {
curr="$(pwd)" curr="$(pwd)"
cd "${ipxe_src_dir}/src/" || return 1 cd "${ipxe_src_dir}/src/" || return 1
make bin/ipxe.lkrn EMBED="${embed_file}" CERT="${signing_cert},${ca_cert}" TRUST="${ca_cert}" || return 2 make bin/ipxe.lkrn EMBED="${embed_file}" CERT="$LE_CERT,${signing_cert},${ca_cert}" TRUST="$LE_CERT,${ca_cert}" || return 2
cd "$curr" cd "$curr"
return 0 return 0
@ -117,7 +120,121 @@ function make_ipxe_iso() {
curr="$(pwd)" curr="$(pwd)"
cd "${ipxe_src_dir}/src/" || return 1 cd "${ipxe_src_dir}/src/" || return 1
make bin/ipxe.iso EMBED="${embed_file}" CERT="${signing_cert},${ca_cert}" TRUST="${ca_cert}" || return 2 make bin/ipxe.iso EMBED="${embed_file}" CERT="$LE_CERT,${signing_cert},${ca_cert}" TRUST="$LE_CERT,${ca_cert}" || return 2
cd "$curr"
return 0
}
function make_ipxe_dsk() {
local ipxe_src_dir="$1"
local embed_file="$2"
local signing_cert="$3"
local ca_cert="$4"
embed_file="$(realpath "${embed_file}")"
signing_cert="$(realpath "${signing_cert}")"
ca_cert="$(realpath "${ca_cert}")"
if [ ! -d "$ipxe_src_dir" ]; then
>&2 echo "IPXE supplied directory does not exist."
return 1
fi
if [[ ! -f "$embed_file" ]]; then
>&2 echo "IPXE embedded file does not exist."
return 1
fi
if [[ ! -f "$signing_cert" ]]; then
>&2 echo "IPXE signing cert does not exist."
return 1
fi
if [[ ! -f "${ca_cert}" ]]; then
>&2 echo "IPXE CA cert does not exist."
return 1
fi
curr="$(pwd)"
cd "${ipxe_src_dir}/src/" || return 1
make bin/ipxe.usb EMBED="${embed_file}" CERT="$LE_CERT,${signing_cert},${ca_cert}" TRUST="$LE_CERT,${ca_cert}" || return 2
cd "$curr"
return 0
}
function make_ipxe_pxe() {
local ipxe_src_dir="$1"
local embed_file="$2"
local signing_cert="$3"
local ca_cert="$4"
embed_file="$(realpath "${embed_file}")"
signing_cert="$(realpath "${signing_cert}")"
ca_cert="$(realpath "${ca_cert}")"
if [ ! -d "$ipxe_src_dir" ]; then
>&2 echo "IPXE supplied directory does not exist."
return 1
fi
if [[ ! -f "$embed_file" ]]; then
>&2 echo "IPXE embedded file does not exist."
return 1
fi
if [[ ! -f "$signing_cert" ]]; then
>&2 echo "IPXE signing cert does not exist."
return 1
fi
if [[ ! -f "${ca_cert}" ]]; then
>&2 echo "IPXE CA cert does not exist."
return 1
fi
curr="$(pwd)"
cd "${ipxe_src_dir}/src/" || return 1
make bin/ipxe.pxe EMBED="${embed_file}" CERT="$LE_CERT,${signing_cert},${ca_cert}" TRUST="$LE_CERT,${ca_cert}" || return 2
cd "$curr"
return 0
}
function make_ipxe_efi() {
local ipxe_src_dir="$1"
local embed_file="$2"
local signing_cert="$3"
local ca_cert="$4"
local efi_key="$5"
local efi_cert="$6"
embed_file="$(realpath "${embed_file}")"
signing_cert="$(realpath "${signing_cert}")"
ca_cert="$(realpath "${ca_cert}")"
efi_key="$(realpath "${efi_key}")"
efi_cert="$(realpath "${efi_cert}")"
if [ ! -d "$ipxe_src_dir" ]; then
>&2 echo "IPXE supplied directory does not exist."
return 1
fi
if [[ ! -f "$embed_file" ]]; then
>&2 echo "IPXE embedded file does not exist."
return 1
fi
if [[ ! -f "$signing_cert" ]]; then
>&2 echo "IPXE signing cert does not exist."
return 1
fi
if [[ ! -f "${ca_cert}" ]]; then
>&2 echo "IPXE CA cert does not exist."
return 1
fi
curr="$(pwd)"
cd "${ipxe_src_dir}/src/" || return 1
make bin-x86_64-efi/ipxe.efi EMBED="${embed_file}" CERT="$LE_CERT,${signing_cert},${ca_cert}" TRUST="$LE_CERT,${ca_cert}" || return 2
mv bin-x86_64-efi/ipxe.efi bin/
sbsign --key ${efi_key} --cert ${efi_cert} --output bin/ipxe.efi bin/ipxe.efi
cd "$curr" cd "$curr"
return 0 return 0
@ -138,11 +255,24 @@ function make_ipxe_bin_shasums() {
>&2 echo "IPXE iso build file does not exist." >&2 echo "IPXE iso build file does not exist."
return 1 return 1
fi fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.usb" ]]; then
>&2 echo "IPXE USB build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.pxe" ]]; then
>&2 echo "IPXE pxe build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.efi" ]]; then
>&2 echo "IPXE efi build file does not exist."
return 1
fi
curr="$(pwd)" curr="$(pwd)"
cd "${ipxe_src_dir}/src/bin/" || return 1 cd "${ipxe_src_dir}/src/bin/" || return 1
sha256sum ipxe.lkrn ipxe.iso > SHA256SUMS || return 2 sha256sum ipxe.lkrn ipxe.iso ipxe.usb ipxe.pxe ipxe.efi > SHA256SUMS || return 2
cd "$curr" cd "$curr"
return 0 return 0
} }
@ -297,6 +427,18 @@ function upload_release_ipxe_lkrn() {
>&2 echo "IPXE iso build file does not exist." >&2 echo "IPXE iso build file does not exist."
return 1 return 1
fi fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.usb" ]]; then
>&2 echo "IPXE USB build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.pxe" ]]; then
>&2 echo "IPXE pxe build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.efi" ]]; then
>&2 echo "IPXE efi build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then
>&2 echo "IPXE sha256sums file does not exist." >&2 echo "IPXE sha256sums file does not exist."
return 1 return 1
@ -378,6 +520,14 @@ function upload_release_ipxe_iso() {
>&2 echo "IPXE iso build file does not exist." >&2 echo "IPXE iso build file does not exist."
return 1 return 1
fi fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.pxe" ]]; then
>&2 echo "IPXE pxe build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.efi" ]]; then
>&2 echo "IPXE efi build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then
>&2 echo "IPXE sha256sums file does not exist." >&2 echo "IPXE sha256sums file does not exist."
return 1 return 1
@ -419,6 +569,277 @@ function upload_release_ipxe_iso() {
return 0 return 0
} }
function upload_release_ipxe_dsk() {
local ipxe_src_dir="$1"
local git_repo_dir="$2"
local branch="$3"
local repo_user="$4"
local repo_name="$5"
local api_token_file="$6"
if [ ! -d "$git_repo_dir" ]; then
>&2 echo "Supplied directory does not exist."
return 1
fi
if [[ -z "$branch" ]]; then
>&2 echo "No branch specified."
return 1
fi
if [[ -z "$repo_user" ]]; then
>&2 echo "No repo username specified."
return 1
fi
if [[ -z "$repo_name" ]]; then
>&2 echo "No repo name specified."
return 1
fi
if [[ ! -f "$api_token_file" ]]; then
>&2 echo "API token file does not exist."
return 1
fi
if [ ! -d "$ipxe_src_dir" ]; then
>&2 echo "IPXE supplied directory does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.lkrn" ]]; then
>&2 echo "IPXE lkrn build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.iso" ]]; then
>&2 echo "IPXE iso build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.usb" ]]; then
>&2 echo "IPXE USB build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.pxe" ]]; then
>&2 echo "IPXE pxe build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.efi" ]]; then
>&2 echo "IPXE efi build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then
>&2 echo "IPXE sha256sums file does not exist."
return 1
fi
curr="$(pwd)"
cd "$git_repo_dir"
cat release_results.txt | grep ^HTTP/ | grep 201 >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The release info from the curl step cannot be found."
return 2
fi
tail -n 1 release_results.txt | jq .id | grep -P '^(\d)+$' >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The release info from the curl step cannot be found."
return 2
fi
releaseid="$(tail -n 1 release_results.txt | jq .id)"
curl -X POST "https://git.bitmessage.org/api/v1/repos/${repo_user}/${repo_name}/releases/${releaseid}/assets?name=ipxe.usb" \
-H "accept: application/json" \
-H "Authorization: token $(cat $api_token_file)" \
-i \
-F "attachment=@${ipxe_src_dir}/src/bin/ipxe.usb" > release_usb.txt
cat release_usb.txt | grep ^HTTP/ | grep 201 >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The upload of ipxe.usb as a release attachment failed."
return 2
fi
tail -n 1 release_usb.txt | jq .id | grep -P '^(\d)+$' >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The upload of ipxe.usb as a release attachment failed."
return 2
fi
cd "$curr"
return 0
}
function upload_release_ipxe_pxe() {
local ipxe_src_dir="$1"
local git_repo_dir="$2"
local branch="$3"
local repo_user="$4"
local repo_name="$5"
local api_token_file="$6"
if [ ! -d "$git_repo_dir" ]; then
>&2 echo "Supplied directory does not exist."
return 1
fi
if [[ -z "$branch" ]]; then
>&2 echo "No branch specified."
return 1
fi
if [[ -z "$repo_user" ]]; then
>&2 echo "No repo username specified."
return 1
fi
if [[ -z "$repo_name" ]]; then
>&2 echo "No repo name specified."
return 1
fi
if [[ ! -f "$api_token_file" ]]; then
>&2 echo "API token file does not exist."
return 1
fi
if [ ! -d "$ipxe_src_dir" ]; then
>&2 echo "IPXE supplied directory does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.lkrn" ]]; then
>&2 echo "IPXE lkrn build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.iso" ]]; then
>&2 echo "IPXE iso build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.pxe" ]]; then
>&2 echo "IPXE pxe build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.efi" ]]; then
>&2 echo "IPXE efi build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then
>&2 echo "IPXE sha256sums file does not exist."
return 1
fi
curr="$(pwd)"
cd "$git_repo_dir"
cat release_results.txt | grep ^HTTP/ | grep 201 >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The release info from the curl step cannot be found."
return 2
fi
tail -n 1 release_results.txt | jq .id | grep -P '^(\d)+$' >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The release info from the curl step cannot be found."
return 2
fi
releaseid="$(tail -n 1 release_results.txt | jq .id)"
curl -X POST "https://git.bitmessage.org/api/v1/repos/${repo_user}/${repo_name}/releases/${releaseid}/assets?name=ipxe.pxe" \
-H "accept: application/json" \
-H "Authorization: token $(cat $api_token_file)" \
-i \
-F "attachment=@${ipxe_src_dir}/src/bin/ipxe.pxe" > release_pxe.txt
cat release_pxe.txt | grep ^HTTP/ | grep 201 >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The upload of ipxe.pxe as a release attachment failed."
return 2
fi
tail -n 1 release_pxe.txt | jq .id | grep -P '^(\d)+$' >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The upload of ipxe.pxe as a release attachment failed."
return 2
fi
cd "$curr"
return 0
}
function upload_release_ipxe_efi() {
local ipxe_src_dir="$1"
local git_repo_dir="$2"
local branch="$3"
local repo_user="$4"
local repo_name="$5"
local api_token_file="$6"
if [ ! -d "$git_repo_dir" ]; then
>&2 echo "Supplied directory does not exist."
return 1
fi
if [[ -z "$branch" ]]; then
>&2 echo "No branch specified."
return 1
fi
if [[ -z "$repo_user" ]]; then
>&2 echo "No repo username specified."
return 1
fi
if [[ -z "$repo_name" ]]; then
>&2 echo "No repo name specified."
return 1
fi
if [[ ! -f "$api_token_file" ]]; then
>&2 echo "API token file does not exist."
return 1
fi
if [ ! -d "$ipxe_src_dir" ]; then
>&2 echo "IPXE supplied directory does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.lkrn" ]]; then
>&2 echo "IPXE lkrn build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.iso" ]]; then
>&2 echo "IPXE iso build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.pxe" ]]; then
>&2 echo "IPXE pxe build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.efi" ]]; then
>&2 echo "IPXE efi build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then
>&2 echo "IPXE sha256sums file does not exist."
return 1
fi
curr="$(pwd)"
cd "$git_repo_dir"
cat release_results.txt | grep ^HTTP/ | grep 201 >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The release info from the curl step cannot be found."
return 2
fi
tail -n 1 release_results.txt | jq .id | grep -P '^(\d)+$' >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The release info from the curl step cannot be found."
return 2
fi
releaseid="$(tail -n 1 release_results.txt | jq .id)"
curl -X POST "https://git.bitmessage.org/api/v1/repos/${repo_user}/${repo_name}/releases/${releaseid}/assets?name=ipxe.efi" \
-H "accept: application/json" \
-H "Authorization: token $(cat $api_token_file)" \
-i \
-F "attachment=@${ipxe_src_dir}/src/bin/ipxe.efi" > release_efi.txt
cat release_efi.txt | grep ^HTTP/ | grep 201 >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The upload of ipxe.efi as a release attachment failed."
return 2
fi
tail -n 1 release_efi.txt | jq .id | grep -P '^(\d)+$' >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The upload of ipxe.efi as a release attachment failed."
return 2
fi
cd "$curr"
return 0
}
function upload_release_ipxe_shasums() { function upload_release_ipxe_shasums() {
local ipxe_src_dir="$1" local ipxe_src_dir="$1"
local git_repo_dir="$2" local git_repo_dir="$2"
@ -459,6 +880,14 @@ function upload_release_ipxe_shasums() {
>&2 echo "IPXE iso build file does not exist." >&2 echo "IPXE iso build file does not exist."
return 1 return 1
fi fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.pxe" ]]; then
>&2 echo "IPXE pxe build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.efi" ]]; then
>&2 echo "IPXE efi build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then
>&2 echo "IPXE sha256sums file does not exist." >&2 echo "IPXE sha256sums file does not exist."
return 1 return 1

View File

@ -9,8 +9,8 @@
imgtrust --permanent imgtrust --permanent
# For the "focal" part of the URL string, in case that changes in the future. # For the "jammy" part of the URL string, in case that changes in the future.
set ubuntu-variant focal set ubuntu-variant jammy
goto get_arch goto get_arch
@ -35,14 +35,47 @@ isset ${net${idx}/mac} || goto loop_done
######################## SET STATIC IP INFO HERE ############################# ######################## SET STATIC IP INFO HERE #############################
# Just copy/paste an entire line to add more # Just copy/paste an entire line to add more
# #
echo Checking net${idx} echo Checking net${idx} for a static IP config
# node1.bitmessage.at # node1.bitmessage.at
iseq ${net${idx}/mac} 40:a8:f0:31:cc:58 && set ip-dev-name eno1 && set ip-addr 93.189.28.82 && set ip-gateway 93.189.28.81 && set ip-netmask 255.255.255.240 && set ip-dns 1.1.1.1 && set successful t && goto loop_done || iseq ${net${idx}/mac} 40:a8:f0:31:cc:58 && set ip-dev-name eno1 && set ip-addr 93.189.28.82 && set ip-gateway 93.189.28.81 && set ip-netmask 255.255.255.248 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
iseq ${net${idx}/mac} 40:a8:f0:31:cc:59 && set ip-dev-name eno2 && set ip-addr 93.189.28.82 && set ip-gateway 93.189.28.81 && set ip-netmask 255.255.255.240 && set ip-dns 1.1.1.1 && set successful t && goto loop_done || iseq ${net${idx}/mac} 40:a8:f0:31:cc:59 && set ip-dev-name eno2 && set ip-addr 93.189.28.82 && set ip-gateway 93.189.28.81 && set ip-netmask 255.255.255.248 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
# node2.bitmessage.at
iseq ${net${idx}/mac} 28:80:23:a7:52:d0 && set ip-dev-name eno1 && set ip-addr 93.189.25.250 && set ip-gateway 93.189.25.249 && set ip-netmask 255.255.255.248 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
iseq ${net${idx}/mac} 28:80:23:a7:52:d1 && set ip-dev-name eno2 && set ip-addr 93.189.25.250 && set ip-gateway 93.189.25.249 && set ip-netmask 255.255.255.248 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
# node1.surda.cloud # node1.surda.cloud
iseq ${net${idx}/mac} d0:50:99:df:1d:49 && set ip-dev-name enp39s0 && set ip-addr 93.189.28.83 && set ip-gateway 93.189.28.81 && set ip-netmask 255.255.255.240 && set ip-dns 1.1.1.1 && set successful t && goto loop_done || iseq ${net${idx}/mac} d0:50:99:df:1d:49 && set ip-dev-name enp39s0 && set ip-addr 93.189.28.85 && set ip-gateway 93.189.28.81 && set ip-netmask 255.255.255.248 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
iseq ${net${idx}/mac} d0:50:99:df:1d:4a && set ip-dev-name enp38s0 && set ip-addr 93.189.28.83 && set ip-gateway 93.189.28.81 && set ip-netmask 255.255.255.240 && set ip-dns 1.1.1.1 && set successful t && goto loop_done || iseq ${net${idx}/mac} d0:50:99:df:1d:4a && set ip-dev-name enp38s0 && set ip-addr 93.189.28.85 && set ip-gateway 93.189.28.81 && set ip-netmask 255.255.255.248 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
# node2.surda.cloud
iseq ${net${idx}/mac} c8:1f:66:b9:0b:d6 && set ip-dev-name eno1 && set ip-addr 110.4.42.77 && set ip-gateway 110.4.42.1 && set ip-netmask 255.255.255.0 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
iseq ${net${idx}/mac} c8:1f:66:b9:0b:d7 && set ip-dev-name eno2 && set ip-addr 110.4.42.77 && set ip-gateway 110.4.42.1 && set ip-netmask 255.255.255.0 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
iseq ${net${idx}/mac} c8:1f:66:b9:0b:d8 && set ip-dev-name eno3 && set ip-addr 110.4.42.77 && set ip-gateway 110.4.42.1 && set ip-netmask 255.255.255.0 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
iseq ${net${idx}/mac} c8:1f:66:b9:0b:d9 && set ip-dev-name eno4 && set ip-addr 110.4.42.77 && set ip-gateway 110.4.42.1 && set ip-netmask 255.255.255.0 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
# node3.surda.cloud
iseq ${net${idx}/mac} b8:2a:72:d5:05:36 && set ip-dev-name eno1 && set ip-addr 101.99.86.54 && set ip-gateway 101.99.86.49 && set ip-netmask 255.255.255.240 && set ip-dns 8.8.8.8 && set successful t && goto loop_done ||
iseq ${net${idx}/mac} b8:2a:72:d5:05:37 && set ip-dev-name eno2 && set ip-addr 101.99.86.54 && set ip-gateway 101.99.86.49 && set ip-netmask 255.255.255.240 && set ip-dns 8.8.8.8 && set successful t && goto loop_done ||
iseq ${net${idx}/mac} b8:2a:72:d5:05:38 && set ip-dev-name eno3 && set ip-addr 101.99.86.54 && set ip-gateway 101.99.86.49 && set ip-netmask 255.255.255.240 && set ip-dns 8.8.8.8 && set successful t && goto loop_done ||
iseq ${net${idx}/mac} b8:2a:72:d5:05:39 && set ip-dev-name eno4 && set ip-addr 101.99.86.54 && set ip-gateway 101.99.86.49 && set ip-netmask 255.255.255.240 && set ip-dns 8.8.8.8 && set successful t && goto loop_done ||
# node3.sysdeploy.org
iseq ${net${idx}/mac} 00:25:90:a2:9f:e9 && set ip-dev-name eno2 && set ip-addr 104.251.122.45 && set ip-gateway 104.251.122.44 && set ip-netmask 255.255.255.254 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
# node4.sysdeploy.org
iseq ${net${idx}/mac} 0c:c4:7a:04:ca:60 && set ip-dev-name eno1 && set ip-addr 50.2.185.50 && set ip-gateway 50.2.185.49 && set ip-netmask 255.255.255.248 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
# node5.sysdeploy.org
iseq ${net${idx}/mac} d8:9d:67:72:09:50 && set ip-dev-name eno1 && set ip-addr 82.118.227.210 && set ip-gateway 82.118.227.209 && set ip-netmask 255.255.255.252 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
# node7.sysdeploy.org
iseq ${net${idx}/mac} 34:17:eb:ea:78:b0 && set ip-dev-name eno1 && set ip-addr 162.248.7.209 && set ip-gateway 162.248.7.1 && set ip-netmask 255.255.255.0 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
iseq ${net${idx}/mac} 34:17:eb:ea:78:b1 && set ip-dev-name eno2 && set ip-addr 162.248.7.209 && set ip-gateway 162.248.7.1 && set ip-netmask 255.255.255.0 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
# node8.sysdeploy.org
iseq ${net${idx}/mac} bc:30:5b:de:3a:9e && set ip-dev-name eno1 && set ip-addr 109.73.65.100 && set ip-gateway 109.73.65.1 && set ip-netmask 255.255.255.0 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
iseq ${net${idx}/mac} bc:30:5b:de:3a:9f && set ip-dev-name eno2 && set ip-addr 109.73.65.100 && set ip-gateway 109.73.65.1 && set ip-netmask 255.255.255.0 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
# node9.sysdeploy.org
iseq ${net${idx}/mac} 00:25:90:a9:73:76 && set ip-dev-name eno1 && set ip-addr 23.94.164.18 && set ip-gateway 23.94.164.17 && set ip-netmask 255.255.255.252 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
#iseq ${net${idx}/mac} 00:25:90:a9:73:77 && set ip-dev-name enp0s25 && set ip-addr 23.94.164.18 && set ip-gateway 23.94.164.17 && set ip-netmask 255.255.255.252 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
# backup.bitmessage.at
iseq ${net${idx}/mac} a8:a1:59:c7:21:8f && set ip-dev-name enp39s0 && set ip-addr 93.189.25.253 && set ip-gateway 93.189.25.249 && set ip-netmask 255.255.255.248 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
iseq ${net${idx}/mac} a8:a1:59:c7:21:90 && set ip-dev-name enp38s0 && set ip-addr 93.189.25.253 && set ip-gateway 93.189.25.249 && set ip-netmask 255.255.255.248 && set ip-dns 1.1.1.1 && set successful t && goto loop_done ||
# if you don't know the linux interface name, use "clear ip-dev-name", then # if you don't know the linux interface name, use "clear ip-dev-name", then
# it will use ALL interfaces # it will use ALL interfaces
@ -56,7 +89,9 @@ inc idx && goto loop
iseq ${successful} f && goto error_handler || iseq ${successful} f && goto error_handler ||
# If on the other hand we're successful, then we construct the kernel ip= line # If on the other hand we're successful, then we construct the kernel ip= line
set ip-info ${ip-addr}::${ip-gateway}:${ip-netmask}::${ip-dev-name}:off:${ip-dns} set ip-info ${ip-addr}::${ip-gateway}:${ip-netmask}::${ip-dev-name}:off:${ip-dns} && echo Static IP found
echo ip-info ${ip-info}
# And setup IPXE networking. # And setup IPXE networking.
@ -89,12 +124,38 @@ goto boot_all
################# #################
:try_next_card
imgfree
ifclose
sleep 1
# If dhcp, it will go to the static boot, which already has ifopen
iseq ip-info dhcp || ifopen
iseq ip-info dhcp || sleep 1
iseq ip-info dhcp && clear ip-info && goto try_static_from_dhcp_fail || goto try_next_static_card
:try_static_from_dhcp_fail
iseq arch-info arm64 && goto static_ip_boot_arm64 ||
iseq arch-info amd64 && goto static_ip_boot_amd64 ||
goto error_handler
:try_next_static_card
isset ip-dev-name && clear ip-dev-name
isset ip-addr && clear ip-addr
isset ip-gateway && clear ip-gateway
isset ip-netmask && clear ip-netmask
isset ip-dns && clear ip-dns
isset successful && clear successful
set successful f
isset idx && inc idx || goto error_handler
goto loop
# In case we want to... log?? Or do something else. # In case we want to... log?? Or do something else.
:error_handler :error_handler
echo "###########################################################" echo ###########################################################
echo "An unspecified error has occurred." echo An unspecified error has occurred.
echo "The system will sleep for two minutes and then reboot." echo The system will sleep for two minutes and then reboot.
echo "###########################################################" echo ###########################################################
sleep 60 sleep 60
sleep 60 sleep 60
reboot reboot
@ -103,7 +164,6 @@ sleep 5
exit exit
# Get relevant CPU arch. # Get relevant CPU arch.
:get_arch :get_arch
iseq ${buildarch} arm32 && goto start_arm32 || iseq ${buildarch} arm32 && goto start_arm32 ||
@ -112,7 +172,6 @@ iseq ${buildarch} i386 && goto start_i386 ||
iseq ${buildarch} x86_64 && goto start_amd64 || iseq ${buildarch} x86_64 && goto start_amd64 ||
goto error_handler goto error_handler
# Builds may be done on 32-bit, but machines will always be 64-bit. # Builds may be done on 32-bit, but machines will always be 64-bit.
# Keep this section just in case we want to use 32-bit machines in the future. # Keep this section just in case we want to use 32-bit machines in the future.
:start_arm32 :start_arm32
@ -151,18 +210,20 @@ goto static_ip_boot_setup
:boot_all :boot_all
# Get accurate time so we can set the clock in kernel boot cmdline
echo Syncing time over NTP
ntp pool.ntp.org || goto error_handler
# check for EFI
iseq ${platform} efi && goto is_efi || goto not_efi
# We use HTTP because IPXE's HTTPS implementation is lacking. So we delegate # We use HTTP because IPXE's HTTPS implementation is lacking. So we delegate
# integrity and validation to imgverify. # integrity and validation to imgverify.
# Naming the squashfs download "/squashfs" is required, otherwise the boot # Naming the squashfs download "/squashfs" is required, otherwise the boot
# kernel fails to load it in the "root=" part of the kernel cmdline. # kernel fails to load it in the "root=" part of the kernel cmdline.
# However, note that imgverify will fail if you refer to it as "/squashfs" # However, note that imgverify will fail if you refer to it as "/squashfs"
# instead of "squashfs". # instead of "squashfs".
imgfetch http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/squashfs /squashfs || goto error_handler
imgverify --signer images.sysdeploy.org squashfs http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/squashfs.sig || goto error_handler
# "--signer" validates against the subject common name field of the signing # "--signer" validates against the subject common name field of the signing
# certificate. That signing cert must have both the digital signature key # certificate. That signing cert must have both the digital signature key
# usage set and the code-signing key usage extension set. # usage set and the code-signing key usage extension set.
@ -171,25 +232,36 @@ imgverify --signer images.sysdeploy.org squashfs http://images.sysdeploy.org/${u
# make sure you pick a common name with a FQDN you control, even if you're # make sure you pick a common name with a FQDN you control, even if you're
# using a custom CA that you import during build. # using a custom CA that you import during build.
:is_efi
echo Attempting EFI boot
set initrd1 initrd=initrd.cpio
isset initrd2 && clear initrd2
initrd http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/boot-initrd || goto error_handler imgfetch http://images-sysdeploy.b-cdn.net/${ubuntu-variant}/${arch-info}/initrd.cpio || goto try_next_card
imgverify --signer images.sysdeploy.org boot-initrd http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/boot-initrd.sig || goto error_handler imgverify --signer images.sysdeploy.org initrd.cpio http://images-sysdeploy.b-cdn.net/${ubuntu-variant}/${arch-info}/initrd.cpio.sig || goto error_handler
kernel http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/boot-kernel || goto error_handler goto efi_and_not_efi
imgverify --signer images.sysdeploy.org boot-kernel http://images.sysdeploy.org/${ubuntu-variant}/${arch-info}/boot-kernel.sig || goto error_handler
:not_efi
echo Attempting legacy boot
set initrd1 initrd=boot-initrd
set initrd2 initrd=squashfs
# Get accurate time so we can set the clock in kernel boot cmdline imgfetch http://images-sysdeploy.b-cdn.net/${ubuntu-variant}/${arch-info}/squashfs /squashfs || goto try_next_card
ntp pool.ntp.org || goto error_handler imgverify --signer images.sysdeploy.org squashfs http://images-sysdeploy.b-cdn.net/${ubuntu-variant}/${arch-info}/squashfs.sig || goto error_handler
echo ip-info ${ip-info} initrd http://images-sysdeploy.b-cdn.net/${ubuntu-variant}/${arch-info}/boot-initrd || goto try_next_card
imgverify --signer images.sysdeploy.org boot-initrd http://images-sysdeploy.b-cdn.net/${ubuntu-variant}/${arch-info}/boot-initrd.sig || goto error_handler
:efi_and_not_efi
kernel http://images-sysdeploy.b-cdn.net/${ubuntu-variant}/${arch-info}/boot-kernel || goto try_next_card
imgverify --signer images.sysdeploy.org boot-kernel http://images-sysdeploy.b-cdn.net/${ubuntu-variant}/${arch-info}/boot-kernel.sig || goto error_handler
sleep 1 sleep 1
boot boot-kernel initrd=boot-initrd rootfstype=squashfs root=/squashfs ip=${ip-info} overlayroot=tmpfs:recurse=0 systemd.clock-usec=${unixtime:int32}000000 ds=nocloud-net;s=https://cloud-init.sysdeploy.org/ || goto error_handler boot boot-kernel ${initrd1} ${initrd2} rootfstype=squashfs root=/squashfs ip=${ip-info} overlayroot=tmpfs:recurse=0 systemd.clock-usec=${unixtime:int32}000000 ds=nocloud;s=https://cloud-init.sysdeploy.org/apiv2?uuid=${uuid}&filetype= || goto error_handler
# unixtime variable must be used with int32, because that's the only way it # unixtime variable must be used with int32, because that's the only way it
# will display as decimal digits. unit32 and string both display as hex. # will display as decimal digits. unit32 and string both display as hex.
# Therefore this will stop working in 2038. # Therefore this will stop working in 2038.