Netboot: Difference between revisions

From NixOS Wiki
← Older editNewer edit →
VisualWikitext
imported>Erikarvstedt
Add section 'Building and serving a netboot image'
imported>Erikarvstedt
Use native pixiecore, remove Docker
Line 1: Line 1:
== Building and serving a netboot image ==
== Building and serving a netboot image ==
=== Prerequisites ===
 
Enable Docker on the host system: <code>virtualisation.docker.enable = true</code>
=== Example ===
=== Example ===
This example uses [https://github.com/danderson/netboot/tree/master/pixiecore pixicore] for hosting, which works in an ordinary network environment with an existing DHCP server.
This example uses [https://github.com/danderson/netboot/tree/master/pixiecore pixicore] for hosting, which works in an ordinary network environment with an existing DHCP server.


<syntaxHighlight lang=bash>
<syntaxHighlight lang=bash>
#!/usr/bin/env bash -e
#!/usr/bin/env bash
 
set -euo pipefail


nix-build --out-link /tmp/netboot - <<'EOF'
nix-build --out-link /tmp/netboot - <<'EOF'
let
let
   nixpkgs = <nixpkgs>;
   bootSystem = import <nixpkgs/nixos> {
  pkgs = import nixpkgs {};
    # system = ...;
 
    configuration = { config, pkgs, lib, ... }: with lib; {
      imports = [
          <nixpkgs/nixos/modules/installer/netboot/netboot-minimal.nix>
      ];
      ## Some useful options for setting up a new system
      services.mingetty.autologinUser = mkForce "root";
      # Enable sshd which gets disabled by netboot-minimal.nix
      systemd.services.sshd.wantedBy = mkOverride 0 [ "multi-user.target" ];
      # users.users.root.openssh.authorizedKeys.keys = [ ... ];
      # i18n.consoleKeyMap = "de";
    };


  configuration = { config, pkgs, lib, ... }: with lib; {
    imports = [
        "${nixpkgs}/nixos/modules/installer/netboot/netboot-minimal.nix"
    ];
    ## Some useful options for setting up a new system
    services.mingetty.autologinUser = mkForce "root";
    # Enable sshd which gets disabled by netboot-minimal.nix
    systemd.services.sshd.wantedBy = mkOverride 0 [ "multi-user.target" ];
    # users.users.root.openssh.authorizedKeys.keys = [ ... ];
    # i18n.consoleKeyMap = "de";
   };
   };


   nixos = import "${nixpkgs}/nixos" {
   pkgs = import <nixpkgs> {};
    inherit configuration;
    # system = ...;
  };
in
in
   pkgs.symlinkJoin {
   pkgs.symlinkJoin {
     name = "netboot";
     name = "netboot";
     paths = with nixos.config.system.build; [
     paths = with bootSystem.config.system.build; [
       netbootRamdisk
       netbootRamdisk
       kernel
       kernel
Line 43: Line 43:
n=$(realpath /tmp/netboot)
n=$(realpath /tmp/netboot)
init=$(grep -ohP 'init=\S+' $n/netboot.ipxe)
init=$(grep -ohP 'init=\S+' $n/netboot.ipxe)
# As of May 2020, pixiecore is only available on nixos-unstable
nix build -o /tmp/pixiecore -f channel:nixos-unstable pixiecore


# Start the PXE server.
# Start the PXE server.
Line 48: Line 51:
# UDP: 67, 69
# UDP: 67, 69
# TCP: 64172
# TCP: 64172
docker run --rm \
sudo /tmp/pixiecore/bin/pixiecore \
      -v /etc/ssl/certs:/etc/ssl/certs:ro \
  boot $n/bzImage $n/initrd \
      -v /nix/store:/nix/store:ro \
  --cmdline "$init loglevel=4" \
      --net=host \
  --debug --dhcp-no-bind --port 64172 --status-port 64172
      pixiecore/pixiecore:master \
 
      boot $n/bzImage $n/initrd \
      --cmdline "$init loglevel=4" \
      -d --dhcp-no-bind --port 64172 --status-port 64172
</syntaxHighlight>
</syntaxHighlight>


See the [https://nixos.org/nixos/manual/index.html#sec-booting-from-pxe official NixOS Manual] for more information about PXE booting.
See the for more information about PXE booting.
 
=== See also ===
NixOS manual: [https://nixos.org/nixos/manual/index.html#sec-booting-from-pxe PXE booting].


== Native netboot hosting with NixOS ==
NixOS unstable has a Pixiecore service module.
Pixiecore is still in the process of being [https://github.com/NixOS/nixpkgs/pull/62113 added  to NixOS]. Meanwhile, you can use the <code>netboot_server</code> module from [https://github.com/cleverca22/nixos-configs/blob/1d6a7de65c1b133f623fd4ce6619c56ef749ffa6/netboot_server.nix clever].


== netboot.xyz ==
== netboot.xyz ==

Revision as of 11:37, 15 May 2020

Building and serving a netboot image

Example

This example uses pixicore for hosting, which works in an ordinary network environment with an existing DHCP server. 

#!/usr/bin/env bash

set -euo pipefail

nix-build --out-link /tmp/netboot - <<'EOF'
let
  bootSystem = import <nixpkgs/nixos> {
    # system = ...;

    configuration = { config, pkgs, lib, ... }: with lib; {
      imports = [
          <nixpkgs/nixos/modules/installer/netboot/netboot-minimal.nix>
      ];
      ## Some useful options for setting up a new system
      services.mingetty.autologinUser = mkForce "root";
      # Enable sshd which gets disabled by netboot-minimal.nix
      systemd.services.sshd.wantedBy = mkOverride 0 [ "multi-user.target" ];
      # users.users.root.openssh.authorizedKeys.keys = [ ... ];
      # i18n.consoleKeyMap = "de";
    };

  };

  pkgs = import <nixpkgs> {};
in
  pkgs.symlinkJoin {
    name = "netboot";
    paths = with bootSystem.config.system.build; [
      netbootRamdisk
      kernel
      netbootIpxeScript
    ];
    preferLocalBuild = true;
  }
EOF

n=$(realpath /tmp/netboot)
init=$(grep -ohP 'init=\S+' $n/netboot.ipxe)

# As of May 2020, pixiecore is only available on nixos-unstable
nix build -o /tmp/pixiecore -f channel:nixos-unstable pixiecore

# Start the PXE server.
# These ports need to be open in your firewall:
# UDP: 67, 69
# TCP: 64172
sudo /tmp/pixiecore/bin/pixiecore \
  boot $n/bzImage $n/initrd \
  --cmdline "$init loglevel=4" \
  --debug --dhcp-no-bind --port 64172 --status-port 64172

See the for more information about PXE booting.

See also

NixOS manual: PXE booting.

NixOS unstable has a Pixiecore service module.

netboot.xyz

There is now official netboot.xyz support. Just select NixOS from Linux installs and you should be ready to go.

Note: Your iPXE must be recent enough to support https:// links

Retrieved from "https://wiki.nixos.org/w/index.php?title=Netboot&oldid=6520"