Netboot: Difference between revisions

From NixOS Wiki
← Older editNewer edit →
VisualWikitext
imported>Janik
m updated link of pixiecore to the current version
imported>Erikarvstedt
Improve example: Move script definition to system build. Fix old `nix build` syntax. Add firewall commands.
Line 4: Line 4:
This example uses [https://github.com/danderson/netboot/tree/master/pixiecore Pixiecore] for hosting, which works in an ordinary network environment with an existing DHCP server.
This example uses [https://github.com/danderson/netboot/tree/master/pixiecore Pixiecore] for hosting, which works in an ordinary network environment with an existing DHCP server.


<syntaxHighlight lang=bash>
Create file <code>system.nix</code>:
#!/usr/bin/env bash
<syntaxHighlight lang=nix>
let
  # NixOS 22.11 as of 2023-01-12
  nixpkgs = builtins.getFlake "github:nixos/nixpkgs/54644f409ab471e87014bb305eac8c50190bcf48";


set -euo pipefail
  sys = nixpkgs.lib.nixosSystem {
    system = "x86_64-linux";


nix-build --out-link /tmp/netboot - <<'EOF'
    modules = [
let
      pixiecoreNetboot
  bootSystem = import <nixpkgs/nixos> {
      ({ config, pkgs, lib, ... }: with lib; {
    # system = ...;
        config = {
          ## Some useful options for setting up a new system
          # services.getty.autologinUser = mkForce "root";
          # users.users.root.openssh.authorizedKeys.keys = [ ... ];
          # console.keyMap = "de";
          # hardware.video.hidpi.enable = true;


    configuration = { config, pkgs, lib, ... }: with lib; {
          system.stateVersion = config.system.nixos.release;
      imports = [
        };
          <nixpkgs/nixos/modules/installer/netboot/netboot-minimal.nix>
       })
      ];
     ];
      ## Some useful options for setting up a new system
      services.getty.autologinUser = mkForce "root";
       # users.users.root.openssh.authorizedKeys.keys = [ ... ];
      # console.keyMap = "de";
     };
   };
   };


   pkgs = import <nixpkgs> {};
   pixiecoreNetboot = { config, pkgs, lib, modulesPath, ... }: {
    imports = [
      (modulesPath + "/installer/netboot/netboot-minimal.nix")
    ];
 
    system.build.run-pixiecore = let
      build = config.system.build;
    in
      pkgs.writers.writeBash "run-pixiecore" ''
        exec ${lib.getExe pkgs.pixiecore} \
          boot ${build.kernel}/bzImage ${build.netbootRamdisk}/initrd \
          --cmdline "init=${build.toplevel}/init loglevel=4" \
          --debug --dhcp-no-bind \
          --port 64172 --status-port 64172 "$@"
      '';
  };
in
in
   pkgs.symlinkJoin {
   sys.config.system.build.run-pixiecore
    name = "netboot";
</syntaxHighlight>
    paths = with bootSystem.config.system.build; [
      netbootRamdisk
      kernel
      netbootIpxeScript
    ];
    preferLocalBuild = true;
  }
EOF


n=$(realpath /tmp/netboot)
Run pixiecore:
init=$(grep -ohP 'init=\S+' $n/netboot.ipxe)
<syntaxHighlight lang=bash>
# Build pixiecore runner
nix build -f system.nix -o /tmp/run-pixiecore


nix build -o /tmp/pixiecore nixpkgs.pixiecore
# Open required firewall ports
sudo iptables -I nixos-fw -p udp -m multiport --dports 67,69,4011 -j ACCEPT
sudo iptables -I nixos-fw -p tcp -m tcp --dport 64172 -j ACCEPT


# Start the PXE server.
# Run pixiecore
# These ports need to be open in your firewall:
sudo $(realpath /tmp/run-pixiecore)
# UDP: 67, 69, 4011
# TCP: 64172
sudo /tmp/pixiecore/bin/pixiecore \
  boot $n/bzImage $n/initrd \
  --cmdline "$init loglevel=4" \
  --debug --dhcp-no-bind --port 64172 --status-port 64172


# Close ports
sudo iptables -D nixos-fw -p udp -m multiport --dports 67,69,4011 -j ACCEPT
sudo iptables -D nixos-fw -p tcp -m tcp --dport 64172 -j ACCEPT
</syntaxHighlight>
</syntaxHighlight>


Revision as of 12:32, 12 January 2023

Building and serving a netboot image

Example

This example uses Pixiecore for hosting, which works in an ordinary network environment with an existing DHCP server.

Create file system.nix: 

let
  # NixOS 22.11 as of 2023-01-12
  nixpkgs = builtins.getFlake "github:nixos/nixpkgs/54644f409ab471e87014bb305eac8c50190bcf48";

  sys = nixpkgs.lib.nixosSystem {
    system = "x86_64-linux";

    modules = [
      pixiecoreNetboot
      ({ config, pkgs, lib, ... }: with lib; {
        config = {
          ## Some useful options for setting up a new system
          # services.getty.autologinUser = mkForce "root";
          # users.users.root.openssh.authorizedKeys.keys = [ ... ];
          # console.keyMap = "de";
          # hardware.video.hidpi.enable = true;

          system.stateVersion = config.system.nixos.release;
        };
      })
    ];
  };

  pixiecoreNetboot = { config, pkgs, lib, modulesPath, ... }: {
    imports = [
      (modulesPath + "/installer/netboot/netboot-minimal.nix")
    ];

    system.build.run-pixiecore = let
      build = config.system.build;
    in
      pkgs.writers.writeBash "run-pixiecore" ''
        exec ${lib.getExe pkgs.pixiecore} \
          boot ${build.kernel}/bzImage ${build.netbootRamdisk}/initrd \
          --cmdline "init=${build.toplevel}/init loglevel=4" \
          --debug --dhcp-no-bind \
          --port 64172 --status-port 64172 "$@"
       '';
  };
in
  sys.config.system.build.run-pixiecore

Run pixiecore: 

# Build pixiecore runner
nix build -f system.nix -o /tmp/run-pixiecore

# Open required firewall ports
sudo iptables -I nixos-fw -p udp -m multiport --dports 67,69,4011 -j ACCEPT
sudo iptables -I nixos-fw -p tcp -m tcp --dport 64172 -j ACCEPT

# Run pixiecore
sudo $(realpath /tmp/run-pixiecore)

# Close ports
sudo iptables -D nixos-fw -p udp -m multiport --dports 67,69,4011 -j ACCEPT
sudo iptables -D nixos-fw -p tcp -m tcp --dport 64172 -j ACCEPT

See also

NixOS: Pixiecore module.

NixOS manual: PXE booting.

netboot.xyz

There is now official netboot.xyz support. Just select NixOS from Linux installs and you should be ready to go.

Note: Your iPXE must be recent enough to support https:// links

Retrieved from "https://wiki.nixos.org/w/index.php?title=Netboot&oldid=6530"