Difference between revisions of "Netboot"
From NixOS Wiki
m (Port 4011 is needed to successfully netboot UEFI systems -> https://github.com/danderson/netboot/blob/master/pixiecore/README.booting.md#step-15-pxe-ish) |
m (rollback unauthorized mass edits) Tag: Rollback |
||
(10 intermediate revisions by 4 users not shown) | |||
Line 2: | Line 2: | ||
=== Example === | === Example === | ||
− | This example uses [https://github.com/danderson/netboot/tree/ | + | This example uses [https://github.com/danderson/netboot/tree/main/pixiecore Pixiecore] for hosting, which works in an ordinary network environment with an existing DHCP server. |
− | <syntaxHighlight lang= | + | Create file <code>system.nix</code>: |
− | # | + | <syntaxHighlight lang=nix> |
+ | let | ||
+ | # NixOS 22.11 as of 2023-01-12 | ||
+ | nixpkgs = builtins.getFlake "github:nixos/nixpkgs/54644f409ab471e87014bb305eac8c50190bcf48"; | ||
− | + | sys = nixpkgs.lib.nixosSystem { | |
+ | system = "x86_64-linux"; | ||
+ | modules = [ | ||
+ | ({ config, pkgs, lib, modulesPath, ... }: { | ||
+ | imports = [ | ||
+ | (modulesPath + "/installer/netboot/netboot-minimal.nix") | ||
+ | ]; | ||
+ | config = { | ||
+ | ## Some useful options for setting up a new system | ||
+ | # services.getty.autologinUser = lib.mkForce "root"; | ||
+ | # users.users.root.openssh.authorizedKeys.keys = [ ... ]; | ||
+ | # console.keyMap = "de"; | ||
+ | # hardware.video.hidpi.enable = true; | ||
− | + | system.stateVersion = config.system.nixos.release; | |
− | + | }; | |
− | + | }) | |
− | + | ]; | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
}; | }; | ||
− | pkgs = | + | run-pixiecore = let |
+ | hostPkgs = if sys.pkgs.system == builtins.currentSystem | ||
+ | then sys.pkgs | ||
+ | else nixpkgs.legacyPackages.${builtins.currentSystem}; | ||
+ | build = sys.config.system.build; | ||
+ | in hostPkgs.writers.writeBash "run-pixiecore" '' | ||
+ | exec ${hostPkgs.pixiecore}/bin/pixiecore \ | ||
+ | boot ${build.kernel}/bzImage ${build.netbootRamdisk}/initrd \ | ||
+ | --cmdline "init=${build.toplevel}/init loglevel=4" \ | ||
+ | --debug --dhcp-no-bind \ | ||
+ | --port 64172 --status-port 64172 "$@" | ||
+ | ''; | ||
in | in | ||
− | + | run-pixiecore | |
− | + | </syntaxHighlight> | |
− | + | ||
− | + | Run pixiecore: | |
− | + | <syntaxHighlight lang=bash> | |
− | + | # Build pixiecore runner | |
− | + | nix build -f system.nix -o /tmp/run-pixiecore | |
− | |||
− | |||
− | |||
− | + | # Open required firewall ports | |
− | + | sudo iptables -w -I nixos-fw -p udp -m multiport --dports 67,69,4011 -j ACCEPT | |
+ | sudo iptables -w -I nixos-fw -p tcp -m tcp --dport 64172 -j ACCEPT | ||
− | + | # Run pixiecore | |
+ | sudo $(realpath /tmp/run-pixiecore) | ||
− | # | + | # Close ports |
− | + | sudo iptables -w -D nixos-fw -p udp -m multiport --dports 67,69,4011 -j ACCEPT | |
− | + | sudo iptables -w -D nixos-fw -p tcp -m tcp --dport 64172 -j ACCEPT | |
− | |||
− | sudo | ||
− | |||
− | |||
− | |||
</syntaxHighlight> | </syntaxHighlight> | ||
=== See also === | === See also === | ||
− | NixOS: [https://search.nixos.org/options?channel= | + | NixOS: [https://search.nixos.org/options?channel=23.11&from=0&size=30&sort=relevance&type=packages&query=services.pixiecore Pixiecore module]. |
NixOS manual: [https://nixos.org/nixos/manual/index.html#sec-booting-from-pxe PXE booting]. | NixOS manual: [https://nixos.org/nixos/manual/index.html#sec-booting-from-pxe PXE booting]. |
Latest revision as of 10:58, 6 April 2024
Building and serving a netboot image
Example
This example uses Pixiecore for hosting, which works in an ordinary network environment with an existing DHCP server.
Create file system.nix
:
let
# NixOS 22.11 as of 2023-01-12
nixpkgs = builtins.getFlake "github:nixos/nixpkgs/54644f409ab471e87014bb305eac8c50190bcf48";
sys = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
({ config, pkgs, lib, modulesPath, ... }: {
imports = [
(modulesPath + "/installer/netboot/netboot-minimal.nix")
];
config = {
## Some useful options for setting up a new system
# services.getty.autologinUser = lib.mkForce "root";
# users.users.root.openssh.authorizedKeys.keys = [ ... ];
# console.keyMap = "de";
# hardware.video.hidpi.enable = true;
system.stateVersion = config.system.nixos.release;
};
})
];
};
run-pixiecore = let
hostPkgs = if sys.pkgs.system == builtins.currentSystem
then sys.pkgs
else nixpkgs.legacyPackages.${builtins.currentSystem};
build = sys.config.system.build;
in hostPkgs.writers.writeBash "run-pixiecore" ''
exec ${hostPkgs.pixiecore}/bin/pixiecore \
boot ${build.kernel}/bzImage ${build.netbootRamdisk}/initrd \
--cmdline "init=${build.toplevel}/init loglevel=4" \
--debug --dhcp-no-bind \
--port 64172 --status-port 64172 "$@"
'';
in
run-pixiecore
Run pixiecore:
# Build pixiecore runner
nix build -f system.nix -o /tmp/run-pixiecore
# Open required firewall ports
sudo iptables -w -I nixos-fw -p udp -m multiport --dports 67,69,4011 -j ACCEPT
sudo iptables -w -I nixos-fw -p tcp -m tcp --dport 64172 -j ACCEPT
# Run pixiecore
sudo $(realpath /tmp/run-pixiecore)
# Close ports
sudo iptables -w -D nixos-fw -p udp -m multiport --dports 67,69,4011 -j ACCEPT
sudo iptables -w -D nixos-fw -p tcp -m tcp --dport 64172 -j ACCEPT
See also
NixOS: Pixiecore module.
NixOS manual: PXE booting.
netboot.xyz
There is now official netboot.xyz support. Just select NixOS from Linux installs and you should be ready to go.
Note: Your iPXE must be recent enough to support https:// links