{{tag>other}}

===== PXE =====

  * [[https://ipxe.org/docs#starting_ipxe]]
  * [[https://networkboot.org/fundamentals/]]
  * [[http://tdkare.ru/sysadmin/index.php/IPXE]]
  * [[http://tdkare.ru/sysadmin/index.php/Atftpd]]
  * [[https://qsetup.ru/mikrotik-pxe-boot-uefi/]]
  * [[https://wtware.ru/docs5/dhcp.html]]
  * [[http://wtware.ru/netman/netman1.html#dhcp]]
  * [[https://serverfault.com/questions/859934/ubuntu-16-04-nfs-kernel-server-wont-start]]
  * [[https://github.com/canonical/lxd/issues/2703]]
  * [[https://github.com/canonical/lxd/issues/3989]]
  * [[https://unix.stackexchange.com/questions/450308/how-to-allow-specific-proxmox-lxc-containers-to-mount-nfs-shares-on-the-network]]
  * [[https://forum.proxmox.com/threads/nfs-file-system-mount-problem-apparmor.31706/]]
  * [[https://infdots.blogspot.com/2019/01/nfs-lxc-proxmox-53.html]]
  * [[https://linuxcontainers.org/lxc/manpages/man5/lxc.container.conf.5.html]]
  * [[https://forum.proxmox.com/threads/is-it-possible-to-run-a-nfs-server-within-a-lxc.24403/]]
  * [[https://theorangeone.net/posts/mount-nfs-inside-lxc/]]
  * [[https://forum.proxmox.com/threads/lxc-security-nesting.44726/]]
  * [[https://virtualizeeverything.com/2022/06/14/nfs-server-in-proxmox-ct-lxc-container/]]
  * [[https://linuxhint.com/pxe_boot_ubuntu_server/]]
  * [[https://www.ipxe.org/cmd]]
  * [[https://support.kaspersky.ru/krd18/howto/15271#block2]]
  * [[https://forum.kaspersky.com/topic/rescue-disk-error-cannot-find-device-with-datakerneldat-2948/]]
  * [[https://linuxize.com/post/how-to-mount-an-nfs-share-in-linux/]]
  * [[https://ipxe.org/err/3c0920]]
  * [[https://kvashnik.blogspot.com/2019/08/kaspersky-rescue-disk-2018-ipxe.html]]
  * [[https://habr.com/ru/articles/140002/]]
  * [[https://forum.wtware.com/viewtopic.php?t=48362]]
  * [[https://habr.com/ru/articles/681142/]]
  * [[https://linuxguideandhints.com/el/pxeboot.html]]
  * [[https://wiki.debian.org/GRUB2?action=show&redirect=Grub2]]
  * [[https://gist.github.com/robinsmidsrod/2234639]]

----

atftpd в ubuntu 22.04 не принимает файлы (только на чтение), проблема в правах доступа у динамического пользователя, решения два, либо разбираться с правами этого пользователя [[https://0pointer.net/blog/dynamic-users-with-systemd.html]], либо убирать этого динамического пользователя ''# DynamicUser=yes'' из файла ''/lib/systemd/system/atftpd.service''

----

в непривилегированном контейнере nfs server не запустить, контейнер должен быть привилегированным и в настройках //например тут ''/etc/pve/lxc/128.conf''// должно быть: ''lxc.apparmor.profile: unconfined''

----

  nano /etc/ssh/sshd_config
    PermitRootLogin yes
  service ssh restart
  dpkg-reconfigure tzdata
  dpkg-reconfigure locales
  apt update && apt upgrade
  apt install build-essential liblzma-dev isolinux git tree atftp atftpd nfs-kernel-server
  mkdir -pv /pxeboot/{config,firmware,os-images}
  git clone https://github.com/ipxe/ipxe.git
  cd ipxe/src
  nano bootconfig.ipxe
    #!ipxe
    
    dhcp
    chain tftp://192.168.7.4/config/boot.ipxe
  make bin/ipxe.pxe bin/undionly.kpxe bin/undionly.kkpxe bin/undionly.kkkpxe bin-x86_64-efi/ipxe.efi EMBED=bootconfig.ipxe
  cp -v bin/{ipxe.pxe,undionly.kpxe,undionly.kkpxe,undionly.kkkpxe} bin-x86_64-efi/ipxe.efi /pxeboot/firmware/
  cd
  nano /lib/systemd/system/atftpd.service
    #DynamicUser=yes
  nano /etc/default/atftpd.pcre
    (\S*)\\(\S*)||(\S*)||(\S*) $1/$2/$3/$4
    (\S*)\\(\S*)\\(\S*)        $1/$2/$3
    (\S*)\\(\S*)               $1/$2
  nano /etc/default/atftpd
    ## Options for atftpd:
    OPTIONS="--port 69 --tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr 239.239.239.0-255 --mcast-ttl 1 --maxthread 100 --verbose=5 --pcre /etc/default/atftpd.pcre /pxeboot"
  systemctl daemon-reload
  systemctl is-enabled atftpd.service
  systemctl is-enabled atftpd.socket
  systemctl is-enabled nfs-server.service
  systemctl start nfs-server.service
  systemctl status nfs-server.service
  systemctl status atftpd.socket
  systemctl status atftpd.service
  nano /etc/exports
    /pxeboot           *(ro,sync,no_wdelay,insecure_locks,no_root_squash,insecure,no_subtree_check)
  exportfs -av
  chown -R root:root /pxeboot/
    #!ipxe
    
    set server_ip  192.168.7.4
    set root_path  /pxeboot
    
    menu Select an OS to boot
    item ubuntu-22.04.2-desktop-amd64           Install Ubuntu Desktop 22.04.2 LTS
    item Fedora-Workstation-Live-x86_64-38-1.6  Install Fedora Workstation Live 38-1.6
    item krd                                    Start Kaspersky Rescue Disk
    
    choose --default exit --timeout 10000 option && goto ${option}
    
    :ubuntu-22.04.2-desktop-amd64
    set os_root os-images/ubuntu-22.04.2-desktop-amd64
    kernel tftp://${server_ip}/${os_root}/casper/vmlinuz
    initrd tftp://${server_ip}/${os_root}/casper/initrd
    imgargs vmlinuz initrd=initrd boot=casper maybe-ubiquity netboot=nfs ip=dhcp nfsroot=${server_ip}:${root_path}/${os_root} quiet splash ---
    boot
    
    :Fedora-Workstation-Live-x86_64-38-1.6
    set os_root os-images/Fedora-Workstation-Live-x86_64-38-1.6
    kernel tftp://${server_ip}/${os_root}/images/pxeboot/vmlinuz
    initrd tftp://${server_ip}/${os_root}/images/pxeboot/initrd.img
    imgargs vmlinuz initrd=initrd.img ip=dhcp rd.live.image root=live:nfs://${server_ip}${root_path}/${os_root}/LiveOS/squashfs.img
    boot
    
    :krd
    set os_root os-images/krd
    cpuid --ext 29 && set arch _64 || set arch
    iseq ${platform} efi && iseq ${buildarch} x86_64 && set arch _64 ||
    iseq ${platform} efi && iseq ${buildarch} i386 && set arch ||
    #shell
    kernel tftp://${server_ip}/${os_root}/boot/grub/k-x86${arch}
    initrd tftp://${server_ip}/${os_root}/boot/grub/initrd.xz
    imgargs k-x86${arch} initrd=initrd.xz netboot=nfs://${server_ip}:${root_path}/${os_root} net.ifnames=0 lang=en dostartx
    boot