• https://ipxe.org/docs#starting_ipxe
• https://networkboot.org/fundamentals/
• http://tdkare.ru/sysadmin/index.php/IPXE
• http://tdkare.ru/sysadmin/index.php/Atftpd
• https://qsetup.ru/mikrotik-pxe-boot-uefi/
• https://wtware.ru/docs5/dhcp.html
• http://wtware.ru/netman/netman1.html#dhcp
• https://serverfault.com/questions/859934/ubuntu-16-04-nfs-kernel-server-wont-start
• https://github.com/canonical/lxd/issues/2703
• https://github.com/canonical/lxd/issues/3989
• https://unix.stackexchange.com/questions/450308/how-to-allow-specific-proxmox-lxc-containers-to-mount-nfs-shares-on-the-network
• https://forum.proxmox.com/threads/nfs-file-system-mount-problem-apparmor.31706/
• https://infdots.blogspot.com/2019/01/nfs-lxc-proxmox-53.html
• https://linuxcontainers.org/lxc/manpages/man5/lxc.container.conf.5.html
• https://forum.proxmox.com/threads/is-it-possible-to-run-a-nfs-server-within-a-lxc.24403/
• https://theorangeone.net/posts/mount-nfs-inside-lxc/
• https://forum.proxmox.com/threads/lxc-security-nesting.44726/
• https://virtualizeeverything.com/2022/06/14/nfs-server-in-proxmox-ct-lxc-container/
• https://linuxhint.com/pxe_boot_ubuntu_server/
• https://www.ipxe.org/cmd
• https://support.kaspersky.ru/krd18/howto/15271#block2
• https://forum.kaspersky.com/topic/rescue-disk-error-cannot-find-device-with-datakerneldat-2948/
• https://linuxize.com/post/how-to-mount-an-nfs-share-in-linux/
• https://ipxe.org/err/3c0920
• https://kvashnik.blogspot.com/2019/08/kaspersky-rescue-disk-2018-ipxe.html
• https://habr.com/ru/articles/140002/
• https://forum.wtware.com/viewtopic.php?t=48362
• https://habr.com/ru/articles/681142/
• https://linuxguideandhints.com/el/pxeboot.html
• https://wiki.debian.org/GRUB2?action=show&redirect=Grub2
• https://gist.github.com/robinsmidsrod/2234639

---

atftpd в ubuntu 22.04 не принимает файлы (только на чтение), проблема в правах доступа у динамического пользователя, решения два, либо разбираться с правами этого пользователя https://0pointer.net/blog/dynamic-users-with-systemd.html, либо убирать этого динамического пользователя # DynamicUser=yes из файла /lib/systemd/system/atftpd.service

---

в непривилегированном контейнере nfs server не запустить, контейнер должен быть привилегированным и в настройках например тут /etc/pve/lxc/128.conf должно быть: lxc.apparmor.profile: unconfined

---

nano /etc/ssh/sshd_config
  PermitRootLogin yes
service ssh restart
dpkg-reconfigure tzdata
dpkg-reconfigure locales
apt update && apt upgrade
apt install build-essential liblzma-dev isolinux git tree atftp atftpd nfs-kernel-server
mkdir -pv /pxeboot/{config,firmware,os-images}
git clone https://github.com/ipxe/ipxe.git
cd ipxe/src
nano bootconfig.ipxe
  #!ipxe
  
  dhcp
  chain tftp://192.168.7.4/config/boot.ipxe
make bin/ipxe.pxe bin/undionly.kpxe bin/undionly.kkpxe bin/undionly.kkkpxe bin-x86_64-efi/ipxe.efi EMBED=bootconfig.ipxe
cp -v bin/{ipxe.pxe,undionly.kpxe,undionly.kkpxe,undionly.kkkpxe} bin-x86_64-efi/ipxe.efi /pxeboot/firmware/
cd
nano /lib/systemd/system/atftpd.service
  #DynamicUser=yes
nano /etc/default/atftpd.pcre
  (\S*)\\(\S*)||(\S*)||(\S*) $1/$2/$3/$4
  (\S*)\\(\S*)\\(\S*)        $1/$2/$3
  (\S*)\\(\S*)               $1/$2
nano /etc/default/atftpd
  ## Options for atftpd:
  OPTIONS="--port 69 --tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr 239.239.239.0-255 --mcast-ttl 1 --maxthread 100 --verbose=5 --pcre /etc/default/atftpd.pcre /pxeboot"
systemctl daemon-reload
systemctl is-enabled atftpd.service
systemctl is-enabled atftpd.socket
systemctl is-enabled nfs-server.service
systemctl start nfs-server.service
systemctl status nfs-server.service
systemctl status atftpd.socket
systemctl status atftpd.service
nano /etc/exports
  /pxeboot           *(ro,sync,no_wdelay,insecure_locks,no_root_squash,insecure,no_subtree_check)
exportfs -av
chown -R root:root /pxeboot/
  #!ipxe
  
  set server_ip  192.168.7.4
  set root_path  /pxeboot
  
  menu Select an OS to boot
  item ubuntu-22.04.2-desktop-amd64           Install Ubuntu Desktop 22.04.2 LTS
  item Fedora-Workstation-Live-x86_64-38-1.6  Install Fedora Workstation Live 38-1.6
  item krd                                    Start Kaspersky Rescue Disk
  
  choose --default exit --timeout 10000 option && goto ${option}
  
  :ubuntu-22.04.2-desktop-amd64
  set os_root os-images/ubuntu-22.04.2-desktop-amd64
  kernel tftp://${server_ip}/${os_root}/casper/vmlinuz
  initrd tftp://${server_ip}/${os_root}/casper/initrd
  imgargs vmlinuz initrd=initrd boot=casper maybe-ubiquity netboot=nfs ip=dhcp nfsroot=${server_ip}:${root_path}/${os_root} quiet splash ---
  boot
  
  :Fedora-Workstation-Live-x86_64-38-1.6
  set os_root os-images/Fedora-Workstation-Live-x86_64-38-1.6
  kernel tftp://${server_ip}/${os_root}/images/pxeboot/vmlinuz
  initrd tftp://${server_ip}/${os_root}/images/pxeboot/initrd.img
  imgargs vmlinuz initrd=initrd.img ip=dhcp rd.live.image root=live:nfs://${server_ip}${root_path}/${os_root}/LiveOS/squashfs.img
  boot
  
  :krd
  set os_root os-images/krd
  cpuid --ext 29 && set arch _64 || set arch
  iseq ${platform} efi && iseq ${buildarch} x86_64 && set arch _64 ||
  iseq ${platform} efi && iseq ${buildarch} i386 && set arch ||
  #shell
  kernel tftp://${server_ip}/${os_root}/boot/grub/k-x86${arch}
  initrd tftp://${server_ip}/${os_root}/boot/grub/initrd.xz
  imgargs k-x86${arch} initrd=initrd.xz netboot=nfs://${server_ip}:${root_path}/${os_root} net.ifnames=0 lang=en dostartx
  boot