workbench-script/pxe/install-pxe.sh

#!/bin/sh

# Copyright (c) 2024 Pedro <copyright@cas.cat>
# SPDX-License-Identifier: AGPL-3.0-or-later

set -e
set -u
# DEBUG
set -x

detect_user() {
        userid="$(id -u)"
        # detect non root user without sudo
        if [ ! "${userid}" = 0 ] && id ${USER} | grep -qv sudo; then
                echo "ERROR: this script needs root or sudo permissions (current user is not part of sudo group)"
                exit 1
                # detect user with sudo or already on sudo src https://serverfault.com/questions/568627/can-a-program-tell-it-is-being-run-under-sudo/568628#568628
        elif [ ! "${userid}" = 0 ] || [ -n "${SUDO_USER}" ]; then
                SUDO='sudo'
                # jump to current dir where the script is so relative links work
                cd "$(dirname "${0}")"
                # working directory to build the iso
                ISO_PATH="iso"
                # detect pure root
        elif [ "${userid}" = 0 ]; then
                SUDO=''
                ISO_PATH="/opt/workbench"
        fi
}

install_dependencies() {
        ${SUDO} apt update
        ${SUDO} apt install -y wget dnsmasq nfs-kernel-server rsync syslinux
}

backup_file() {
        target="${1}"
        ts="$(date +'%Y-%m-%d_%H-%M-%S')"

        if [ -f "${target}" ]; then
                if ! grep -q 'we should do a backup' "${target}"; then
                        ${SUDO} cp -a "${target}" "${target}-bak_${ts}"
                fi
        fi
}

install_nfs() {
        # append live directory, which is expected by the debian live env
        ${SUDO} mkdir -p "${nfs_path}/live"
        ${SUDO} mkdir -p "${nfs_path}/snapshots"

        # debian live nfs path is readonly, do a trick
        #   to make snapshots subdir readwrite
        if ! grep -q "/snapshots" /proc/mounts; then
                ${SUDO} mkdir -p "/snapshots"
                ${SUDO} mount --bind "${nfs_path}/snapshots" "/snapshots"
        fi

        backup_file /etc/exports

        if [ "${DEBUG:-}" ]; then
                nfs_debug=' 127.0.0.1(rw,sync,no_subtree_check,no_root_squash,insecure)'
        fi

        ${SUDO} tee /etc/exports <<END
${script_header}
#   we assume that if you remove this line from the file, we should do a backup
${nfs_path} ${nfs_allowed_lan}(rw,sync,no_subtree_check,no_root_squash)${nfs_debug:-}
/snapshots ${nfs_allowed_lan}(rw,sync,no_subtree_check,no_root_squash)${nfs_debug:-}
END
        # reload nfs exports
        ${SUDO} exportfs -vra


        if [ ! -f "${nfs_path}/settings.ini" ]; then
                if [ -f "settings.ini" ]; then
                        ${SUDO} cp settings.ini "${nfs_path}/settings.ini"
                else
                        echo "ERROR: $(pwd)/settings.ini does not exist yet, cannot read config from there. You can take inspiration with file $(pwd)/settings.ini.example"
                        exit 1
                fi
        fi
}

install_tftp() {

        # from https://wiki.debian.org/PXEBootInstall#Simple_way_-_using_Dnsmasq
        ${SUDO} tee /etc/dnsmasq.d/pxe-tftp <<END
${script_header}
port=0
# info: https://wiki.archlinux.org/title/Dnsmasq#Proxy_DHCP
dhcp-range=${nfs_allowed_lan%/*},proxy
dhcp-boot=pxelinux.0
pxe-service=x86PC,"Network Boot",pxelinux
enable-tftp
tftp-root=${tftp_path}
END
}

install_netboot() {
        # if you want to refresh install, remove or move dir
        if [ ! -d "${tftp_path}" ] || [ "${FORCE:-}" ]; then
                ${SUDO} mkdir -p "${tftp_path}/pxelinux.cfg"
                if [ ! -f "${tftp_path}/netboot.tar.gz" ]; then
                        url="http://ftp.debian.org/debian/dists/${VERSION_CODENAME}/main/installer-amd64/current/images/netboot/netboot.tar.gz"
                        ${SUDO} wget -P "${tftp_path}" "${url}"
                        ${SUDO} tar xvf "${tftp_path}/netboot.tar.gz" -C "${tftp_path}"
                        ${SUDO} rm -rf "${tftp_path}/pxelinux.cfg"
                        ${SUDO} mkdir -p "${tftp_path}/pxelinux.cfg"
                fi

                ${SUDO} cp -fv "${PXE_DIR}/../iso/staging/live/vmlinuz" "${tftp_path}/"
                ${SUDO} cp -fv "${PXE_DIR}/../iso/staging/live/initrd" "${tftp_path}/"

                ${SUDO} cp /usr/lib/syslinux/memdisk "${tftp_path}/"
                ${SUDO} cp /usr/lib/syslinux/modules/bios/* "${tftp_path}/"
                envsubst < ./pxe-menu.cfg | ${SUDO} tee "${tftp_path}/pxelinux.cfg/default"
        fi

        ${SUDO} rsync -av "${PXE_DIR}/../iso/staging/live/filesystem.squashfs" "${nfs_path}/live/"
}

init_config() {

        # get where the script is
        cd "$(dirname "${0}")"

        # this is what we put in the files we modity
        script_header='# configuration done through workbench install-pxe script'

        PXE_DIR="$(pwd)"

        if [ -f ./.env ]; then
                . ./.env
        else
                echo "PXE: WARNING: $(pwd)/.env does not exist yet, cannot read config from there. You can take inspiration with file $(pwd)/.env.example"
        fi
        VERSION_CODENAME="${VERSION_CODENAME:-bookworm}"
        tftp_path="${tftp_path:-/srv/pxe-tftp}"
        # vars used in envsubst require to be exported:
        export server_ip="${server_ip}"
        export nfs_path="${nfs_path:-/srv/pxe-nfs}"
}

main() {
        detect_user
        init_config
        install_dependencies
        install_tftp
        install_nfs
        install_netboot
        echo "PXE: Installation finished"
}

main "${@}"

# written in emacs
# -*- mode: shell-script; -*-
PXE WIP 2024-09-24 13:51:14 +00:00			`#!/bin/sh`

			`# Copyright (c) 2024 Pedro <copyright@cas.cat>`
			`# SPDX-License-Identifier: AGPL-3.0-or-later`

			`set -e`
			`set -u`
			`# DEBUG`
			`set -x`

pxe: a lot of improvements 2024-09-27 20:27:12 +00:00			`detect_user() {`
			`userid="$(id -u)"`
			`# detect non root user without sudo`
			`if [ ! "${userid}" = 0 ] && id ${USER} \| grep -qv sudo; then`
			`echo "ERROR: this script needs root or sudo permissions (current user is not part of sudo group)"`
			`exit 1`
			`# detect user with sudo or already on sudo src https://serverfault.com/questions/568627/can-a-program-tell-it-is-being-run-under-sudo/568628#568628`
			`elif [ ! "${userid}" = 0 ] \|\| [ -n "${SUDO_USER}" ]; then`
			`SUDO='sudo'`
			`# jump to current dir where the script is so relative links work`
			`cd "$(dirname "${0}")"`
			`# working directory to build the iso`
			`ISO_PATH="iso"`
			`# detect pure root`
			`elif [ "${userid}" = 0 ]; then`
			`SUDO=''`
			`ISO_PATH="/opt/workbench"`
			`fi`
			`}`

PXE WIP 2024-09-24 13:51:14 +00:00			`install_dependencies() {`
pxe: a lot of improvements 2024-09-27 20:27:12 +00:00			`${SUDO} apt update`
			`${SUDO} apt install -y wget dnsmasq nfs-kernel-server rsync syslinux`
PXE WIP 2024-09-24 13:51:14 +00:00			`}`

			`backup_file() {`
			`target="${1}"`
			`ts="$(date +'%Y-%m-%d_%H-%M-%S')"`
pxe: a lot of improvements 2024-09-27 20:27:12 +00:00
PXE WIP 2024-09-24 13:51:14 +00:00			`if [ -f "${target}" ]; then`
pxe: a lot of improvements 2024-09-27 20:27:12 +00:00			`if ! grep -q 'we should do a backup' "${target}"; then`
			`${SUDO} cp -a "${target}" "${target}-bak_${ts}"`
			`fi`
PXE WIP 2024-09-24 13:51:14 +00:00			`fi`
			`}`

			`install_nfs() {`
pxe: a lot of improvements 2024-09-27 20:27:12 +00:00			`# append live directory, which is expected by the debian live env`
pxe: more sudo cmds to fix 2024-09-27 21:02:19 +00:00			`${SUDO} mkdir -p "${nfs_path}/live"`
			`${SUDO} mkdir -p "${nfs_path}/snapshots"`
pxe: do the trick for rw snapshots dir 2024-09-25 23:16:03 +00:00
			`# debian live nfs path is readonly, do a trick`
			`# to make snapshots subdir readwrite`
pxe: fix snapshot nfs logic 2024-09-26 12:00:36 +00:00			`if ! grep -q "/snapshots" /proc/mounts; then`
pxe: more sudo cmds to fix 2024-09-27 21:02:19 +00:00			`${SUDO} mkdir -p "/snapshots"`
			`${SUDO} mount --bind "${nfs_path}/snapshots" "/snapshots"`
pxe: do the trick for rw snapshots dir 2024-09-25 23:16:03 +00:00			`fi`

pxe: a lot of improvements 2024-09-27 20:27:12 +00:00			`backup_file /etc/exports`

			`if [ "${DEBUG:-}" ]; then`
			`nfs_debug=' 127.0.0.1(rw,sync,no_subtree_check,no_root_squash,insecure)'`
			`fi`

			`${SUDO} tee /etc/exports <<END`
			`${script_header}`
			`# we assume that if you remove this line from the file, we should do a backup`
			`${nfs_path} ${nfs_allowed_lan}(rw,sync,no_subtree_check,no_root_squash)${nfs_debug:-}`
			`/snapshots ${nfs_allowed_lan}(rw,sync,no_subtree_check,no_root_squash)${nfs_debug:-}`
PXE WIP 2024-09-24 13:51:14 +00:00			`END`
pxe: do the trick for rw snapshots dir 2024-09-25 23:16:03 +00:00			`# reload nfs exports`
pxe: a lot of improvements 2024-09-27 20:27:12 +00:00			`${SUDO} exportfs -vra`
pxe: do the trick for rw snapshots dir 2024-09-25 23:16:03 +00:00
pxe: prepare more the nfs part 2024-09-25 14:10:43 +00:00
change nfs persistency strategy it is easier than you thought 2024-09-25 14:52:46 +00:00			`if [ ! -f "${nfs_path}/settings.ini" ]; then`
			`if [ -f "settings.ini" ]; then`
pxe: more sudo cmds to fix 2024-09-27 21:02:19 +00:00			`${SUDO} cp settings.ini "${nfs_path}/settings.ini"`
pxe: prepare more the nfs part 2024-09-25 14:10:43 +00:00			`else`
pxe: more useful warning error 2024-09-25 16:47:43 +00:00			`echo "ERROR: $(pwd)/settings.ini does not exist yet, cannot read config from there. You can take inspiration with file $(pwd)/settings.ini.example"`
pxe: prepare more the nfs part 2024-09-25 14:10:43 +00:00			`exit 1`
			`fi`
			`fi`
PXE WIP 2024-09-24 13:51:14 +00:00			`}`

			`install_tftp() {`
add dnsmasq config 2024-09-24 15:14:24 +00:00
pxe: probably last details 2024-09-25 01:56:47 +00:00			`# from https://wiki.debian.org/PXEBootInstall#Simple_way_-_using_Dnsmasq`
pxe: a lot of improvements 2024-09-27 20:27:12 +00:00			`${SUDO} tee /etc/dnsmasq.d/pxe-tftp <<END`
			`${script_header}`
add dnsmasq config 2024-09-24 15:14:24 +00:00			`port=0`
pxe: add ref to dhcp proxy 2024-09-26 15:18:17 +00:00			`# info: https://wiki.archlinux.org/title/Dnsmasq#Proxy_DHCP`
add dnsmasq config 2024-09-24 15:14:24 +00:00			`dhcp-range=${nfs_allowed_lan%/*},proxy`
			`dhcp-boot=pxelinux.0`
			`pxe-service=x86PC,"Network Boot",pxelinux`
			`enable-tftp`
pxe: dnsmasq: fix tftp path 2024-09-24 15:36:23 +00:00			`tftp-root=${tftp_path}`
PXE WIP 2024-09-24 13:51:14 +00:00			`END`
			`}`

			`install_netboot() {`
			`# if you want to refresh install, remove or move dir`
pxe: bugfix FORCE env var 2024-09-25 12:39:41 +00:00			`if [ ! -d "${tftp_path}" ] \|\| [ "${FORCE:-}" ]; then`
pxe: more sudo cmds to fix 2024-09-27 21:02:19 +00:00			`${SUDO} mkdir -p "${tftp_path}/pxelinux.cfg"`
pxe: fix netboot conditional 2024-09-25 15:57:52 +00:00			`if [ ! -f "${tftp_path}/netboot.tar.gz" ]; then`
pxe: more sudo cmds to fix 2024-09-27 21:02:19 +00:00			`url="http://ftp.debian.org/debian/dists/${VERSION_CODENAME}/main/installer-amd64/current/images/netboot/netboot.tar.gz"`
			`${SUDO} wget -P "${tftp_path}" "${url}"`
			`${SUDO} tar xvf "${tftp_path}/netboot.tar.gz" -C "${tftp_path}"`
			`${SUDO} rm -rf "${tftp_path}/pxelinux.cfg"`
			`${SUDO} mkdir -p "${tftp_path}/pxelinux.cfg"`
pxe: recover netboot stuff yes, finally this is needed too 2024-09-25 15:55:37 +00:00			`fi`
pxe: simplify and avoid error 2024-09-25 16:45:54 +00:00
pxe: a lot of improvements 2024-09-27 20:27:12 +00:00			`${SUDO} cp -fv "${PXE_DIR}/../iso/staging/live/vmlinuz" "${tftp_path}/"`
			`${SUDO} cp -fv "${PXE_DIR}/../iso/staging/live/initrd" "${tftp_path}/"`
pxe: probably last details 2024-09-25 01:56:47 +00:00
pxe: a lot of improvements 2024-09-27 20:27:12 +00:00			`${SUDO} cp /usr/lib/syslinux/memdisk "${tftp_path}/"`
			`${SUDO} cp /usr/lib/syslinux/modules/bios/* "${tftp_path}/"`
pxe: allow personalization of boot menus 2024-09-27 21:02:37 +00:00			`envsubst < ./pxe-menu.cfg \| ${SUDO} tee "${tftp_path}/pxelinux.cfg/default"`
PXE WIP 2024-09-24 13:51:14 +00:00			`fi`
pxe: a lot of improvements 2024-09-27 20:27:12 +00:00
pxe: allow personalization of boot menus 2024-09-27 21:02:37 +00:00			`${SUDO} rsync -av "${PXE_DIR}/../iso/staging/live/filesystem.squashfs" "${nfs_path}/live/"`
PXE WIP 2024-09-24 13:51:14 +00:00			`}`

			`init_config() {`
pxe: a lot of improvements 2024-09-27 20:27:12 +00:00
pxe: facilitate run 2024-09-24 15:26:10 +00:00			`# get where the script is`
			`cd "$(dirname "${0}")"`
pxe: a lot of improvements 2024-09-27 20:27:12 +00:00
			`# this is what we put in the files we modity`
			`script_header='# configuration done through workbench install-pxe script'`

pxe: fix symlinks live 2024-09-25 15:41:49 +00:00			`PXE_DIR="$(pwd)"`
pxe: facilitate run 2024-09-24 15:26:10 +00:00
PXE WIP 2024-09-24 13:51:14 +00:00			`if [ -f ./.env ]; then`
bugfix env location 2024-09-24 13:57:01 +00:00			`. ./.env`
PXE WIP 2024-09-24 13:51:14 +00:00			`else`
pxe: more useful warning error 2024-09-25 16:47:43 +00:00			`echo "PXE: WARNING: $(pwd)/.env does not exist yet, cannot read config from there. You can take inspiration with file $(pwd)/.env.example"`
PXE WIP 2024-09-24 13:51:14 +00:00			`fi`
			`VERSION_CODENAME="${VERSION_CODENAME:-bookworm}"`
			`tftp_path="${tftp_path:-/srv/pxe-tftp}"`
pxe: allow personalization of boot menus 2024-09-27 21:02:37 +00:00			`# vars used in envsubst require to be exported:`
			`export server_ip="${server_ip}"`
			`export nfs_path="${nfs_path:-/srv/pxe-nfs}"`
PXE WIP 2024-09-24 13:51:14 +00:00			`}`

			`main() {`
pxe: a lot of improvements 2024-09-27 20:27:12 +00:00			`detect_user`
PXE WIP 2024-09-24 13:51:14 +00:00			`init_config`
			`install_dependencies`
			`install_tftp`
			`install_nfs`
pxe: simplify and avoid error 2024-09-25 16:45:54 +00:00			`install_netboot`
pxe: clarify when pxe is finished 2024-09-24 15:36:30 +00:00			`echo "PXE: Installation finished"`
PXE WIP 2024-09-24 13:51:14 +00:00			`}`

			`main "${@}"`

			`# written in emacs`
			`# -- mode: shell-script; --`