Permalink
Browse files

Initial sync from internal GIT repo to public one.

  • Loading branch information...
frzb committed Aug 7, 2018
1 parent 9c01a9d commit d717090c41f7a1cc502ffb2234e17599142710bb
@@ -0,0 +1,13 @@
FROM nginx:1.14.0-alpine

#TODO add syslinux/pxelinux files
RUN apk --no-cache add supervisor dnsmasq syslinux\
&& echo "conf-dir=/etc/dnsmasq.d" > /etc/dnsmasq.conf

RUN mkdir -p /var/lib/tftpboot/pxelinux.cfg /etc/dnsmasq.d /etc/supervisor /srv/plugins \
&& ln -vfs /usr/share/syslinux/lpxelinux.0 /var/lib/tftpboot/lpxelinux.0 \
&& ln -vfs /usr/share/syslinux/ldlinux.c32 /var/lib/tftpboot/ldlinux.c32 \
&& ln -vfs /usr/share/syslinux/efi64/syslinux.efi /var/lib/tftpboot/syslinux.efi \
&& ln -vfs /usr/share/syslinux/efi64/ldlinux.e64 /var/lib/tftpboot/ldlinux.e64

#CMD ["dnsmasq"]
@@ -0,0 +1,76 @@
![Logo of Coinboot](coinboot.png)

This repository contains everything to get a Docker container up and running with all services needed to get Coinboot up and running in your environment.

## Requierments

Docker

Docker Compose

## Preparations

### RootFS and Kernel

Put the Coinboot RootFS (`initramfs`) and Kernel (`vmlinuz`) into the directory `./tftpboot`.

### Plugins

You Coinboot plugins should be placed into the directory `./plugins`

### DHCP configuration

Put your own `dnsmasq` DHCP server configuration in `./conf/dnsmasq/` or edit the existing configuration file `./conf/dnsmasq/coinboot.conf`.

## Usage

Clone this repository one the host where you want to execute the Coinboot Docker container.

Just bring the Coinboot Docker container up with `docker-compose`.

```
$ docker-compose up -d
```

## Test and development environment

There is Vagrant environment for developing purposes.
It consists of two Vagrant machines: One with the the Coinboot Docker container and one acting as client, which boots over PXE.

To spin up the Vagrant machines execute:

```
$ vagrant up
```

## Pack your own Coinboot plugins

All you need to create your own plugins is:

* Boot the Coinboot base image

* Execute `$ create_plugin start`

* Do your changes to the system - e.g. install packages and edit configuration files.

* When your are done: Execute `$ create_plugin finish <name-of-your-plugin>`

* Place the created plugin archive into `./plugins` on the host where you run the Coinboot Docker container

Up on the next boot the changes your made in your plugin are ready to be used on your Coinboot machines!

Creation of plugins can also be scripted. Just do whatever you want to do between the lines `$ create_plugin start` and `$ create_plugin finish <name-of-your-plugin>`.

## License

GNU GPLv3

## Author

Gunter Miegel
gm@coinboot.io

## Contribution

Fork this repo. Use the test- and development enviroment provided.
Make a pull request to this repo.
@@ -0,0 +1,107 @@
require 'socket'

$coinboot_docker = <<SCRIPT
if ! docker info; then
curl -fsSL get.docker.com -o get-docker.sh
sudo sh get-docker.sh
sudo usermod -aG docker vagrant
fi
if ! docker-compose; then
sudo curl -L https://github.com/docker/compose/releases/download/1.21.2/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
fi
docker-compose -f /vagrant/docker-compose.yml up -d --build --force-recreate
# Configure forwading and NAT cause the DHCP server vagrant box acts currently
# also as gateway.
# Ignore the masquerading set up for Docker (destination 172.17.0.0/16).
if ! iptables -L -t nat | grep -q 'MASQUERADE all -- anywhere'; then
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
else
echo 'Masquerading iptables rule already set.'
fi
# FIXME: Using a default policy seems a little bit coarse.
sudo iptables -P FORWARD ACCEPT
SCRIPT

Vagrant.configure(2) do |config|
# Dynamically allign number of core of the VMs with the host
# to speed up things as much as possible.
config.vm.provider :virtualbox do |vb|
vb.customize ["modifyvm", :id, "--cpus", `#{RbConfig::CONFIG['host_os'] =~ /darwin/ ? 'sysctl -n hw.ncpu' : 'nproc'}`.chomp]
vb.customize ["modifyvm", :id, "--memory", 2048]
end

config.vm.define "client" do |machine|
# machine.vm.box = "bento/ubuntu-16.04"
# FIXME: Built own empty Vagrantbox
machine.vm.box = "c33s/empty"
machine.vm.hostname = "client"
machine.ssh.host = "192.168.1.23"
machine.ssh.port = 22
machine.ssh.password = "ubuntu"
machine.ssh.username = "ubuntu"
# Switch to rsync for syncing files to Vagrantbox caused by the initial
# lack of the Virtualbox guest extension.
# machine.vm.synced_folder "./plugins", "/vagrant", type: "rsync"
machine.vm.provider "virtualbox" do |vb|
# for loop instead of each loop.
# Because for does not create a new scope like each does.
# New scope is bad cause we need the variable
# vboxnet_pxe afterwards.
for addr_info in Socket.getifaddrs
if addr_info.addr.ipv4?
if addr_info.addr.ip_address.eql? "192.168.1.1"
vboxnet_pxe = addr_info.name
puts "Internal network for TFTP/PXE: #{vboxnet_pxe}"
end
end
end
vb.customize ["modifyvm", :id,
"--nic1", "hostonly",
"--hostonlyadapter1", vboxnet_pxe,
"--macaddress1", "080027C1447D",
"--boot1", "net"]
# Set up serial port
# name = /dev/ttyS0
# IO address = 0x3F8
# Interupt Request (IRQ) = 4
# Use with: socat -d -d /tmp/serial_port_client PTY
vb.customize ["modifyvm", :id, "--uart1", "0x3f8", "4"]
vb.customize ["modifyvm", :id, "--uartmode1", "server", "/tmp/serial_port_client"]
vb.customize ["modifyvm", :id, "--memory", "2048"]
end
end

config.vm.define "coinboot-server" do |machine|
machine.vm.box = "bento/ubuntu-16.04"
machine.vm.provision "shell", inline: $coinboot_docker
interfaces = []

Socket.getifaddrs.each do |addr_info|
interfaces.push(addr_info.name)
end

# FIXME: We need to detect if an interface is not only present
# but also if it is in the state "UP" to avoid false positives.
if interfaces.uniq.include?('eth1')
machine.vm.network "public_network", ip: "192.168.1.2",
bridge: ['eth1']
elsif interfaces.uniq.include?('enx00e04c680379')
machine.vm.network "public_network", ip: "192.168.1.2",
bridge: ['enx00e04c680379']
else
machine.vm.network "private_network", ip: "192.168.1.2"
end
# Using '82540EM' provides 1GBit/s interface not just the default
# 100MBit/s one.
machine.vm.provider "virtualbox" do |vb|
vb.customize ['modifyvm', :id, '--nictype2', '82540EM']
end
end
end
BIN +2.59 KB coinboot.png
Binary file not shown.
@@ -0,0 +1,21 @@
log-facility=/var/log/dnsmasq.log
# Disable DNS function completely
port=0
bind-dynamic
# Match for the architecture of a netboot client. PXE clients are
# supposed to send their architecture as option 93. (See RFC 4578)
dhcp-match=BIOS, option:client-arch, 0
dhcp-match=EFI64, option:client-arch, 7
# Load different PXE NBPs depending on client architecture.
# bases on tags for "BIOS" or "EFI64" detected by the dhcp-match above.
# lpxelinux.0 comes with support for HTTP.
dhcp-boot=tag:BIOS,lpxelinux.0
dhcp-boot=tag:EFI64,syslinux.efi
dhcp-range=192.168.1.10,192.168.1.100,6h
# Use strict order of leases to make IPs handed out
# more predictable.
dhcp-sequential-ip
# DNS-server reported by DHCP
dhcp-option=6,8.8.8.8
enable-tftp
tftp-root=/var/lib/tftpboot
@@ -0,0 +1,14 @@
server {
listen 80 default_server;
root /var/lib/tftpboot;
index index.html index.htm;
autoindex on;
server_name _;

location /plugins {
root /srv/;
index index.html index.htm;
autoindex on;
autoindex_format json;
}
}
@@ -0,0 +1,7 @@
DEFAULT PXE_HTTP

LABEL PXE_HTTP
SAY Now booting ...
LINUX http://192.168.1.2/vmlinuz
APPEND initrd=http://192.168.1.2:/initramfs console=tty0 console=ttyS0,115200n8 net.ifnames=0 biosdevname=0
EOF
@@ -0,0 +1,20 @@
[supervisord]
nodaemon=true

[program:dnsmasq]
command=/usr/sbin/dnsmasq --no-daemon
stdout_logfile=/var/log//%(program_name)s.log
stderr_logfile=/var/log//%(program_name)s.err
username=root
autostart=true
autorestart=true

[program:nginx]
command=/usr/sbin/nginx -g "daemon off;"
priority=900
stdout_logfile= /dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
username=www-data
autorestart=true
@@ -0,0 +1,22 @@
version: '3'

services:
coinboot:
container_name: coinboot
build: ./
volumes:
- ./conf/dnsmasq:/etc/dnsmasq.d
- ./conf/nginx:/etc/nginx/conf.d
- ./conf/supervisord:/etc/supervisor
- ./conf/pxelinux/:/var/lib/tftpboot/pxelinux.cfg
- ./tftpboot:/var/lib/tftpboot
- ./plugins:/srv/plugins
command: /usr/bin/supervisord -c /etc/supervisor/coinboot.ini
ports:
- 67:67/udp
- 67:67/tcp
- 80:80
cap_add:
- NET_ADMIN
- NET_BROADCAST
network_mode: "host"

0 comments on commit d717090

Please sign in to comment.