From e47b84e50275234235d2d70eebe484443e86bfb3 Mon Sep 17 00:00:00 2001 From: Jannik Schönartz Date: Sun, 13 Jan 2019 14:42:23 +0000 Subject: [server] Add ipxe efi support. Grep hw drive info Grep drive info and upload it to idoit Add EFI / BIOS configs for building ipxe Add function to build efi ipxe version Add default.ipxe script --- server/ipxe/bash_scripts/grepSystemInfo.sh | 112 ++++++++++++++++ server/ipxe/bash_scripts/tpm.sh | 13 ++ server/ipxe/console.h | 69 ---------- server/ipxe/console_bios.h | 69 ++++++++++ server/ipxe/console_efi.h | 69 ++++++++++ server/ipxe/default.ipxe | 21 +++ server/ipxe/general.h | 205 ----------------------------- server/ipxe/general_bios.h | 205 +++++++++++++++++++++++++++++ server/ipxe/general_efi.h | 205 +++++++++++++++++++++++++++++ server/ipxe/grepSystemInfo.sh | 67 ---------- 10 files changed, 694 insertions(+), 341 deletions(-) create mode 100644 server/ipxe/bash_scripts/grepSystemInfo.sh create mode 100644 server/ipxe/bash_scripts/tpm.sh delete mode 100644 server/ipxe/console.h create mode 100644 server/ipxe/console_bios.h create mode 100644 server/ipxe/console_efi.h create mode 100644 server/ipxe/default.ipxe delete mode 100644 server/ipxe/general.h create mode 100644 server/ipxe/general_bios.h create mode 100644 server/ipxe/general_efi.h delete mode 100644 server/ipxe/grepSystemInfo.sh (limited to 'server/ipxe') diff --git a/server/ipxe/bash_scripts/grepSystemInfo.sh b/server/ipxe/bash_scripts/grepSystemInfo.sh new file mode 100644 index 0000000..4ce42ab --- /dev/null +++ b/server/ipxe/bash_scripts/grepSystemInfo.sh @@ -0,0 +1,112 @@ +#!/bin/bash +. /lib/dracut-lib.sh +# http://git.openslx.org/openslx-ng/mltk.git/tree/core/modules/hardware-stats/data/opt/openslx/scripts/systemd-hardware_stats +# dmidecode | grep -i UUID + +# MAC +# MAC=$(ip addr show | grep -Eo -m 1 'ether\s.*\sbrd') +# MAC=${MAC#"ether "} +# MAC=${MAC%" brd"} + +# UUID +UUID=$(dmidecode -q -s system-uuid | grep -v '^#' | head -n 1 | tr '[a-z]' '[A-Z]') + +# System +MANUFACTURER=$(dmidecode -q -s system-manufacturer) +MODEL=$(dmidecode -q -s system-product-name) +SERIAL=$(dmidecode -q -s system-serial-number) +VENDOR=$(dmidecode | grep -Eo '(Vendor).*') +VENDOR=${VENDOR#"Vendor: "} + +# Mainboard +MAINBOARD_MANUFACTURER=$(dmidecode -q -s baseboard-manufacturer) +MAINBOARD_MODEL=$(dmidecode -q -s baseboard-product-name) +MAINBOARD_SERIAL_NUMBER=$(dmidecode -q -s baseboard-serial-number) + +# CPU +CPU_MODEL=$(dmidecode -q -s processor-version) +# CPUMODEL=$(grep -m1 '^model name\s*:' /proc/cpuinfo | sed 's/^model name\s*:\s*//;s/\s\s*/ /g;s/^ //;s/ $//') +CPU_MANUFACTURER=$(dmidecode -q -s processor-manufacturer) +CPU_TYPE=$(dmidecode -q -s processor-family) +CPU_CORES=$(cat /sys/devices/system/cpu/cpu*/topology/thread_siblings_list | sort -u | wc -l) +CPU_FREQUENCY=$(dmidecode -q -s processor-frequency) +CPU_FREQUENCY=${CPU_FREQUENCY%" MHz"} + +# RAM +# RAM=$(grep -m1 '^MemTotal:' /proc/meminfo | awk '{print $2}') +# RAM=$(( $RAM / 1024 )) +# if [ -z "$RAM" ] || [ "$RAM" -lt 500 ]; then +# # Fallback to dmidecode +# RAM=0 +# for c in $(dmidecode -t 17 | grep -o 'Size:.*MB$' | awk '{print $2}'); do +# RAM=$(( $RAM + $c )) +# done +# fi + +# RAM_SIZE=$(dmidecode -t 17 | grep -o 'Size:.*[MG]B$') +RAM_SIZE=$(dmidecode -t 17 | grep -o 'Size:.*') +RAM_MANUFACTURER=$(dmidecode -t 17 | grep -o 'Manufacturer:.*') +RAM_TYPE=$(dmidecode -t 17 | grep -o 'Type:.*') +RAM_ISECC=$(dmidecode -t 16 | grep -o 'Error Correction Type:.*') +RAM_FORMFACTOR=$(dmidecode -t 17 | grep -o 'Form Factor:.*') + +# HDD / SSD +# hd parm or smartctl from smartmontools +drives=$(ls /dev/sd* | grep -o '/dev/sd.$') + +DRIVES=() +for drive in $drives; do + # drivedata=$(sudo smartctl -i $drive) + # drivedata1=$(sudo hdparm -I $drive) + drivedata=$(mktemp) + smartctl -i $drive >> $drivedata + DRIVE=() + + # Model + #echo $(sudo smartctl -i $drive | grep -o "Device Model: .*") + #echo $(sudo hdparm -I $drive | grep -o "Model Number: .*") + DRIVE_MODEL=$(cat $drivedata | grep -o "Device Model: .*") + DRIVE+=($DRIVE_MODEL) + DRIVE+=('%ATTRIBUTE_SPLITTER%') + + # Serial + #echo $(sudo smartctl -i $drive | grep -o "Serial Number: .*") + #echo $(sudo hdparm -I $drive | grep -o "Serial Number: .*") + DRIVE_SERIAL=$(cat $drivedata | grep -o "Serial Number: .*") + DRIVE+=($DRIVE_SERIAL) + DRIVE+=('%ATTRIBUTE_SPLITTER%') + + # Capacity + #echo $(sudo smartctl -i $drive | grep -o "User Capacity: .*") + #echo $(sudo hdparm -I $drive | grep -o "device size with M = 1000\*1000: .*") + DRIVE_CAPACITY=$(cat $drivedata | grep -o "User Capacity: .*" | grep -Pzo '(?<=\[)(.*?)(?=\])') + DRIVE+=($DRIVE_CAPACITY) + DRIVE+=('%ATTRIBUTE_SPLITTER%') + + # Type + #echo $(sudo smartctl -i $drive | grep -o "Rotation Rate: .*") + #echo $(sudo hdparm -Ibash $drive | grep -o "Nominal Media Rotation Rate: .*") + DRIVE_TYPE=$(cat $drivedata | grep -o "Rotation Rate: .*") + DRIVE+=($DRIVE_TYPE) + DRIVE+=('%ATTRIBUTE_SPLITTER%') + + # Form Factor + #echo $(sudo smartctl -i $drive | grep -o "Form Factor: .*") + #echo $(sudo hdparm -I $drive | grep -o "Form Factor: .*") + DRIVE_FORMFACTOR=$(cat $drivedata | grep -o "Form Factor: .*") + DRIVE+=($DRIVE_FORMFACTOR) + DRIVE+=('%ATTRIBUTE_SPLITTER%') + + # Connection + #echo $(sudo smartctl -i $drive | grep -o "SATA Version is: .*") + #echo $(sudo hdparm -I $drive | grep -o "signaling speed .*") + DRIVE_CONNECTION=$(cat $drivedata | grep -o "SATA Version is: .*") + DRIVE+=($DRIVE_CONNECTION) + + DRIVES+=(${DRIVE[*]}) + DRIVES+=("%OBJECT_SPLITTER%") +done + +# Curl +#curl --data "state=6" --insecure https://bas.stfu-kthx.net:8888/api/registrations/$UUID/state +curl -d "name=Client_$UUID&sys_manufacturer=$MANUFACTURER&sys_model=$MODEL&sys_serial=$SERIAL&cpu_model=$CPU_MODEL&cpu_manufacturer=$CPU_MANUFACTURER&cpu_type=$CPU_TYPE&cpu_cores=$CPU_CORES&cpu_frequency=$CPU_FREQUENCY&ram_size=$RAM_SIZE&ram_manufacturer=$RAM_MANUFACTURER&ram_type=$RAM_TYPE&ram_isecc=$RAM_ISECC&ram_formfactor=$RAM_FORMFACTOR&drives=${DRIVES[*]}" -H "Content-Type: application/x-www-form-urlencoded" -X POST --insecure https://bas.intra.uni-freiburg.de/api/registration/$UUID/update diff --git a/server/ipxe/bash_scripts/tpm.sh b/server/ipxe/bash_scripts/tpm.sh new file mode 100644 index 0000000..2b01287 --- /dev/null +++ b/server/ipxe/bash_scripts/tpm.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +# Check if the pc has tpm enabled +if [ -d "/dev/tpm0" ]; then + export TPM_INTERFACE_TYPE=dev + export TPM_DEVICE=/dev/tpm0 + mkdir /run/tpm/ + openssl genrsa -out /run/tpm/$UUID-ssl-private.pem 2048 + openssl rsa -in /run/tpm/$UUID-ssl-private.pem -out /run/tpm/$UUID-ssl-public.pem -outform PEM -pubout + create_tpm2_key -w /run/tpm/$UUID-ssl-private.pem -p 81000001 /run/tpm/$UUID-tpm-private.key + + curl -X PUT -F "tpm=@/run/tpm/$UUID-tpm-private.key" -F "openssl=@/run/tpm/$UUID-ssl-private.pem" --insecure https://$BAS/api/registration/$UUID/files +fi diff --git a/server/ipxe/console.h b/server/ipxe/console.h deleted file mode 100644 index bfc00d7..0000000 --- a/server/ipxe/console.h +++ /dev/null @@ -1,69 +0,0 @@ -#ifndef CONFIG_CONSOLE_H -#define CONFIG_CONSOLE_H - -/** @file - * - * Console configuration - * - * These options specify the console types that iPXE will use for - * interaction with the user. - * - */ - -FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); - -#include - -/* - * Default console types - * - * These are all enabled by default for the appropriate platforms. - * You may disable them if needed. - * - */ - -//#undef CONSOLE_PCBIOS /* Default BIOS console */ -//#undef CONSOLE_EFI /* Default EFI console */ -//#undef CONSOLE_LINUX /* Default Linux console */ - -/* - * Additional console types - * - * These are not enabled by default, but may be useful in your - * environment. - * - */ - -//#define CONSOLE_SERIAL /* Serial port console */ -#define CONSOLE_FRAMEBUFFER /* Graphical framebuffer console */ -//#define CONSOLE_SYSLOG /* Syslog console */ -//#define CONSOLE_SYSLOGS /* Encrypted syslog console */ -//#define CONSOLE_VMWARE /* VMware logfile console */ -//#define CONSOLE_DEBUGCON /* Bochs/QEMU/KVM debug port console */ -//#define CONSOLE_INT13 /* INT13 disk log console */ - -/* - * Very obscure console types - * - * You almost certainly do not need to enable these. - * - */ - -//#define CONSOLE_DIRECT_VGA /* Direct access to VGA card */ -//#define CONSOLE_PC_KBD /* Direct access to PC keyboard */ - -/* Keyboard map (available maps in hci/keymap/) */ -#define KEYBOARD_MAP us - -/* Control which syslog() messages are generated. - * - * Note that this is not related in any way to CONSOLE_SYSLOG. - */ -#define LOG_LEVEL LOG_NONE - -#include -#include NAMED_CONFIG(console.h) -#include -#include LOCAL_NAMED_CONFIG(console.h) - -#endif /* CONFIG_CONSOLE_H */ diff --git a/server/ipxe/console_bios.h b/server/ipxe/console_bios.h new file mode 100644 index 0000000..bfc00d7 --- /dev/null +++ b/server/ipxe/console_bios.h @@ -0,0 +1,69 @@ +#ifndef CONFIG_CONSOLE_H +#define CONFIG_CONSOLE_H + +/** @file + * + * Console configuration + * + * These options specify the console types that iPXE will use for + * interaction with the user. + * + */ + +FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); + +#include + +/* + * Default console types + * + * These are all enabled by default for the appropriate platforms. + * You may disable them if needed. + * + */ + +//#undef CONSOLE_PCBIOS /* Default BIOS console */ +//#undef CONSOLE_EFI /* Default EFI console */ +//#undef CONSOLE_LINUX /* Default Linux console */ + +/* + * Additional console types + * + * These are not enabled by default, but may be useful in your + * environment. + * + */ + +//#define CONSOLE_SERIAL /* Serial port console */ +#define CONSOLE_FRAMEBUFFER /* Graphical framebuffer console */ +//#define CONSOLE_SYSLOG /* Syslog console */ +//#define CONSOLE_SYSLOGS /* Encrypted syslog console */ +//#define CONSOLE_VMWARE /* VMware logfile console */ +//#define CONSOLE_DEBUGCON /* Bochs/QEMU/KVM debug port console */ +//#define CONSOLE_INT13 /* INT13 disk log console */ + +/* + * Very obscure console types + * + * You almost certainly do not need to enable these. + * + */ + +//#define CONSOLE_DIRECT_VGA /* Direct access to VGA card */ +//#define CONSOLE_PC_KBD /* Direct access to PC keyboard */ + +/* Keyboard map (available maps in hci/keymap/) */ +#define KEYBOARD_MAP us + +/* Control which syslog() messages are generated. + * + * Note that this is not related in any way to CONSOLE_SYSLOG. + */ +#define LOG_LEVEL LOG_NONE + +#include +#include NAMED_CONFIG(console.h) +#include +#include LOCAL_NAMED_CONFIG(console.h) + +#endif /* CONFIG_CONSOLE_H */ diff --git a/server/ipxe/console_efi.h b/server/ipxe/console_efi.h new file mode 100644 index 0000000..0e7a65c --- /dev/null +++ b/server/ipxe/console_efi.h @@ -0,0 +1,69 @@ +#ifndef CONFIG_CONSOLE_H +#define CONFIG_CONSOLE_H + +/** @file + * + * Console configuration + * + * These options specify the console types that iPXE will use for + * interaction with the user. + * + */ + +FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); + +#include + +/* + * Default console types + * + * These are all enabled by default for the appropriate platforms. + * You may disable them if needed. + * + */ + +#define CONSOLE_PCBIOS /* Default BIOS console */ +#define CONSOLE_EFI /* Default EFI console */ +//#undef CONSOLE_LINUX /* Default Linux console */ + +/* + * Additional console types + * + * These are not enabled by default, but may be useful in your + * environment. + * + */ + +#define CONSOLE_SERIAL /* Serial port console */ +#define CONSOLE_FRAMEBUFFER /* Graphical framebuffer console */ +#define CONSOLE_SYSLOG /* Syslog console */ +//#define CONSOLE_SYSLOGS /* Encrypted syslog console */ +//#define CONSOLE_VMWARE /* VMware logfile console */ +//#define CONSOLE_DEBUGCON /* Bochs/QEMU/KVM debug port console */ +//#define CONSOLE_INT13 /* INT13 disk log console */ + +/* + * Very obscure console types + * + * You almost certainly do not need to enable these. + * + */ + +//#define CONSOLE_DIRECT_VGA /* Direct access to VGA card */ +//#define CONSOLE_PC_KBD /* Direct access to PC keyboard */ + +/* Keyboard map (available maps in hci/keymap/) */ +#define KEYBOARD_MAP us + +/* Control which syslog() messages are generated. + * + * Note that this is not related in any way to CONSOLE_SYSLOG. + */ +#define LOG_LEVEL LOG_NONE + +#include +#include NAMED_CONFIG(console.h) +#include +#include LOCAL_NAMED_CONFIG(console.h) + +#endif /* CONFIG_CONSOLE_H */ diff --git a/server/ipxe/default.ipxe b/server/ipxe/default.ipxe new file mode 100644 index 0000000..c16ef2e --- /dev/null +++ b/server/ipxe/default.ipxe @@ -0,0 +1,21 @@ +#!ipxe + +:start +menu Default Script: +item bwlehrpool bwLehrpool +item reg Registration +item sh [Shell] +choose target && goto ${target} + +:bwlehrpool +chain --replace http://132.230.4.2/tftp/ipxelinux.0 + +:reg +set crosscert http://ca.ipxe.org/auto/ +chain --replace https://bas.intra.uni-freiburg.de/api/ipxe/load/registration || +goto start + + +:sh +shell || +goto start diff --git a/server/ipxe/general.h b/server/ipxe/general.h deleted file mode 100644 index 5ee8d0e..0000000 --- a/server/ipxe/general.h +++ /dev/null @@ -1,205 +0,0 @@ -#ifndef CONFIG_GENERAL_H -#define CONFIG_GENERAL_H - -/** @file - * - * General configuration - * - */ - -FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); - -#include - -/* - * Banner timeout configuration - * - * This controls the timeout for the "Press Ctrl-B for the iPXE - * command line" banner displayed when iPXE starts up. The value is - * specified in tenths of a second for which the banner should appear. - * A value of 0 disables the banner. - * - * ROM_BANNER_TIMEOUT controls the "Press Ctrl-B to configure iPXE" - * banner displayed only by ROM builds of iPXE during POST. This - * defaults to being twice the length of BANNER_TIMEOUT, to allow for - * BIOSes that switch video modes immediately before calling the - * initialisation vector, thus rendering the banner almost invisible - * to the user. - */ -#define BANNER_TIMEOUT 20 -#define ROM_BANNER_TIMEOUT ( 2 * BANNER_TIMEOUT ) - -/* - * Network protocols - * - */ - -#define NET_PROTO_IPV4 /* IPv4 protocol */ -#undef NET_PROTO_IPV6 /* IPv6 protocol */ -#undef NET_PROTO_FCOE /* Fibre Channel over Ethernet protocol */ -#define NET_PROTO_STP /* Spanning Tree protocol */ -#define NET_PROTO_LACP /* Link Aggregation control protocol */ - -/* - * PXE support - * - */ -//#undef PXE_STACK /* PXE stack in iPXE - you want this! */ -//#undef PXE_MENU /* PXE menu booting */ - -/* - * Download protocols - * - */ - -#define DOWNLOAD_PROTO_TFTP /* Trivial File Transfer Protocol */ -#define DOWNLOAD_PROTO_HTTP /* Hypertext Transfer Protocol */ -#define DOWNLOAD_PROTO_HTTPS /* Secure Hypertext Transfer Protocol */ -#undef DOWNLOAD_PROTO_FTP /* File Transfer Protocol */ -#undef DOWNLOAD_PROTO_SLAM /* Scalable Local Area Multicast */ -#undef DOWNLOAD_PROTO_NFS /* Network File System Protocol */ -//#undef DOWNLOAD_PROTO_FILE /* Local filesystem access */ - -/* - * SAN boot protocols - * - */ - -//#undef SANBOOT_PROTO_ISCSI /* iSCSI protocol */ -//#undef SANBOOT_PROTO_AOE /* AoE protocol */ -//#undef SANBOOT_PROTO_IB_SRP /* Infiniband SCSI RDMA protocol */ -//#undef SANBOOT_PROTO_FCP /* Fibre Channel protocol */ -//#undef SANBOOT_PROTO_HTTP /* HTTP SAN protocol */ - -/* - * HTTP extensions - * - */ -#define HTTP_AUTH_BASIC /* Basic authentication */ -#define HTTP_AUTH_DIGEST /* Digest authentication */ -//#define HTTP_AUTH_NTLM /* NTLM authentication */ -//#define HTTP_ENC_PEERDIST /* PeerDist content encoding */ -//#define HTTP_HACK_GCE /* Google Compute Engine hacks */ - -/* - * 802.11 cryptosystems and handshaking protocols - * - */ -#define CRYPTO_80211_WEP /* WEP encryption (deprecated and insecure!) */ -#define CRYPTO_80211_WPA /* WPA Personal, authenticating with passphrase */ -#define CRYPTO_80211_WPA2 /* Add support for stronger WPA cryptography */ - -/* - * Name resolution modules - * - */ - -#define DNS_RESOLVER /* DNS resolver */ - -/* - * Image types - * - * Etherboot supports various image formats. Select whichever ones - * you want to use. - * - */ -#define IMAGE_NBI /* NBI image support */ -#define IMAGE_ELF /* ELF image support */ -#define IMAGE_MULTIBOOT /* MultiBoot image support */ -#define IMAGE_PXE /* PXE image support */ -#define IMAGE_SCRIPT /* iPXE script image support */ -#define IMAGE_BZIMAGE /* Linux bzImage image support */ -#define IMAGE_COMBOOT /* SYSLINUX COMBOOT image support */ -//#define IMAGE_EFI /* EFI image support */ -//#define IMAGE_SDI /* SDI image support */ -//#define IMAGE_PNM /* PNM image support */ -#define IMAGE_PNG /* PNG image support */ -#define IMAGE_DER /* DER image support */ -#define IMAGE_PEM /* PEM image support */ - -/* - * Command-line commands to include - * - */ -#define AUTOBOOT_CMD /* Automatic booting */ -#define NVO_CMD /* Non-volatile option storage commands */ -#define CONFIG_CMD /* Option configuration console */ -#define IFMGMT_CMD /* Interface management commands */ -#define IWMGMT_CMD /* Wireless interface management commands */ -#define IBMGMT_CMD /* Infiniband management commands */ -#define FCMGMT_CMD /* Fibre Channel management commands */ -#define ROUTE_CMD /* Routing table management commands */ -#define IMAGE_CMD /* Image management commands */ -#define DHCP_CMD /* DHCP management commands */ -#define SANBOOT_CMD /* SAN boot commands */ -#define MENU_CMD /* Menu commands */ -#define LOGIN_CMD /* Login command */ -#define SYNC_CMD /* Sync command */ -#define SHELL_CMD /* Shell command */ -//#define NSLOOKUP_CMD /* DNS resolving command */ -//#define TIME_CMD /* Time commands */ -//#define DIGEST_CMD /* Image crypto digest commands */ -//#define LOTEST_CMD /* Loopback testing commands */ -//#define VLAN_CMD /* VLAN commands */ -#define PXE_CMD /* PXE commands */ -#define REBOOT_CMD /* Reboot command */ -#define POWEROFF_CMD /* Power off command */ -//#define IMAGE_TRUST_CMD /* Image trust management commands */ -//#define PCI_CMD /* PCI commands */ -#define PARAM_CMD /* Form parameter commands */ -//#define NEIGHBOUR_CMD /* Neighbour management commands */ -//#define PING_CMD /* Ping command */ -#define CONSOLE_CMD /* Console command */ -//#define IPSTAT_CMD /* IP statistics commands */ -//#define PROFSTAT_CMD /* Profiling commands */ -//#define NTP_CMD /* NTP commands */ -//#define CERT_CMD /* Certificate management commands */ - -/* - * ROM-specific options - * - */ -#undef NONPNP_HOOK_INT19 /* Hook INT19 on non-PnP BIOSes */ -#define AUTOBOOT_ROM_FILTER /* Autoboot only devices matching our ROM */ - -/* - * Virtual network devices - * - */ -#define VNIC_IPOIB /* Infiniband IPoIB virtual NICs */ -//#define VNIC_XSIGO /* Infiniband Xsigo virtual NICs */ - -/* - * Error message tables to include - * - */ -#undef ERRMSG_80211 /* All 802.11 error descriptions (~3.3kb) */ - -/* - * Obscure configuration options - * - * You probably don't need to touch these. - * - */ - -#undef BUILD_SERIAL /* Include an automatic build serial - * number. Add "bs" to the list of - * make targets. For example: - * "make bin/rtl8139.dsk bs" */ -#undef BUILD_ID /* Include a custom build ID string, - * e.g "test-foo" */ -#undef NULL_TRAP /* Attempt to catch NULL function calls */ -#undef GDBSERIAL /* Remote GDB debugging over serial */ -#undef GDBUDP /* Remote GDB debugging over UDP - * (both may be set) */ -//#define EFI_DOWNGRADE_UX /* Downgrade UEFI user experience */ -#define TIVOLI_VMM_WORKAROUND /* Work around the Tivoli VMM's garbling of SSE - * registers when iPXE traps to it due to - * privileged instructions */ - -#include -#include NAMED_CONFIG(general.h) -#include -#include LOCAL_NAMED_CONFIG(general.h) - -#endif /* CONFIG_GENERAL_H */ diff --git a/server/ipxe/general_bios.h b/server/ipxe/general_bios.h new file mode 100644 index 0000000..5ee8d0e --- /dev/null +++ b/server/ipxe/general_bios.h @@ -0,0 +1,205 @@ +#ifndef CONFIG_GENERAL_H +#define CONFIG_GENERAL_H + +/** @file + * + * General configuration + * + */ + +FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); + +#include + +/* + * Banner timeout configuration + * + * This controls the timeout for the "Press Ctrl-B for the iPXE + * command line" banner displayed when iPXE starts up. The value is + * specified in tenths of a second for which the banner should appear. + * A value of 0 disables the banner. + * + * ROM_BANNER_TIMEOUT controls the "Press Ctrl-B to configure iPXE" + * banner displayed only by ROM builds of iPXE during POST. This + * defaults to being twice the length of BANNER_TIMEOUT, to allow for + * BIOSes that switch video modes immediately before calling the + * initialisation vector, thus rendering the banner almost invisible + * to the user. + */ +#define BANNER_TIMEOUT 20 +#define ROM_BANNER_TIMEOUT ( 2 * BANNER_TIMEOUT ) + +/* + * Network protocols + * + */ + +#define NET_PROTO_IPV4 /* IPv4 protocol */ +#undef NET_PROTO_IPV6 /* IPv6 protocol */ +#undef NET_PROTO_FCOE /* Fibre Channel over Ethernet protocol */ +#define NET_PROTO_STP /* Spanning Tree protocol */ +#define NET_PROTO_LACP /* Link Aggregation control protocol */ + +/* + * PXE support + * + */ +//#undef PXE_STACK /* PXE stack in iPXE - you want this! */ +//#undef PXE_MENU /* PXE menu booting */ + +/* + * Download protocols + * + */ + +#define DOWNLOAD_PROTO_TFTP /* Trivial File Transfer Protocol */ +#define DOWNLOAD_PROTO_HTTP /* Hypertext Transfer Protocol */ +#define DOWNLOAD_PROTO_HTTPS /* Secure Hypertext Transfer Protocol */ +#undef DOWNLOAD_PROTO_FTP /* File Transfer Protocol */ +#undef DOWNLOAD_PROTO_SLAM /* Scalable Local Area Multicast */ +#undef DOWNLOAD_PROTO_NFS /* Network File System Protocol */ +//#undef DOWNLOAD_PROTO_FILE /* Local filesystem access */ + +/* + * SAN boot protocols + * + */ + +//#undef SANBOOT_PROTO_ISCSI /* iSCSI protocol */ +//#undef SANBOOT_PROTO_AOE /* AoE protocol */ +//#undef SANBOOT_PROTO_IB_SRP /* Infiniband SCSI RDMA protocol */ +//#undef SANBOOT_PROTO_FCP /* Fibre Channel protocol */ +//#undef SANBOOT_PROTO_HTTP /* HTTP SAN protocol */ + +/* + * HTTP extensions + * + */ +#define HTTP_AUTH_BASIC /* Basic authentication */ +#define HTTP_AUTH_DIGEST /* Digest authentication */ +//#define HTTP_AUTH_NTLM /* NTLM authentication */ +//#define HTTP_ENC_PEERDIST /* PeerDist content encoding */ +//#define HTTP_HACK_GCE /* Google Compute Engine hacks */ + +/* + * 802.11 cryptosystems and handshaking protocols + * + */ +#define CRYPTO_80211_WEP /* WEP encryption (deprecated and insecure!) */ +#define CRYPTO_80211_WPA /* WPA Personal, authenticating with passphrase */ +#define CRYPTO_80211_WPA2 /* Add support for stronger WPA cryptography */ + +/* + * Name resolution modules + * + */ + +#define DNS_RESOLVER /* DNS resolver */ + +/* + * Image types + * + * Etherboot supports various image formats. Select whichever ones + * you want to use. + * + */ +#define IMAGE_NBI /* NBI image support */ +#define IMAGE_ELF /* ELF image support */ +#define IMAGE_MULTIBOOT /* MultiBoot image support */ +#define IMAGE_PXE /* PXE image support */ +#define IMAGE_SCRIPT /* iPXE script image support */ +#define IMAGE_BZIMAGE /* Linux bzImage image support */ +#define IMAGE_COMBOOT /* SYSLINUX COMBOOT image support */ +//#define IMAGE_EFI /* EFI image support */ +//#define IMAGE_SDI /* SDI image support */ +//#define IMAGE_PNM /* PNM image support */ +#define IMAGE_PNG /* PNG image support */ +#define IMAGE_DER /* DER image support */ +#define IMAGE_PEM /* PEM image support */ + +/* + * Command-line commands to include + * + */ +#define AUTOBOOT_CMD /* Automatic booting */ +#define NVO_CMD /* Non-volatile option storage commands */ +#define CONFIG_CMD /* Option configuration console */ +#define IFMGMT_CMD /* Interface management commands */ +#define IWMGMT_CMD /* Wireless interface management commands */ +#define IBMGMT_CMD /* Infiniband management commands */ +#define FCMGMT_CMD /* Fibre Channel management commands */ +#define ROUTE_CMD /* Routing table management commands */ +#define IMAGE_CMD /* Image management commands */ +#define DHCP_CMD /* DHCP management commands */ +#define SANBOOT_CMD /* SAN boot commands */ +#define MENU_CMD /* Menu commands */ +#define LOGIN_CMD /* Login command */ +#define SYNC_CMD /* Sync command */ +#define SHELL_CMD /* Shell command */ +//#define NSLOOKUP_CMD /* DNS resolving command */ +//#define TIME_CMD /* Time commands */ +//#define DIGEST_CMD /* Image crypto digest commands */ +//#define LOTEST_CMD /* Loopback testing commands */ +//#define VLAN_CMD /* VLAN commands */ +#define PXE_CMD /* PXE commands */ +#define REBOOT_CMD /* Reboot command */ +#define POWEROFF_CMD /* Power off command */ +//#define IMAGE_TRUST_CMD /* Image trust management commands */ +//#define PCI_CMD /* PCI commands */ +#define PARAM_CMD /* Form parameter commands */ +//#define NEIGHBOUR_CMD /* Neighbour management commands */ +//#define PING_CMD /* Ping command */ +#define CONSOLE_CMD /* Console command */ +//#define IPSTAT_CMD /* IP statistics commands */ +//#define PROFSTAT_CMD /* Profiling commands */ +//#define NTP_CMD /* NTP commands */ +//#define CERT_CMD /* Certificate management commands */ + +/* + * ROM-specific options + * + */ +#undef NONPNP_HOOK_INT19 /* Hook INT19 on non-PnP BIOSes */ +#define AUTOBOOT_ROM_FILTER /* Autoboot only devices matching our ROM */ + +/* + * Virtual network devices + * + */ +#define VNIC_IPOIB /* Infiniband IPoIB virtual NICs */ +//#define VNIC_XSIGO /* Infiniband Xsigo virtual NICs */ + +/* + * Error message tables to include + * + */ +#undef ERRMSG_80211 /* All 802.11 error descriptions (~3.3kb) */ + +/* + * Obscure configuration options + * + * You probably don't need to touch these. + * + */ + +#undef BUILD_SERIAL /* Include an automatic build serial + * number. Add "bs" to the list of + * make targets. For example: + * "make bin/rtl8139.dsk bs" */ +#undef BUILD_ID /* Include a custom build ID string, + * e.g "test-foo" */ +#undef NULL_TRAP /* Attempt to catch NULL function calls */ +#undef GDBSERIAL /* Remote GDB debugging over serial */ +#undef GDBUDP /* Remote GDB debugging over UDP + * (both may be set) */ +//#define EFI_DOWNGRADE_UX /* Downgrade UEFI user experience */ +#define TIVOLI_VMM_WORKAROUND /* Work around the Tivoli VMM's garbling of SSE + * registers when iPXE traps to it due to + * privileged instructions */ + +#include +#include NAMED_CONFIG(general.h) +#include +#include LOCAL_NAMED_CONFIG(general.h) + +#endif /* CONFIG_GENERAL_H */ diff --git a/server/ipxe/general_efi.h b/server/ipxe/general_efi.h new file mode 100644 index 0000000..96ab724 --- /dev/null +++ b/server/ipxe/general_efi.h @@ -0,0 +1,205 @@ +#ifndef CONFIG_GENERAL_H +#define CONFIG_GENERAL_H + +/** @file + * + * General configuration + * + */ + +FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); + +#include + +/* + * Banner timeout configuration + * + * This controls the timeout for the "Press Ctrl-B for the iPXE + * command line" banner displayed when iPXE starts up. The value is + * specified in tenths of a second for which the banner should appear. + * A value of 0 disables the banner. + * + * ROM_BANNER_TIMEOUT controls the "Press Ctrl-B to configure iPXE" + * banner displayed only by ROM builds of iPXE during POST. This + * defaults to being twice the length of BANNER_TIMEOUT, to allow for + * BIOSes that switch video modes immediately before calling the + * initialisation vector, thus rendering the banner almost invisible + * to the user. + */ +#define BANNER_TIMEOUT 20 +#define ROM_BANNER_TIMEOUT ( 2 * BANNER_TIMEOUT ) + +/* + * Network protocols + * + */ + +#define NET_PROTO_IPV4 /* IPv4 protocol */ +#undef NET_PROTO_IPV6 /* IPv6 protocol */ +#undef NET_PROTO_FCOE /* Fibre Channel over Ethernet protocol */ +#define NET_PROTO_STP /* Spanning Tree protocol */ +#define NET_PROTO_LACP /* Link Aggregation control protocol */ + +/* + * PXE support + * + */ +//#undef PXE_STACK /* PXE stack in iPXE - you want this! */ +//#undef PXE_MENU /* PXE menu booting */ + +/* + * Download protocols + * + */ + +#define DOWNLOAD_PROTO_TFTP /* Trivial File Transfer Protocol */ +#define DOWNLOAD_PROTO_HTTP /* Hypertext Transfer Protocol */ +#define DOWNLOAD_PROTO_HTTPS /* Secure Hypertext Transfer Protocol */ +#undef DOWNLOAD_PROTO_FTP /* File Transfer Protocol */ +#undef DOWNLOAD_PROTO_SLAM /* Scalable Local Area Multicast */ +#undef DOWNLOAD_PROTO_NFS /* Network File System Protocol */ +//#undef DOWNLOAD_PROTO_FILE /* Local filesystem access */ + +/* + * SAN boot protocols + * + */ + +//#undef SANBOOT_PROTO_ISCSI /* iSCSI protocol */ +//#undef SANBOOT_PROTO_AOE /* AoE protocol */ +//#undef SANBOOT_PROTO_IB_SRP /* Infiniband SCSI RDMA protocol */ +//#undef SANBOOT_PROTO_FCP /* Fibre Channel protocol */ +//#undef SANBOOT_PROTO_HTTP /* HTTP SAN protocol */ + +/* + * HTTP extensions + * + */ +#define HTTP_AUTH_BASIC /* Basic authentication */ +#define HTTP_AUTH_DIGEST /* Digest authentication */ +//#define HTTP_AUTH_NTLM /* NTLM authentication */ +//#define HTTP_ENC_PEERDIST /* PeerDist content encoding */ +//#define HTTP_HACK_GCE /* Google Compute Engine hacks */ + +/* + * 802.11 cryptosystems and handshaking protocols + * + */ +#define CRYPTO_80211_WEP /* WEP encryption (deprecated and insecure!) */ +#define CRYPTO_80211_WPA /* WPA Personal, authenticating with passphrase */ +#define CRYPTO_80211_WPA2 /* Add support for stronger WPA cryptography */ + +/* + * Name resolution modules + * + */ + +#define DNS_RESOLVER /* DNS resolver */ + +/* + * Image types + * + * Etherboot supports various image formats. Select whichever ones + * you want to use. + * + */ +//#define IMAGE_NBI /* NBI image support */ +//#define IMAGE_ELF /* ELF image support */ +//#define IMAGE_MULTIBOOT /* MultiBoot image support */ +//#define IMAGE_PXE /* PXE image support */ +//#define IMAGE_SCRIPT /* iPXE script image support */ +//#define IMAGE_BZIMAGE /* Linux bzImage image support */ +//#define IMAGE_COMBOOT /* SYSLINUX COMBOOT image support */ +//#define IMAGE_EFI /* EFI image support */ +//#define IMAGE_SDI /* SDI image support */ +//#define IMAGE_PNM /* PNM image support */ +#define IMAGE_PNG /* PNG image support */ +#define IMAGE_DER /* DER image support */ +#define IMAGE_PEM /* PEM image support */ + +/* + * Command-line commands to include + * + */ +#define AUTOBOOT_CMD /* Automatic booting */ +#define NVO_CMD /* Non-volatile option storage commands */ +#define CONFIG_CMD /* Option configuration console */ +#define IFMGMT_CMD /* Interface management commands */ +#define IWMGMT_CMD /* Wireless interface management commands */ +#define IBMGMT_CMD /* Infiniband management commands */ +#define FCMGMT_CMD /* Fibre Channel management commands */ +#define ROUTE_CMD /* Routing table management commands */ +#define IMAGE_CMD /* Image management commands */ +#define DHCP_CMD /* DHCP management commands */ +#define SANBOOT_CMD /* SAN boot commands */ +#define MENU_CMD /* Menu commands */ +#define LOGIN_CMD /* Login command */ +#define SYNC_CMD /* Sync command */ +#define SHELL_CMD /* Shell command */ +#define NSLOOKUP_CMD /* DNS resolving command */ +//#define TIME_CMD /* Time commands */ +//#define DIGEST_CMD /* Image crypto digest commands */ +//#define LOTEST_CMD /* Loopback testing commands */ +//#define VLAN_CMD /* VLAN commands */ +//#define PXE_CMD /* PXE commands */ +#define REBOOT_CMD /* Reboot command */ +#define POWEROFF_CMD /* Power off command */ +//#define IMAGE_TRUST_CMD /* Image trust management commands */ +//#define PCI_CMD /* PCI commands */ +//#define PARAM_CMD /* Form parameter commands */ +//#define NEIGHBOUR_CMD /* Neighbour management commands */ +//#define PING_CMD /* Ping command */ +#define CONSOLE_CMD /* Console command */ +//#define IPSTAT_CMD /* IP statistics commands */ +//#define PROFSTAT_CMD /* Profiling commands */ +//#define NTP_CMD /* NTP commands */ +//#define CERT_CMD /* Certificate management commands */ + +/* + * ROM-specific options + * + */ +#undef NONPNP_HOOK_INT19 /* Hook INT19 on non-PnP BIOSes */ +#define AUTOBOOT_ROM_FILTER /* Autoboot only devices matching our ROM */ + +/* + * Virtual network devices + * + */ +#define VNIC_IPOIB /* Infiniband IPoIB virtual NICs */ +//#define VNIC_XSIGO /* Infiniband Xsigo virtual NICs */ + +/* + * Error message tables to include + * + */ +#undef ERRMSG_80211 /* All 802.11 error descriptions (~3.3kb) */ + +/* + * Obscure configuration options + * + * You probably don't need to touch these. + * + */ + +#undef BUILD_SERIAL /* Include an automatic build serial + * number. Add "bs" to the list of + * make targets. For example: + * "make bin/rtl8139.dsk bs" */ +#undef BUILD_ID /* Include a custom build ID string, + * e.g "test-foo" */ +#undef NULL_TRAP /* Attempt to catch NULL function calls */ +#undef GDBSERIAL /* Remote GDB debugging over serial */ +#undef GDBUDP /* Remote GDB debugging over UDP + * (both may be set) */ +//#define EFI_DOWNGRADE_UX /* Downgrade UEFI user experience */ +#define TIVOLI_VMM_WORKAROUND /* Work around the Tivoli VMM's garbling of SSE + * registers when iPXE traps to it due to + * privileged instructions */ + +#include +#include NAMED_CONFIG(general.h) +#include +#include LOCAL_NAMED_CONFIG(general.h) + +#endif /* CONFIG_GENERAL_H */ diff --git a/server/ipxe/grepSystemInfo.sh b/server/ipxe/grepSystemInfo.sh deleted file mode 100644 index 386f3b2..0000000 --- a/server/ipxe/grepSystemInfo.sh +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash -# http://git.openslx.org/openslx-ng/mltk.git/tree/core/modules/hardware-stats/data/opt/openslx/scripts/systemd-hardware_stats -#dmidecode | grep -i UUID - -# MAC -# MAC=$(ip addr show | grep -Eo -m 1 'ether\s.*\sbrd') -# MAC=${MAC#"ether "} -# MAC=${MAC%" brd"} - -# UUID -UUID=$(dmidecode -q -s system-uuid | grep -v '^#' | head -n 1 | tr '[a-z]' '[A-Z]') - -# System -MANUFACTURER=$(dmidecode -q -s system-manufacturer) -MODEL=$(dmidecode -q -s system-product-name) -SERIAL=$(dmidecode -q -s system-serial-number) -VENDOR=$(dmidecode | grep -Eo '(Vendor).*') -VENDOR=${VENDOR#"Vendor: "} - -# Mainboard -MAINBOARD_MANUFACTURER=$(dmidecode -q -s baseboard-manufacturer) -MAINBOARD_MODEL=$(dmidecode -q -s baseboard-product-name) -MAINBOARD_SERIAL_NUMBER=$(dmidecode -q -s baseboard-serial-number) - -# CPU -CPU_MODEL=$(dmidecode -q -s processor-version) -CPU_MANUFACTURER=$(dmidecode -q -s processor-manufacturer) -CPU_TYPE=$(dmidecode -q -s processor-family) -CPU_CORES=$(cat /sys/devices/system/cpu/cpu*/topology/thread_siblings_list | sort -u | wc -l) -#CPUMODEL=$(grep -m1 '^model name\s*:' /proc/cpuinfo | sed 's/^model name\s*:\s*//;s/\s\s*/ /g;s/^ //;s/ $//') -#echo "$CPUMODEL" -CPU_FREQUENCY=$(dmidecode -q -s processor-frequency)registrations -CPU_FREQUENCY=${CPU_FREQUENCY%" MHz"} - -# RAM -# RAM=$(grep -m1 '^MemTotal:' /proc/meminfo | awk '{print $2}') -# RAM=$(( $RAM / 1024 )) -# if [ -z "$RAM" ] || [ "$RAM" -lt 500 ]; then -# # Fallback to dmidecode -# RAM=0 -# for c in $(dmidecode -t 17 | grep -o 'Size:.*MB$' | awk '{print $2}'); do -# RAM=$(( $RAM + $c )) -# done -# fi - -# RAM_SIZE=$(dmidecode -t 17 | grep -o 'Size:.*[MG]B$') -RAM_SIZE=$(dmidecode -t 17 | grep -o 'Size:.*') -RAM_MANUFACTURER=$(dmidecode -t 17 | grep -o 'Manufacturer:.*') -#RAM_MANUFACTURER=${RAM_MANUFACTURER#"\tManufacturer: "} -RAM_TYPE=$(dmidecode -t 17 | grep -o 'Type:.*') -RAM_ISECC=$(dmidecode -t 16 | grep -o 'Error Correction Type:.*') -RAM_FORMFACTOR=$(dmidecode -t 17 | grep -o 'Form Factor:.*') -#RAM_TYPE=${RAM_TYPE#"\tType: "} - -# HDD / SSD -# hd parm or smartctl from smartmontools -drives=$(ls /dev/sd* | grep -o '/dev/sd.$') -for drive in $drives; do - # drivedata=$(sudo smartctl -i $drive) - # drivedata=$(sudo hdparm -I $drive) - # echo $drivedata | grep -o 'Device Model: .*' -done - - -# Curl -#curl --data "state=6" --insecure https://bas.stfu-kthx.net:8888/api/registration/$UUID/state -curl -d "name=Client_$UUID&sys_manufacturer=$MANUFACTURER&sys_model=$MODEL&sys_serial=$SERIAL&cpu_model=$CPU_MODEL&cpu_manufacturer=$CPU_MANUFACTURER&cpu_type=$CPU_TYPE&cpu_cores=$CPU_CORES&cpu_frequency=$CPU_FREQUENCY&ram_size=$RAM_SIZE&ram_manufacturer=$RAM_MANUFACTURER&ram_type=$RAM_TYPE&ram_isecc=$RAM_ISECC&ram_formfactor=$RAM_FORMFACTOR" -H "Content-Type: application/x-www-form-urlencoded" -X POST --insecure https://bas.intra.uni-freiburg.de/api/registration/$UUID/update -- cgit v1.2.3-55-g7522