From 98816654b66b6581e3803f1ec37540dde89a8430 Mon Sep 17 00:00:00 2001 From: Jannik Schönartz Date: Mon, 16 Jul 2018 22:20:04 +0000 Subject: [server/ipxe] Building ipxe with external configs. --- server/api/ipxe-loader.js | 42 +++++ server/api/user.js | 1 - server/ipxe/console.h | 69 ++++++++ server/ipxe/general.h | 205 ++++++++++++++++++++++++ server/ipxe/main.ipxe | 3 +- server/lib/shell.js | 17 +- server/migrations/20180522185323-create-user.js | 3 - 7 files changed, 330 insertions(+), 10 deletions(-) create mode 100644 server/api/ipxe-loader.js create mode 100644 server/ipxe/console.h create mode 100644 server/ipxe/general.h (limited to 'server') diff --git a/server/api/ipxe-loader.js b/server/api/ipxe-loader.js new file mode 100644 index 0000000..57c152f --- /dev/null +++ b/server/api/ipxe-loader.js @@ -0,0 +1,42 @@ +module.exports = { + loadScript: function(req, res) { + res.setHeader('content-type', 'text/plain'); + res.status(200).send(`#!ipxe +dhcp + +:start +menu Please choose a webserver to load the ipxe menu: +item pxelnx PxeLinux +item exit Exit +item exit0 Exit0 +item exit1 Exit1 +item sh [Shell] +choose target && goto \${target} + +:exit +exit +:exit0 +exit 0 +:exit1 +exit 1 +:pxelnx +# set 210:string https://bas.stfu-kthx.net:8888/ +# chain \${210:string}pxelinux.0 || goto start +#chain https://bas.stfu-kthx.net:8888/pxelinux.0 +# set next-server bas-stfu-kthx.net:8888 +# set 209:string https://bas.stfu-kthx.net:8888/pxelinux.cfg +#imgload pxelinux.0 +#boot pxelinux.0 + +set 209:string pxelinux.cfg/default +set 210:string bas.stfu-kthx.net +# chain tftp://bas.stfu-kthx.net/pxelinux.0 || goto start +kernel tftp://bas.stfu-kthx.net/ldlinux.c32 +imgload tftp://bas.stfu-kthx.net/pxelinux.0 +boot + +:sh +shell +goto start`); + } +} diff --git a/server/api/user.js b/server/api/user.js index 720a2bb..e42e26b 100644 --- a/server/api/user.js +++ b/server/api/user.js @@ -14,7 +14,6 @@ module.exports = { //db.query('SELECT * FROM users WHERE id=?', [userid], function(err, rows) { db.user.findOne({ where: { id: userid } }).then(user_db => { - console.log("wasd"); //if (err) return res.status(500).send({ auth: false, status: 'DATABASE_ERROR', error_message: 'SQL query failed.' }); //user.id = rows[0].id; //user.username = rows[0].username; diff --git a/server/ipxe/console.h b/server/ipxe/console.h new file mode 100644 index 0000000..bfc00d7 --- /dev/null +++ b/server/ipxe/console.h @@ -0,0 +1,69 @@ +#ifndef CONFIG_CONSOLE_H +#define CONFIG_CONSOLE_H + +/** @file + * + * Console configuration + * + * These options specify the console types that iPXE will use for + * interaction with the user. + * + */ + +FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); + +#include + +/* + * Default console types + * + * These are all enabled by default for the appropriate platforms. + * You may disable them if needed. + * + */ + +//#undef CONSOLE_PCBIOS /* Default BIOS console */ +//#undef CONSOLE_EFI /* Default EFI console */ +//#undef CONSOLE_LINUX /* Default Linux console */ + +/* + * Additional console types + * + * These are not enabled by default, but may be useful in your + * environment. + * + */ + +//#define CONSOLE_SERIAL /* Serial port console */ +#define CONSOLE_FRAMEBUFFER /* Graphical framebuffer console */ +//#define CONSOLE_SYSLOG /* Syslog console */ +//#define CONSOLE_SYSLOGS /* Encrypted syslog console */ +//#define CONSOLE_VMWARE /* VMware logfile console */ +//#define CONSOLE_DEBUGCON /* Bochs/QEMU/KVM debug port console */ +//#define CONSOLE_INT13 /* INT13 disk log console */ + +/* + * Very obscure console types + * + * You almost certainly do not need to enable these. + * + */ + +//#define CONSOLE_DIRECT_VGA /* Direct access to VGA card */ +//#define CONSOLE_PC_KBD /* Direct access to PC keyboard */ + +/* Keyboard map (available maps in hci/keymap/) */ +#define KEYBOARD_MAP us + +/* Control which syslog() messages are generated. + * + * Note that this is not related in any way to CONSOLE_SYSLOG. + */ +#define LOG_LEVEL LOG_NONE + +#include +#include NAMED_CONFIG(console.h) +#include +#include LOCAL_NAMED_CONFIG(console.h) + +#endif /* CONFIG_CONSOLE_H */ diff --git a/server/ipxe/general.h b/server/ipxe/general.h new file mode 100644 index 0000000..8c8687e --- /dev/null +++ b/server/ipxe/general.h @@ -0,0 +1,205 @@ +#ifndef CONFIG_GENERAL_H +#define CONFIG_GENERAL_H + +/** @file + * + * General configuration + * + */ + +FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); + +#include + +/* + * Banner timeout configuration + * + * This controls the timeout for the "Press Ctrl-B for the iPXE + * command line" banner displayed when iPXE starts up. The value is + * specified in tenths of a second for which the banner should appear. + * A value of 0 disables the banner. + * + * ROM_BANNER_TIMEOUT controls the "Press Ctrl-B to configure iPXE" + * banner displayed only by ROM builds of iPXE during POST. This + * defaults to being twice the length of BANNER_TIMEOUT, to allow for + * BIOSes that switch video modes immediately before calling the + * initialisation vector, thus rendering the banner almost invisible + * to the user. + */ +#define BANNER_TIMEOUT 20 +#define ROM_BANNER_TIMEOUT ( 2 * BANNER_TIMEOUT ) + +/* + * Network protocols + * + */ + +#define NET_PROTO_IPV4 /* IPv4 protocol */ +#undef NET_PROTO_IPV6 /* IPv6 protocol */ +#undef NET_PROTO_FCOE /* Fibre Channel over Ethernet protocol */ +#define NET_PROTO_STP /* Spanning Tree protocol */ +#define NET_PROTO_LACP /* Link Aggregation control protocol */ + +/* + * PXE support + * + */ +//#undef PXE_STACK /* PXE stack in iPXE - you want this! */ +//#undef PXE_MENU /* PXE menu booting */ + +/* + * Download protocols + * + */ + +#define DOWNLOAD_PROTO_TFTP /* Trivial File Transfer Protocol */ +#define DOWNLOAD_PROTO_HTTP /* Hypertext Transfer Protocol */ +#define DOWNLOAD_PROTO_HTTPS /* Secure Hypertext Transfer Protocol */ +#undef DOWNLOAD_PROTO_FTP /* File Transfer Protocol */ +#undef DOWNLOAD_PROTO_SLAM /* Scalable Local Area Multicast */ +#undef DOWNLOAD_PROTO_NFS /* Network File System Protocol */ +//#undef DOWNLOAD_PROTO_FILE /* Local filesystem access */ + +/* + * SAN boot protocols + * + */ + +//#undef SANBOOT_PROTO_ISCSI /* iSCSI protocol */ +//#undef SANBOOT_PROTO_AOE /* AoE protocol */ +//#undef SANBOOT_PROTO_IB_SRP /* Infiniband SCSI RDMA protocol */ +//#undef SANBOOT_PROTO_FCP /* Fibre Channel protocol */ +//#undef SANBOOT_PROTO_HTTP /* HTTP SAN protocol */ + +/* + * HTTP extensions + * + */ +#define HTTP_AUTH_BASIC /* Basic authentication */ +#define HTTP_AUTH_DIGEST /* Digest authentication */ +//#define HTTP_AUTH_NTLM /* NTLM authentication */ +//#define HTTP_ENC_PEERDIST /* PeerDist content encoding */ +//#define HTTP_HACK_GCE /* Google Compute Engine hacks */ + +/* + * 802.11 cryptosystems and handshaking protocols + * + */ +#define CRYPTO_80211_WEP /* WEP encryption (deprecated and insecure!) */ +#define CRYPTO_80211_WPA /* WPA Personal, authenticating with passphrase */ +#define CRYPTO_80211_WPA2 /* Add support for stronger WPA cryptography */ + +/* + * Name resolution modules + * + */ + +#define DNS_RESOLVER /* DNS resolver */ + +/* + * Image types + * + * Etherboot supports various image formats. Select whichever ones + * you want to use. + * + */ +#define IMAGE_NBI /* NBI image support */ +#define IMAGE_ELF /* ELF image support */ +#define IMAGE_MULTIBOOT /* MultiBoot image support */ +#define IMAGE_PXE /* PXE image support */ +#define IMAGE_SCRIPT /* iPXE script image support */ +#define IMAGE_BZIMAGE /* Linux bzImage image support */ +#define IMAGE_COMBOOT /* SYSLINUX COMBOOT image support */ +//#define IMAGE_EFI /* EFI image support */ +//#define IMAGE_SDI /* SDI image support */ +//#define IMAGE_PNM /* PNM image support */ +#define IMAGE_PNG /* PNG image support */ +#define IMAGE_DER /* DER image support */ +#define IMAGE_PEM /* PEM image support */ + +/* + * Command-line commands to include + * + */ +#define AUTOBOOT_CMD /* Automatic booting */ +#define NVO_CMD /* Non-volatile option storage commands */ +#define CONFIG_CMD /* Option configuration console */ +#define IFMGMT_CMD /* Interface management commands */ +#define IWMGMT_CMD /* Wireless interface management commands */ +#define IBMGMT_CMD /* Infiniband management commands */ +#define FCMGMT_CMD /* Fibre Channel management commands */ +#define ROUTE_CMD /* Routing table management commands */ +#define IMAGE_CMD /* Image management commands */ +#define DHCP_CMD /* DHCP management commands */ +#define SANBOOT_CMD /* SAN boot commands */ +#define MENU_CMD /* Menu commands */ +#define LOGIN_CMD /* Login command */ +#define SYNC_CMD /* Sync command */ +#define SHELL_CMD /* Shell command */ +//#define NSLOOKUP_CMD /* DNS resolving command */ +//#define TIME_CMD /* Time commands */ +//#define DIGEST_CMD /* Image crypto digest commands */ +//#define LOTEST_CMD /* Loopback testing commands */ +//#define VLAN_CMD /* VLAN commands */ +#define PXE_CMD /* PXE commands */ +#define REBOOT_CMD /* Reboot command */ +#define POWEROFF_CMD /* Power off command */ +//#define IMAGE_TRUST_CMD /* Image trust management commands */ +//#define PCI_CMD /* PCI commands */ +//#define PARAM_CMD /* Form parameter commands */ +//#define NEIGHBOUR_CMD /* Neighbour management commands */ +//#define PING_CMD /* Ping command */ +#define CONSOLE_CMD /* Console command */ +//#define IPSTAT_CMD /* IP statistics commands */ +//#define PROFSTAT_CMD /* Profiling commands */ +//#define NTP_CMD /* NTP commands */ +//#define CERT_CMD /* Certificate management commands */ + +/* + * ROM-specific options + * + */ +#undef NONPNP_HOOK_INT19 /* Hook INT19 on non-PnP BIOSes */ +#define AUTOBOOT_ROM_FILTER /* Autoboot only devices matching our ROM */ + +/* + * Virtual network devices + * + */ +#define VNIC_IPOIB /* Infiniband IPoIB virtual NICs */ +//#define VNIC_XSIGO /* Infiniband Xsigo virtual NICs */ + +/* + * Error message tables to include + * + */ +#undef ERRMSG_80211 /* All 802.11 error descriptions (~3.3kb) */ + +/* + * Obscure configuration options + * + * You probably don't need to touch these. + * + */ + +#undef BUILD_SERIAL /* Include an automatic build serial + * number. Add "bs" to the list of + * make targets. For example: + * "make bin/rtl8139.dsk bs" */ +#undef BUILD_ID /* Include a custom build ID string, + * e.g "test-foo" */ +#undef NULL_TRAP /* Attempt to catch NULL function calls */ +#undef GDBSERIAL /* Remote GDB debugging over serial */ +#undef GDBUDP /* Remote GDB debugging over UDP + * (both may be set) */ +//#define EFI_DOWNGRADE_UX /* Downgrade UEFI user experience */ +#define TIVOLI_VMM_WORKAROUND /* Work around the Tivoli VMM's garbling of SSE + * registers when iPXE traps to it due to + * privileged instructions */ + +#include +#include NAMED_CONFIG(general.h) +#include +#include LOCAL_NAMED_CONFIG(general.h) + +#endif /* CONFIG_GENERAL_H */ diff --git a/server/ipxe/main.ipxe b/server/ipxe/main.ipxe index f6f3c00..fa1f492 100644 --- a/server/ipxe/main.ipxe +++ b/server/ipxe/main.ipxe @@ -14,7 +14,8 @@ item sh [Shell] choose target && goto ${target} :js -chain http://10.4.9.123/boot.php +set crosscert http://ca.ipxe.org/auto/ +chain https://bas.stfu-kthx.net/api/ipxe-loader/load-script goto start :uw chain http://10.4.9.115/boot.php diff --git a/server/lib/shell.js b/server/lib/shell.js index ab07b81..931286c 100644 --- a/server/lib/shell.js +++ b/server/lib/shell.js @@ -9,18 +9,25 @@ module.exports = { return res.status(500).send({ status: 'GIT_MISSING', error_message: 'Please install git on the server.' }); } - var gitclone = 'git clone ' + ipxeGIT; shell.cd(path.join(__appdir, 'ipxe')); shell.exec(gitclone, function(code, stdout, stderr) { shell.cd(path.join(__appdir, 'ipxe', 'ipxe', 'src')); - var make = 'make EMBED=' + path.join(__appdir, 'ipxe', 'main.ipxe'); + + // Remove the general config and paste in the own one + shell.rm(path.join(__appdir, 'ipxe', 'ipxe', 'src', 'config', 'general.h')); + shell.cp(path.join(__appdir, 'ipxe', 'general.h'), path.join(__appdir, 'ipxe', 'ipxe', 'src', 'config')); + shell.rm(path.join(__appdir, 'ipxe', 'ipxe', 'src', 'config', 'console.h')); + shell.cp(path.join(__appdir, 'ipxe', 'console.h'), path.join(__appdir, 'ipxe', 'ipxe', 'src', 'config')); + //var make = 'make EMBED=' + path.join(__appdir, 'ipxe', 'main.ipxe'); + var make = 'make EMBED=' + path.join(__appdir, 'ipxe', 'main.ipxe') + " TRUST=" + path.join(__appdir, 'bin', 'fullchain.pem'); //shell.env.PATH = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin'; shell.env.DEBUG = ''; shell.exec(make, function(code, stdout, stderr) { - shell.cp('-rf', 'bin/ipxe.pxe', path.join(__appdir, 'tftp')); - shell.cp('-rf', 'bin/undionly.kpxe', path.join(__appdir, 'tftp')); - //shell.rm('-rf', 'ipxe'); + shell.rm(path.join(__appdir, 'tftp', 'ipxe.0')); + shell.cp('bin/ipxe.pxe', path.join(__appdir, 'tftp')); + shell.mv(path.join(__appdir, 'tftp', 'ipxe.pxe'), path.join(__appdir, 'tftp', 'ipxe.0')); + // shell.rm('-rf', 'ipxe'); return res.status(200).send({ status: 'success' }); }); }); diff --git a/server/migrations/20180522185323-create-user.js b/server/migrations/20180522185323-create-user.js index 42527da..236b229 100644 --- a/server/migrations/20180522185323-create-user.js +++ b/server/migrations/20180522185323-create-user.js @@ -8,9 +8,6 @@ module.exports = { primaryKey: true, type: Sequelize.INTEGER }, - id: { - type: Sequelize.INTEGER - }, username: { type: Sequelize.STRING }, -- cgit v1.2.3-55-g7522