Update first-boot.sh and associated scripts to transition from KDE Plasma to rpd-labwc for the Chromium kiosk setup. Modify package installations, LightDM session configurations, and one-shot scripts for wallpaper and rotation to support Wayland. Implement boot order configuration for network-first provisioning. Enhance logging and error handling throughout the scripts.
This commit is contained in:
nearxos
96
chromium-setup/emmc-provisioning/docs/NETWORK-BOOT-LXC.md
Normal file
96
chromium-setup/emmc-provisioning/docs/NETWORK-BOOT-LXC.md
Normal file
@@ -0,0 +1,96 @@
|
||||
# Network boot on the provisioning LXC (eth1 = LAN, eth0 = WAN)
|
||||
|
||||
The provisioning LXC can provide **network boot** (PXE-style) and **internet access** to devices connected on **eth1**, while **eth0** is used as WAN for the LXC itself.
|
||||
|
||||
## Roles
|
||||
|
||||
| Interface | Role | Typical config |
|
||||
|-----------|------|-----------------|
|
||||
| **eth0** | WAN | DHCP or static; default route; internet for the LXC |
|
||||
| **eth1** | LAN (provisioning) | Static e.g. `10.20.50.1/24`; DHCP server + TFTP server; NAT so clients get internet via eth0 |
|
||||
|
||||
Devices plugged into the same network as **eth1** (e.g. reTerminals with network boot enabled) will:
|
||||
|
||||
1. Get an IP via **DHCP** (from the LXC on eth1).
|
||||
2. Get **TFTP** boot files (Raspberry Pi firmware: `start4.elf`, `fixup4.dat`, kernel, etc.) for network boot.
|
||||
3. Have **internet** via NAT through the LXC (eth0).
|
||||
|
||||
## What you need on the LXC
|
||||
|
||||
1. **DHCP server** on eth1 only (e.g. **dnsmasq**), handing out addresses in e.g. `10.20.50.100`–`10.20.50.200` and advertising the TFTP server (next-server = LXC’s eth1 IP).
|
||||
2. **TFTP server** (dnsmasq can provide this) with **TFTP root** containing Raspberry Pi 4 / CM4 boot files.
|
||||
3. **IP forwarding** and **NAT** (nftables or iptables) so traffic from `10.20.50.0/24` is masqueraded out **eth0**.
|
||||
|
||||
## One-time setup (inside the LXC)
|
||||
|
||||
From your machine, run the setup script **on the LXC** (replace with your LXC IP if different):
|
||||
|
||||
```bash
|
||||
# From the repo (script runs inside the LXC)
|
||||
./chromium-setup/emmc-provisioning/scripts/setup-network-boot-on-lxc.sh root@10.130.60.141
|
||||
```
|
||||
|
||||
Or SSH into the LXC and run the script there:
|
||||
|
||||
```bash
|
||||
ssh root@10.130.60.141
|
||||
# Copy or rsync the emmc-provisioning tree into the container, then:
|
||||
bash /path/to/setup-network-boot-on-lxc.sh
|
||||
```
|
||||
|
||||
The script will:
|
||||
|
||||
- Install **dnsmasq** (DHCP + TFTP).
|
||||
- Configure dnsmasq to listen only on **eth1**, with a DHCP range and TFTP root.
|
||||
- Create `/srv/tftpboot` and optionally fetch Raspberry Pi boot files (or tell you how).
|
||||
- Enable **IPv4 forwarding** and **NAT** (nftables) so clients on eth1 use eth0 for internet.
|
||||
- Enable and start the **dnsmasq** and **nftables** (or apply rules) services.
|
||||
|
||||
## Proxmox: adding eth1 to the LXC
|
||||
|
||||
If you create the container by hand or want a second interface:
|
||||
|
||||
1. On the **Proxmox host**, add a second network device to the container, e.g.:
|
||||
```bash
|
||||
pct set <CTID> --net1 name=eth1,bridge=vmbr1,ip=10.20.50.1/24
|
||||
```
|
||||
Use the bridge that corresponds to the physical LAN where reTerminals are connected (e.g. `vmbr1` or a dedicated provisioning bridge).
|
||||
|
||||
2. Inside the LXC, ensure **eth1** has a static address (e.g. in `/etc/network/interfaces`):
|
||||
```
|
||||
auto eth1
|
||||
iface eth1 inet static
|
||||
address 10.20.50.1/24
|
||||
```
|
||||
|
||||
Your current LXC already has eth0 (10.130.60.141) and eth1 (10.20.50.1); the setup script only adds DHCP, TFTP, and NAT.
|
||||
|
||||
## After setup: reTerminal network boot
|
||||
|
||||
1. Set the reTerminal **boot order** to try network first (e.g. `BOOT_ORDER=0x21`; see cloud-init/first-boot).
|
||||
2. Connect the reTerminal to the **same network as the LXC’s eth1** (e.g. 10.20.50.0/24).
|
||||
3. Power on; it will get an IP via DHCP and load boot files via TFTP from the LXC.
|
||||
4. For **provisioning** (Backup/Deploy), the netboot environment must run **network-client/provisioning-client.sh** with `PROVISIONING_SERVER=http://10.20.50.1:5000` so it talks to the dashboard on the LXC.
|
||||
|
||||
## TFTP boot files (Raspberry Pi 4 / CM4)
|
||||
|
||||
The TFTP root (e.g. `/srv/tftpboot`) must contain the Raspberry Pi firmware boot files, for example:
|
||||
|
||||
- `start4.elf`, `fixup4.dat` (or `start4cd.elf`, `fixup4cd.dat`)
|
||||
- `config.txt`, `cmdline.txt`
|
||||
- `kernel8.img` (64-bit) or `kernel7l.img` (32-bit)
|
||||
|
||||
You can:
|
||||
|
||||
- Run the script’s step that downloads the boot files from the official Raspberry Pi firmware repo, or
|
||||
- Copy them from a Raspberry Pi OS `/boot/firmware` (or `/boot`) into `/srv/tftpboot` on the LXC.
|
||||
|
||||
## Summary
|
||||
|
||||
| Component | Where | Purpose |
|
||||
|-------------|--------|--------|
|
||||
| eth0 | LXC | WAN; LXC’s internet |
|
||||
| eth1 | LXC | LAN; 10.20.50.1/24; DHCP + TFTP |
|
||||
| dnsmasq | LXC | DHCP (on eth1) + TFTP |
|
||||
| TFTP root | LXC | e.g. `/srv/tftpboot` with RPi boot files |
|
||||
| NAT | LXC | 10.20.50.0/24 → eth0 so LAN has internet |
|
||||
Reference in New Issue
Block a user