• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

installfog.sh --force-https and ipxe

Scheduled Pinned Locked Moved Solved
FOG Problems
3
6
1.9k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C
    CBO
    last edited by Jul 4, 2017, 3:46 PM

    Server
    • FOG Version: 1.4.4
    • OS: Debian 9
    Description

    After installing fog with –force-https switch ipxe.efi cannot download files via http or https from fog server.

    After searching on ipxe side I suspected a certificate validation problem and I managed to get ipxe download via https on the fog web server after compiling it with the web server certificate embedded:

    make bin-x86_64-efi/ipxe.efi EMBED=ipxescript TRUST=/var/www/fog//management/other/ssl/srvpublic.crt

    I had also to modify the /tftpboot/default.ipxe file by replacing http by https in it because it seems that ipxe does not follow the redirection from http to https…

    Is is normal or did i miss something to avoid recompiling ?

    1 Reply Last reply Reply Quote 1
    • T
      Tom Elliott
      last edited by Jul 4, 2017, 4:03 PM

      The redirection following is normal, unfortunately.

      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

      Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

      Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

      1 Reply Last reply Reply Quote 0
      • S
        Sebastian Roth Moderator
        last edited by Aug 7, 2017, 7:29 PM

        @Tom-Elliott Just thinking out loud here… should be add compiling iPXE to the installer script (as we do with udpcast)? This way the cert could be added to the iPXE binaries for everyone. Would compiling on the fly break other things?

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        T 1 Reply Last reply Aug 7, 2017, 7:32 PM Reply Quote 0
        • T
          Tom Elliott @Sebastian Roth
          last edited by Aug 7, 2017, 7:32 PM

          @sebastian-roth The problem is I only know of a 100% sure fire way to build the ipxe binaries and the requirements aren’t readily available on the “base” installation. That said, i’ll admit I haven’t really looked into building any specialties as I’m busy on a about a million other things as well.

          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

          1 Reply Last reply Reply Quote 0
          • S
            Sebastian Roth Moderator
            last edited by Sebastian Roth Aug 7, 2017, 1:54 PM Aug 7, 2017, 7:53 PM

            @Tom-Elliott Not saying that this is something you should do. Just wondering what your opinion was. I might look into this at some point. It would definitely need less downloading of binaries but time to compile all the different ones on the FOG server.

            The problem is I only know of a 100% sure fire way to build the ipxe binaries…

            What exactly do you mean by that?

            @CBO, sorry for taking over this thread but this is very closely related.

            Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

            Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

            1 Reply Last reply Reply Quote 0
            • S
              Sebastian Roth Moderator
              last edited by Sep 9, 2017, 10:25 PM

              @CBO Just in case you are still interested in this. I just pushed changes to the current working branch (see here and here) to make the installer do a better job. Upgrade to the very latest and give it a go if you like.

              PS: Sorry for taking so long to get back onto this.

              Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

              Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

              1 Reply Last reply Reply Quote 0
              • 1 / 1
              • First post
                Last post

              239

              Online

              12.0k

              Users

              17.3k

              Topics

              155.2k

              Posts
              Copyright © 2012-2024 FOG Project