Problem with HTTPS upgrade


  • Developer

    @sbenson Ok, we still have some URLs in non HTTPS style (and another one here) in the bootmenu generation PHP code. I am sure @Tom-Elliott will fix this soon.

    EDIT: Tom just fixed it, you might want to upgrade to the latest working



  • @sebastian-roth said in Problem with HTTPS upgrade:

    Can you access this URL from a browser?

    Yes

    #!ipxe
    set fog-ip 10.63.76.44
    set fog-webroot fog
    set boot-url http://${fog-ip}/${fog-webroot}
    cpuid --ext 29 && set arch x86_64 || set arch i386
    goto get_console
    :console_set
    colour --rgb 0x00567a 1 ||
    colour --rgb 0x00567a 2 ||
    colour --rgb 0x00567a 4 ||
    cpair --foreground 7 --background 2 2 ||
    goto MENU
    :alt_console
    cpair --background 0 1 ||
    cpair --background 1 2 ||
    goto MENU
    :get_console
    console --picture http://10.63.76.44/fog/service/ipxe/lbs-fog-bg.png --left 100 --right 80 && goto console_set || goto alt_console
    :MENU
    menu
    colour --rgb 0xff0000 0 ||
    cpair --foreground 1 1 ||
    cpair --foreground 0 3 ||
    cpair --foreground 4 4 ||
    item --gap Host is NOT registered!
    item --gap -- -------------------------------------
    item fog.local Boot from hard disk
    item fog.memtest Run Memtest86+
    item fog.reginput Perform Full Host Registration and Inventory
    item fog.reg Quick Registration and Inventory
    item fog.deployimage Deploy Image
    item fog.multijoin Join Multicast Session
    item fog.sysinfo Client System Information (Compatibility)
    choose --default fog.local --timeout 10000 target && goto ${target}
    :fog.local
    sanboot --no-describe --drive 0x80 || goto MENU
    :fog.memtest
    kernel memdisk initrd=memtest.bin iso raw
    initrd memtest.bin
    boot || goto MENU
    :fog.reginput
    kernel bzImage32 loglevel=4 initrd=init_32.xz root=/dev/ram0 rw ramdisk_size=127000 web=10.63.76.44/fog/ consoleblank=0 rootfstype=ext4 storage=10.63.76.44:/images/ storageip=10.63.76.44 loglevel=4 mode=manreg
    imgfetch init_32.xz
    boot || goto MENU
    :fog.reg
    kernel bzImage32 loglevel=4 initrd=init_32.xz root=/dev/ram0 rw ramdisk_size=127000 web=10.63.76.44/fog/ consoleblank=0 rootfstype=ext4 storage=10.63.76.44:/images/ storageip=10.63.76.44 loglevel=4 mode=autoreg
    imgfetch init_32.xz
    boot || goto MENU
    :fog.deployimage
    login
    params
    param mac0 ${net0/mac}
    param arch ${arch}
    param username ${username}
    param password ${password}
    param qihost 1
    isset ${net1/mac} && param mac1 ${net1/mac} || goto bootme
    isset ${net2/mac} && param mac2 ${net2/mac} || goto bootme
    param sysuuid ${uuid}
    :fog.multijoin
    login
    params
    param mac0 ${net0/mac}
    param arch ${arch}
    param username ${username}
    param password ${password}
    param sessionJoin 1
    isset ${net1/mac} && param mac1 ${net1/mac} || goto bootme
    isset ${net2/mac} && param mac2 ${net2/mac} || goto bootme
    param sysuuid ${uuid}
    :fog.sysinfo
    kernel bzImage32 loglevel=4 initrd=init_32.xz root=/dev/ram0 rw ramdisk_size=127000 web=10.63.76.44/fog/ consoleblank=0 rootfstype=ext4 storage=10.63.76.44:/images/ storageip=10.63.76.44 loglevel=4 mode=sysinfo
    imgfetch init_32.xz
    boot || goto MENU
    :bootme
    chain -ar http://10.63.76.44/fog/service/ipxe/boot.php##params ||
    goto MENU
    autoboot
    
    

  • Developer

    @sbenson said in Problem with HTTPS upgrade:

    https://10.63.76.44/fog/service/ipxe/boot.php

    Can you access this URL from a browser?



  • @tom-elliott

    Ok, copied those over and got it compiled without any errors. Installed, and still gives the

    https://10.63.76.44/fog/service/ipxe/boot.php… No such file or directory
    

    EDIT: it says http:// let me hardcode the https://


  • Senior Developer

    @sbenson Yes, I updated the script below.

    The script takes all of the information from the installation to copy over into the repo.

    So your first steps would be to copy the necessary files.

    Something like;

    cp -r /root/fogproject/src/ipxe/src/* /root/ipxe/src/
    cp -r /root/fogproject/src/ipxe/src-efi/* /root/ipxe-efi/src/
    

    Then run the buildIpxe script. That should present the 10 second information properly too.



  • @tom-elliott said in Problem with HTTPS upgrade:

    So to see the change, you would need to re-run the installer once done

    I did reinstall after the script finished.

    I dont think i have any of the 10sec stuff in my files tho.

    Did you update the script below in the previous post?


  • Senior Developer

    I’m sorry my script didn’t work out of the box for you. Remember, I have a totally separate environment, and I just tweaked things to generalize so you could attempt to use it.

    Updated the script so that the copy commands should have no more problems.

    Of note here, the script copy the files into the repo source. So to see the change, you would need to re-run the installer once done.



  • I let it finish anyways and here is the full output

    [09:52:00] root@SRO-FOG-01[0]:~$ ./buildIpxe TRUST=/var/www/fog/management/other/ca.cert.pem
    + cd /root/projects/ipxe/ipxe-bios
    + [[ -z '' ]]
    + git pull
    Already up-to-date.
    + cd /root/projects/ipxe/ipxe-bios/src/
    ++ nproc
    + make -j 8 bin/ipxe.iso bin/undionly.pxe bin/undionly.kpxe bin/undionly.kkpxe bin/ipxe.pxe bin/ipxe.kpxe bin/ipxe.kkpxe bin/intel.pxe bin/intel.kpxe bin/intel.kkpxe bin/realtek.pxe bin/realtek.kpxe bin/realtek.kkpxe bin/ipxe.lkrn EMBED=ipxescript TRUST=/var/www/fog/management/other/ca.cert.pem
      [DEPS] image/embedded.c
      [BUILD] bin/embedded.o
      [AR] bin/blib.a
    ar: creating bin/blib.a
      [VERSION] bin/version.ipxe.lkrn.o
      [VERSION] bin/version.undionly.pxe.o
      [VERSION] bin/version.undionly.kpxe.o
      [VERSION] bin/version.undionly.kkpxe.o
      [VERSION] bin/version.ipxe.pxe.o
      [VERSION] bin/version.ipxe.kpxe.o
      [VERSION] bin/version.ipxe.kkpxe.o
      [VERSION] bin/version.intel.pxe.o
      [VERSION] bin/version.intel.kpxe.o
      [VERSION] bin/version.intel.kkpxe.o
      [VERSION] bin/version.realtek.pxe.o
      [VERSION] bin/version.realtek.kpxe.o
      [VERSION] bin/version.realtek.kkpxe.o
      [LD] bin/ipxe.lkrn.tmp
      [LD] bin/undionly.pxe.tmp
      [LD] bin/undionly.kpxe.tmp
      [LD] bin/undionly.kkpxe.tmp
      [LD] bin/ipxe.pxe.tmp
      [LD] bin/ipxe.kpxe.tmp
      [LD] bin/ipxe.kkpxe.tmp
      [LD] bin/intel.pxe.tmp
      [LD] bin/intel.kpxe.tmp
      [LD] bin/intel.kkpxe.tmp
      [LD] bin/realtek.pxe.tmp
      [LD] bin/realtek.kpxe.tmp
      [BIN] bin/undionly.pxe.bin
      [LD] bin/realtek.kkpxe.tmp
      [ZINFO] bin/undionly.pxe.zinfo
      [BIN] bin/undionly.kpxe.bin
      [ZINFO] bin/undionly.kpxe.zinfo
      [ZINFO] bin/undionly.kkpxe.zinfo
      [BIN] bin/undionly.kkpxe.bin
      [BIN] bin/intel.pxe.bin
      [ZINFO] bin/intel.pxe.zinfo
      [BIN] bin/intel.kpxe.bin
      [ZINFO] bin/intel.kpxe.zinfo
      [BIN] bin/intel.kkpxe.bin
      [ZINFO] bin/intel.kkpxe.zinfo
      [BIN] bin/realtek.pxe.bin
      [ZINFO] bin/realtek.pxe.zinfo
      [BIN] bin/realtek.kpxe.bin
      [ZINFO] bin/realtek.kpxe.zinfo
      [BIN] bin/ipxe.lkrn.bin
      [ZINFO] bin/ipxe.lkrn.zinfo
      [ZBIN] bin/undionly.pxe.zbin
      [ZBIN] bin/undionly.kpxe.zbin
      [ZBIN] bin/undionly.kkpxe.zbin
      [ZBIN] bin/intel.pxe.zbin
      [ZBIN] bin/intel.kpxe.zbin
      [ZBIN] bin/intel.kkpxe.zbin
      [ZBIN] bin/realtek.pxe.zbin
      [ZBIN] bin/realtek.kpxe.zbin
      [ZBIN] bin/ipxe.lkrn.zbin
      [FINISH] bin/undionly.pxe
      [FINISH] bin/undionly.kpxe
      [FINISH] bin/undionly.kkpxe
      [BIN] bin/ipxe.pxe.bin
      [BIN] bin/ipxe.kpxe.bin
      [ZINFO] bin/ipxe.pxe.zinfo
      [ZINFO] bin/ipxe.kpxe.zinfo
      [BIN] bin/ipxe.kkpxe.bin
      [ZINFO] bin/ipxe.kkpxe.zinfo
      [FINISH] bin/intel.pxe
      [FINISH] bin/intel.kpxe
      [BIN] bin/realtek.kkpxe.bin
      [ZINFO] bin/realtek.kkpxe.zinfo
      [ZBIN] bin/ipxe.pxe.zbin
      [ZBIN] bin/ipxe.kpxe.zbin
      [FINISH] bin/intel.kkpxe
      [ZBIN] bin/ipxe.kkpxe.zbin
      [FINISH] bin/realtek.pxe
      [ZBIN] bin/realtek.kkpxe.zbin
      [FINISH] bin/realtek.kpxe
      [FINISH] bin/realtek.kkpxe
      [FINISH] bin/ipxe.lkrn
    make: 'bin/ipxe.lkrn' is up to date.
      [GENISO] bin/ipxe.iso
    cp: missing destination file operand after 'bin/iso.dir.PVCdnQ'
    Try 'cp --help' for more information.
    genisoimage: Uh oh, I cant find the boot image 'isolinux.bin' !
      [FINISH] bin/ipxe.pxe
      [FINISH] bin/ipxe.kpxe
      [FINISH] bin/ipxe.kkpxe
    rm bin/realtek.pxe.zbin bin/intel.pxe.zbin bin/realtek.pxe.bin bin/realtek.pxe.zinfo bin/ipxe.pxe.zinfo bin/ipxe.lkrn.zbin bin/version.intel.kkpxe.o bin/undionly.pxe.zbin bin/version.undionly.kpxe.o bin/intel.kkpxe.zbin bin/realtek.kpxe.zbin bin/undionly.kpxe.zinfo bin/realtek.kkpxe.bin bin/undionly.kkpxe.zbin bin/undionly.pxe.bin bin/realtek.kpxe.bin bin/version.undionly.pxe.o bin/intel.kkpxe.zinfo bin/ipxe.kpxe.bin bin/realtek.kpxe.zinfo bin/ipxe.kkpxe.zinfo bin/version.intel.pxe.o bin/undionly.kkpxe.bin bin/version.intel.kpxe.o bin/version.undionly.kkpxe.o bin/ipxe.kpxe.zbin bin/version.ipxe.pxe.o bin/intel.kpxe.bin bin/ipxe.pxe.zbin bin/realtek.kkpxe.zbin bin/version.ipxe.lkrn.o bin/ipxe.kkpxe.zbin bin/ipxe.pxe.bin bin/ipxe.lkrn.bin bin/version.ipxe.kpxe.o bin/ipxe.kpxe.zinfo bin/undionly.kkpxe.zinfo bin/undionly.pxe.zinfo bin/undionly.kpxe.bin bin/version.realtek.kkpxe.o bin/intel.kkpxe.bin bin/realtek.kkpxe.zinfo bin/intel.pxe.bin bin/intel.kpxe.zbin bin/version.realtek.pxe.o bin/ipxe.lkrn.zinfo bin/version.ipxe.kkpxe.o bin/intel.pxe.zinfo bin/undionly.kpxe.zbin bin/ipxe.kkpxe.bin bin/intel.kpxe.zinfo bin/version.realtek.kpxe.o
    + cp /root/projects/ipxe/ipxe-bios/src/bin/undionly.pxe /root/projects/ipxe/ipxe-bios/src/bin/undionly.kpxe /root/projects/ipxe/ipxe-bios/src/bin/undionly.kkpxe /root/projects/ipxe/ipxe-bios/src/bin/ipxe.pxe /root/projects/ipxe/ipxe-bios/src/bin/ipxe.kpxe /root/projects/ipxe/ipxe-bios/src/bin/ipxe.kkpxe /root/projects/ipxe/ipxe-bios/src/bin/intel.pxe /root/projects/ipxe/ipxe-bios/src/bin/intel.kpxe /root/projects/ipxe/ipxe-bios/src/bin/intel.kkpxe /root/projects/ipxe/ipxe-bios/src/bin/realtek.pxe /root/projects/ipxe/ipxe-bios/src/bin/realtek.kpxe /root/projects/ipxe/ipxe-bios/src/bin/realtek.kkpxe /root/fog/packages/tftp/
    + cp /root/projects/ipxe/ipxe-bios/src/bin/ipxe.lkrn /root/fog/packages/tftp/ipxe.krn
    + cp /root/projects/ipxe/ipxe-bios/src/bin/ipxe.iso /root/fog/packages/tftp/ipxe.iso
    + cp /root/projects/ipxe/ipxe-bios/src/ipxescript /root/fog/src/ipxe/src/ipxescript
    + cp /root/projects/ipxe/ipxe-bios/src/config/general.h /root/fog/src/ipxe/src/config/general.h
    + cp /root/projects/ipxe/ipxe-bios/src/config/settings.h /root/fog/src/ipxe/src/config/settings.h
    + cp /root/projects/ipxe/ipxe-bios/src/config/console.h /root/fog/src/ipxe/src/config/console.h
    ++ nproc
    + make -j 8 bin/ipxe.iso bin/undionly.pxe bin/undionly.kpxe bin/undionly.kkpxe bin/ipxe.pxe bin/ipxe.kpxe bin/ipxe.kkpxe bin/intel.pxe bin/intel.kpxe bin/intel.kkpxe bin/realtek.pxe bin/realtek.kpxe bin/realtek.kkpxe bin/ipxe.lkrn EMBED=ipxescript10sec TRUST=/var/www/fog/management/other/ca.cert.pem
    make: *** No rule to make target 'ipxescript10sec', needed by 'bin/embedded.o'.  Stop.
    + cp /root/projects/ipxe/ipxe-bios/src/bin/undionly.pxe /root/projects/ipxe/ipxe-bios/src/bin/undionly.kpxe /root/projects/ipxe/ipxe-bios/src/bin/undionly.kkpxe /root/projects/ipxe/ipxe-bios/src/bin/ipxe.pxe /root/projects/ipxe/ipxe-bios/src/bin/ipxe.kpxe /root/projects/ipxe/ipxe-bios/src/bin/ipxe.kkpxe /root/projects/ipxe/ipxe-bios/src/bin/intel.pxe /root/projects/ipxe/ipxe-bios/src/bin/intel.kpxe /root/projects/ipxe/ipxe-bios/src/bin/intel.kkpxe /root/projects/ipxe/ipxe-bios/src/bin/realtek.pxe /root/projects/ipxe/ipxe-bios/src/bin/realtek.kpxe /root/projects/ipxe/ipxe-bios/src/bin/realtek.kkpxe /root/fog/packages/tftp/10secdelay/
    + cp /root/projects/ipxe/ipxe-bios/src/bin/ipxe.lkrn /root/fog/packages/tftp/10secdelay/ipxe.krn
    + cp /root/projects/ipxe/ipxe-bios/src/bin/ipxe.iso /root/fog/packages/tftp/10secdelay/ipxe.iso
    + cp /root/projects/ipxe/ipxe-bios/src/ipxescript10sec /root/fog/src/ipxe/src/ipxescript10sec
    cp: cannot stat '/root/projects/ipxe/ipxe-bios/src/ipxescript10sec': No such file or directory
    + cd /root/projects/ipxe/ipxe-efi
    + [[ -z '' ]]
    + git pull
    Already up-to-date.
    + cd /root/projects/ipxe/ipxe-efi/src/
    ++ nproc
    + make -j 8 bin-i386-efi/snp.efi bin-i386-efi/snponly.efi bin-i386-efi/ipxe.efi bin-i386-efi/intel.efi bin-i386-efi/realtek.efi bin-x86_64-efi/snp.efi bin-x86_64-efi/snponly.efi bin-x86_64-efi/ipxe.efi bin-x86_64-efi/intel.efi bin-x86_64-efi/realtek.efi EMBED=ipxescript TRUST=/var/www/fog/management/other/ca.cert.pem
      [DEPS] image/embedded.c
      [DEPS] image/embedded.c
      [BUILD] bin-i386-efi/embedded.o
      [BUILD] bin-x86_64-efi/embedded.o
      [AR] bin-i386-efi/blib.a
      [AR] bin-x86_64-efi/blib.a
    ar: creating bin-i386-efi/blib.a
    ar: creating bin-x86_64-efi/blib.a
      [VERSION] bin-x86_64-efi/version.snp.efi.o
      [VERSION] bin-x86_64-efi/version.snponly.efi.o
      [VERSION] bin-x86_64-efi/version.ipxe.efi.o
      [VERSION] bin-x86_64-efi/version.realtek.efi.o
      [VERSION] bin-x86_64-efi/version.intel.efi.o
      [LD] bin-x86_64-efi/intel.efi.tmp
      [LD] bin-x86_64-efi/snp.efi.tmp
      [LD] bin-x86_64-efi/snponly.efi.tmp
      [LD] bin-x86_64-efi/ipxe.efi.tmp
      [LD] bin-x86_64-efi/realtek.efi.tmp
      [FINISH] bin-x86_64-efi/intel.efi
      [FINISH] bin-x86_64-efi/realtek.efi
      [FINISH] bin-x86_64-efi/snp.efi
      [FINISH] bin-x86_64-efi/snponly.efi
      [FINISH] bin-x86_64-efi/ipxe.efi
    rm bin-x86_64-efi/version.ipxe.efi.o bin-x86_64-efi/version.snponly.efi.o bin-x86_64-efi/version.snp.efi.o bin-x86_64-efi/version.realtek.efi.o bin-x86_64-efi/version.intel.efi.o
      [VERSION] bin-i386-efi/version.snp.efi.o
      [VERSION] bin-i386-efi/version.snponly.efi.o
      [VERSION] bin-i386-efi/version.ipxe.efi.o
      [VERSION] bin-i386-efi/version.intel.efi.o
      [VERSION] bin-i386-efi/version.realtek.efi.o
      [LD] bin-i386-efi/snponly.efi.tmp
      [LD] bin-i386-efi/snp.efi.tmp
      [LD] bin-i386-efi/ipxe.efi.tmp
      [LD] bin-i386-efi/intel.efi.tmp
      [LD] bin-i386-efi/realtek.efi.tmp
      [FINISH] bin-i386-efi/snp.efi
      [FINISH] bin-i386-efi/snponly.efi
      [FINISH] bin-i386-efi/realtek.efi
      [FINISH] bin-i386-efi/intel.efi
      [FINISH] bin-i386-efi/ipxe.efi
    rm bin-i386-efi/version.snp.efi.o bin-i386-efi/version.ipxe.efi.o bin-i386-efi/version.intel.efi.o bin-i386-efi/version.realtek.efi.o bin-i386-efi/version.snponly.efi.o
    + cp /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/snp.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/snponly.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/ipxe.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/intel.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/realtek.efi /root/fog/packages/tftp/i386-efi/
    + cp /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/snp.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/snponly.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/ipxe.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/intel.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/realtek.efi /root/fog/packages/tftp/
    + cp /root/projects/ipxe/ipxe-efi/src/ipxescript /root/fog/src/ipxe/src-efi/ipxescript
    + cp /root/projects/ipxe/ipxe-efi/src/config/general.h /root/fog/src/ipxe/src-efi/config/general.h
    + cp /root/projects/ipxe/ipxe-efi/src/config/settings.h /root/fog/src/ipxe/src-efi/config/settings.h
    + cp /root/projects/ipxe/ipxe-efi/src/config/console.h /root/fog/src/ipxe/src-efi/config/console.h
    ++ nproc
    + make -j 8 bin-i386-efi/snp.efi bin-i386-efi/snponly.efi bin-i386-efi/ipxe.efi bin-i386-efi/intel.efi bin-i386-efi/realtek.efi bin-x86_64-efi/snp.efi bin-x86_64-efi/snponly.efi bin-x86_64-efi/ipxe.efi bin-x86_64-efi/intel.efi bin-x86_64-efi/realtek.efi EMBED=ipxescript10sec TRUST=/var/www/fog/management/other/ca.cert.pem
    make[1]: *** No rule to make target 'ipxescript10sec', needed by 'bin-x86_64-efi/embedded.o'.  Stop.
    Makefile.housekeeping:259: recipe for target 'bin-x86_64-efi/snp.efi' failed
    make: *** [bin-x86_64-efi/snp.efi] Error 2
    make: *** Waiting for unfinished jobs....
    make[1]: *** No rule to make target 'ipxescript10sec', needed by 'bin-i386-efi/embedded.o'.  Stop.
    Makefile.housekeeping:259: recipe for target 'bin-i386-efi/snp.efi' failed
    make: *** [bin-i386-efi/snp.efi] Error 2
    + cp /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/snp.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/snponly.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/ipxe.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/intel.efi /root/projects/ipxe/ipxe-efi/src/bin-i386-efi/realtek.efi /root/fog/packages/tftp/10secdelay/i386-efi/
    + cp /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/snp.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/snponly.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/ipxe.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/intel.efi /root/projects/ipxe/ipxe-efi/src/bin-x86_64-efi/realtek.efi /root/fog/packages/tftp/10secdelay/
    + cp /root/projects/ipxe/ipxe-efi/src/ipxescript10sec /root/fog/src/ipxe/src-efi/ipxescript10sec
    cp: cannot stat '/root/projects/ipxe/ipxe-efi/src/ipxescript10sec': No such file or directory
    


  • @tom-elliott said in Problem with HTTPS upgrade:

    buildIpxe TRUST=/var/www/fog/management/other/ca.cert.pem

    I modified the paths, but something in the build process is erroring

      [FINISH] bin/realtek.kpxe
      [FINISH] bin/realtek.kkpxe
      [FINISH] bin/ipxe.lkrn
    make: 'bin/ipxe.lkrn' is up to date.
      [GENISO] bin/ipxe.iso
    cp: missing destination file operand after 'bin/iso.dir.RnYQV4'
    Try 'cp --help' for more information.
    genisoimage: Uh oh, I cant find the boot image 'isolinux.bin' !
      [FINISH] bin/ipxe.kkpxe
    

  • Senior Developer

    To help out with rebuilding here’s my “build” layout.
    /root/fogproject Location of repo data as required.
    /root/ipxe = bios
    /root/ipxe-efi = uefi/efi building.

    buildIpxe shell script:

    NOTE: call the script as buildIpxe TRUST=/var/www/fog/management/other/ca.cert.pem (It will pass the additional arguments into ipxe building for you)
    #!/bin/bash
    # Change directory to base ipxe files
    cd /root/ipxe
    
    # Pull in new data
    [[ -z $nopull ]] && git pull
    
    # Change to the proper build directory
    cd /root/ipxe/src/
    
    # Build the files
    make -j $(nproc) bin/ipxe.iso bin/{undionly,ipxe,intel,realtek}.{,k,kk}pxe bin/ipxe.lkrn EMBED=ipxescript $*
    
    # Copy files to repo location as required.
    cp /root/ipxe/src/bin/undionly.pxe /root/fogproject/packages/tftp/
    cp /root/ipxe/src/bin/ipxe.pxe /root/fogproject/packages/tftp/
    cp /root/ipxe/src/bin/intel.pxe /root/fogproject/packages/tftp/
    cp /root/ipxe/src/bin/realtek.pxe /root/fogproject/packages/tftp/
    cp /root/ipxe/src/bin/undionly.kpxe /root/fogproject/packages/tftp/
    cp /root/ipxe/src/bin/ipxe.kpxe /root/fogproject/packages/tftp/
    cp /root/ipxe/src/bin/intel.kpxe /root/fogproject/packages/tftp/
    cp /root/ipxe/src/bin/realtek.kpxe /root/fogproject/packages/tftp/
    cp /root/ipxe/src/bin/undionly.kkpxe /root/fogproject/packages/tftp/
    cp /root/ipxe/src/bin/ipxe.kkpxe /root/fogproject/packages/tftp/
    cp /root/ipxe/src/bin/intel.kkpxe /root/fogproject/packages/tftp/
    cp /root/ipxe/src/bin/realtek.kkpxe /root/fogproject/packages/tftp/
    
    # Copy lkrn and iso files to repo.
    cp /root/ipxe/src/bin/ipxe.lkrn /root/fogproject/packages/tftp/ipxe.krn
    cp /root/ipxe/src/bin/ipxe.iso /root/fogproject/packages/tftp/ipxe.iso
    
    # Copy the configuration for our stuff to repo
    cp /root/ipxe/src/ipxescript /root/fogproject/src/ipxe/src/ipxescript
    cp /root/ipxe/src/config/general.h /root/fogproject/src/ipxe/src/config/general.h
    cp /root/ipxe/src/config/settings.h /root/fogproject/src/ipxe/src/config/settings.h
    cp /root/ipxe/src/config/console.h /root/fogproject/src/ipxe/src/config/console.h
    
    # Build with 10 second delay
    make -j $(nproc) bin/ipxe.iso bin/{undionly,ipxe,intel,realtek}.{,k,kk}pxe bin/ipxe.lkrn EMBED=ipxescript10sec $*
    
    # Copy the files to upload to repository for GIT
    cp /root/ipxe/src/bin/undionly.pxe /root/fogproject/packages/tftp/10secdelay
    cp /root/ipxe/src/bin/ipxe.pxe /root/fogproject/packages/tftp/10secdelay
    cp /root/ipxe/src/bin/intel.pxe /root/fogproject/packages/tftp/10secdelay
    cp /root/ipxe/src/bin/realtek.pxe /root/fogproject/packages/tftp/10secdelay
    cp /root/ipxe/src/bin/undionly.kpxe /root/fogproject/packages/tftp/10secdelay
    cp /root/ipxe/src/bin/ipxe.kpxe /root/fogproject/packages/tftp/10secdelay
    cp /root/ipxe/src/bin/intel.kpxe /root/fogproject/packages/tftp/10secdelay
    cp /root/ipxe/src/bin/realtek.kpxe /root/fogproject/packages/tftp/10secdelay
    cp /root/ipxe/src/bin/undionly.kkpxe /root/fogproject/packages/tftp/10secdelay
    cp /root/ipxe/src/bin/ipxe.kkpxe /root/fogproject/packages/tftp/10secdelay
    cp /root/ipxe/src/bin/intel.kkpxe /root/fogproject/packages/tftp/10secdelay
    cp /root/ipxe/src/bin/realtek.kkpxe /root/fogproject/packages/tftp/10secdelay
    
    cp /root/ipxe/src/bin/ipxe.lkrn /root/fogproject/packages/tftp/10secdelay/ipxe.krn
    cp /root/ipxe/src/bin/ipxe.iso /root/fogproject/packages/tftp/10secdelay/ipxe.iso
    cp /root/ipxe/src/ipxescript10sec /root/fogproject/src/ipxe/src/ipxescript10sec
    
    # Change to the efi layout
    cd /root/ipxe-efi
    # Pull in the new data
    [[ -z $nopull ]] && git pull
    
    # Change to the proper build directory
    cd /root/ipxe-efi/src/
    
    # Build the files
    make -j $(nproc) bin-{i386,x86_64}-efi/{snp{,only},ipxe,intel,realtek}.efi EMBED=ipxescript $*
    
    # Copy the files to upload to the repository for GIT
    cp /root/ipxe-efi/src/bin-i386-efi/snp.efi /root/fogproject/packages/tftp/i386-efi/
    cp /root/ipxe-efi/src/bin-i386-efi/snponly.efi /root/fogproject/packages/tftp/i386-efi/
    cp /root/ipxe-efi/src/bin-i386-efi/ipxe.efi /root/fogproject/packages/tftp/i386-efi/
    cp /root/ipxe-efi/src/bin-i386-efi/intel.efi /root/fogproject/packages/tftp/i386-efi/
    cp /root/ipxe-efi/src/bin-i386-efi/realtek.efi /root/fogproject/packages/tftp/i386-efi/
    
    cp /root/ipxe-efi/src/bin-x86_64-efi/snp.efi /root/fogproject/packages/tftp/
    cp /root/ipxe-efi/src/bin-x86_64-efi/snponly.efi /root/fogproject/packages/tftp/
    cp /root/ipxe-efi/src/bin-x86_64-efi/ipxe.efi /root/fogproject/packages/tftp/
    cp /root/ipxe-efi/src/bin-x86_64-efi/intel.efi /root/fogproject/packages/tftp/
    cp /root/ipxe-efi/src/bin-x86_64-efi/realtek.efi /root/fogproject/packages/tftp/
    
    # Copy the configuration for our stuff to GIT
    cp /root/ipxe-efi/src/ipxescript /root/fogproject/src/ipxe/src-efi/ipxescript
    cp /root/ipxe-efi/src/config/general.h /root/fogproject/src/ipxe/src-efi/config/general.h
    cp /root/ipxe-efi/src/config/settings.h /root/fogproject/src/ipxe/src-efi/config/settings.h
    cp /root/ipxe-efi/src/config/console.h /root/fogproject/src/ipxe/src-efi/config/console.h
    
    # Build with 10 second delay
    make -j $(nproc) bin-{i386,x86_64}-efi/{snp{,only},ipxe,intel,realtek}.efi EMBED=ipxescript10sec $*
    
    # Copy the files to upload to the repository for GIT
    cp /root/ipxe-efi/src/bin-i386-efi/snp.efi /root/fogproject/packages/tftp/10secdelay/i386-efi/
    cp /root/ipxe-efi/src/bin-i386-efi/snponly.efi /root/fogproject/packages/tftp/10secdelay/i386-efi/
    cp /root/ipxe-efi/src/bin-i386-efi/ipxe.efi /root/fogproject/packages/tftp/10secdelay/i386-efi/
    cp /root/ipxe-efi/src/bin-i386-efi/intel.efi /root/fogproject/packages/tftp/10secdelay/i386-efi/
    cp /root/ipxe-efi/src/bin-i386-efi/realtek.efi /root/fogproject/packages/tftp/10secdelay/i386-efi/
    
    cp /root/ipxe-efi/src/bin-x86_64-efi/snp.efi /root/fogproject/packages/tftp/10secdelay/
    cp /root/ipxe-efi/src/bin-x86_64-efi/snponly.efi /root/fogproject/packages/tftp/10secdelay/
    cp /root/ipxe-efi/src/bin-x86_64-efi/ipxe.efi /root/fogproject/packages/tftp/10secdelay/
    cp /root/ipxe-efi/src/bin-x86_64-efi/intel.efi /root/fogproject/packages/tftp/10secdelay/
    cp /root/ipxe-efi/src/bin-x86_64-efi/realtek.efi /root/fogproject/packages/tftp/10secdelay/
    
    # Copy the 10 sec delay configuration script.
    cp /root/ipxe-efi/src/ipxescript10sec /root/fogproject/src/ipxe/src-efi/ipxescript10sec
    


  • @tom-elliott ohhh, other posts said to “trust” that cert…so I was confused. So I should have
    TRUST=/usr/lib/ssl/certs/ca-certificates.crt instead?

    EDIT: That didnt work…


  • Senior Developer

    @sbenson but you’re not using the ca for the trust, you’re using the servers public key. That key is trusted by the servers ca key. As ipxe doesn’t have that chain of authority, it cannot confirm if the passed in certificate can be trusted.



  • @sebastian-roth said in Problem with HTTPS upgrade:

    @sbenson Ok, and could you please take a new picture of the current error message you see on screen with this?

    The screen in sthe same as the previous screen. I even re-made the files suggested in the below code, because I wasn’t sure if the cert was recreated after i reinstalled it. In any case, its not working. Still says
    Https://10.63.76.44/fog/service/ipxe/boot.php… No such file or directory

    cd ~/projects/ipxe/ipxe-bios/src
    make bin/undionly.kpxe EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt
    make bin/ipxe.pxe EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt
    make bin/undionly.kkpxe EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt
    make bin/intel.pxe EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt
    
    
    # simple 32 bit EFI binaries with embedded script 
    cd ~/projects/ipxe/ipxe-efi/src 
    make bin-i386-efi/ipxe.efi EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt
    make bin-i386-efi/snponly.efi EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt
    make bin-i386-efi/intel.efi EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt
    
    # simple 64 bit EFI binaries
    cd ~/projects/ipxe/ipxe-efi/src
    make bin-x86_64-efi/ipxe.efi EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt
    make bin-x86_64-efi/snponly.efi EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt
    make bin-x86_64-efi/intel.efi EMBED=ipxescript TRUST=/var/www/fog/management/other/ssl/srvpublic.crt
    
    

  • Developer

    @sbenson Ok, and could you please take a new picture of the current error message you see on screen with this?



  • @sebastian-roth
    This seems to all be stemming from SSL, and I dont know if anyone else is using SSL. I found an issue with the install script previously that would make it so people couldn’t install SSL without fixing it manually. So if that was a problem and no one noticed, I don’t think anyone else uses SSL.

    [11:45:12] sbenson@SRO-FOG-01[0]:/tftpboot$ cat default.ipxe
    #!ipxe
    cpuid --ext 29 && set arch x86_64 || set arch i386
    params
    param mac0 ${net0/mac}
    param arch ${arch}
    param platform ${platform}
    param product ${product}
    param manufacturer ${product}
    param ipxever ${version}
    param filename ${filename}
    param sysuuid ${uuid}
    isset ${net1/mac} && param mac1 ${net1/mac} || goto bootme
    isset ${net2/mac} && param mac2 ${net2/mac} || goto bootme
    :bootme
    chain https://10.63.76.44/fog/service/ipxe/boot.php##params
    
    

  • Developer

    @sbenson said in Problem with HTTPS upgrade:

    Weird, now it is booting back to not finding http://10.63.76.44/fog/service/ipxe/boot.php changed the default.pxe and it still doesnt

    From what to what did you change the default.ipxe file? Maybe you edited the wrong file - getting confused moving around the /tftpboot directories and files!?



  • @tom-elliott
    Weird, now it is booting back to not finding http://10.63.76.44/fog/service/ipxe/boot.php changed the default.pxe and it still doesnt. Now it is using the new build version of ipxe though. oh that might be an RC4 to RC7 change it was on 9ccd8 and is now on 70544


  • Senior Developer

    As to why it keeps redirecting to the main boot system I’m not sure, but seeing as some items are seemingly selectable (such as being able to boot to register hosts?)

    I’ve updated the init’s in an attempt to ensure the curl requests follow redirects. Please see if it at least allows you to boot and register a host?

    To download please do:

    wget https://fogproject.org/inits/init.xz -O /var/www/fog/service/ipxe/init.xz
    wget https://fogproject.org/inits/init_32.xz -O /var/www/fog/service/ipxe/init_32.xz
    


  • @tom-elliott
    upon doing this now the pxe booting starts, and instantly drops back to the laptop netboot selection

    [12:45:21] root@SRO-FOG-01[0]:/$ diff -r tftpboot tftpboot_orig/
    Binary files tftpboot/i386-efi/intel.efi and tftpboot_orig/i386-efi/intel.efi differ
    Binary files tftpboot/i386-efi/ipxe.efi and tftpboot_orig/i386-efi/ipxe.efi differ
    Binary files tftpboot/i386-efi/snponly.efi and tftpboot_orig/i386-efi/snponly.efi differ
    Binary files tftpboot/intel.efi and tftpboot_orig/intel.efi differ
    Binary files tftpboot/intel.pxe and tftpboot_orig/intel.pxe differ
    Binary files tftpboot/ipxe.efi and tftpboot_orig/ipxe.efi differ
    Binary files tftpboot/ipxe.pxe and tftpboot_orig/ipxe.pxe differ
    Only in tftpboot: pxelinux.0
    Only in tftpboot/pxelinux.cfg: default.bad
    Only in tftpboot/pxelinux.cfg: default.dist
    Binary files tftpboot/snponly.efi and tftpboot_orig/snponly.efi differ
    Binary files tftpboot/undionly.kkpxe and tftpboot_orig/undionly.kkpxe differ
    Binary files tftpboot/undionly.kpxe and tftpboot_orig/undionly.kpxe differ
    
    
    


  • @tom-elliott I said yesterday that I updated to RC7. I have the booting fixed by adding the cert to the files, but now registrations don’t work, and it’s not listing images from the ipxe “Deploy images” menu


Log in to reply
 

416
Online

6.4k
Users

13.8k
Topics

130.3k
Posts