RE: USB Boot and point to custom FOG server IP

@sebastian-roth
I figured such. The usb method on my offline imaging switch is redundant since pxe works fine on that. Just would have been nice to be able to image remotely booting via USB, kind of like Acronis+mapping to an SMB share that stores the images. If only my network team would enable tftp/pxe on their dhcp servers. We have it only on our hq subnet but it is being used by SCCM, and SCCM takes a very, very long time to image a PC. We only use it to get a base Windows 10 image and work on it from there, then capture/upload our custom dept images to the FOG server.

@Sebastian-Roth
Single cast is the goal when imaging PCs remotely. This is really for times when we have to reimage a few or a single PC and we need to bring it back to hq to image. I could put fog servers at each site loaded with dept specific images. Do the web files reference 10.0.0.10 or does something else do that? Because I could make two fog sources under /var/www and have each dedicated to the interfaces.

@Sebastian-Roth
I read through this tutorial and others https://www.slashroot.in/how-to-configure-split-horizon-dns-in-bind
Seems like it isn’t practical since it handles requests coming from specific subnets, which we have a very large number of. I’d have to put each known subnet into the bind config. I want requests coming from the interfaces to be handled the way you described above.

@george1421
A split horizon DNS config huh? I will investigate this. Thanks!

My guess is that somewhere along the chain, a reference to ${fog-ip} is made that breaks the chain. So I would have to find a spot to fork the process by setting a new ${fog-ip}, duplicating files naming them “whatever_usb” like I’ve been doing so far with success. Does that make sense? I think the fork would have to be at the boot.php part. Since default.ipxe points to the boot.php, I’d have to make a custom boot.php file that points the process to the online interface. I’m looking at boot.php now but don’t see any IP addresses or files being referenced. I also don’t know much about php.

@george1421 It is a full FOG server.

So far I changed the ip address in ipxeconfig.ipxe (embedded into the ipxe.efi image) and default.ipxe to point to the online IP 192.168.1.50. I renamed default.ipxe to default_usb.ipxe and referenced that filename in ipxeconfig.ipxe before I compiled the image.

@george1421
Let me do that on a digital napkin then I’ll upload it here in a bit

@george1421 @Sebastian-Roth
Turns out this might be more complicated than I thought. I got up to boot fog menu, after it tried to download bg.png from the offline http://url. Tried to deploy an image, logged in, then it tried to load http://10.0.0.10/fog/service/ipxe.boot.php. Before that though, it successfully loaded boot.php from the external ip. Sounds like I will have to comb through all the config files and make new versions to point to external IP but keep the 10.0.0.10 functionality…?

So it booted, read from tftp://customip, then tried to load the menu boot.php from http://10.0.0.10, so somewhere in the config is still pointing to the offline ip. I will check the code.

Just realized something. The USB boot is pulling instructions from the default.ipxe. Maybe I should tell it to pull a custom file from the fog server with the updated IP?

I missed the very first step, my bad. I didn’t have the source ipxe code. I’m compiling it now. I’ll test it out usb boot and see if I can deploy an image. Will report back.

@sebastian-roth
I do have the installer and followed the instructions, when I run “make bin-x86_64-efi/ipxe.efi EMBED=~/fogproject/src/ipxe/src/ipxescript” I get “make: *** No rule to make target ‘bin-x86_64-efi/ipxe.efi’. Stop.” Which directory should I be running this command from? I tried running it from ~/fogproject/src/ipxe/src and ~/ipxe/src with the same result.

I’m wondering if this will work, because the script is still calling for tftp which isn’t enabled on my prod network, as stated in the OP.

@george1421
Found this link
https://forums.fogproject.org/topic/12121/compiling-ipxe-boot-kernels?lang=en-US
Should I follow this?

So I read through the instructions to create a USB bootable disk that uses ipxe.efi, which I assume is preconfigured to point to the FOG server’s main IP, which in my case is 10.0.0.10 which I use for offline imaging over a switch. What I want is to be able to change where the USB boot disk looks for and mounts the NFS share. I have a 2nd interface on my FOG server that is online and I use this for managing FOG and updating Ubuntu Server. I can mount the NFS share through this interface. Would I have to decompile the ipxe.efi file and edit it so it see’s FOGs IP as whatever I set it to?

EDIT: Had to update my question because we don’t have PXE booting set up on our online/prod network. Guess the ultimate goal is to be able to deploy fog images in other buildings using the USB drive to boot to the fog menu.

@londonfog as long as you don’t put any custom files in /var/www/fog you should be good. I have pmagic on my fog ipxe menu and put the files in /var/www/pm11_winpe and the permissions for the files are correct.

This is what my ipxe menu item parameters look like:
set tftp-path tftp://${fog-ip}
set web-path http://${fog-ip}
set pe-path ${web-path}/pm11_winpe
kernel ${tftp-path}/wimboot gui
imgfetch --name BCD ${pe-path}/BCD BCD
imgfetch --name boot.sdi ${pe-path}/boot.sdi boot.sdi
imgfetch --name bootmgr ${pe-path}/bootmgr bootmgr
imgfetch --name boot.wim ${pe-path}/boot.wim boot.wim
boot || goto MENU

@tom-elliott
Ok thought so thanks.

I think I may have figured this out already but wanted confirmation. If a host is not registered and begins a deploy task, will it still show up in Tasks>Active Tasks?

Was going to post a new thread but found I had already asked this question and no one responded. Bumping this thread because it would be nice to create a user that can only create/deploy images and set up groups for multicast etc but not have access to fog settings.

@Sebastian-Roth
The fog installer didn’t change the username in Storage and TFTP settings, it kept it as “fog”. I changed it to “fogproject” and set a password via sudo passw fog and put that password into the corresponding Storage and TFTP password fields as well as changing the username to fogproject. All is good now. Was able to update the kernel as well.

The web ui login username is still fog and a password I set. Those credentials also apply when selecting deploy image from the ipxe menu. Don’t want to mess with that since it is working and I have staff that use those creds for imaging and I don’t want them to have admin access to the server. I have a question about restricting web ui access but that will be another thread.

@sebastian-roth said in Quick question about the tftp/ftp credentials:

grep FOG_VERSION /var/www/html/fog/lib/fog/system.class.php

Hello again. Sorry for the massive delay but I tried to update the kernel and got this error “Type: 2, File: /var/www/fog/lib/fog/fogftp.class.php, Line: 465, Message: ftp_login(): Login incorrect., Host: 10.0.0.10, Username: fog”. I noticed the config’s were using fog instead of fogproject. here is the output.

administrator@ncitimageserver:~$ ls -al /var/www
total 24
drwxr-xr-x  5 root       root     4096 Mar 17 13:57 .
drwxr-xr-x 14 root       root     4096 Mar 16 18:17 ..
drwxr-xr-x 10 www-data   www-data 4096 Mar 19 19:01 fog
drwxr-xr-x  2 root       root     4096 Mar 16 18:25 html
-rw-r--r--  1 www-data   www-data   52 Mar 16 18:25 index.php
drwxrwxrwx  2 fogproject root     4096 Mar 17 15:16 pm11_winpe
administrator@ncitimageserver:~$ ls -al /var/www/fog/
total 408
drwxr-xr-x 10 www-data www-data   4096 Mar 19 19:01 .
drwxr-xr-x  5 root     root       4096 Mar 17 13:57 ..
drwxr-xr-x  2 www-data www-data   4096 Mar 16 18:25 api
drwxr-xr-x  2 www-data www-data   4096 Mar 16 18:25 client
drwxr-xr-x  2 www-data www-data   4096 Mar 16 18:25 commons
-rw-r--r--  1 www-data www-data 370070 Mar 16 18:25 favicon.ico
lrwxrwxrwx  1 www-data www-data     13 Mar 16 18:25 fog -> /var/www/fog/
drwxr-xr-x  2 www-data www-data   4096 Mar 16 18:25 fogdoc
-rw-r--r--  1 www-data www-data    572 Mar 16 18:25 index.php
drwxr-xr-x 13 www-data www-data   4096 Mar 16 18:25 lib
drwxr-xr-x 10 www-data www-data   4096 Mar 16 18:25 management
drwxr-xr-x  3 www-data www-data   4096 Mar 16 18:25 service
drwxr-xr-x  2 www-data www-data   4096 Mar 16 18:25 status

administrator@ncitimageserver:~$ ls -al /var/www/html/
total 20
drwxr-xr-x 2 root root  4096 Mar 16 18:25 .
drwxr-xr-x 5 root root  4096 Mar 17 13:57 ..
lrwxrwxrwx 1 root root    13 Mar 16 18:25 fog -> /var/www/fog/
-rw-r--r-- 1 root root 10918 Mar 16 18:17 index.html

administrator@ncitimageserver:~$ grep FOG_VERSION /var/www/fog/lib/fog/system.class.php
        define('FOG_VERSION', '1.5.9');
administrator@ncitimageserver:~$ grep FOG_VERSION /var/www/html/fog/lib/fog/system.class.php
        define('FOG_VERSION', '1.5.9');
administrator@ncitimageserver:~$