add pxe stack files

.drone.yml

@@ -0,0 +1,30 @@
+kind: pipeline
+type: docker
+name: deployinfra
+
+steps:
+- name: build tftp
+  image: gcr.io/kaniko-project/executor:v1.9.0-debug
+  environment:
+    DOCKER_USERNAME:
+      from_secret: registry_username
+    DOCKER_PASSWORD:
+      from_secret: registry_password
+    DOCKER_REGISTRY: codeberg
+    IMAGE_BASE: angestoepselt
+  commands:
+    - echo "{\"auths\":{\"$DOCKER_REGISTRY\":{\"username\":\"$DOCKER_USERNAME\",\"password\":\"$DOCKER_PASSWORD\"}}}" > /kaniko/.docker/config.json
+    - /kaniko/executor --context ./tftp --destination "$DOCKER_REGISTRY/$IMAGE_BASE/tftp-server:${DRONE_TAG}"
+
+- name: build git-alpine
+  image: gcr.io/kaniko-project/executor:v1.9.0-debug
+  environment:
+    DOCKER_USERNAME:
+      from_secret: registry_username
+    DOCKER_PASSWORD:
+      from_secret: registry_password
+    DOCKER_REGISTRY: codeberg
+    IMAGE_BASE: angestoepselt
+  commands:
+    - echo "{\"auths\":{\"$DOCKER_REGISTRY\":{\"username\":\"$DOCKER_USERNAME\",\"password\":\"$DOCKER_PASSWORD\"}}}" > /kaniko/.docker/config.json
+    - /kaniko/executor --context ./git --destination "$DOCKER_REGISTRY/$IMAGE_BASE/git-alpine:${DRONE_TAG}"

README.md

@@ -0,0 +1,20 @@
+# deploy infra
+
+## Info
+Lokale Installation mit Docker um PC und Laptop aufzusetzen
+
+Container die gestartet werden:
+- apt-cacher-ng
+- nginx - statische Inhalte
+- tftp Server
+- git
+
+## Verwendung:
+
+Klone das Repo auf einem Dockerhost aus und führe ``docker compose up -d`` aus. In deinem DHCP Server muss du dann noch PXE / Netboot auf das Verzeichnis legacy/pxelinux.cfg einstellen. Der Server ist die IP deines Dockerhost
+
+
+## Todo
+
+- Erstelle ein Installationskript um das installieren so einfach wie möglich zu machen
+- Stelle das install.sh Skript unter einer Subdomain zur Verfügung

docker-compose.yml

@@ -0,0 +1,67 @@
+---
+version: '3'
+
+# environment values for the core stack
+x-common-keys-core: &common-keys-core
+  security_opt:
+    - no-new-privileges:true
+  restart: always
+
+services:
+  apt-cacher-ng:
+    <<: *common-keys-core # see variables at the top of the yml file
+    image: sameersbn/apt-cacher-ng:latest
+    container_name: apt-cacher-ng
+    ports:
+      - "3142:3142"
+    volumes:
+      - cache:/var/cache/apt-cacher-ng
+      - config:/etc/apt-cacher-ng
+    healthcheck:
+      test: wget --no-verbose --tries=1 --spider http://localhost:3142/acng-report.html || exit 1
+      interval: 60s
+      retries: 5
+      start_period: 20s
+      timeout: 10s
+
+  nginx:
+    <<: *common-keys-core # see variables at the top of the yml file
+    image: nginx:mainline-alpine3.17-slim
+    container_name: webserver
+    ports:
+      - "${HTTP_PORT:-80}:80"
+    volumes:
+      - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
+      - tftp-data:/app/static:ro
+    healthcheck:
+      test: wget --no-verbose --tries=1 --spider http://localhost || exit 1
+      interval: 60s
+      retries: 5
+      start_period: 20s
+      timeout: 10s
+
+  tftp:
+    <<: *common-keys-core # see variables at the top of the yml file
+    image: codeberg.org/angestoepselt/tftp-server:latest
+    container_name: tftp
+    ports:
+      - "69:69/udp"
+    volumes:
+      - tftp-data:/var/tftp
+    # this image has a build in healthcheck
+
+  git-init:
+    image: codeberg.org/angestoepselt/git-alpine:latest
+    security_opt:
+      - no-new-privileges:true
+    container_name: git-init
+    volumes:
+      - tftp-data:/git
+    environment:
+    # this repo will be cloned on every restart of the container
+      - GIT_REPO_URL=https://git.mailbro.de/angestoepselt/LinuxPXE.git
+
+volumes:
+  cache:
+  config:
+  tftp-data:

git-alpine/Dockerfile

@@ -0,0 +1,22 @@
+FROM alpine:3.18
+
+LABEL org.opencontainers.image.authors="matthias+code@mailbro.de" \
+      description="git in alpine"
+
+COPY entrypoint.sh /entrypoint.sh
+
+# Install packages, chmod startup script and add a non-privileged user
+RUN apk --no-cache add git openssh-client ; \
+                adduser -D -u 1000 non-privileged ; \
+                mkdir /git ; \
+                chown -R 1000:1000 /git ; \
+                chmod +x /entrypoint.sh ; \
+                chown -R 1000:1000 /entrypoint.sh
+
+# Switch to the non-privileged user
+USER 1000
+
+VOLUME /git
+WORKDIR /git
+
+ENTRYPOINT ["/entrypoint.sh"]

git-alpine/entrypoint.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+
+if [ "$(ls -A /git)" ]; then
+    cd /git
+    git pull
+else
+    git clone ${GIT_REPO_URL} /git
+fi
+
+echo "finished, exit now"

nginx/nginx.conf

@@ -0,0 +1,19 @@
+events {}
+http {
+    include mime.types;
+    sendfile on;
+
+    server {
+        listen 80;
+        listen [::]:80;
+
+        resolver 127.0.0.11;
+        autoindex on;
+
+        server_name _;
+        server_tokens off;
+
+        root /app/static;
+        gzip_static on;
+    }
+}

tftp/Dockerfile

@@ -0,0 +1,23 @@
+FROM alpine:3.18
+
+LABEL org.opencontainers.image.authors="matthias+code@mailbro.de" \
+      description="git in alpine"
+
+ENV ADDR="127.0.0.1" \
+    ROOT="/var/tftp"
+
+RUN apk update ; \
+    apk upgrade ; \
+    apk add --no-cache --update tftp-hpa ; \
+    rm /var/cache/apk/*
+
+VOLUME /var/tftp
+
+EXPOSE 69/udp
+
+COPY tftp.conf /etc/init/
+
+ENTRYPOINT ["in.tftpd"]
+CMD ["-Lv", "-s", "/var/tftp"]
+
+HEALTHCHECK --interval=60s --retries=5 CMD nc -u -w 1 127.0.0.1 69 || exit 1

tftp/tftp.conf

@@ -0,0 +1,8 @@
+description "angestoepselt TFTP Server"
+author "Matthias Hemmerich <matthias+code@mailbro.de>"
+start on filesystem and started docker
+stop on runlevel [!2345]
+respawn
+script
+/usr/bin/docker start -a tftpd
+end script