Initial project setup: automated PXE server provisioning

Reorganized from OneDrive export into a clean project structure:
- autoinstall/: cloud-init user-data and meta-data for Ubuntu 24.04 autoinstall
- playbook/: Ansible playbook for PXE server config (dnsmasq, Apache, Samba, iPXE)
- unattend/: Windows unattend.xml sample for image deployment
- build-usb.sh: builds a bootable USB with Ubuntu installer + CIDATA partition
- download-packages.sh: downloads all offline .deb dependencies via Docker

Key improvements over original:
- Fully air-gapped: all packages bundled offline, no WiFi needed
- Hardware-agnostic network config (wildcard NIC matching)
- Removed plaintext WiFi credentials
- Single USB build process (was 15+ manual steps)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

autoinstall/user-data

@@ -0,0 +1,106 @@
+#cloud-config
+autoinstall:
+  version: 1
+
+  # Locale, keyboard, timezone
+  locale: en_US.UTF-8
+  keyboard:
+    layout: us
+    variant: ""
+  timezone: America/New_York
+
+  # Network configuration
+  # Uses a broad match so any wired NIC gets the static PXE address.
+  # No WiFi needed — all packages are on the CIDATA partition.
+  network:
+    version: 2
+    ethernets:
+      any-eth:
+        match:
+          name: "en*"
+        addresses:
+          - 10.9.100.1/24
+        dhcp4: false
+        dhcp6: false
+        optional: true
+
+  # Storage configuration
+  storage:
+    layout:
+      name: lvm
+      match:
+        size: largest
+    swap:
+      size: 0
+
+  # User identity
+  identity:
+    hostname: pxeserver
+    username: pxe
+    password: "$6$rounds=656000$TpsuBw0N85085mpx$KtKsCwFlowg4NY41gUqx5ljef8cJ8uPFfgg43MyCPWByfXkhM5XushcdtkNps6lKeQFQZtli/QU.s52AUc7XC."
+
+  # Installer-stage late commands
+  late-commands:
+    # Install deb packages from CIDATA USB
+    - |
+      curtin in-target --target=/target -- bash -c '
+      mkdir -p /mnt/cidata
+      CIDATA_DEV=$(blkid -L CIDATA)
+      if [ -n "$CIDATA_DEV" ]; then
+        mount "$CIDATA_DEV" /mnt/cidata
+        if compgen -G "/mnt/cidata/packages/*.deb" > /dev/null; then
+          cp /mnt/cidata/packages/*.deb /tmp/
+          dpkg -i /tmp/*.deb 2>/dev/null || true
+          dpkg -i /tmp/*.deb 2>/dev/null || true
+          if command -v nmcli >/dev/null; then
+            systemctl enable NetworkManager
+          fi
+        fi
+        umount /mnt/cidata
+      fi
+      '
+
+    # Create first-boot.sh
+    - |
+      curtin in-target --target=/target -- bash -c '
+      cat <<"EOF" > /opt/first-boot.sh
+      #!/bin/bash
+      CIDATA_DEV=$(blkid -L CIDATA)
+      if [ -n "$CIDATA_DEV" ]; then
+        mkdir -p /mnt/usb
+        mount "$CIDATA_DEV" /mnt/usb
+        # Install all offline .deb packages (ansible, dnsmasq, apache2, samba, etc.)
+        if compgen -G "/mnt/usb/packages/*.deb" > /dev/null; then
+          dpkg -i /mnt/usb/packages/*.deb 2>/dev/null || true
+          dpkg -i /mnt/usb/packages/*.deb 2>/dev/null || true
+        fi
+        # Run the Ansible playbook
+        if [ -f /mnt/usb/playbook/pxe_server_setup.yml ]; then
+          cd /mnt/usb/playbook
+          ansible-playbook -i localhost, -c local pxe_server_setup.yml
+        fi
+        umount /mnt/usb
+      fi
+      # Disable rc.local to prevent rerunning
+      sed -i "s|^/opt/first-boot.sh.*|# &|" /etc/rc.local
+      lvextend -r -l +100%FREE /dev/mapper/ubuntu--vg-ubuntu--lv || true
+      EOF
+      '
+    - curtin in-target --target=/target -- chmod +x /opt/first-boot.sh
+
+    # Create rc.local without unintended indentation
+    - |
+      curtin in-target --target=/target -- bash -c '
+      cat <<"EOF" > /etc/rc.local
+      #!/bin/bash
+      /opt/first-boot.sh > /var/log/first-boot.log 2>&1 &
+      exit 0
+      EOF
+      '
+    - curtin in-target --target=/target -- chmod +x /etc/rc.local
+
+  user-data:
+    disable_root: false
+
+  refresh-installer:
+    update: yes