Initial project setup: automated PXE server provisioning
Reorganized from OneDrive export into a clean project structure: - autoinstall/: cloud-init user-data and meta-data for Ubuntu 24.04 autoinstall - playbook/: Ansible playbook for PXE server config (dnsmasq, Apache, Samba, iPXE) - unattend/: Windows unattend.xml sample for image deployment - build-usb.sh: builds a bootable USB with Ubuntu installer + CIDATA partition - download-packages.sh: downloads all offline .deb dependencies via Docker Key improvements over original: - Fully air-gapped: all packages bundled offline, no WiFi needed - Hardware-agnostic network config (wildcard NIC matching) - Removed plaintext WiFi credentials - Single USB build process (was 15+ manual steps) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
cproudlock
129
setup-guide-original.txt
Normal file
129
setup-guide-original.txt
Normal file
@@ -0,0 +1,129 @@
|
||||
Purpose
|
||||
Document a repeatable, “build-from-scratch” procedure for deploying an Ubuntu-based PXE boot server that can host GE Aerospace Windows PE images.
|
||||
|
||||
Prerequisites
|
||||
Hardware: Server or PC with ≥ 8 GB RAM, ≥ 250 GB disk, and one NIC (one for build / Internet, one for isolated PXE LAN)
|
||||
|
||||
https://myaccess.microsoft.us/@ge.onmicrosoft.us#/access-packages/active
|
||||
|
||||
EPM Rufus Exception Request
|
||||
EPM DT Functions
|
||||
DLP - Encrypted Removable (USB) Long Term Access
|
||||
|
||||
Software:
|
||||
|
||||
Ubuntu Server 24.04 ISO
|
||||
|
||||
Rufus (latest)
|
||||
|
||||
playbook folder containing pxe_server_setup.yml and supporting files
|
||||
|
||||
GE Aerospace Media Creator LITE (for caching WinPE images)
|
||||
|
||||
Two USB thumb drives (one ≥ 8 GB for Ubuntu install; one ≥ 32 GB for WinPE media)
|
||||
|
||||
Step-by-Step Procedure
|
||||
Create the Ubuntu Server installer USB
|
||||
1.1 Download Ubuntu Server 24.04 from https://ubuntu.com/download/server.
|
||||
1.2 Download and run Rufus (https://rufus.ie/en/).
|
||||
1.3 Insert an empty USB, select it in Rufus.
|
||||
1.4 Click Select, browse to the Ubuntu ISO, then click Start.
|
||||
1.5 When Rufus finishes, copy your playbook folder to the root of that same USB, then eject it safely.
|
||||
|
||||
Install Ubuntu on the PXE server
|
||||
2.1 Insert the USB into the target machine and power on.
|
||||
2.2 Press F12 (or the vendor’s one-time boot key) and choose the USB device.
|
||||
2.3 Follow Ubuntu’s installer;
|
||||
Network configuration screen.
|
||||
Select the fist option select give it random network and IPv4 address
|
||||
Then select WiFi and choose the guest network.
|
||||
Follow the prompts and enter the information for your network.
|
||||
Click done.
|
||||
|
||||
You do not need a proxy hit done.
|
||||
For mirror address add nothing and hit done. The download should start.
|
||||
|
||||
After that select next
|
||||
You'll be in file system summary: Hit done, box will pop up "confirm destructive action" select "continue"
|
||||
|
||||
Configure your profile. Done
|
||||
Skip the upgrade to ubuntu pro
|
||||
No ssh
|
||||
Don't select featured server snaps just select done
|
||||
|
||||
Ubuntu will install…..then reboot your system
|
||||
2.4 Create a user (e.g., pxe) with a simple, temporary password (change later).
|
||||
|
||||
Prepare the OS
|
||||
3.1 Log in as the user you created.
|
||||
|
||||
3.2 Update the system:
|
||||
|
||||
bash
|
||||
Copy
|
||||
sudo apt update && sudo apt upgrade -y
|
||||
|
||||
3.3 Install Ansible:
|
||||
|
||||
bash
|
||||
Copy
|
||||
sudo apt install ansible -y
|
||||
Mount the installer USB and run the playbook
|
||||
|
||||
4.1 Identify the USB device:
|
||||
|
||||
bash
|
||||
Copy
|
||||
lsblk
|
||||
Note the device (e.g., /dev/sda1).
|
||||
|
||||
4.2 Mount it and run the playbook:
|
||||
|
||||
bash
|
||||
Copy
|
||||
sudo mkdir -p /mnt/usb
|
||||
sudo mount /dev/sda1 /mnt/usb
|
||||
cd /mnt/usb/playbook
|
||||
ansible-playbook pxe_server_setup.yml
|
||||
|
||||
|
||||
4.3 When Ansible finishes, umount the USB:
|
||||
|
||||
bash
|
||||
Copy
|
||||
cd ~
|
||||
sudo umount /mnt/usb
|
||||
|
||||
Cache Windows PE images
|
||||
5.1 On a separate workstation, use GE Aerospace Media Creator LITE to cache all desired images (or start with one).
|
||||
5.2 Create a WinPE USB using the same tool and eject it safely.
|
||||
|
||||
Import WinPE content to the PXE share
|
||||
6.1 Insert the WinPE USB into the PXE server.
|
||||
6.2 Find the new device (e.g., /dev/sdb2) with lsblk.
|
||||
6.3 Mount it and copy files:
|
||||
|
||||
bash
|
||||
Copy
|
||||
sudo mkdir -p /mnt/usb2
|
||||
sudo mount /dev/sdb2 /mnt/usb2
|
||||
sudo cp -r /mnt/usb2/. /srv/samba/winpeapps/standard
|
||||
sudo umount /mnt/usb2
|
||||
Finalise and isolate
|
||||
|
||||
7.1 Reboot the server:
|
||||
|
||||
bash
|
||||
Copy
|
||||
sudo reboot
|
||||
|
||||
7.2 After it comes back up, move the primary NIC from the Internet-enabled network to the isolated switch that will serve PXE clients.
|
||||
|
||||
6. Verification
|
||||
Connect a test workstation to the isolated switch.
|
||||
|
||||
In BIOS/UEFI, set Network Boot (PXE) as first boot, then boot.
|
||||
|
||||
Confirm the client pulls an IP from the PXE server and sees the WinPE menu.
|
||||
|
||||
Launch a WinPE image to ensure TFTP, HTTP (NBD), and SMB shares respond correctly.
|
||||
Reference in New Issue
Block a user