Differences

This shows you the differences between two versions of the page.

--- blocks:server:pxe-boot [2020-06-16 07:39]
mattias [Adding Firewall Rule for TFTP]
+++ blocks:server:pxe-boot [2023-03-15 10:20] (current)
mattias [Network Boot of PIXILAB Player]
@@ Line 2: / Line 2: @@
 This document describes how to configure your existing [[blocks:server:creating_a_server|Linux-based Blocks server]] to allow [[blocks:porteus_kiosk|PIXILAB Player]] to boot from the server over the network, rather than from a USB stick or internal drive.
-If your server comes with Blocks 3 from the outset, most of this is already done. If so, you can skip down to [[#obtaining_the_pixilab_player|Obtaining the PIXILAB Player]] and continue from there.
+If your provisioned your server from the desktop server image provided by Pixilab, most of this is already done. If so, you can skip down to [[#installing_pixilab_player_on_the_server|Installing PIXILAB Player on the server]] and continue from there.
-:!: If you bring in a Blocks data folder from an older (pre-Blocks 3) installation, you must update the configuration file to enable the tftp server, as described below.
+:!: If you bring in a Blocks data folder from an older (pre-Blocks 3) installation, you must update the configuration file to enable the tftp server, as described below. Alternatively, consider re-installing your server based on the latest server image.
 ===== Updating your Blocks Server =====
-Start by [[blocks:server:tweaks|updating your server software]]. Make sure you follow all instructions in that article. Also [[:blocks#updates|update Blocks]] to version 3 or later.
+If your server is very old, you may want to make a new server based on our current Linux server image. Alternatively, [[blocks:server:tweaks|update your server software]] manually before proceeding.
 ===== Enabling the TFTP server =====
@@ Line 17: / Line 17: @@
 :!: The YML file format is sensitive to indentation. Make sure you keep the indentation exactly as shown above.
+The linux server from our images with Ubuntu 20.04 has default port 8069 as default port. Previous versions with Ubunti 18.04 had port 9069 as default tftp port.
 ==== Adding Firewall Rule for TFTP ====
+If your server is based on a Linux server image older than 190711, as indicated by the "version" file found in the /home/pixi-server directory, or has no such version file, you need to update the firewall settings as described in this section.
+Open a webmin interface and select the Linux Firewall module from the Networking section in the left hans menu.
+{{:blocks:server:pxe-boot:firewallmodule.png?nolink&1000|}}
+Select the Network Addresss Translation (NAT) IP table from the dropdown.
+Click the green add rule button in the PREROUTING section or click on a rule to edit an existing.
+{{:blocks:server:pxe-boot:editaddrule.png?nolink&1000|}}
+In essence we need to specify:
+  * Action to take: Redirect.
+  * Network protocol: Equals UDP
+  * Target port for redirect: Port range = 8069 (default tftp adress on the blocks server.)
+  * Destination TCP or UDP port:Equals port 69 (for tftp)
+Click Create (Save if edit existing rule)
+Click apply configuration down the bottom of the overview.
-The Linux firewall needs to be updated to allow for the TFTP traffic. To do so, switch to the //pixi-admin// user, open a terminal window, and enter the following three lines, pressing the //return// key after each line:
-<code>
-sudo iptables -t nat -I PREROUTING -p udp --dport 69 -j REDIRECT --to-port 8069
-sudo bash -c "iptables-save > /etc/iptables.up.rules"
-sudo bash -c "iptables-save > /etc/iptables/rules.v4"
-</code>
-Type the pixi-admin user's password when requested. If you haven't changed the passwords since the server was installed, your server still uses the [[blocks:server:first_start|default admin password]].
 ===== Configuring the DHCP Server =====
 :!: If your server is based on our Linux image dated 190711 or later, this step is already taken care of.
-A DHCP server is required as part of the network boot procedure. The method described here assumes you're using the [[blocks:server:advanced_server_configuration#dhcp_server|DHCP feature built into our Linux-based server]].
+A DHCP server is required as part of the network boot procedure. The method described here assumes you're using the [[blocks:server:advanced_server_configuration#dhcp_server|DHCP feature built into our Linux-based server]]. See below if you're using another DHCP server.
 Using  [[blocks:server:advanced_server_configuration#introducing_webmin|Webmin]]:
@@ Line 45: / Line 59: @@
 {{ :blocks:server:pxe-boot:pxe_grub_filename.png?1000;nolink |}}
-===== Obtaining the PIXILAB Player =====
+==== Using external DHCP server ====
-First install the PIXILAB Player [[blocks:porteus_kiosk|on a USB stick]]. Make sure you use PIXILAB Player version 3.0.1 or later. Test the resulting USB stick by booting your player computer from it, as you may have done in the past. This is a good way to make sure the player itself works as desired before transferring it to the server. Once you have a working USB stick, proceed as follows:
+If you can't use the DHCP server that's built into our Linux-based server, e.g., becuse you already have another DHCP server that you prefer to use instead, then you need to make some additional configuration of that DHCP server to network boot PIXILAB Player.
+  * Make sure that the boot file is set to "grub/grubnetx64.efi.signed".
+  * Point to the IP address of your Blocks server using the "next-server" option.
+This assumes you're using the standard Linux "ISC dhcpd" server, in which case these settings are found in the /etc/dhcp/dhcpd.conf file:
+<code>
+next-server 10.0.1.13;
+filename "grub/grubnetx64.efi.signed";
+</code>
+Replace //10.0.1.13// with the actual IP address of your Blocks server. If you're using webmin to configure your DHCP server, the corresponding settings are found under "Edit Client Options" and look like this:
+{{ :blocks:server:pxe-boot:pxe-with-other-dhcp-server.png?nolink |}}
+===== Installing PIXILAB Player on the server =====
+First install the PIXILAB Player [[blocks:porteus_kiosk|on a USB stick]]. Test the resulting USB stick by booting your player computer from it, as you may have done in the past. This is a good way to make sure the player itself works as desired before transferring it to the server. Once you have a working USB stick, proceed as follows:
   * Insert the player USB into your Linux-based Blocks server. It will appear as a number of disks.
@@ Line 58: / Line 91: @@
 Your server is now set up for network boot of players. If you need to update your PIXILAB Player later on, just replace the files inside the //PIXILAB_Player// folder mentioned above with new files, and restart your players.
-:!: The computer you use as player must be configured to boot from the network. This is done in the BIOS settings. See [[blocks:porteus_kiosk#network_boot_support|Network Boot Support]] for detils.
+:!: The computer you use as player must be configured to boot from the network. This is done in the BIOS settings. See [[blocks:porteus_kiosk#network_boot_from_the_blocks_server|Network Boot Support]] for detils.
 ===== Implementation Details =====
 This section describes some implementation details that may be of use to you if you're trying to make network boot work with other solutions than those built into our Linux-based server, or using another domain name than //pixi.guide//. You don't nee to know these details if you can follow the instructions given above.
@@ Line 103: / Line 136: @@
 </code>
-If your Blocks server uses another domain name than //pixi.guide//,  change this URL to match. Likewise, if you're using another web server than Blocks to serve the PXE boot files, change the path accordingly.
+:!: If your Blocks server uses another domain name than //pixi.guide//,  change this URL to match. Likewise, if you're using another web server than Blocks to serve the PXE boot files, change the path accordingly.