iPXE Server

2026-02-02 21:50:03 +01:00
commit 96249d0c06
6 changed files with 743 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -0,0 +1,48 @@
+# IPXE Boot server
+
+Boot from ipxe.nuc.lan:8080
+
+## Files
+
+| File                    | Purpose                                         |
+|-------------------------|-------------------------------------------------|
+| `ipxe-server.container` | Quadlet unit joining `internal_caddy` network   |
+| `Containerfile`         | Alpine + nginx serving boot assets on port 8080 |
+| `snippets/ipxe`         | Caddy snippet with reusable proxy directives    |
+| `caddy/ipxe.caddyfile`  | Site block for `ipxe.nuc.lan` (HTTP + HTTPS)    |
+| `setup.sh`              | Automated deployment script                     |
+
+**Integration with existing Caddyfile:**
+
+1. Copy `snippets/ipxe` to your snippets directory
+2. Add to top of your Caddyfile:
+
+   ```
+   import snippets/ipxe
+   ```
+
+3. Add the `ipxe.nuc.lan` block (or paste the content from `ipxe.caddyfile`)
+
+
+**Or** since you have `*.nuc.lan` already, add this matcher to your wildcard block:
+
+```caddy
+@ipxe host ipxe.nuc.lan
+handle @ipxe {
+    reverse_proxy ipxe-server:8080
+}
+```
+
+**Quick deploy:**
+
+```bash
+./setup.sh install   # Creates dirs, builds image, installs Quadlet
+./setup.sh start     # Starts via systemd
+
+# Add boot files
+cp vmlinuz initrd.img ~/ipxe/boot/
+cp squashfs.img ~/ipxe/images/fedora-42/
+```
+
+**Note:** HTTP is intentionally kept open for `ipxe.nuc.lan:80` because most PXE ROMs chainload via HTTP before the full iPXE stack with HTTPS support is loaded. The local network restriction handles security.
+