feat(opnsense-config): dnsmasq dhcp static mappings (#130)

Co-authored-by: Jean-Gabriel Gill-Couture <jeangabriel.gc@gmail.com> Co-authored-by: Ian Letourneau <ian@noma.to> Reviewed-on: NationTech/harmony#130 Reviewed-by: Ian Letourneau <ian@noma.to> Co-authored-by: Jean-Gabriel Gill-Couture <jg@nationtech.io> Co-committed-by: Jean-Gabriel Gill-Couture <jg@nationtech.io>
2025-09-08 19:06:17 +00:00
parent b6be44202e
commit da5a869771
94 changed files with 5107 additions and 1469 deletions
--- a/harmony/templates/boot.ipxe.j2
+++ b/harmony/templates/boot.ipxe.j2
@@ -1,6 +1,63 @@
 #!ipxe

+# iPXE Chainloading Script
+#
+# Attempts to load a host-specific configuration file. If that fails,
+# it logs the failure, waits for a few seconds, and then attempts to
+# load a generic fallback configuration.
+
+# --- Configuration ---
 set base-url http://{{ gateway_ip }}:8080
 set hostfile ${base-url}/byMAC/01-${mac:hexhyp}.ipxe
+set fallbackfile ${base-url}/fallback.ipxe

-chain ${hostfile} || chain ${base-url}/fallback.ipxe
+# --- Script Logic ---
+
+echo
+echo "========================================"
+echo "      iPXE Network Boot Initiated"
+echo "========================================"
+echo "Client MAC Address: ${mac}"
+echo "Boot Server URL:    ${base-url}"
+echo
+
+# --- Primary Boot Attempt ---
+echo "--> Attempting to load host-specific script..."
+echo "    Location: ${hostfile}"
+
+sleep 2
+
+# The "&& exit ||" pattern works as follows:
+# 1. iPXE attempts to 'chain' the hostfile.
+# 2. If successful (returns 0), the "&& exit" part is executed, and this script terminates.
+# 3. If it fails (returns non-zero), the "||" part is triggered, and execution continues below.
+chain --autofree --replace ${hostfile} && exit ||
+
+# --- Fallback Boot Attempt ---
+# This part of the script is only reached if the 'chain ${hostfile}' command above failed.
+echo
+echo "--> Host-specific script not found or failed to load."
+echo
+
+echo
+echo "--> Attempting to load fallback script..."
+echo "    Location: ${fallbackfile}"
+
+sleep 8
+
+chain --autofree --replace ${fallbackfile} && exit ||
+
+# --- Final Failure ---
+# This part is only reached if BOTH chain commands have failed.
+echo
+echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+echo "    FATAL: All boot scripts failed!"
+echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+echo "Could not load either the host-specific script or the fallback script."
+echo "Dropping to iPXE shell for manual troubleshooting in 10 seconds."
+sleep 8
+
+shell
+
+# A final exit is good practice, though 'shell' is a blocking command.
+exit
--- a/harmony/templates/okd/bootstrap.ipxe.j2
+++ b/harmony/templates/okd/bootstrap.ipxe.j2
@@ -0,0 +1,52 @@
+#!ipxe
+
+# ==================================================================
+#    MAC-Specific Boot Script for CoreOS/FCOS Installation
+# ==================================================================
+
+# --- Configuration ---
+set http_ip {{ http_ip }}
+set scos_path {{ scos_path }}
+set inst_dev {{ installation_device }}
+set ign_path {{ ignition_http_path }}
+set ign_file {{ ignition_file_name }}
+
+# --- Derived Variables ---
+set base-url http://${http_ip}:8080
+set scos-base-url ${base-url}/${scos_path}
+set ignition-url ${base-url}/${ign_path}/${ign_file}
+
+# --- Pre-boot Logging & Verification ---
+echo
+echo "Starting MAC-specific installation..."
+echo "--------------------------------------------------"
+echo "  Installation Device: ${inst_dev}"
+echo "  CoreOS Kernel URL:   ${scos-base-url}/scos-live-kernel.x86_64"
+echo "  Ignition URL:        ${ignition-url}"
+echo "--------------------------------------------------"
+echo "Waiting for 3 seconds before loading boot assets..."
+sleep 3
+
+# --- Load Boot Assets with Failure Checks ---
+# The '|| goto failure' pattern provides a clean exit if any asset fails to load.
+echo "Loading kernel..."
+kernel ${scos-base-url}/scos-live-kernel.x86_64 initrd=main coreos.live.rootfs_url=${scos-base-url}/scos-live-rootfs.x86_64.img coreos.inst.install_dev=${inst_dev} coreos.inst.ignition_url=${ignition-url} || goto failure
+
+echo "Loading initramfs..."
+initrd --name main ${scos-base-url}/scos-live-initramfs.x86_64.img || goto failure
+
+# --- Boot ---
+echo "All assets loaded successfully. Starting boot process..."
+boot || goto failure
+
+# This part is never reached on successful boot.
+
+# --- Failure Handling ---
+:failure
+echo
+echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+echo "  ERROR: A boot component failed to load."
+echo "  Dropping to iPXE shell for manual debugging."
+echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+sleep 10
+shell
--- a/harmony/templates/okd/install-config.yaml.j2
+++ b/harmony/templates/okd/install-config.yaml.j2
@@ -0,0 +1,24 @@
+# Built from https://docs.okd.io/latest/installing/installing_bare_metal/upi/installing-bare-metal.html#installation-bare-metal-config-yaml_installing-bare-metal
+apiVersion: v1
+baseDomain: {{ cluster_domain }}
+compute: 
+- hyperthreading: Enabled 
+  name: worker
+  replicas: 0 
+controlPlane: 
+  hyperthreading: Enabled 
+  name: master
+  replicas: 3 
+metadata:
+  name: {{ cluster_name }} 
+networking:
+  clusterNetwork:
+  - cidr: 10.128.0.0/14 
+    hostPrefix: 23 
+  networkType: OVNKubernetes 
+  serviceNetwork: 
+  - 172.30.0.0/16
+platform:
+  none: {} 
+pullSecret: '{{ pull_secret|safe }}' 
+sshKey: '{{ ssh_public_key }}'