Initial commit

2025-04-24 10:50:18 +02:00 · 2025-04-24 10:50:18 +02:00 · 16d7ad73d6
commit 16d7ad73d6
8 changed files with 102 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,11 @@
+**/*
+!docker-compose.yaml
+!.gitignore
+!Readme.md
+!build
+!build/*
+!assets/
+!assets/win-pe
+!assets/win-pe/configs
+!assets/win-pe/configs/*
+assets/win-pe/configs/autounattend.xml
--- a/Readme.md
+++ b/Readme.md
@ -0,0 +1,23 @@
+This runs a single docker container which serves netboot.xyz and also a samba server on the same IP to serve e.g. windows installation files.
+
+# Setup instructions
+
+Create bootable Windows PE iso according to [instructions here](https://learn.microsoft.com/en-us/windows-hardware/manufacture/desktop/winpe-create-usb-bootable-drive?view=windows-11#create-a-winpe-iso-dvd-or-cd).
+Extract the iso to `config/win-pe/x64/`
+
+Download windows 11 install iso from microsoft.
+Extract the iso to `config/windows/win-os/win11/`
+
+Generate autounattend.xml [https://schneegans.de/windows/unattend-generator/](https://schneegans.de/windows/unattend-generator/) and place in `assets/win-pe/configs`
+
+
+#In Netboot.xyz web interface:
+Add the following to windows.ipxe right before the other `initrd´ lines
+
+```
+initrd ${win_base_url}/configs/auto.bat auto.bat
+initrd ${win_base_url}/configs/winpeshl.ini winpeshl.ini
+```
+
+Add new file `local-vars.ipxe` with the following content:
+set win_base_url http://10.0.0.9/win-pe
--- a/assets/win-pe/configs/auto.bat
+++ b/assets/win-pe/configs/auto.bat
@ -0,0 +1,16 @@
+@echo off
+
+set SERVER=10.0.0.9
+set SHARE=assets
+set SETUP_PATH=windows\win-os\win11
+set UNATTEND_PATH=windows-pe\configs
+
+wpeinit
+ping 127.0.0.1 -n 10 > nul
+
+ping %SERVER% -n 4
+
+net use F: \\%SERVER%\%SHARE%
+F:\%SETUP_PATH%\setup.exe /unattend:F:\%UNATTEND_PATH%\autounattend.xml
+
+pause
--- a/assets/win-pe/configs/winpeshl.ini
+++ b/assets/win-pe/configs/winpeshl.ini
@ -0,0 +1,2 @@
+[LaunchApps]
+"auto.bat"
--- a/build/Dockerfile
+++ b/build/Dockerfile
@ -0,0 +1,8 @@
+FROM ghcr.io/netbootxyz/netbootxyz
+
+COPY smb.conf /etc/samba/smb.conf
+COPY samba.ini /etc/supervisor.d/samba.ini
+RUN apk add samba \
+  && adduser isos --disabled-password \
+  && echo -e "isos\nisos" | smbpasswd -a -s -c /etc/samba/smb.conf isos
+RUN cat /etc/supervisor.d/samba.ini >> /etc/supervisor.conf
--- a/build/samba.ini
+++ b/build/samba.ini
@ -0,0 +1,5 @@
+[program:smbd]
+command=smbd --foreground --no-process-group --debug-stdout --configfile /etc/samba/smb.conf
+
+[program:nmbd]
+command=nmbd --foreground --no-process-group --debug-stdout --configfile /etc/samba/smb.conf
--- a/build/smb.conf
+++ b/build/smb.conf
@ -0,0 +1,10 @@
+[global]
+  workgroup = WORKGROUP
+  security = user
+
+[assets]
+  path = /assets
+  read only = yes
+  guest ok = yes
+  browseable = yes
+  guest account = isos
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -0,0 +1,27 @@
+networks:
+  web:
+    external: true
+  lan:
+    external: true
+
+services:
+  netboot:
+    build:
+      context: ./build-netbootxyz
+    # image: ghcr.io/netbootxyz/netbootxyz
+    restart: unless-stopped
+    volumes:
+      - ./config:/config
+      - ./assets:/assets
+    networks:
+      web:
+      lan:
+        ipv4_address: ${NETBOOT_IP}
+    labels:
+      traefik.enable: true
+      traefik.http.services.netboot.loadbalancer.server.port: 3000
+      traefik.http.routers.netboot.rule: Host(`netboot.${PRIVATE_URL}`)
+      traefik.http.routers.netboot.tls.certResolver: le
+      traefik.http.routers.netboot.middlewares: auth@file
+      traefik.docker.network: web
+