43 lines
1 KiB
Nix
43 lines
1 KiB
Nix
{
|
|
writeShellApplication,
|
|
pixiecore,
|
|
nix,
|
|
iptables,
|
|
inputs,
|
|
build ? inputs.self.nixosConfigurations.chrysomallon-squamiferum.config.system.build,
|
|
...
|
|
}: let
|
|
netboot = writeShellApplication {
|
|
name = "netboot";
|
|
runtimeInputs = [pixiecore];
|
|
text = ''
|
|
exec pixiecore boot \
|
|
${build.kernel}/bzImage \
|
|
${build.netbootRamdisk}/initrd \
|
|
--cmdline "init=${build.toplevel}/init loglevel=4" \
|
|
--dhcp-no-bind \
|
|
--debug \
|
|
--port 64172 \
|
|
--status-port 64172 \
|
|
"$@"
|
|
'';
|
|
}; in writeShellApplication {
|
|
name = "run-netboot-server";
|
|
runtimeInputs = [
|
|
netboot
|
|
nix
|
|
iptables
|
|
];
|
|
text = ''
|
|
# Open required firewall ports
|
|
sudo iptables -w -I nixos-fw -p udp -m multiport --dports 67,69,4011 -j ACCEPT
|
|
sudo iptables -w -I nixos-fw -p tcp -m tcp --dport 64172 -j ACCEPT
|
|
|
|
sudo netboot || echo "Closed netboot"
|
|
|
|
# Close ports
|
|
sudo iptables -w -D nixos-fw -p udp -m multiport --dports 67,69,4011 -j ACCEPT
|
|
sudo iptables -w -D nixos-fw -p tcp -m tcp --dport 64172 -j ACCEPT
|
|
'';
|
|
}
|