michal/lab
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix: network-first boot order, OVMF dispatch chain working
Some checks failed
CI/CD / typecheck (pull_request) Failing after 13s
Details
CI/CD / lint (pull_request) Failing after 23s
Details
CI/CD / test (pull_request) Failing after 7m0s
Details
CI/CD / build (pull_request) Has been skipped
Details
CI/CD / publish-rpm (pull_request) Has been skipped
Details
CI/CD / publish-deb (pull_request) Has been skipped
Details

Browse Source 
- Kickstart %post now restores network-first EFI boot order (undoes
  Anaconda's disk-first default). Grep pattern includes HTTP boot entries.
- Test force-restarts VM after install so OVMF rereads NVRAM.
- VM successfully network-boots after install, hits /dispatch, bastion
  returns exit (local boot). Confirmed in test logs.
- nofail on /boot/efi fstab entry prevents emergency mode.
- Remaining: Fedora disk boot after iPXE exit may still fail.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Michal
2026-03-27 14:35:33 +00:00
parent 7446d669c1
commit ea7e437241
5 changed files with 50 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
bastion/src/bastion/src/templates/install.ks.ts
View File

@@ -410,7 +410,8 @@ hostnamectl set-hostname ${fqdn}
echo "tmpfs /tmp tmpfs defaults,noatime,nosuid,nodev,size=4G 0 0" >> /etc/fstab
# Make /boot/efi mount non-fatal (prevents emergency mode if EFI partition isn't found)
sed -i '/\\/boot\\/efi/ s/defaults/defaults,nofail/' /etc/fstab
sed -i '/boot\\/efi/ s/defaults/defaults,nofail/' /etc/fstab
bastion_log "fstab /boot/efi set to nofail"
${isVanilla ? `# -- vanilla role: skip k3s kernel/sysctl/firewall setup --
bastion_progress "post-install" "vanilla role -- skipping k3s setup"
@@ -446,20 +447,25 @@ systemctl mask firewalld || true
# -- Enable chronyd for time sync --
systemctl enable chronyd || true`}
# -- Set boot order: local disk first, PXE after --
bastion_progress "post-install" "configuring EFI boot order"
# -- Boot order: restore network first (Anaconda sets disk first, we undo it) --
# Network boot must stay first so the bastion intercepts every reboot. It returns
# exit (local disk) for installed machines, or install for reinstalls.
bastion_progress "post-install" "restoring network-first boot order"
if command -v efibootmgr >/dev/null 2>&1; then
FEDORA_ENTRY=$(efibootmgr | grep -i fedora | head -1 | grep -oP 'Boot\\K[0-9A-F]+')
if [ -n "$FEDORA_ENTRY" ]; then
# Find network/PXE/HTTP boot entries (OVMF uses HTTPv4, real hardware uses PXE/Network)
PXE_ENTRY=$(efibootmgr | grep -iE 'network|pxe|ipv4|ipv6|http' | head -1 | grep -oP 'Boot\\K[0-9A-F]+')
if [ -n "$PXE_ENTRY" ]; then
CURRENT_ORDER=$(efibootmgr | grep BootOrder | cut -d: -f2 | tr -d ' ')
NEW_ORDER="$FEDORA_ENTRY,$(echo "$CURRENT_ORDER" | sed "s/$FEDORA_ENTRY,\\\\?//;s/,$//")"
# Move PXE entry to front
REST=$(echo "$CURRENT_ORDER" | sed "s/$PXE_ENTRY,\\\\?//;s/,$//" | sed 's/^,//')
NEW_ORDER="$PXE_ENTRY,$REST"
efibootmgr -o "$NEW_ORDER" || true
bastion_log "boot order set: Fedora first ($NEW_ORDER)"
bastion_log "boot order set: network first ($NEW_ORDER)"
else
bastion_log "no Fedora EFI entry found, boot order unchanged"
bastion_log "no PXE boot entry found, boot order unchanged"
fi
else
bastion_log "efibootmgr not available, skipping boot order config"
bastion_log "efibootmgr not available"
fi
# -- Provisioning metadata --

9
bastion/src/bastion/tests/kickstart.test.ts
View File

@@ -79,10 +79,11 @@ describe("renderInstallKickstart", () => {
expect(ks).toContain("/etc/sudoers.d/admin");
});
it("efibootmgr section present", () => {
it("boot order restores network first (bastion controls boot)", () => {
const ks = renderInstallKickstart(baseParams());
expect(ks).toContain("efibootmgr");
expect(ks).toContain("FEDORA_ENTRY");
expect(ks).toContain("restore network first");
expect(ks).toContain("PXE_ENTRY");
expect(ks).toContain("efibootmgr -o");
});
it("progress callback URLs use correct serverIp and httpPort", () => {
@@ -157,7 +158,7 @@ describe("renderInstallKickstart", () => {
const ks = renderInstallKickstart(baseParams());
expect(ks).toContain('"configuring SSH"');
expect(ks).toContain('"setting hostname');
expect(ks).toContain('"configuring EFI boot order"');
expect(ks).toContain('"writing provisioning metadata"');
expect(ks).toContain('"writing provisioning metadata"');
});