Adds server_pxe_port parameter to createBootfile endpoint

CHANGELOG.md

@@ -2,21 +2,6 @@
 
 All notable changes to this project will be documented in this file.  
 This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
-
-## [0.8.1] - 2024-06-18 
-### Changed 
-- Añade nuevos modulos al grubx64.efi
-
-## [0.8.0] - 2024-06-18 
-### Changed 
-- Actualiza a 0.8.0 para incluir los cambios de la versión 0.7.2
-
-## [0.7.2] - 2024-06-05 
-### Changed 
-- Añade scripts de grub y menu.lst para el arranque por disco y partición
-- Añade plantilla ogliveadmin con permisos de administracion como parametro del kernel
-- Añade plantilla de menú para el arranque por disco y partición y caché
-
 ## [0.7.1] - 2024-05-19 
 ### Changed 
 - Añade scripts de grub y menu.lst para el arranque del Oglive por cache

api/src/OgBootBundle/Controller/OgBootController.php

@@ -1590,7 +1590,7 @@ public function createBootFile(Request $request): JsonResponse
     }
 
     // Construcción de los argumentos del kernel
-    $kernelArgs = 'ro boot=oginit quiet splash irqpoll acpi=on og2nd=sqfs ogprotocol=smb ogdebug=true ogtmpfs=15 ' .
+    $kernelArgs = 'ro boot=oginit quiet splash irqpoll acpi=on og2nd=sqfs ogprotocol=smb ogactiveadmin=true ogdebug=true ogtmpfs=15 ' .
 	'oglivedir=${ISODIR}' . ' ' .   
         'LANG=' . $parameters['LANG'] . ' ' .
         'ip=' . $parameters['ip'] . ':' . $serverIp . ':' . $parameters['router'] . ':' . $parameters['netmask'] . ':' . $parameters['computer_name'] . ':' . $parameters['netiface'] . ':none ' .
@@ -1647,61 +1647,45 @@ public function createBootFile(Request $request): JsonResponse
         return new JsonResponse(['error' => 'FAILED_TO_CREATE_PXE_FILE', 'message' => 'Error al crear el archivo PXE'], Response::HTTP_INTERNAL_SERVER_ERROR);
     }
 
+    // Sustituir en la plantilla los marcadores
     $templateCacheDir = $this->tftpbootDir . '/menu.lst';
-    $pxeFileName = '01-' . $mac;
-    $pxeFilePath = $templateCacheDir . '/' . $pxeFileName;
+    $templateCachePath = $templateCacheDir . '/templateCache';
+    $templateCacheContent = file_get_contents($templateCachePath);
+    $grubContent = str_replace(
+        ['__INFOHOST__', '__OGLIVE__'],
+        [$kernelArgs, basename($ogLiveDir)],
+        $templateCacheContent
+    );
 
-    // Generar archivo si la plantilla es oglives cache o menu
-    if ($templateName === 'ogliveCache' || $templateName === 'menu') {
-        if ($templateName === 'ogliveCache') {
-            $templateCachePath = $templateCacheDir . '/templateCache';
-        } elseif ($templateName === 'menu') {
-            $templateCachePath = $templateCacheDir . '/templateMenu';
-        }
-        $templateCacheContent = file_get_contents($templateCachePath);
-        $grubContent = str_replace(
-            ['__INFOHOST__', '__OGLIVE__'],
-            [$kernelArgs, basename($ogLiveDir)],
-            $templateCacheContent
-        );
-    }
-    // Generar archivo si la plantilla es de tipo disco/partición
-    elseif (in_array($templateName, ['firstDisk_firstPartition', 'firstDisk_secondPartition', 'firstDisk_thirdPartition'])) {
-        $templateDiskPath = $templateCacheDir . '/templateDisk';
-        $templateDiskContent = file_get_contents($templateDiskPath);
-
-        // Determinar DISK, PART y DISKPART en función del templateName
-        $map = [
-            'firstDisk_firstPartition' => ['disk' => '01', 'part' => '01', 'diskpart' => '(hd0,gpt1)'],
-            'firstDisk_secondPartition' => ['disk' => '01', 'part' => '02', 'diskpart' => '(hd0,gpt1)'],
-            'firstDisk_thirdPartition' => ['disk' => '01', 'part' => '03', 'diskpart' => '(hd0,gpt1)'],
-        ];
-
-        $diskInfo = $map[$templateName];
-
-        // Sustituir variables en plantilla
-        $grubContent = str_replace(
-            ['__DISK__', '__PART__', '__DISKPART__'],
-            [$diskInfo['disk'], $diskInfo['part'], $diskInfo['diskpart']],
-            $templateDiskContent
-        );
-    }
-    // En cualquier otro caso, no se hace nada
-    else {
-        return new JsonResponse(['success' => 'NO_TEMPLATE_ACTION', 'message' => 'No se requiere generar archivo PXE'], Response::HTTP_OK);
-    }
-
-    // Escribir el archivo PXE final (común a ambos casos)
-    if (file_put_contents($pxeFilePath, $grubContent) === false) {
+    // Nombre del archivo de arranque por cache
+    $pxeFileNameCache = '01-' . $mac;
+    $pxeFilePathCache = $templateCacheDir . '/' . $pxeFileNameCache;
+    // Crear el archivo de arranque por cache
+    if (file_put_contents($pxeFilePathCache, $grubContent) === false) {
         $httpCode = '500';
         $this->logger->error(json_encode([
             'severity' => 'ERROR',
             'operation' => $operation,
             'component' => $component,
             'http_code' => $httpCode,
-            'desc' => 'Failed to create PXE boot file.'
+            'desc' => 'Failed to create cache PXE file.'
         ], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
-        return new JsonResponse(['error' => 'FAILED_TO_CREATE_PXE_FILE', 'message' => 'Error al crear el archivo de arranque PXE'], Response::HTTP_INTERNAL_SERVER_ERROR);
+        return new JsonResponse(['error' => 'FAILED_TO_CREATE_CACHE_PXE_FILE', 'message' => 'Error al crear el archivo de caché PXE'], Response::HTTP_INTERNAL_SERVER_ERROR);
+    }
+
+
+    // Creación de fichero de arranque por cache
+    $cacheFilePath = $this->tftpbootDir . '/menu.lst/' . $pxeFileName;
+    if (file_put_contents($cacheFilePath, $grubContent) === false) {
+        $httpCode = '500';
+        $this->logger->error(json_encode([
+            'severity' => 'ERROR',
+            'operation' => $operation,
+            'component' => $component,
+            'http_code' => $httpCode,
+            'desc' => 'Failed to create cache PXE file.'
+        ], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
+        return new JsonResponse(['error' => 'FAILED_TO_CREATE_CACHE_PXE_FILE', 'message' => 'Error al crear el archivo de caché PXE'], Response::HTTP_INTERNAL_SERVER_ERROR);
     }
 
 

debian/control

@@ -74,7 +74,8 @@ Depends:
  wget, 
  xinetd, 
  isolinux, 
- file
+ file, 
+ stunnel4
 Conflicts: apache2  
 Description: Opengnsys Ogboot package
  Files for the ogboot API and rest of configuration. 

debian/ogboot.dirs

@@ -1,3 +1,5 @@
 /opt/opengnsys/ogboot/client_log
 /opt/opengnsys/ogboot/mnt
 /opt/opengnsys/ogboot/tftpboot
+/opt/opengnsys/ogboot/etc/certificates
+/var/log/opengnsys/

debian/ogboot.postinst

@@ -167,6 +167,12 @@ configure_permissions(){
     chown -R opengnsys:www-data /opt/opengnsys/ogboot
 }
 
+configure_stunnel(){
+    cp /opt/opengnsys/ogboot/etc/stunnel-ogboot.service /etc/systemd/system/stunnel-ogboot.service
+    sed -i "s|connect = __SERVERIP__:8443|connect = $OGBOOT_IP:8443|g" /opt/opengnsys/ogboot/etc/stunnel/stunnel-ogboot-client.conf
+
+}
+
 restart_services(){
     systemctl daemon-reload
     systemctl restart nginx
@@ -186,6 +192,7 @@ if [ "$1" = "configure" ] && [ -z "$2" ]; then
     install_oglive
     configure_ipxe
     configure_api
+    configure_stunnel
     configure_nginx_and_fpm
     configure_samba
 

etc/certificates/ca.crt

@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIFrzCCA5egAwIBAgIUPmq2FSZvV2NBGIIxx5729SJN0FQwDQYJKoZIhvcNAQEL
+BQAwZzELMAkGA1UEBhMCRVMxDzANBgNVBAgMBk1hZHJpZDEPMA0GA1UEBwwGTWFk
+cmlkMRIwEAYDVQQKDAlPcGVuZ25zeXMxCzAJBgNVBAsMAkNBMRUwEwYDVQQDDAxv
+cGVuZ25zeXMtY2EwHhcNMjUwNTE2MDgzNjM4WhcNMzUwNTE0MDgzNjM4WjBnMQsw
+CQYDVQQGEwJFUzEPMA0GA1UECAwGTWFkcmlkMQ8wDQYDVQQHDAZNYWRyaWQxEjAQ
+BgNVBAoMCU9wZW5nbnN5czELMAkGA1UECwwCQ0ExFTATBgNVBAMMDG9wZW5nbnN5
+cy1jYTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANSAiJFAU7wV6hYb
+PKmjjuNFp07ITJC0vThRegIXcadAw9cblgYtD6e4KYT8LzrRpZDAazAWLSAY72W8
+i8/wWYcVIMDhtbhKy+pLFL0Z1LJpV6s6ged0wB5wQ37g1RDWeydrY9mEOr0LSC8X
+7ye7mTqtSxECglloRJw5p/9Z5yDZf2t1U6+e3WfZqKLZl9IXBb5cdR9mxUAf23/T
+ciAfTBNgltJ3noQERtjHZqxb9jrqpwaKhnZoGw4fb0poI9OQXitOzoR/b8ADMfUK
+KJ/d9iyq9h6gv4GPEJlDJK89vQlBhJAy8tHR6Qjd0nG+Be6moCndBqiHLAehMxkq
+8JS+bUOsAxq4XSsis5XQHOm/xZ4jlkerNQeeK+b0EDESjdNkKJXVy235FFJbCwGq
+IR8fdYUJenhqsHOd7WEjm5HfYo41mPG3002Wxs8oN1oNbqIzR/fxTGHWJKXX0LVt
+ZKg3s7h0MfmxMIJ5kHsh9wTO4qMIADmWPj5iCIXS15eAU3WJd4yYxTfcu1wwLBuv
+ATtZXLc/LI56PAvU1kXgdIT+OeBctVuBxKy11vrb82LF7WUZI3cP3MoRbGOLnc93
+u8pMu59l+l7pA7wjGJHSyt/H5f52ZHdbz/BMSY96/ETgAUHERM9cMoN+AGrI4Yf8
+8ZiuiAkSmukAShOfa05P8zqcXXjZAgMBAAGjUzBRMB0GA1UdDgQWBBTTPskAqxZM
+a7z7DBkb4MCspW7/bzAfBgNVHSMEGDAWgBTTPskAqxZMa7z7DBkb4MCspW7/bzAP
+BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQC+PQBDayFqVA0BAupP
+1ksZW3rXCIPIqSqbOG8BsgnOJXt+7Isql06/3LFEdaztjAptSEqX2K7Q7Ov4ZOF5
++lF2pSuIJwsVbzFbmrejkSZScQmXzAvQmNwMcWjpplhe0DG6hYdLek6IOo7BP2mG
+12l1mZbIkgmMbRK7Up6rQ5c9/PmcTqN5RXe3CEWPpBs5FEoD++k6wtYrZlaTCB2s
+P6taQuN1waO3jfu8KApQlcVEmlxaosrJSu8tBAE/zN9GwpR3WsdrD2iUB2d+g2rB
+RZ1P+DRnwpfIn7SEWUAezGW05Qu2gyfoZkiQ97zOYBXYCYwoNFVFtHnaRLO58cjz
+QR8+CLjs9svsrNXw+1rvUJoYyzh0vEBc+SUxKQ/7EGN6m9P7iod936Eqy6ztvUSV
+LdHxv8g0FOlmlLW1Afmiu2NopVsZqxOm1oZdurt7tYcNncu5AYwFmlP/iyDMmJBI
+hIUHmEUf0+v0K52H/ziIFovI7MVmY1RHlL5DABH+MiM6MmSl0NtW5DbEWEZN1vZI
+d3J6hsL/7o2wDYkLYkTolrBHbmvN5hoFu+b/YBAmrikJ027Lw1H04PvyW+PV1+DI
+4uTQ0NEMLhYBBY0ucg1iw6wsEbHhJwmMmen8/b18ZBytRyTzuKCyD6g6iLMEoDNG
+KOH0n1CGLevamLAYrLTwfXBTYQ==
+-----END CERTIFICATE-----

etc/certificates/ogboot.crt

@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFDjCCAvagAwIBAgIUEcS4b1cHsVkFGWqjVqHPrYkFl0wwDQYJKoZIhvcNAQEL
+BQAwZzELMAkGA1UEBhMCRVMxDzANBgNVBAgMBk1hZHJpZDEPMA0GA1UEBwwGTWFk
+cmlkMRIwEAYDVQQKDAlPcGVuZ25zeXMxCzAJBgNVBAsMAkNBMRUwEwYDVQQDDAxv
+cGVuZ25zeXMtY2EwHhcNMjUwNTE2MDkxMzE5WhcNMjcwODE5MDkxMzE5WjBrMQsw
+CQYDVQQGEwJFUzEPMA0GA1UECAwGTWFkcmlkMQ8wDQYDVQQHDAZNYWRyaWQxEjAQ
+BgNVBAoMCU9wZW5nbnN5czEPMA0GA1UECwwGb2dib290MRUwEwYDVQQDDAxvZ2Jv
+b3QubG9jYWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqDJ+pPUEg
+8rzejOkZhM3iOCSulHQJ5igMQP8Q3U4/6jJB7qHJyV93b2CQpUowmG2QA5nZtPDO
+fCiDoYpovunix2nB282xDQACmrZ5P8qhhF3KgP596hwNPDHoyi1SzHv+WkMio/lS
+Ie4RivkyDmcKHmDR6xtJMpr96FLFgAmDDG7Ht0rK64QAJixA3Nqp7N9MqtitoXU9
+y2dAjT8xT3QLhPPoGcBWmn1ttwwc4KwIjSEQC35YtdI42Pq8kdMuRaKQO7ms6rs9
+b/A2QHfYq/JBR/cB5/JTwzHyMhJSVhQ2mJR8NhFESJTEJv2PMOpBKXEV4T60zLTl
+3+lre+6PkKUBAgMBAAGjga0wgaowHwYDVR0jBBgwFoAU0z7JAKsWTGu8+wwZG+DA
+rKVu/28wCQYDVR0TBAIwADALBgNVHQ8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMDEGA1UdEQQqMCiCDG9nYm9vdC5sb2NhbIISb3Blbmduc3lz
+Lm5hdGkuY29thwTAqAEsMB0GA1UdDgQWBBRx9Ln26coMMR8qI3gH8/piY4g8yjAN
+BgkqhkiG9w0BAQsFAAOCAgEArybLmxjinaY/Lp/VjbUgaHo1nrkFsJU7LMTInqhT
+D/YPTODKTk12CqBxOtChKmX5y7Aydv7vEmuoy7vUmEIBDCM+8W2yBnB6j1A/rgPv
++4OufjCdnTeyGzcMmX+PE1d7it0Iyl8p2vAHnQC3DkWeBbAhwLd89vc2KyCfGp3F
+1vrQTFO6/Oxf2zgzRfkQJWtCIkh8io+urCDm7khns7wU6LxVJpsYKcsBtcvcmnDi
+dHvHxzlyoyxL6/x8irYeKo01exUwdLR9BwGb54/rIvgtsN/iaOC9jVd76x4pP9Cy
+F3Ici9bc7P/snDZoDgqMfDX0Au6QNJTfnDCltZk8HBfGlH3TiiL3XK9EiAWHv7PG
+p2yGpt0rMr2RP0gxm/Uysill+zZtJoFzShdcTNqDT0sCDLfB0SuRGkVPLFY3i9vk
+SfDcNVq8ltEjpCPrtlwLOxedLFjUFJzIbj67GqwY3R4d8XpxECUiFzawYNSOAckJ
+CCLY73GslRgWw0uoHVJ5/l+CnECLYdzYEczeEeDvbT3oMT4blMdOBdhbqeqdIKL4
+mug/YFiVTZyuya1jE6NfAgRV2keuM6nRdMjnE+JIrwfi4Rea9nRp6xH1+rKfZoUq
+tYyl8te8Bu/l1VfO1AQeI7aSR1+KfZhs1i3FtvRANCcQoyB6VqznSOBYtaTGOq8M
+4W8=
+-----END CERTIFICATE-----

etc/certificates/ogboot.ext

@@ -0,0 +1,10 @@
+authorityKeyIdentifier=keyid,issuer
+basicConstraints=CA:FALSE
+keyUsage = digitalSignature, keyEncipherment
+extendedKeyUsage = serverAuth, clientAuth
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.1 = ogboot.local
+DNS.2 = opengnsys.nati.com
+IP.1 = 192.168.1.44

etc/certificates/ogboot.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCqDJ+pPUEg8rze
+jOkZhM3iOCSulHQJ5igMQP8Q3U4/6jJB7qHJyV93b2CQpUowmG2QA5nZtPDOfCiD
+oYpovunix2nB282xDQACmrZ5P8qhhF3KgP596hwNPDHoyi1SzHv+WkMio/lSIe4R
+ivkyDmcKHmDR6xtJMpr96FLFgAmDDG7Ht0rK64QAJixA3Nqp7N9MqtitoXU9y2dA
+jT8xT3QLhPPoGcBWmn1ttwwc4KwIjSEQC35YtdI42Pq8kdMuRaKQO7ms6rs9b/A2
+QHfYq/JBR/cB5/JTwzHyMhJSVhQ2mJR8NhFESJTEJv2PMOpBKXEV4T60zLTl3+lr
+e+6PkKUBAgMBAAECggEAEwjmtmMM70s8qQzM6vZatX/jW0dy1cjVosmDw7eCEtV8
+WrUDlzrbXNsyy/40l8v4N66vghcm/XYYcuOaQq9cLu5zgCfClpcF8USwOFJTtFDE
+zu4xjpauHS0nyQ8Yk7QgDRC9gxsnxXHW3E/aJShHkHJmFBllLIRlpRZkbYcviWOk
+Ct5cxwJT2cyZgcNK9sVi+kizxMgZFih5UUv/72uhLKu9MyqNL4XkdNMy56YGyiH1
+dtmrNVbudxRUuNmdRgnBTBfQAmmy9yxkwW9ngHS0nqhd2bMGBMYAL+B/mVPMRn84
+4+oSR3yhNExvR4RIvFCng6n9NyG8CAO1N/MPASNXgQKBgQDhAOurLdhI1frDWBbv
+iy9cxHeNSOWFnhn15thUncyAq5pTYlxnrXdrYzxkXfzib39M79QBDR2hZGCSl0QA
+UCW7zyRIe/tTz9KFNslrvvdBIjMGNpc59FReO4FWOF0oU0TcO6XJXcHPSyq0fZJo
+46X7d3Z7ZrANYvAloYCzOjuKTQKBgQDBeakEw+lBcRA2/qj/tOwSCZt+SltqzJXS
+uCkCL7kW0aWbQaFqvANioGf10HHwrSDTig2Kuui9CxcfYWJEyBqezZ2UkXgCne8T
++OYf7Su4iqr6NsQHGyzE/drobQv9HdS33RNGc0RN9HYojA0MXyPZaVJxv335htqk
+89juIrh3hQKBgQCm8bnqbr+Vez7uBcQuxATGPfe+WqIB/AajDz7fuZ1ssuZ0i/yn
+6Gs8wIqkpZ/mmnfHrAKPLR4ZC5Mj8RxBZzY4HT98kJEv5Hj84mOckDqAl1FogMS/
++WtH57rVMEjejLoA9jjSKcCNf+YVuT4SmSYkaMT+Vni11fz8ztHhKYnX2QKBgQCu
+O6ytYOyPhY1vqThyRvENcV95hOb8r88A2936XRXW6ee0gI8n+rclu4TDxvrFHnRg
+bIOzeo0bqYAiP2XqwTXP6yVM5Q/pc2cZWl2LRN/Jqf89o9I3AA76PA5Gn+VbBeFJ
+zyqLmERb25oI+87IZGl5YjLfwu5kp0ABqqOiGNx8rQKBgQClfdfawzybv2dVQ/2C
+l3VOM84HCJQuk+LGd5p4XPLxOPXZ7aQMOjx38L1WQU9KM6ts+xc+yH0wqeMXAsl+
+Jz1kOEAvpLR4F/5iDSbT6TXSNVfhPGyfIPFMIG0MNOwrRpWziKTH6CjInIh08dzZ
+9Feb5YJqaC4DZV50WMPa6UmbXg==
+-----END PRIVATE KEY-----

etc/nginxServer.conf.tmpl

@@ -55,3 +55,69 @@ server {
         access_log /var/log/nginx/tftpboot_access.log;
     }
 }
+
+server {
+    listen 8085 ssl;
+    server_name __SERVERIP__ localhost;
+
+    # Raíz del documento para el proyecto Symfony
+    root __ROOT__/public;
+
+    # Certificados SSL
+    ssl_certificate     /opt/opengnsys/ogboot/etc/certificates/ogboot.crt;
+    ssl_certificate_key /opt/opengnsys/ogboot/etc/certificates/ogboot.key;
+
+    # CA para validar clientes
+    ssl_client_certificate /opt/opengnsys/ogboot/etc/certificates/ca.crt;
+    ssl_verify_client on;
+
+    # Bloque para manejar las solicitudes a /ogboot
+    location /ogboot {
+        try_files $uri $uri/ /index.php?$query_string;
+
+        # Aumentar el tiempo de espera por el install oglive
+        proxy_read_timeout 600;
+        proxy_connect_timeout 600;
+        proxy_send_timeout 600;
+        send_timeout 600;
+    }
+
+    # Bloque para manejar las solicitudes a index.php
+    location ~ ^/index.php(/|$) {
+        include fastcgi_params;
+        fastcgi_pass unix:/run/php/php__PHPVERSION__-fpm-ogboot.sock;
+        fastcgi_split_path_info ^(.+\.php)(/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param PATH_INFO $fastcgi_path_info;
+        fastcgi_param DOCUMENT_ROOT $document_root;
+        internal;
+    }
+
+    # Bloque para devolver 404 en cualquier solicitud a archivos PHP que no sean index.php
+    location ~ \.php$ {
+        return 404;
+    }
+
+    # Logs de error y acceso para el proyecto Symfony
+    error_log /var/log/nginx/ogboot_ssl_error.log;
+    access_log /var/log/nginx/ogboot_ssl_access.log;
+
+    location /ogboot/api/doc {
+        try_files $uri /index.php?$query_string;
+    }
+
+    # Ruta base para servir archivos de TFTP
+    location /tftpboot {
+        alias __TFTPPATH__;
+        autoindex on;
+        try_files $uri $uri/ =404;
+
+        # Seguridad
+        location ~ \.php$ {
+            return 404;
+        }
+
+        error_log /var/log/nginx/tftpboot_ssl_error.log;
+        access_log /var/log/nginx/tftpboot_ssl_access.log;
+    }
+}

etc/stunnel-ogboot.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=stunnel TLS client tunnel to ogCore
+After=network.target
+
+[Service]
+Type=simple
+ExecStart=/usr/bin/stunnel /opt/opengnsys/ogboot/etc/stunnel/stunnel-ogboot-client.conf
+Restart=always
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target

etc/stunnel/stunnel-ogboot-client.conf

@@ -0,0 +1,18 @@
+# === GENERAL ===
+foreground = yes
+client = yes
+debug = 7
+output = /var/log/opengnsys/stunnel-client-ogboot.log
+
+# === TUNEL TLS CLIENTE ===
+[api_tls_client]
+accept = 127.0.0.1:9443
+connect = __SERVERIP__:8443
+
+# Certificado del cliente (presentado al servidor)
+cert = /opt/opengnsys/ogboot/etc/certificates/ogboot.crt
+key  = /opt/opengnsys/ogboot/etc/certificates/ogboot.key
+
+# CA del servidor (para verificar el servidor remoto)
+CAfile = /opt/opengnsys/ogboot/etc/certificates/ca.crt
+verify = 2

tftpboot/grub.cfg

@@ -1,19 +0,0 @@
-cat grub.cfg 
-##NO-TOCAR-ESTA-LINEA ogLive
-set timeout=0
-set timeout_style=hidden
-
-echo ">>> GRUB lanzador detectando MAC..."
-sleep 1
-
-echo ">>> MAC detectada: ${net_default_mac}"
-sleep 1
-
-echo ">>> Intentando cargar menú específico: /menu.lst/01-${net_default_mac}"
-sleep 1
-
-configfile /menu.lst/01-${net_default_mac}
-
-echo ">>> No se pudo cargar /menu.lst/01-${net_default_mac}"
-sleep 5
-reboot

tftpboot/ipxe_scripts/templates/firstDisk_firstPartition

@@ -10,6 +10,6 @@ exit
 
 :uefi_boot
 echo "Running in UEFI mode - Booting first disk, first partition"
-chain http://__SERVERIP__/tftpboot/grubx64.efi
+sanboot --no-describe --drive 0 --filename \EFI\Part-01-01\Boot\ogloader.efi || echo "Failed to boot in UEFI mode"
 exit
 

tftpboot/ipxe_scripts/templates/firstDisk_secondPartition

@@ -10,7 +10,6 @@ exit
 
 :uefi_boot
 echo "Running in UEFI mode - Booting first disk, second partition"
-chain http://__SERVERIP__/tftpboot/grubx64.efi
+sanboot --no-describe --drive 0 --filename \EFI\Part-01-02\Boot\ogloader.efi || echo "Failed to boot in UEFI mode"
 exit
 
-

tftpboot/ipxe_scripts/templates/firstDisk_thirdPartition

@@ -10,7 +10,6 @@ exit
 
 :uefi_boot
 echo "Running in UEFI mode - Booting first disk, third partition"
-chain http://__SERVERIP__/tftpboot/grubx64.efi
+sanboot --no-describe --drive 0 --filename \EFI\Part-01-03\Boot\ogloader.efi || echo "Failed to boot in UEFI mode"
 exit
 
-

tftpboot/ipxe_scripts/templates/menu

@@ -1,14 +0,0 @@
-#!ipxe
-
-# Detectar si se está ejecutando en modo UEFI o BIOS
-iseq ${platform} efi && goto uefi_boot || goto bios_boot
-
-:bios_boot
-echo "Running in BIOS mode - Booting Menu WIP"
-chain http://__SERVERIP__/tftpboot/grub.exe --config-file="timeout 0; title menu WIP;root (hd0,0);chainloader (hd0,0)+1;boot" || echo "Failed to boot in BIOS mode"
-exit
-
-:uefi_boot
-echo "Running in UEFI mode - Booting Menu"
-chain http://__SERVERIP__/tftpboot/grubx64.efi
-exit

tftpboot/ipxe_scripts/templates/ogliveAdmin

@@ -1,19 +0,0 @@
-#!ipxe
-set timeout 0
-set timeout-style hidden
-
-set ISODIR __OGLIVE__
-set default 0
-set kernelargs __INFOHOST__
-# Menú de entrada para seleccionar OgLive
-:try_iso
-kernel http://__SERVERIP__/tftpboot/${ISODIR}/ogvmlinuz ogactiveadmin=true ${kernelargs} || goto fallback
-initrd http://__SERVERIP__/tftpboot/${ISODIR}/oginitrd.img
-boot
-
-:fallback
-echo "OgLive default"
-set ISODIR ogLive
-kernel http://__SERVERIP__/tftpboot/${ISODIR}/ogvmlinuz ogactiveadmin=true ${kernelargs}
-initrd http://__SERVERIP__/tftpboot/${ISODIR}/oginitrd.img
-boot

tftpboot/menu.lst/templateDisk

@@ -1,3 +0,0 @@
-search --file --set root /EFI/Part-__DISK__-__PART__/Boot/ogloader.efi
-chainloader /EFI/Part-__DISK__-__PART__/Boot/ogloader.efi
-boot

tftpboot/menu.lst/templateMenu

@@ -1,87 +0,0 @@
-set timeout=30
-
-set detectado='no'
-# Compruebo si existen distintos cargadores.
-echo "Searching Grub"
-set ISODIR=__OGLIVE__
-search --file --set rootGrub /EFI/grub/Boot/grubx64.efi
-if [ "$rootGrub" != "" ]; then
-    set detectado='si'
-    menuentry "Grub" {
-        root="$rootGrub"
-        chainloader /EFI/grub/Boot/grubx64.efi
-}
-fi
-
-echo "Searching rEFInd"
-search --file --set rootRefind /EFI/refind/shimx64.efi.signed
-if [ "$rootRefind" != "" ]; then
-    menuentry "rEFInd" {
-        root="$rootRefind"
-        chainloader /EFI/refind/shimx64.efi.signed
-}
-fi
-
-echo "Searching Part-01-02"
-search --file --set rootP2 /EFI/Part-01-02/Boot/ogloader.efi
-if [ "$rootP2" != "" ]; then
-    set detectado='si'
-    menuentry "Part-01-02" {
-        root="$rootP2"
-        chainloader /EFI/Part-01-02/Boot/ogloader.efi
-    }
-fi
-
-echo "Searching Part-01-03"
-search --file --set rootP3 /EFI/Part-01-03/Boot/ogloader.efi
-if [ "$rootP3" != "" ]; then
-    set detectado='si'
-    menuentry "Part-01-03" {
-        root="$rootP3"
-        chainloader /EFI/Part-01-03/Boot/ogloader.efi
-    }
-fi
-
-echo "Searching Windows"
-search --file --set rootMS /EFI/Microsoft/Boot/bootmgfw.efi
-if [ "$rootMS" != "" ]; then
-    set detectado='si'
-    menuentry "Windows" {
-        root="$rootMS"
-        chainloader /EFI/Microsoft/Boot/bootmgfw.efi
-    }
-fi
-
-echo "Searching Ubuntu"
-search --file --set rootUb /EFI/ubuntu/grubx64.efi
-if [ "$rootUb" != "" ]; then
-    set detectado='si'
-    menuentry "Ubuntu"{
-        root="$rootUb"
-        chainloader /EFI/ubuntu/grubx64.efi
-    }
-fi
-
-
-echo "Buscando ogvmlinuz en particiones locales..."
-search --file --set=rootOgCache /boot/$ISODIR/ogvmlinuz
-if [ "$rootOgCache" != "" ]; then
-    set detectado='si'
-    menuentry "Oglive Cache"{
-        root="$rootOgCache"
-        linux /boot/$ISODIR/ogvmlinuz __INFOHOST__
-        initrd /boot/$ISODIR/oginitrd.img
-    }
-fi
-
-
-
-
-
-# Si no hay ningún sistema operativo muestro mensaje.
-if [ $detectado == 'no' ]; then
-    menuentry "OpenGnsys no ha detectado ningún sistema operativo" {
-        # para evitar mensajes de error.
-        set root="(hd0,gpt1)"
-    }
-fi