Configure KVM-host to serve resources over USB

[rslangl]

Currently, the design desision is to provide any resources not installed by default on any target machines (containers, apt- and bsd packages) via the live OS. This requires the KVM host, currently a PiKVM v4, to serve these resources via itself.

Pre-provision resource on live OS

• Configure nginx to serve the pre-provisioned repos, e.g.:

server {
    listen 80 default_server;
    liten [ :: ]:80 default_server;

    location /apt/ {
        root /srv/apt/;
        autoindex on;
    }

    location /bsd/ {
        root /srv/bsd/;
        autoindex on;
    }
}

• Configure a static webpage with helpful information to aid in the installation process

Make live OS appear as a virtual eth device

• Enable USB gadget mode in config.txt

dtoverlay=dwc2

• Enable g_ether kernel module

sudo modprobe g_ether

• Assign static IP to usb0

# Assuming the KVM device uses 10.0.0.1
ip addr add 10.0.0.2/24 dev usb0
ip link set usb0 up

The KVM host should now see a new device, e.g. eth0. Access the live system on e.g. http://10.0.0.1/apt

Make KVM device act as an intermediary for target machines

• Enable IP forwarding:

echo 1 > /proc/sys/net/ipv4/ip_forward

• Setup NAT (MASQUERADE)

# Assume eth0 = uplink to live repo, eth1 = target network
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

• Configure dnsmasq (example):

interface=eth1
dhcp-range=192.168.100.50,192.168.100.100,12h
enable-tftp
tftp-root=/srv/tftp
pxe-service=x86PC, "Install Linux", pxelinux

Configure target machines

• On FreeBSD based hosts:

# This approach is recommended for automation
env REPO_URL="http://10.0.0.1/freebsd/packages-13.3-release/"
pkg -r /mnt -o REPOS_DIR=/tmp/repos install somepackage

• On Debian based hosts:

deb [trusted=yes] http://10.0.0.1/debian bookworm main

• For Terraform, configure server:

provider_installation {
    network_mirror {
      url = "http://10.0.0.1/tf-providers"
    }
  }

[rslangl]

Making live system appear as an eth device resolved in #38