Date: Thu, 30 May 2024 00:16:22 -0400 From: Vincent Miller <vrwmiller@gmail.com> To: Jenisch Ewald <Ewald.Jenisch@oekb.at> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: FreeBSD install via Proxy? Message-ID: <CAHzLAVGw3QMj=8grs%2BQRzMGiKBpWj8xKVfCOaBJ0v_D7je2xDQ@mail.gmail.com> In-Reply-To: <6070ca6676d04596b849782e723177ca@oekb.at> References: <6070ca6676d04596b849782e723177ca@oekb.at>
next in thread | previous in thread | raw e-mail | index | archive | help
--000000000000d7f2a60619a42147 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, May 28, 2024 at 8:23=E2=80=AFAM Jenisch Ewald <Ewald.Jenisch@oekb.a= t> wrote: > Hi, > > I've got a machine sitting in a heavily firewalled environment not > allowing direct internet connections, but http/https has to run via a > proxy. I've found ways to get normal user activity as well as git for > source updates run via proxy, but how about a fresh installation of FreeB= SD > > To be specific: How can I get the installer (i.e. bootonly.iso) to run > it's downloads via a proxy instead of trying to connect to the internet > dirctly? > [ snip ] > > PS: As for "installation", I'm talking about FreeBSD 14.0 here > I've not done this with 14.x yet nor interactively via bootonly.iso, but believe it is feasible based on my experience. The stock bootonly.iso should be sufficient if you're ok doing it interactively and figuring it out as you go. Boot the media into a shell, initialize a network interface, and define HTTP_PROXY and friends appropriately then run bsdinstall or equivalent procedure to fetch and install kernel, base, etc. The bootonly.iso can also be built with a custom implemented /etc/installerconfig that does it non-interactively. Such an ISO might be able to be built with Poudriere more easily than it can be built from source. I'm familiar with doing so from source and less so via Poudriere and with FreeBSD 8.0 through 13.3 and via proxy beginning with 13.x. The interactive process isn't scalable particularly in a zero-trust environment. The non-interactive implementation is much more useful with larger footprints. I wrote some blogs 10+ years ago regarding PXE booting and installing FreeBSD via Cobbler. Those concepts still apply to current versions, but the implementation and tools have changed over the years...Cobbler isn't used, the FreeBSD installer has changed, and other tools have been replaced. See them below. There's probably some useful tidbits still, but not directly applicable to modern versions. https://blog.hostileadmin.com/2013/04/11/installing-freebsd-via-cobbler/ https://blog.hostileadmin.com/2012/05/08/using-sysinstall-for-automated-fre= ebsd-8-x-installs/ https://blog.hostileadmin.com/2012/05/04/pxe-booting-into-a-freebsd-install= ation/ -- Take care Vincent Miller --000000000000d7f2a60619a42147 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div dir=3D"ltr"><br></div><br><div class=3D"gmail_quote">= <div dir=3D"ltr" class=3D"gmail_attr">On Tue, May 28, 2024 at 8:23=E2=80=AF= AM Jenisch Ewald <<a href=3D"mailto:Ewald.Jenisch@oekb.at">Ewald.Jenisch= @oekb.at</a>> wrote:<br></div><blockquote class=3D"gmail_quote" style=3D= "margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;bor= der-left-color:rgb(204,204,204);padding-left:1ex">Hi,<br> <br> I've got a machine sitting in a heavily firewalled environment not allo= wing direct internet connections, but http/https has to run via a proxy. I&= #39;ve found ways to get normal user activity as well as git for source upd= ates run via proxy, but how about a fresh installation of FreeBSD<br> <br> To be specific: How can I get the installer (i.e. bootonly.iso) to run it&#= 39;s downloads via a proxy instead of trying to connect to the internet dir= ctly?</blockquote><div></div><blockquote class=3D"gmail_quote" style=3D"mar= gin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-= left-color:rgb(204,204,204);padding-left:1ex"> <br>[ snip ]<br> <br> PS: As for "installation", I'm talking about FreeBSD 14.0 her= e <br></blockquote><div><br></div><div>I've not done this with 14.x yet= nor interactively=C2=A0via bootonly.iso, but believe it is feasible based = on my experience. The stock bootonly.iso should be sufficient if you're= ok doing it interactively and figuring it out as you go. Boot the media in= to a shell, initialize a network interface, and define HTTP_PROXY and frien= ds appropriately=C2=A0then run bsdinstall or equivalent=C2=A0procedure to f= etch and install kernel, base, etc.</div><div><br></div><div>The bootonly.i= so can also be built with a custom implemented /etc/installerconfig that do= es it non-interactively. Such an ISO might be able to be built with Poudrie= re more easily than it can be built from source. I'm familiar with=C2= =A0doing so from source and less so via Poudriere and with FreeBSD 8.0 thro= ugh 13.3 and via proxy beginning with 13.x.</div><div><br></div><div>The in= teractive process isn't scalable particularly=C2=A0in a zero-trust envi= ronment. The non-interactive implementation is much more useful with larger= footprints.</div><div><br></div><div>I wrote some=C2=A0blogs 10+ years ago= regarding PXE booting and installing FreeBSD via Cobbler. Those concepts s= till apply to current versions, but the implementation and tools have chang= ed over the years...Cobbler isn't used, the FreeBSD installer has chang= ed, and other tools have been replaced. See them below. There's probabl= y some useful tidbits still, but not directly applicable to modern versions= .</div><div><br></div><div><a href=3D"https://blog.hostileadmin.com/2013/04= /11/installing-freebsd-via-cobbler/">https://blog.hostileadmin.com/2013/04/= 11/installing-freebsd-via-cobbler/</a><br></div><div><a href=3D"https://blo= g.hostileadmin.com/2012/05/08/using-sysinstall-for-automated-freebsd-8-x-in= stalls/">https://blog.hostileadmin.com/2012/05/08/using-sysinstall-for-auto= mated-freebsd-8-x-installs/</a><br></div><div><a href=3D"https://blog.hosti= leadmin.com/2012/05/04/pxe-booting-into-a-freebsd-installation/">https://bl= og.hostileadmin.com/2012/05/04/pxe-booting-into-a-freebsd-installation/</a>= </div><div><br></div><div>--<br></div></div><div dir=3D"ltr" class=3D"gmail= _signature"><div dir=3D"ltr">Take care<br>Vincent Miller</div></div></div> --000000000000d7f2a60619a42147--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHzLAVGw3QMj=8grs%2BQRzMGiKBpWj8xKVfCOaBJ0v_D7je2xDQ>