Skip to content

netboot.xyz netboot.xyz

netboot.xyz enables me to boot into many types of operating systems using lightweight tooling to get you up and running as soon as possible over my network.

🛠 Installation

Default Port: 3000

homelab/docker/netbootxyz

task up
docker compose up

âš™ Config

homelab/docker/netbootxyz/.env

CONFIG_DIR=
INSTALL_DIR=
SERVICE_NAME=docker
homelab/docker/netbootxyz/compose.yaml
---
services:
  netbootxyz:
    image: ghcr.io/netbootxyz/netbootxyz:0.7.6-nbxyz4
    container_name: netbootxyz
    restart: unless-stopped
    ports:
      - "3000:3000"  # Web configuration interface port
      - "69:69/udp"   # TFTP port
      - "8080:80"    # Optional, maps to NGINX_PORT
    environment:
      - MENU_VERSION=2.0.76  # Optional
      - NGINX_PORT=80        # Optional
      - WEB_APP_PORT=3000    # Optional
    volumes:
      - ./config:/config  # Optional
      - ./assets:/assets  # Optional

Traefik

homelab/pve/traefik/conf.d/netbootxyz.yaml
---
http:
 #region routers 
  routers:
    netbootxyz:
      entryPoints:
        - "websecure"
      rule: "Host(`netboot.l.nicholaswilde.io`)"
      middlewares:
        - default-headers@file
        - https-redirectscheme@file
      tls: {}
      service: netbootxyz
#endregion
#region services
  services:
    netbootxyz:
      loadBalancer:
        servers:
          - url: "http://192.168.1.222:3000"
        passHostHeader: true
#endregion
  middlewares:
    https-redirectscheme:
      redirectScheme:
        scheme: https
        permanent: true
    default-headers:
      headers:
        frameDeny: true
        browserXssFilter: true
        contentTypeNosniff: true
        forceSTSHeader: true
        stsIncludeSubdomains: true
        stsPreload: true
        stsSeconds: 15552000
        customFrameOptionsValue: SAMEORIGIN
        customRequestHeaders:
          X-Forwarded-Proto: https

    default-whitelist:
      ipAllowList:
        sourceRange:
        - "10.0.0.0/8"
        - "192.168.0.0/16"
        - "172.16.0.0/12"

    secured:
      chain:
        middlewares:
        - default-whitelist
        - default-headers

Task List

task: Available tasks for this project:
* decrypt:       Decrypt sensitive configuration files using SOPS.
* default:       List all available tasks.
* encrypt:       Encrypt sensitive configuration files using SOPS.
* export:        Export the task list to `task-list.txt`.
* init:          Initialize the application's environment and configuration files.
* mklinks:       Create symbolic links for configuration files.
* restart:       Restart the application's Docker containers.
* status:        Check the status of the application's service or Docker containers.
* stop:          Stop the application's Docker containers.
* up:            Run Docker Compose in the foreground.
* up-d:          Run Docker Compose in the background.
* update:        Update the application or its running containers.
* upgrade:       Upgrade the application by pulling the latest changes and updating.

🔗 References