diff --git a/crates/ipxe-renderer/src/lib.rs b/crates/ipxe-renderer/src/lib.rs index 28951850f9..5a6df6cbc4 100644 --- a/crates/ipxe-renderer/src/lib.rs +++ b/crates/ipxe-renderer/src/lib.rs @@ -1250,6 +1250,22 @@ mod tests { } } + #[test] + fn static_ipxe_menu_uses_the_dhcp_pxe_http_endpoint() { + for path in ["whoami", "boot?buildarch=${buildarch}"] { + assert!( + STATIC_IPXE_MENU_TEMPLATE + .contains(&format!("http://${{next-server}}/api/v0/pxe/{path}")), + "static iPXE menu should use next-server over the standard HTTP port for {path}" + ); + } + + assert!( + !STATIC_IPXE_MENU_TEMPLATE.contains("${next-server}:8080"), + "static iPXE menu should not use the PXE container's internal port" + ); + } + #[test] fn test_get_template_by_name() { let renderer = DefaultIpxeScriptRenderer::new(); diff --git a/pxe/ipxe/local/embed.ipxe b/pxe/ipxe/local/embed.ipxe index e1441048fd..f7da419266 100644 --- a/pxe/ipxe/local/embed.ipxe +++ b/pxe/ipxe/local/embed.ipxe @@ -19,12 +19,14 @@ ifconf -c dhcp # X-Forwarded-For when proxied, TCP socket peer otherwise) and resolves # to a machine_interface_id via find_by_ip. iPXE doesn't need to encode # anything identity-related in the URL -- the network layer carries it. -time chain --autofree http://${next-server}:8080/api/v0/pxe/whoami +# next-server is an IPv4 address from DHCP, so use the standard HTTP port +# exposed by the PXE service instead of the container's internal port. +time chain --autofree http://${next-server}/api/v0/pxe/whoami goto nico_menu :nico ifconf -c dhcp -time chain --autofree http://${next-server}:8080/api/v0/pxe/boot?buildarch=${buildarch}&platform=${platform}&manufacturer=${manufacturer}&product=${product}&serial=${serial} && exit 1 || goto error_handler +time chain --autofree http://${next-server}/api/v0/pxe/boot?buildarch=${buildarch}&platform=${platform}&manufacturer=${manufacturer}&product=${product}&serial=${serial} && exit 1 || goto error_handler :nico_menu menu NICo - ${hostname}