So you've just received a brand-new secondhand one of these things off Ebay, what do we need to do to it before use? <> = BIOS/UEFI settings = == Getting in there == * Mash F1 during POST to get into the BIOS/UEFI * If you get stuck in Windows because the keyboard wasn't detected fast enough, you can get to the desktop and then: * Hit the Windows key, type "UEFI", then select Change Advanced Start-up Options * Restart Now with the Advanced Startup button * Then from ''that'' boot menu go to Troubleshoot, Advanced Options, UEFI Firmware Settings, Restart == Update the BIOS to the latest version == * TBC * The latest BIOS update for the M710q (as of 2023-11-20) is version XYZ, released 2019-xx-xx == Grab the MAC address == You need to boot the OS for this I think, or inspect the DHCP server the first time it PXE boots. You'll need this later when configuring PXE booting. == Change BIOS/UEFI settings == The first thing you want to do is set it to full UEFI mode, no legacy here. Then all these settings: * Main * Set System time and date * Devices * Audio * Onboard: disabled * Network Setup * All enabled * Advanced * CPU Setup * Enable virt * Enable vt-d * all c states * turbo enabled * Intel manageability * Disable that remote mgmt stuff * SOL config * Console type = vt100+ * USB provosioning: disabled * Intel SGX * SGX control: software controlled * SIPP support enabled * CPU CRID support enabled * Chipset CRID support enabled * Dust shield alert: disabled * Power * after loss -> power on * enhanced power saving mode disabled * smart power on Enabled (Alt-P to power up) * Intrlligent cooling engine * perf mode = better acoustics * thermal alert enabled * Auto power on * WOL = Auto * Alarm = Disabled * Security * Allow flash to old version: Yes * Require admin pass when flashing: No * Wundows UEFI firmware update: Enabled * Require POP on boot: No * POP on restart: No * Admin pass on F12 boot: No * Smart USB protection: Disabled * Fingerprint Setuo * Preboot Auth: Disabled * TCG Feature Setup * TCG Device: Discrete TPM * Discrete TPM FW Switch: TPM 2.0 * Security chip 2.0: Enabled * Clear TCG: No * Secure Boot * Status: Disabled * Device Guard: Disabled * Chassis Intrusion Detection: Disabled * Config change detection: Disabled * Password count exceeded error: Disabled * Startup * CSM: Disabled * Startup device menu prompt: enabled Reboot and go in again with F1 * Startup * Primary sequence * Network 1 * M.2 drive 1 * Disable all the others * Do the same for Auto and Error boot sequences = Prepare for PXE booting = 1. Choose an IP address, the DHCP server will be used to configure the server when it comes up 1. Choose a name, and go assign the name to address mapping in the DNS zone 1. Record the allocation in the spreadsheet: https://docs.google.com/spreadsheets/d/1bUR4y21wuCVRCpQcBbP85wGAWELrVjo2_tNJ7la495A/edit#gid=0 1. Configure the DHCP server with the static address reservation * In Mikrotik Winbox it's in IP -> DHCP Server -> Leases. You can open an existing static lease and Copy it. Make sure to edit the: * IP * Name * MAC address * Comment * In Mikrotik CLI it'd be something like this {{{ [furinkan@helian] /ip/dhcp-server/lease> add address=192.168.1.256 mac-address=02-99-88-77-66-55 server="dhcp general" comment=persica42 }}} * If using dnsmasq in Pihole we add a custom config file like `/etc/dnsmasq.d/02-pihole-dhcp-persica-cluster.conf` {{{ dhcp-host=02:99:88:77:66:55,set:persica,192.168.1.256,persica42,5m # one dhcp-host line per host dhcp-boot=tag:persica,grub/grubx64.efi,illustrious.thighhighs.top,192.168.1.12 }}} Note that things are a bit different here, we specify boot options per-host rather than at a subnet level like on Mikrotik * Run `pihole restartdns` after making changes You should now be able to PXE boot the box. It'll get an address from DHCP, then hit the next-server for PXE executable which is `grubx64.efi` Grub will download its menu from the TFTP server via baked-in path, which defines the kernel and initrd to download and execute. That's typically a Linux kernel, with cmdline options to start a kickstarted install. Kickstart will download its `kickstart.cfg` then the magic happens. Now go put the right bits in the right places, you'll need a kernel and initrd at a minimum, then for auto installs you need a kickstart config (or Debian equivalent): [[PxeBooting#Putting_the_right_bits_in_the_right_places]]