Add uki-serve command to pxe boot uki files

Dockerfile

@@ -12,27 +12,7 @@ ADD ./internal/web/app/index.js .
 ADD ./internal/web/app/accordion.js .
 RUN npm ci && npx esbuild index.js --bundle --outfile=bundle.js
 
-FROM golang:1.24 AS swagger
-WORKDIR /app
-COPY . .
-RUN go install github.com/swaggo/swag/cmd/swag@latest && \
-    swag init -g main.go --output internal/web/app --parseDependency --parseInternal --parseDepth 1 --parseVendor
-
-FROM golang:1.24 AS builder
-ARG VERSION=v0.0.0
-WORKDIR /work
-ADD go.mod .
-ADD go.sum .
-RUN go mod download
-ADD . .
-COPY --from=js /work/bundle.js ./internal/web/app/bundle.js
-COPY --from=swagger /app/internal/web/app/swagger.json ./internal/web/app/swagger.json
-COPY --from=swagger /app/internal/web/app/redoc.html ./internal/web/app/redoc.html
-ENV CGO_ENABLED=0
-ENV VERSION=$VERSION
-RUN go build -ldflags "-X main.version=${VERSION}" -o auroraboot
-
-FROM fedora:$FEDORA_VERSION AS default
+FROM fedora:$FEDORA_VERSION AS base
 ARG TARGETARCH
 ENV BUILDKIT_PROGRESS=plain
 ENV LUET_NOLOCK=true
@@ -71,6 +51,34 @@ RUN dnf in -y bc \
               xorriso \
               zstd
 
+
+FROM base AS keyenroller
+ENV EFIKEY_VERSION=v0.1.0
+RUN curl -f -L https://github.com/kairos-io/efi-key-enroller/releases/download/$EFIKEY_VERSION/efi-key-enroller.efi -o /efi-key-enroller.efi && file /efi-key-enroller.efi | grep -q "EFI"
+
+FROM golang:1.24 AS swagger
+WORKDIR /app
+COPY . .
+RUN go install github.com/swaggo/swag/cmd/swag@latest && \
+    swag init -g main.go --output internal/web/app --parseDependency --parseInternal --parseDepth 1 --parseVendor
+
+FROM golang:1.24 AS builder
+ARG VERSION=v0.0.0
+WORKDIR /work
+ADD go.mod .
+ADD go.sum .
+RUN go mod download
+ADD . .
+COPY --from=js /work/bundle.js ./internal/web/app/bundle.js
+COPY --from=swagger /app/internal/web/app/swagger.json ./internal/web/app/swagger.json
+COPY --from=swagger /app/internal/web/app/redoc.html ./internal/web/app/redoc.html
+COPY --from=keyenroller /efi-key-enroller.efi ./pkg/constants/efi-key-enroller.efi
+ENV CGO_ENABLED=0
+ENV VERSION=$VERSION
+RUN go build -ldflags "-X main.version=${VERSION}" -o auroraboot
+
+
+FROM base AS default
 COPY --from=luet /usr/bin/luet /usr/bin/luet
 # copy both arches
 COPY image-assets/luet-arm64.yaml /tmp/luet-arm64.yaml

internal/cmd/app.go

@@ -45,6 +45,7 @@ func GetApp(version string) *cli.App {
 		Authors: []*cli.Author{{Name: "Kairos authors", Email: "[email protected]"}},
 		Usage:   "auroraboot",
 		Commands: []*cli.Command{
+			&UkiPXECmd,
 			&BuildISOCmd,
 			&BuildUKICmd,
 			&GenKeyCmd,

internal/cmd/pxeUki.go

@@ -0,0 +1,53 @@
+package cmd
+
+import (
+	"github.com/kairos-io/AuroraBoot/pkg/utils"
+	"github.com/kairos-io/kairos-sdk/types"
+	"github.com/urfave/cli/v2"
+	"os"
+)
+
+var UkiPXECmd = cli.Command{
+	Name:  "uki-pxe",
+	Usage: "Serve PXE boot files using a specified ISO file and key directory",
+	Flags: []cli.Flag{
+		&cli.StringFlag{
+			Name:     "key-dir",
+			Usage:    "Directory containing the keys",
+			Required: true,
+		},
+		&cli.StringFlag{
+			Name:     "iso-file",
+			Usage:    "Iso file to use",
+			Required: true,
+		},
+		&cli.StringFlag{
+			Name:    "loglevel",
+			Aliases: []string{"l"},
+			Usage:   "Set the log level",
+			Value:   "info",
+		},
+	},
+	Before: func(c *cli.Context) error {
+		isoFile := c.String("iso-file")
+		if _, err := os.Stat(isoFile); err != nil {
+			if os.IsNotExist(err) {
+				return cli.Exit("iso file does not exist", 1)
+			}
+			return cli.Exit("error checking iso file: "+err.Error(), 1)
+		}
+
+		keyDir := c.String("key-dir")
+		if _, err := os.Stat(keyDir); err != nil {
+			if os.IsNotExist(err) {
+				return cli.Exit("key directory does not exist", 1)
+			}
+			return cli.Exit("error checking key directory: "+err.Error(), 1)
+		}
+		return nil
+	},
+	Action: func(context *cli.Context) error {
+		log := types.NewKairosLogger("pxe", context.String("loglevel"), false)
+		return utils.ServeUkiPXE(context.String("key-dir"), context.String("iso-file"), log)
+	},
+}

pkg/constants/constants.go

@@ -37,6 +37,12 @@ var BootHybrid []byte
 //go:embed grub_live_bios.cfg
 var GrubLiveBiosCfg []byte
 
+// EfiKeyEnroller is the key enroller for the efi image which gets the keys from the ipxe server and enrolls them
+// source at https://github.com/kairos-io/efi-key-enroller/
+//
+//go:embed efi-key-enroller.efi
+var EfiKeyEnroller []byte
+
 type UkiOutput string
 
 const (