Download current binary from site memtest.org. Now current version is 5.31b.

Extract file (in my case memtest86+-5.31b.bin).

Rename it and place somewhere in TFTP server:

mv /tmp/memtest86+-5.31b.bin /data/tftpboot/networkboot/memtest86+-5.31b

as in previous posts my TFTP root is /data/tftpboot and I place all files in networkboot directory.

Add menu entry in pxelinux.cfg/default or as in my examples in pxelinux.cfg/4c4c4544-0042-4410-8053-b2c04f43334a (these magic numbers are my test PC UUID):

LABEL Memtest86-5.31
MENU LABEL Memtest86+ 5.31b
KERNEL /networkboot/memtest86+-5.31b

On fresh install ESXi 7.0 U2 you just need two commands:

esxcli system syslog config set --loghost='udp://192.168.1.28:514'
esxcli network firewall ruleset set --ruleset-id=syslog --enabled=true

First line configures address of remote syslog server - of course you have to change 192.168.1.28 to yours server IP.

Second one opens required ports on firewall.

My router configuration was:

root@gargoyle:~# uci show dhcp.lan.dhcp_option
dhcp.lan.dhcp_option='252,http://wpad/wpad.dat' '6,192.168.1.28,192.168.1.4'

I would like to change WPAD address (option 252) to wpad.lan so I've to remove (del_list) old entry and add (add_list) new one:

root@gargoyle:~# uci del_list dhcp.lan.dhcp_option='252,http://wpad/wpad.dat'
root@gargoyle:~# uci add_list dhcp.lan.dhcp_option='252,http://wpad.lan/wpad.dat'

check, if everything is correct:

root@gargoyle:~# uci show dhcp.lan.dhcp_option
dhcp.lan.dhcp_option='6,192.168.1.28,192.168.1.4' '252,http://wpad.lan/wpad.dat'

now, You can commit changes (write to /etc/config/dhcp file) and restart dnsmasq daemon:

root@gargoyle:~# uci commit dhcp
root@gargoyle:~# /etc/init.d/dnsmasq restart

On client you can check again using nmap command:

[root@Optiplex745 ~]# nmap --script broadcast-dhcp-discover -e enp3s0
Starting Nmap 7.70 ( https://nmap.org ) at 2021-03-17 22:42 CET
Pre-scan script results:
| broadcast-dhcp-discover:
|   Response 1 of 1:
|     IP Offered: 192.168.1.249
|     DHCP Message Type: DHCPOFFER
|     Server Identifier: 192.168.1.4
|     IP Address Lease Time: 2m00s
|     Bootfile Name: undionly.kpxe\x00
|     Renewal Time Value: 1m00s
|     Rebinding Time Value: 1m45s
|     Subnet Mask: 255.255.255.0
|     Broadcast Address: 192.168.1.255
|     Router: 192.168.1.4
|     Domain Name: lan
|     WPAD: http://wpad.lan/wpad.dat
|_    Domain Name Server: 192.168.1.28, 192.168.1.4
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 3.85 seconds

Last two attempts (one and two) to power off using just short press of power button didn't work or work only when when you are logged in.

Now I've just installed ACPI daemon:

dnf install acpid
systemctl enable acpid

This finally works for my home server.

My last resolution about power button works only when monitor is connected.

If you have headless server you can use systemd-logind service. By default (in CentOS 8) it do nothing. I've only found:

systemd-logind[1373]: Power key pressed

in /var/log/messages.

To change this behaviour you can modify

/etc/systemd/logind.conf

I've uncommented line

#HandlePowerKey=poweroff

After thins restart service:

systemctl restart systemd-logind

Now power key works on headless Linux server.

Booting to PXE (or iPXE) using dnsmasq is rather well documented also by Me ;-).

If You would like to use MikroTik it's not so easy (at least v6.43.2). I couldn't manage to boot iPXE using chainloading because of the infinite loop with the DHCP server.

Booting from PXE is also not so obvious. You cannot set option 66 (next-server/Server-Name) nor 67 (boot-file/Bootfile-Name) in "ip dhcp-server option". Instead set "Next Server" and "Boot File Name" in "ip dhcp-server network", so it should look like this:

[admin@MikroTik] > /ip dhcp-server network print detail
Flags: D - dynamic
 0   ;;; defconf
     address=192.168.1.0/24 gateway=192.168.1.15 netmask=24
     dns-server=192.168.1.28,192.168.1.15 wins-server="" ntp-server=""
     caps-manager="" domain="lan" next-server=192.168.1.28
     boot-file-name="pxelinux.0" dhcp-option="" dhcp-option-set=""

I would like to upgrade kernel on diskless machine.

First upgrade system as regular one:

yum upgrade

Copy new installed initramfs and vmlinuz files somewhere, I've copied them directly to TFTP server

scp /boot/vmlinuz-3.10.0-1127.19.1.el7.x86_64 /boot/initramfs-3.10.0-1127.19.1.el7.x86_64.img 192.168.1.28:

as you can see my TFTP (and also PXE/iSCSI) server is 192.168.1.28.

Then you have to expose new files via TFTP server and modify PXE config files.

My TFTP server files are in /data/tftpboot, and I've decided to store boot files in /networkboot/CentOS7-2003 directory so:

mkdir /data/tftpboot/networkboot/CentOS7-2003
mv ~/initramfs-3.10.0-1127.19.1.el7.x86_64.img ~/vmlinuz-3.10.0-1127.19.1.el7.x86_64 /data/tftpboot/networkboot/CentOS7-2003

You can edit /data/tftpboot/pxelinux.cfg/default. I've per-machine PXE config files that's why I added to /data/tftpboot/pxelinux.cfg/4c4c4544-0042-4410-8053-b2c04f43334a instead of default:

LABEL Centos7-Optiplex745-3.10.0-1127.19.1
MENU LABEL CentOS 7 DELL Optiplex 745 (3.10.0-1127.19.1)
kernel /networkboot/CentOS7-2003/vmlinuz-3.10.0-1127.19.1.el7.x86_64 root=/dev/mapper/centos00-root ro netroot=iscsi:@192.168.1.28::::iqn.1994-11.com.netgear:nas:08303042:centos-pxe rd.iscsi.initiator=iqn.1994-05.com.redhat:2f3474eec735 vconsole.keymap=pl LANG=en_GB.UTF-8  console=tty0 ip=enp3s0:dhcp  rhgb quiet
append initrd=/networkboot/CentOS7-2003/initramfs-3.10.0-1127.19.1.el7.x86_64.img

as you can see kernel and initrd are updated to point at new files.

When You test that system boots from this new config you can change set it as default.

To change power button behaviour in CentOS I've created file /etc/dconf/db/local.d/01-power:

[org/gnome/settings-daemon/plugins/power]
power-button-action='interactive'

and restart or update dconf:

dconf update

Sources: Changing Behavior when Pressing the Power Button in Graphical Target Mode

Thin installation was tested on CentOS 7 nad CentOS 8

Prepare system

You will need java:

yum install java-1.8.0-openjdk-headless

Create dedicated user

useradd --system --create-home --user-group \
--home-dir /opt/minecraft --shell /bin/bash minecraft

or shorter

useradd -r -m -U -d /opt/minecraft -s /bin/bash minecraft

Configure firewall

Create new service mincecraft-server file:

cat << EOF > /etc/firewalld/services/minecraft-server.xml
<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>Minecraft server</short>
  <port port="25565" protocol="tcp"/>
  <port port="25575" protocol="tcp"/>
</service>
EOF

Then reload to read new service, enable it and reload to apply changes.

firewall-cmd --reload
firewall-cmd --add-service=minecraft-server --permanent
firewall-cmd --reload

Prepare directories

su - minecraft
mkdir -p ~/{backups,tools}
mkdir server-1.12.2
mkdir server-1.15.2

Download JAR files

I'm preparing two versions: 1.12.2 and 1.15.2:

cd ~/server-1.15.2
wget "https://launcher.mojang.com/v1/objects/bb2b6b1aefcd70dfd1892149ac3a215f6c636b07/server.jar" -O minecraft_server.1.15.2.jar
ln -s minecraft_server.1.15.2.jar server.jar
echo eula=true > eula.txt
cd ~/server-1.12.2
wget https://launcher.mojang.com/mc/game/1.12.2/server/886945bfb2b978778c3a0288fd7fab09d315b25f/server.jar -O minecraft_server-1.12.2.jar
ln -s minecraft_server-1.12.2.jar server.jar
echo eula=true > eula.txt

Now you have to chose one. In my example 1.12.2:

cd
ln -s server-1.12.2 server

later you can remove this link and create it to another version, ie:

cd
rm server
ln -s server-1.15.2 server

Configure RCON

Not necessary. Run all command as a "root" user.

Install packages

yum group install "Development Tools"
yum install kernel-debug

Download and compile

wget https://github.com/Tiiffi/mcrcon/archive/master.zip
cd /tmp/
unzip ~/master.zip
cd mcrcon-master/
gcc -std=gnu11 -pedantic -Wall -Wextra -O2 -s -o mcrcon mcrcon.c
cp ./mcrcon /opt/minecraft/tools/
chown minecraft.minecraft /opt/minecraft/tools/mcrcon

If you want to use RCON you have to adjust /opt/minecraft/server/server.properties file:

enable-rcon=true
rcon.password=strong-password

of course change strong-password to some strong password ;-)

Startup script

Create serivce file as root:

cat << EOF > /etc/systemd/system/minecraft.service
[Unit]
Description=Minecraft Server
After=network.target

[Service]
User=minecraft
Nice=1
KillMode=none
SuccessExitStatus=0 1
ProtectHome=true
ProtectSystem=full
PrivateDevices=true
NoNewPrivileges=true
WorkingDirectory=/opt/minecraft/server
ExecStart=/usr/bin/java -Xmx1024M -Xms512M -jar server.jar nogui
ExecStop=/opt/minecraft/tools/mcrcon -H 127.0.0.1 -P 25575 -p strong-password stop


[Install]
WantedBy=multi-user.target
EOF

Run

systemctl start minecraft

You can check /opt/minecraft/server/logs/latest.log to see what is happening.

You should see something like this:

[22:09:52] [Server thread/INFO]: Starting minecraft server version 1.12.2
[22:09:52] [Server thread/INFO]: Loading properties
[22:09:52] [Server thread/WARN]: server.properties does not exist
[22:09:52] [Server thread/INFO]: Generating new properties file
[22:09:52] [Server thread/INFO]: Default game type: SURVIVAL
[22:09:52] [Server thread/INFO]: Generating keypair
[22:09:53] [Server thread/INFO]: Starting Minecraft server on *:25565
[22:09:53] [Server thread/INFO]: Using epoll channel type
[22:09:53] [Server thread/INFO]: Preparing level "world"
[22:09:54] [Server thread/INFO]: Loaded 488 advancements
[22:09:55] [Server thread/INFO]: Preparing start region for level 0
[22:09:56] [Server thread/INFO]: Preparing spawn area: 5%
[22:09:57] [Server thread/INFO]: Preparing spawn area: 8%
[22:09:58] [Server thread/INFO]: Preparing spawn area: 13%
[22:09:59] [Server thread/INFO]: Preparing spawn area: 17%
[22:10:00] [Server thread/INFO]: Preparing spawn area: 22%
[22:10:01] [Server thread/INFO]: Preparing spawn area: 28%
[22:10:02] [Server thread/INFO]: Preparing spawn area: 32%
[22:10:03] [Server thread/INFO]: Preparing spawn area: 37%
[22:10:04] [Server thread/INFO]: Preparing spawn area: 42%
[22:10:05] [Server thread/INFO]: Preparing spawn area: 48%
[22:10:06] [Server thread/INFO]: Preparing spawn area: 53%
[22:10:07] [Server thread/INFO]: Preparing spawn area: 59%
[22:10:08] [Server thread/INFO]: Preparing spawn area: 65%
[22:10:09] [Server thread/INFO]: Preparing spawn area: 70%
[22:10:11] [Server thread/INFO]: Preparing spawn area: 75%
[22:10:12] [Server thread/INFO]: Preparing spawn area: 80%
[22:10:13] [Server thread/INFO]: Preparing spawn area: 86%
[22:10:14] [Server thread/INFO]: Preparing spawn area: 90%
[22:10:15] [Server thread/INFO]: Preparing spawn area: 96%
[22:10:15] [Server thread/INFO]: Done (22.459s)! For help, type "help" or "?"

As you can see first start took more than 22s (not to bad - it's Core 2 Duo and iSCSI disk on 1GB network card - CentOS 8 version of Diskless computer using PXE and iSCSI)

Configure autostart

If you want to start Minecraf server automatically when system starts, just enable this service:

systemctl enable minecraft

That's all.

When you want to use both of them to have to decide to which the clients will be connecting to. In my case packets goes to Dansguardian and then to Squid and finally to internet.

In standard configuration only Dansguardian knows clients IPs.

To provide user's IPs to Squid change Dansguardian configuration to forward them - change in dansguardian.conf (or dansguardianf1.conf, or whatever you have):

forwardedfor = on
usexforwardedfor = on

Be careful - if you don't use Squid (or some other secure proxy) you can publish you private IP addresses to whole world.

Then change Squid configuration (squid.conf) to allow to find the original source:

follow_x_forwarded_for allow localhost

Of course restart both services.

It's pretty simple, but I forgot about this.