/etc/ssl1.1 with symlinks to
/etc/ssl, as would be found in a default installation of 3.15.
This is a different approach from my proposal of setting
SSL_CERT_DIR. It's easier to convince myself that modifying the tmpfs will be appropriately scoped to the problem, and not pollute anything I didn't think about, rather than modifying environment variables.
I tested this by:
mkinitfs-*.apkfrom a modified
APKBUILDto point to my repo
- installed the
mkinitfs -s /path/to/modloop-virt.SIGN.RSA.email@example.com -k -F "base squashfs network usb virtio" -o "/tmp/initramfs-virt" "5.15.32-0-virt", which is as close as I could find to the command used to generate
- booted with the following ipxe config, booting from the test artifact hosted on backblaze b2:
#!ipxe ifconf kernel https://dl-cdn.alpinelinux.org/alpine/v3.15/releases/x86_64/netboot/vmlinuz-virt modules=loop,squashfs nomodeset apkovl=https://f004.backblazeb2.com/file/sbrudenell-netboot/test.apkovl.tar.gz alpine_repo=https://dl-cdn.alpinelinux.org/alpine/v3.15/main modloop=https://dl-cdn.alpinelinux.org/alpine/v3.15/releases/x86_64/netboot/modloop-virt console=tty0 console=ttyS0,115200n8 earlyprintk=serial,ttyS0,115200n8 initrd https://f004.backblazeb2.com/file/sbrudenell-netboot/initramfs-virt boot
It worked as expected. It loaded my
apkovl from https, and installed packages from the https repo.