This repository enables netbooting lightweight thinclient operating systems. A thinclient is a minimal OS with essential tools only, unlike full operating systems like Windows.
Security Benefits:
- Reduced attack surface with fewer running components
- Always up-to-date OS and applications through periodic image rebuilds
Cost & Maintenance:
- No OS or EDR licensing costs
- No device management overhead (SCCM/Intune)
- Cheaper hardware requirements - no local storage needed
- Simplified maintenance with centralized updates
Technical Requirements:
- RAM: 16GB recommended (8GB minimum, but performance may suffer)
- Network: Fast network essential for reasonable boot times
- Use Case: Optimized for browser-based workflows in retail and warehouse environments
Thinclients are network-booted and stateless - any device can boot the OS without local storage. The entire image loads into RAM during startup, making devices completely interchangeable.
This guide covers setting up the netboot infrastructure and creating custom thinclient images. While we recommend a CI/CD pipeline for production, this manual approach helps you understand the project structure.
- DHCP Discovery: Client requests IP and boot information via DHCP
- Boot Server Response: DHCP server provides network boot server details and bootloader filenames
- Bootloader Download: Client fetches initial bootloader via TFTP
- Menu Loading: Bootloader loads iPXE menu from network boot server
- Image Selection: User selects image or default loads automatically
- OS Download: Client downloads and boots:
initrd(Initial Ramdisk)kernel(Linux Kernel)squashfs(Compressed filesystem containing the OS)
How we accomplished this, can be found in our netboot submodule; see below for instructions. For more information about netbooting concepts, see netboot.xyz.
This repository contains several components as submodules:
├── netboot/ # Network boot infrastructure
│ └── netboot-services/ # Docker services (TFTP, HTTP, menu generation)
└── thinclient-base/ # Thinclient image building tools
git clone https://github.com/DigitecGalaxus/netbooting-thinclients.git
cd netbooting-thinclients
git submodule update --init --recursive
git submodule foreach git pull origin mainHigh-level process:
- Customize the base Ubuntu image with required packages and configurations
- Extract kernel and initrd from the customized system
- Compress the filesystem using SquashFS
- Deploy artifacts to the netboot server
Detailed instructions: See thinclient-base/ subdirectory for build scripts and customization options.
High-level process:
- Deploy netboot services (TFTP, HTTP, menu generator) using Docker Compose
- Configure DHCP server to point to netboot server
- Place thinclient artifacts in appropriate directories
- Menu is automatically generated from available images
Detailed instructions: See netboot/ subdirectory for service configuration and deployment.
This project has been brought to you by Planet Express @ Digitec Galaxus AG!
- Our setup consists of many separate components. It's important to understand the core concepts of all these components in order to understand how to plug them together. Our setup serves only as an inspiration. Feel free to pick and choose what you see fit.
No matter how small, we value every contribution! If you wish to contribute,
- Please create an issue first - this way, we can discuss the feature and flesh out the nitty-gritty details
- Fork the repository, implement the feature and submit a pull request
- Your feature will be added once the pull request is merged