# Alpine Host Setup Setup steps for alpine container host using podman compose. For usage with docker compose, the following parts (might) need adjustment - Mount point for lv_containers - Installed packages - iptables/awall rules Download standard iso from https://alpinelinux.org/downloads/ ## live system boot from downloaded iso ### setup-alpine ```sh setup-alpine ``` - Keyboard: `us-us` (adjust if needed) - set hostname - Network: `eth0`, `dhcp`, manual `n` - set root password - Timezone: `Europe/Berlin` (adjust if preferred) - Proxy: `none` - apk mirror: `f` (detect automatically) - add user to your liking - SSH server: `openssh` - Select disk: `sda` - Disk Setup: `lvm`, then `sys` - Erase disk: `y` Setup lvm before reboot ### LVM https://wiki.archlinux.org/title/LVM ```sh # install some needed packages apk add lvm-extra e2fsprogs-extra # list existing LVs lvs # resize existing and create missing LVs lvresize -L G [-r] /dev/vg0/ lvcreate -L G -n vg0 lvcreate -l 100%FREE -n lv_srv vg0 # init filesystem for each newly created LV mkfs.ext4 /dev/vg/ ``` ``` LV LSize Mount lv_root 8.00g / lv_logs 4.00g /var/log lv_containers 20.00g /var/lib/containers lv_srv =REST /srv lv_swap =RAM swap ``` ## Reboot into installed system Remove/reorder boot iso. Reboot via hardreset, qemo-guest not functional yet! ### SSHD ```sh vi /etc/ssh/sshd_config ``` - `Port 222` - `PermitRootLogin no` - `AllowTcpForwarding yes` ### Installed Packages Uncomment community repo in `/etc/apk/repositories` ```sh apk update && apk upgrade && apk add \ gettext \ git \ nano \ tmux \ tree \ zsh \ docker \ docker-compose \ docker-zsh-completion \ docker-compose-zsh-completion \ awall \ qemu-guest-agent \ # depends on your KVM/virtualization situation doas \ podman \ doas-sudo-shim \ py3-pip \ # requirement for podman-compose ``` ### sudo/doas config https://wiki.archlinux.org/title/Doas ```sh echo permit persist csp > /etc/doas.conf chown -c root:root /etc/doas.conf chmod -c 0400 /etc/doas.conf doas -C /etc/doas.conf && echo "config ok" || echo "config error" ``` ### ZSH ```sh sudo nano /etc/passwd ``` - Change to `/bin/zsh` for desired user. ### ohmyzsh https://ohmyz.sh/#install ```sh sh -c "$(wget https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh -O -)" ``` - Theme: bira ### fstab ```sh sudo nano /etc/fstab ``` fstab content: ``` /dev/vg0/lv_root / ext4 rw,relatime 0 1 /dev/vg0/lv_logs /var/log ext4 rw,relatime 0 2 /dev/vg0/lv_containers /var/lib/containers ext4 rw,relatime 0 2 /dev/vg0/lv_srv /srv ext4 rw,relatime 0 2 ``` ### awall https://www.cyberciti.biz/faq/how-to-set-up-a-firewall-with-awall-on-alpine-linux/ https://github.com/alpinelinux/awall/blob/master/README.md https://ipset.netfilter.org/iptables-extensions.man.html#lbAO If error `modprobe: FATAL: Module ip_tables not found...` -> reboot ```sh cd /etc/awall/optional ln -s /opt/container-server/setup/awall/* . awall enable {default,ssh,hhtp} awall activate podman network reload --all ``` ### podman + podman-compose https://wiki.alpinelinux.org/wiki/Podman ```sh rc-update add docker # rc-update add cgroups # rc-service cgroups start ``` https://github.com/containers/podman-compose#installation ```sh pip3 install podman-compose ```