3.4 KiB
3.4 KiB
Alpine Host Setup
Setup steps for alpine container host using docker compose.
Download standard iso from https://alpinelinux.org/downloads/
live system
boot from downloaded iso
setup-alpine
setup-alpine
- Keyboard:
us-us
(adjust if needed) - set hostname
- Network:
eth0
,dhcp
, manualn
- set root password
- Timezone:
Europe/Berlin
(adjust if preferred) - Proxy:
none
- apk mirror:
f
(detect automatically) - add user to your liking
- SSH server:
openssh
- Select disk:
sda
- Disk Setup:
lvm
, thensys
- Erase disk:
y
Setup lvm before reboot!
LVM
https://wiki.archlinux.org/title/LVM
# install some needed packages
apk add lvm2-extra e2fsprogs-extra device-mapper
# list existing LVs
lvs
# resize existing and create missing LVs
lvresize -L <SIZE>G [-r] /dev/vg0/<LV>
lvcreate -L <SIZE>G -n <LV NAME> vg0
lvcreate -l 100%FREE -n lv_srv vg0
# init filesystem for each newly created LV
mkfs.ext4 /dev/vg0/<LV>
LV LSize Mount
lv_root 8.00g /
lv_logs 4.00g /var/log
lv_containers 20.00g /var/lib/containers
lv_srv =REST /srv
lv_swap =RAM swap
Reboot into installed system
Remove/reorder boot iso. Reboot via hardreset, qemu-guest not functional yet!
SSHD
vi /etc/ssh/sshd_config
Port 222
PermitRootLogin no
AllowTcpForwarding yes
service sshd restart
sudo
apk update && apk add sudo
visudo
Uncomment %wheel ALL=(ALL:ALL) ALL
to allow users in 'wheel' group to use sudo.
From here on you can use ssh and sudo
ssh -p 222 <username>@<hostname>
Installed Packages
sudo vi /etc/apk/repositories
Uncomment community repo
sudo apk update && sudo apk upgrade && sudo apk add \
gettext \
awall \
docker \
docker-compose \
docker-zsh-completion \
git \
htop \
nano \
nftables \
qemu-guest-agent \
sudo \
tree \
zsh \
# currently not available in alpine 3.18:
docker-compose-zsh-completion \
zsh
sudo nano /etc/passwd
- Change to
/bin/zsh
for desired user.
ohmyzsh
sh -c "$(wget https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh -O -)"
- Theme: amuse
fstab
sudo nano /etc/fstab
fstab content:
/dev/vg0/lv_root / ext4 rw,relatime 0 1
/dev/vg0/lv_logs /var/log ext4 rw,relatime 0 2
/dev/vg0/lv_containers /var/lib/containers ext4 rw,relatime 0 2
/dev/vg0/lv_srv /srv ext4 rw,relatime 0 2
To mount all:
sudo mount -a
ntp
rc-update add ntpd
service ntpd start
checkout repo
cd /opt
sudo git clone <this repo's url>
awall
https://www.cyberciti.biz/faq/how-to-set-up-a-firewall-with-awall-on-alpine-linux/
https://github.com/alpinelinux/awall/blob/master/README.md
https://ipset.netfilter.org/iptables-extensions.man.html#lbAO
If error modprobe: FATAL: Module ip_tables not found...
-> reboot
cd /etc/awall/optional
sudo ln -vs /opt/container-server/setup/awall/* .
sudo awall enable {default,ssh,http}
sudo awall activate
docker
https://wiki.alpinelinux.org/wiki/Docker
rc-update add docker
service docker start
cron
cp -r /opt/container-server/setup/cron/* /etc/periodic/