Install Alpine as host operating system instead of Debian

2017-12-18 15:45:17 +01:00 · 2017-12-18 15:45:17 +01:00 · f0afd6e596
commit f0afd6e596
parent 4da4e23719
2 changed files with 113 additions and 97 deletions
--- a/README.md
+++ b/README.md
@ -1,119 +1,35 @@
 This is the main repository containing all installation scripts, configuration and customization of operating system all application present in Spotter Cluster virtual machine.
-## Operating system preparation
+## Virtual machine specifications
 ### Virtual machine specifications
 - **Memory:** 4 GB
 - **CPU:** 1 processor, 2 cores
 - **Hard Disk:** SCSI, 60 GB
 ### Operating system media download
 Download **Debian 9.0.0 amd64 netinstall** from <https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/> and launch Text-mode installation
 ## Operating system installation
-### Locale settings
+Download **Alpine Virtual 3.7.0 x86_64** from <https://alpinelinux.org/downloads/> and boot from it. At the login prompt, use the root user without password to log in.
 - **Language:** English
 - **Country, territory or area:** other
 - **Continent or region:** Europe
 - **Country, territory or area:** Czech Republic
 - **Country to base default locale settings on:** United States - en_US.UTF-8
 - **Keymap to use:** American English
-### Hostname
+```
- **Hostname:** debian
+# Set up interfaces (leave the default choices)
- **Domain name:** [leave blank]
+setup-interfaces
 ifup eth0
-### Users
+# Download and launch the setup script  
- **Root password:** [random password of your choice]
+wget dl.dasm.cz/alpine.sh
- **Full name for the new user:** user
+sh alpine.sh
- **Username for your account:** user
+```
 - **Choose a password for the new user:** [random passowrd of your choice]
-Note: The *user* account will be deleted afterwards as part of installation steps.
+The script will perform the bare Alpine linux installation into VM using LUKS-on-LVM. The default disk encryption password is `password`. No root password is set.
 ### Partitions
 - **Partitioning method:** Manual
 1. Create empty partition table on SCSI1 (0,0,0) (sda)
 2. Create new partition
   - **New partition size:** 256 MB
   - **Type for the new partition:** Primary
   - **Location for the new partition:** Beginning
   - Definition
     - **Use as:** Ext2 file system  
     - **Format the partition:** yes, format it  
     - **Mount point:** /boot  
     - **Mount options:** default  
     - **Label:** none  
     - **Reserved blocks:** 5%  
     - **Typical usage:** standard  
     - **Bootable flag:** on
 3. Create new partition
   - **New partition size:** [maximum]
   - **Type for the new partition:** Primary
   - **Location for the new partition:** Beginning
   - Definition
     - **Use as:** physical volume for encryption  
     - **Encryption method:** Device-mapper (dm-crypt)  
     - **Encryption:** aes  
     - **Key size:** 128  
     - **IV algorithm:** xts-plain64  
     - **Encryption key:** Passphrase  
     - **Erase data:** no  
     - **Bootable flag:** off
 4. Configure encrypted volumes
   - Create encrypted volumes
   - /dev/sda2
   - Finish
   - **Encryption passphrase:** [random]
 5. Select encrypted volume (sda2_crypt), partition #1
   - **Use as:** physical volume for LVM
 6. Configure the Logical Volume Manager
   - Create volume group
     - **Volume group name:** vg0
     - **Devices for the new volume group:** /dev/mapper/sda2_crypt
   - Create logical volume
     - **Volume group:** vg0
     - **Logical volume name:** swap
     - **Logical volume size:** 4 GB
   - Create logical volume
     - **Volume group:** vg0
     - **Logical volume name:** root
     - **Logical volume size:** [maximum]
   - Finish
 7. Select LVM VG vg0, LV root, partition #1
   - Definition
     - **Use as:** Ext4 journaling file system  
     - **Mount point:** /  
     - **Mount options:** noatime  
     - **Label:** none  
     - **Reserved blocks:** 1%  
     - **Typical usage:** standard
 8. Select LVM VG vg0, LV swap, partition #1
   - **Use as:** swap area
 9. Finish partitioning and write changes to disk
 ### Packages
 - **Scan another CD or DVD?:** No
 - **Debian archive mirror counrty:** Czechia
 - **Debian archive mirror:** ftp.cz.debian.org
 - **HTTP proxy information:** [leave blank]
 - **Participate in package survey:** No
 - **Choose software to install:** [unselect all]
 ### Bootloader
 - **Install the GRUB boot loader to the master boot record?:** yes
 - **Device for boot loader installation:** /dev/sda
 ## Application installation
 ### First time setup
 ```
 # Update package info
-apt update
+apk update
 # Install git
-apt install git
+apk --no-cache add git
 # Clone the repository
 git clone https://gitlab.dasm.cz:8443/Spotter-Cluster/Spotter-Cluster.git
--- a/alpine.sh
+++ b/alpine.sh
@ -0,0 +1,100 @@
 #!/bin/sh
 # Prerequisites
 # setup-interfaces
 # ifup eth0
 # Set up repositories  
 cat <<EOF >/etc/apk/repositories
 http://repository.fit.cvut.cz/mirrors/alpine/v3.7/main
 http://repository.fit.cvut.cz/mirrors/alpine/v3.7/community
 #http://repository.fit.cvut.cz/mirrors/alpine/edge/main
 #http://repository.fit.cvut.cz/mirrors/alpine/edge/community
 #http://repository.fit.cvut.cz/mirrors/alpine/edge/testing
 EOF
 # Install disk management tools  
 apk --no-cache add lvm2 cryptsetup e2fsprogs syslinux
 # Create disk partitions
 cat <<EOF | fdisk /dev/sda
 n
 p
 1
 +100m
 a
 1
 n
 p
 2
 t
 2
 8e
 w
 EOF
 # Set up partition encryption
 echo -n 'password' | cryptsetup -q luksFormat /dev/sda2
 echo -n 'password' | cryptsetup open --type luks /dev/sda2 system
 # Set up LVM
 pvcreate /dev/mapper/system
 vgcreate vg0 /dev/mapper/system
 lvcreate -L 4G vg0 -n swap
 lvcreate -l 100%FREE vg0 -n root
 # Format
 mkfs.ext4 -m0 /dev/sda1
 mkfs.ext4 -m1 /dev/vg0/root
 mkswap /dev/vg0/swap
 # Mount
 mount -t ext4 /dev/vg0/root /mnt
 mkdir /mnt/boot
 mount -t ext4 /dev/sda1 /mnt/boot
 # Install Alpine linux
 setup-disk -m sys /mnt
 # Update boot-time volume information
 BOOT_UUID=$(blkid /dev/sda1 | awk '{print $2}' | tr -d '"')
 cat <<EOF >/mnt/etc/fstab
 /dev/vg0/root                               /       ext4    rw,noatime,data=ordered   0   1
 ${BOOT_UUID}   /boot   ext4    rw,noatime,data=ordered   0   2
 /dev/vg0/swap                               swap    swap    defaults                  0   0
 EOF
 echo "system /dev/sda2 none luks" >/mnt/etc/crypttab
 # Rebuild initfs
 sed -i 's/lvm/lvm cryptsetup/' /mnt/etc/mkinitfs/mkinitfs.conf
 mkinitfs -c /mnt/etc/mkinitfs/mkinitfs.conf -b /mnt $(ls /mnt/lib/modules)
 # Update extlinux
 sed -i 's/rootfstype=ext4/rootfstype=ext4 cryptroot=\/dev\/sda2 cryptdm=system/' /mnt/etc/update-extlinux.conf
 chroot /mnt update-extlinux
 # Set time zone
 chroot /mnt setup-timezone -z Europe/Prague
 # Set hostname
 echo 'vm' >/mnt/etc/hostname
 sed -i 's/localhost/vm/' /mnt/etc/network/interfaces
 sed -i 's/localhost /vm localhost /' /mnt/etc/hosts
 # Enable services on boot
 ln -s /etc/init.d/networking /mnt/etc/runlevels/boot
 ln -s /etc/init.d/urandom /mnt/etc/runlevels/boot
 # Install bootloader to MBR
 dd bs=440 count=1 conv=notrunc if=/mnt/usr/share/syslinux/mbr.bin of=/dev/sda
 # Unmount and shut down
 umount /mnt/boot
 umount /mnt
 swapoff -a
 vgchange -a n
 cryptsetup luksClose system
 poweroff