Install Alpine as host operating system instead of Debian

2017-12-18 15:45:17 +01:00 · 2017-12-18 15:45:17 +01:00 · f0afd6e596
commit f0afd6e596
parent 4da4e23719
2 changed files with 113 additions and 97 deletions
--- a/README.md
+++ b/README.md
@ -1,119 +1,35 @@
 This is the main repository containing all installation scripts, configuration and customization of operating system all application present in Spotter Cluster virtual machine.

-## Operating system preparation
-
-### Virtual machine specifications
+## Virtual machine specifications
 - **Memory:** 4 GB
 - **CPU:** 1 processor, 2 cores
 - **Hard Disk:** SCSI, 60 GB

-### Operating system media download
-Download **Debian 9.0.0 amd64 netinstall** from <https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/> and launch Text-mode installation
-
 ## Operating system installation

-### Locale settings
- **Language:** English
- **Country, territory or area:** other
- **Continent or region:** Europe
- **Country, territory or area:** Czech Republic
- **Country to base default locale settings on:** United States - en_US.UTF-8
- **Keymap to use:** American English
+Download **Alpine Virtual 3.7.0 x86_64** from <https://alpinelinux.org/downloads/> and boot from it. At the login prompt, use the root user without password to log in.

-### Hostname
- **Hostname:** debian
- **Domain name:** [leave blank]
+```
+# Set up interfaces (leave the default choices)
+setup-interfaces
+ifup eth0

-### Users
- **Root password:** [random password of your choice]
- **Full name for the new user:** user
- **Username for your account:** user
- **Choose a password for the new user:** [random passowrd of your choice]
+# Download and launch the setup script  
+wget dl.dasm.cz/alpine.sh
+sh alpine.sh
+```

-Note: The *user* account will be deleted afterwards as part of installation steps.
-
-### Partitions
- **Partitioning method:** Manual
-1. Create empty partition table on SCSI1 (0,0,0) (sda)
-2. Create new partition
-   - **New partition size:** 256 MB
-   - **Type for the new partition:** Primary
-   - **Location for the new partition:** Beginning
-   - Definition
-     - **Use as:** Ext2 file system  
-     - **Format the partition:** yes, format it  
-     - **Mount point:** /boot  
-     - **Mount options:** default  
-     - **Label:** none  
-     - **Reserved blocks:** 5%  
-     - **Typical usage:** standard  
-     - **Bootable flag:** on
-3. Create new partition
-   - **New partition size:** [maximum]
-   - **Type for the new partition:** Primary
-   - **Location for the new partition:** Beginning
-   - Definition
-     - **Use as:** physical volume for encryption  
-     - **Encryption method:** Device-mapper (dm-crypt)  
-     - **Encryption:** aes  
-     - **Key size:** 128  
-     - **IV algorithm:** xts-plain64  
-     - **Encryption key:** Passphrase  
-     - **Erase data:** no  
-     - **Bootable flag:** off
-4. Configure encrypted volumes
-   - Create encrypted volumes
-   - /dev/sda2
-   - Finish
-   - **Encryption passphrase:** [random]
-5. Select encrypted volume (sda2_crypt), partition #1
-   - **Use as:** physical volume for LVM
-6. Configure the Logical Volume Manager
-   - Create volume group
-     - **Volume group name:** vg0
-     - **Devices for the new volume group:** /dev/mapper/sda2_crypt
-   - Create logical volume
-     - **Volume group:** vg0
-     - **Logical volume name:** swap
-     - **Logical volume size:** 4 GB
-   - Create logical volume
-     - **Volume group:** vg0
-     - **Logical volume name:** root
-     - **Logical volume size:** [maximum]
-   - Finish
-7. Select LVM VG vg0, LV root, partition #1
-   - Definition
-     - **Use as:** Ext4 journaling file system  
-     - **Mount point:** /  
-     - **Mount options:** noatime  
-     - **Label:** none  
-     - **Reserved blocks:** 1%  
-     - **Typical usage:** standard
-8. Select LVM VG vg0, LV swap, partition #1
-   - **Use as:** swap area
-9. Finish partitioning and write changes to disk
-
-### Packages
- **Scan another CD or DVD?:** No
- **Debian archive mirror counrty:** Czechia
- **Debian archive mirror:** ftp.cz.debian.org
- **HTTP proxy information:** [leave blank]
- **Participate in package survey:** No
- **Choose software to install:** [unselect all]
-
-### Bootloader
- **Install the GRUB boot loader to the master boot record?:** yes
- **Device for boot loader installation:** /dev/sda
+The script will perform the bare Alpine linux installation into VM using LUKS-on-LVM. The default disk encryption password is `password`. No root password is set.

 ## Application installation

 ### First time setup
 ```
 # Update package info
-apt update
+apk update

 # Install git
-apt install git
+apk --no-cache add git

 # Clone the repository
 git clone https://gitlab.dasm.cz:8443/Spotter-Cluster/Spotter-Cluster.git
--- a/alpine.sh
+++ b/alpine.sh
@ -0,0 +1,100 @@
+#!/bin/sh
+
+# Prerequisites
+# setup-interfaces
+# ifup eth0
+
+# Set up repositories  
+cat <<EOF >/etc/apk/repositories
+http://repository.fit.cvut.cz/mirrors/alpine/v3.7/main
+http://repository.fit.cvut.cz/mirrors/alpine/v3.7/community
+#http://repository.fit.cvut.cz/mirrors/alpine/edge/main
+#http://repository.fit.cvut.cz/mirrors/alpine/edge/community
+#http://repository.fit.cvut.cz/mirrors/alpine/edge/testing
+EOF
+
+# Install disk management tools  
+apk --no-cache add lvm2 cryptsetup e2fsprogs syslinux
+
+# Create disk partitions
+cat <<EOF | fdisk /dev/sda
+n
+p
+1
+
+100m
+a
+1
+n
+p
+2
+
+
+t
+2
+8e
+w
+EOF
+
+# Set up partition encryption
+echo -n 'password' | cryptsetup -q luksFormat /dev/sda2
+echo -n 'password' | cryptsetup open --type luks /dev/sda2 system
+
+# Set up LVM
+pvcreate /dev/mapper/system
+vgcreate vg0 /dev/mapper/system
+lvcreate -L 4G vg0 -n swap
+lvcreate -l 100%FREE vg0 -n root
+
+# Format
+mkfs.ext4 -m0 /dev/sda1
+mkfs.ext4 -m1 /dev/vg0/root
+mkswap /dev/vg0/swap
+
+# Mount
+mount -t ext4 /dev/vg0/root /mnt
+mkdir /mnt/boot
+mount -t ext4 /dev/sda1 /mnt/boot
+
+# Install Alpine linux
+setup-disk -m sys /mnt
+
+# Update boot-time volume information
+BOOT_UUID=$(blkid /dev/sda1 | awk '{print $2}' | tr -d '"')
+cat <<EOF >/mnt/etc/fstab
+/dev/vg0/root                               /       ext4    rw,noatime,data=ordered   0   1
+${BOOT_UUID}   /boot   ext4    rw,noatime,data=ordered   0   2
+/dev/vg0/swap                               swap    swap    defaults                  0   0
+EOF
+echo "system /dev/sda2 none luks" >/mnt/etc/crypttab
+
+# Rebuild initfs
+sed -i 's/lvm/lvm cryptsetup/' /mnt/etc/mkinitfs/mkinitfs.conf
+mkinitfs -c /mnt/etc/mkinitfs/mkinitfs.conf -b /mnt $(ls /mnt/lib/modules)
+
+# Update extlinux
+sed -i 's/rootfstype=ext4/rootfstype=ext4 cryptroot=\/dev\/sda2 cryptdm=system/' /mnt/etc/update-extlinux.conf
+chroot /mnt update-extlinux
+
+# Set time zone
+chroot /mnt setup-timezone -z Europe/Prague
+
+# Set hostname
+echo 'vm' >/mnt/etc/hostname
+sed -i 's/localhost/vm/' /mnt/etc/network/interfaces
+sed -i 's/localhost /vm localhost /' /mnt/etc/hosts
+
+# Enable services on boot
+ln -s /etc/init.d/networking /mnt/etc/runlevels/boot
+ln -s /etc/init.d/urandom /mnt/etc/runlevels/boot
+
+# Install bootloader to MBR
+dd bs=440 count=1 conv=notrunc if=/mnt/usr/share/syslinux/mbr.bin of=/dev/sda
+
+# Unmount and shut down
+umount /mnt/boot
+umount /mnt
+swapoff -a
+vgchange -a n
+cryptsetup luksClose system
+poweroff