My journey of installing alpine linux on my homelabbing server.
This blog post contains information on my journey to install Alpine Linux on my homelabbing server. This "server" actually is just an old laptop, that I do not actively use anymore. Since it is powerful enough to run as a server and quite efficient while doing so, I've decided to repurpose it as my server.
The first step of all new OS installations is to obtain an image for the given
operating system. For alpine, they have a downloads page with various
options to choose from. Due to the fact, that I will use a laptop, I've decided
to go with the extended option. This should include "AMD and Intel microcode
updates."
After flashing the device with dd:
sudo dd if=alpine-extended-3.23.4-x86_64.iso of=/dev/disk4
I've proceeded to the installing section of alpine's User Handbook.
There I found out, that the setup-alpine script, which is used for easily
installing alpine linux on a system, does not setup WiFi connections by itself.
Since I will use WiFi as the main way to communicate with my server, this ment that I would need to configure networking manually.
Sadly, setting up WiFi wasn't as easy as I thought. Because alpine is a pretty
minimalistic distribution, the driver for my network device (Intel(R) Wi-Fi 6E AX211 160MHz) was missing. This was probably due to the fact that apk info
(alpine's way to list all installed packages) did not show any
linux-firmware-intel.
So after searching an ethernet cable and doing the same for a free ethernet
port, I was finally able to run setup-alpine -q to start using alpine. This
allowed me to ping an external website for the first time. After running the
-q (quick) version of the setup-alpine command, and testing the connection,
the real installation began.
Alpine linux has a pretty handy script, called setup-alpine this will guide
the user through the installation process, asking him various questions on how
the system should be installed. This includes; setting the keyboard layout,
changing the hostname, setup the primary (wired) interface, use dhcp or not and
various other things. All of those are described in the user handbook.
Most values, I've left to their defaults. If I did not understand the options,
entering the ? instead of any option, outputted a very detailed and easy to
understand description of what option does what. What I think is notable, is
that you even can select between different implementations (for example you can
choose between openssh and other ssh servers, if you want). Also, the help
menu will describe when to use what. For example; if the user is not sure, how
to use the disk, the help menu describes what option is better for what
purpose. sys is best for development boxes, desktops and virtual
servers, crypt is the same as sys but with encription, etc.
Because only I have physical access to this system, it was save for me, to
choose the sys option.
After the installation was finished, I was prompted to reboot the system. I've done what the computer told me and look at that, alpine is now installed.
After the installation worked as it should, it was now time to make it possible
to use the computer without an ethernet connection. I've apk add-ed the
previously mentioned linux-firmware-intel and finally ip addr showed
my wlan0.
Actually, I think, that the
setup-alpinescript already installed thelinux-firmware-intelpackage alongside with some other commonlinux-firmware-*packages.
Alpine supports both wpa_supplicant and iwd, however the wiki entry for
wifi uses wpa_supplicant, thus I proceeded to use this tool instead of
iwd.
To add my network, I used the following command:
# Enter root shell
doas su
# Generate the config and put it into the correct file
wpa_passphrase 'ExampleWifiSSID' 'ExampleWifiPassword' > /etc/wpa_supplicant/wpa_supplicant.conf
After this, I was able to test my wifi connection using:
wpa_supplicant -i wlan0 -c /etc/wpa_supplicant/wpa_supplicant.conf
-i, I assume, is for interface and -c for config file.
After testing, wpa_supplicant was put into the background (daemon) using
-B. Also I setup dhcp, using udhcpc:
# Daemonize the command above
wpa_supplicant -B -i wlan0 -c /etc/wpa_supplicant/wpa_supplicant.conf
# Obtain a dhcp lease
udhcpc -i wlan0
To check, if the dchp stuff worked correctly:
ip addr show wlan0
This should now output an ip address next to the inet field.
Configuring the gateway for my wlan0 interface was pretty straight-forward.
Since I will use a dhcp, I did not need to set and gateway, static ip or a
subnet mask. I could just open /etc/network/interfaces and basically copy the
eth0 configuration. My final file looks like this:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto wlan0
iface wlan0 inet dhcp
To now apply the configuration, first bring the interface down and then restart
the networking service. Lastly bring the interface back up again:
# Bring interface down
ip link set wlan0 down
# Restart networking
rc-service networking --quiet restart &
# Bring interface up again
ip link set wlan0 up
After all of this, I finally was able to ping ivanpollak.com. This ment, that
my laptop was finally ready for server usage.
SSH changed my life
Because this is a server, it should probably have SSH. Also, I do not want to sit in front of this computer, each time I need to administrate something.
For the implementation, I chose OpenSSH, mainly because i already knew it. Also the wiki entry used it.
Installing OpenSSH was pretty straight-forward:
doas apk add openssh
This installed the sshd service, as well as a default configuratoin in
/etc/ssh/sshd_config. In the latter file, I adjusted the settings to my
prefered ones (mainly setting PermitRootMode no to disable root login).
Also, because I want to disable password login altogether, I quickly needed
to start the sshd-service with allowing passwords (to then copy over my ssh
public key to the server).
rc-service sshd start
On my client, I now ran:
ssh-copy-id user@hostname
I quickly verified, that my passwordless login worked via ssh user@hostname.
This worked and this ment, that I could throw my server into a corner in my
room.
Next, I edited the /etc/ssh/sshd_config again, to not allow any logins by
just using the password. This was done via the PasswordAuthentication no
option.
All that was left, was to restart the service and add the service to
rc-update (launch the service at boot):
doas rc-service sshd restart
rc-update add sshd
A standard alpine linux installation uses a basic acpid implementation.
By default, there is nothing configured and thus, nothing will happen when the
lid of the laptop is closed. If this is wanted, /etc/acpi.map can be created
and edited. This however is out of the scope of this blog entry.
The process of installing alpine linux on a laptop to use as a server, might not be as easy as other operating systems. It requires a background in linux technologies and a basic understanding of errors in linux. With that said, the alpine linux wiki is very extensive and easy to read. It covers almost every question that an user might have during setup. This makes it, if you have some linux knowledge, pretty okay to install, especially if you're used to read through wiki entries.
by ivanpollak