-
-
Save thde/5312a42665c5c901aef4 to your computer and use it in GitHub Desktop.
#!/bin/sh | |
set -ex | |
PATH=/bin:/sbin:/usr/bin:/usr/sbin | |
KEYMAP="us us" | |
HOST=alpine | |
USER=anon | |
ROOT_FS=ext4 | |
BOOT_FS=ext4 | |
FEATURES="ata base ide scsi usb virtio $ROOT_FS" | |
MODULES="sd-mod,usb-storage,$ROOT_FS" | |
REL=3.6 | |
MIRROR=http://dl-cdn.alpinelinux.org/alpine | |
REPO=$MIRROR/v$REL/main | |
APKV=2.7.2-r0 | |
DEV=/dev/sdb | |
ROOT_DEV=${DEV}2 | |
BOOT_DEV=${DEV}1 | |
ROOT=/mnt | |
BOOT=/mnt/boot | |
ARCH=$(uname -m) | |
sgdisk -Z $DEV | |
sgdisk -n 1:0:+512M $DEV | |
sgdisk -t 1:8300 $DEV | |
sgdisk -c 1:boot $DEV | |
sgdisk -n 2:0:+20G $DEV | |
sgdisk -t 2:8300 $DEV | |
sgdisk -c 2:root $DEV | |
sgdisk -A 1:set:2 $DEV | |
mkfs.$BOOT_FS -m 0 -q -L boot $BOOT_DEV | |
mkfs.$ROOT_FS -q -L root $ROOT_DEV | |
mount $ROOT_DEV $ROOT | |
mkdir $BOOT | |
mount $BOOT_DEV $BOOT | |
curl -s $MIRROR/v$REL/main/$ARCH/apk-tools-static-${APKV}.apk | tar xz | |
./sbin/apk.static --repository $REPO --update-cache --allow-untrusted --root $ROOT --initdb add alpine-base syslinux dhcpcd | |
cat << EOF > $ROOT/etc/fstab | |
$ROOT_DEV / $ROOT_FS defaults,noatime 0 0 | |
$BOOT_DEV /boot $BOOT_FS defaults 0 2 | |
EOF | |
echo $REPO > $ROOT/etc/apk/repositories | |
cat /etc/resolv.conf > $ROOT/etc/resolv.conf | |
cat << EOF > $ROOT/etc/update-extlinux.conf | |
overwrite=1 | |
vesa_menu=0 | |
default_kernel_opts="quiet" | |
modules=$MODULES | |
root=$ROOT_DEV | |
verbose=0 | |
hidden=1 | |
timeout=1 | |
default=grsec | |
serial_port= | |
serial_baud=115200 | |
xen_opts=dom0_mem=256M | |
password='' | |
EOF | |
cat << EOF > $ROOT/etc/network/interfaces | |
auto lo | |
iface lo inet loopback | |
auto eth0 | |
iface eth0 inet dhcp | |
hostname $HOST | |
EOF | |
mount --bind /proc $ROOT/proc | |
mount --bind /dev $ROOT/dev | |
mount --bind /sys $ROOT/sys | |
chroot $ROOT /bin/sh -x << CHROOT | |
apk update | |
apk add openssh | |
setup-hostname -n $HOST | |
rc-update -q add devfs sysinit | |
rc-update -q add dmesg sysinit | |
rc-update -q add mdev sysinit | |
rc-update -q add hwdrivers sysinit | |
rc-update -q add hwclock boot | |
rc-update -q add modules boot | |
rc-update -q add sysctl boot | |
rc-update -q add hostname boot | |
rc-update -q add bootmisc boot | |
rc-update -q add syslog boot | |
rc-update -q add networking boot | |
rc-update -q add urandom boot | |
rc-update -q add dhcpcd boot | |
rc-update -q add mount-ro shutdown | |
rc-update -q add killprocs shutdown | |
rc-update -q add savecache shutdown | |
rc-update -q add acpid default | |
rc-update -q add crond default | |
rc-update -q add sshd default | |
echo features=\""$FEATURES"\" > /etc/mkinitfs/mkinitfs.conf | |
apk add linux-grsec | |
extlinux -i /boot | |
dd bs=440 conv=notrunc count=1 if=/usr/share/syslinux/gptmbr.bin of=$DEV | |
CHROOT | |
chroot $ROOT passwd | |
chroot $ROOT adduser -s /bin/ash -D $USER | |
chroot $ROOT passwd $USER | |
umount $ROOT/proc | |
umount $ROOT/dev | |
umount $ROOT/sys | |
umount $BOOT | |
umount $ROOT |
How do you use this script ?
Boot up the machine in rescue boot mode and run the script. You have to correct the variables beforehand.
Update for Alpine Linux 3.9, adapted and tested on Kimsufi (installed from NetBoot: rescue):
Thanks for posting it! :)
I got a problem after updating my Alpine and rebooting the machine. It seems my networks config just isn't compatible with the Kimsufi network anymore.
Any one got the same problems ?
linux-vanilla
not existed anymore. Any update for AlpineLinux 3.19 ?
Should be linux-lts
since 3.11
linux-vanilla has been removed. Install linux-lts when upgrading.
But it happens a wierd thing that when I perform the install inside a live system, the first reboot success, the second shoot failed. I am not familiar with alpine
so far, wonder if you can help to take a look;
#!/bin/dash
_OS=alpine
_ARC=$(dpkg --print-architecture)
_MIRROR=http://images.linuxcontainers.org
_FILTERED_INDEX=$(curl -fsSL "${_MIRROR}/meta/1.0/index-system" | grep -v edge)
_INDEX=$(echo "$_FILTERED_INDEX" | awk -F';' -v os="$_OS" -v arch="$_ARC" '$1==os && $3==arch {print $NF}' | tail -1)
_TARGET="${_MIRROR}/${_INDEX}rootfs.tar.xz"
XUSER=m0nius
HOST=computing-alpine
PEM="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBUG8QsUdArpYbyQPgXIYISf6G2q9t6s+qxP5K8Vafc6"
FEATURES="ata base ide scsi usb virtio ext4 network"
MODULES="sd-mod,usb-storage,ext4,e1000e"
ROOT=$(findmnt -no SOURCE /)
ROOT_DEV="/dev/$(lsblk -ndo pkname "$ROOT")"
ROOTFS_MNT=/mnt.$_ARC
BOOT_LIB="/usr/share/syslinux"
sudo mkdir -p "$ROOTFS_MNT"/boot
curl -fsSL "$_TARGET" | sudo tar -C "$ROOTFS_MNT" -xJ
IFACE=$(ip route get 8.8.8.8 | sed -n 's/.*dev \([^\ ]*\).*/\1/p' | head -n 1)
_IPV4=$(ip addr show dev "$IFACE" | awk '/inet /{print $2}' | cut -d' ' -f2)
_IPv6=$(ip addr show dev "$IFACE" | awk '/inet6 /{print $2}' | cut -d' ' -f2)
GATEWAY=$(ip route show default | awk '/default/ {print $3}')
cat <<EOF | sudo tee "$ROOTFS_MNT"/etc/network/interfaces
auto lo
iface lo inet loopback
auto $IFACE
iface $IFACE inet static
address $_IPV4
gateway $GATEWAY
EOF
cat <<EOF | sudo tee "$ROOTFS_MNT"/etc/resolv.conf
nameserver 1.1.1.1
EOF
find / \( ! -path '/dev/*' -and ! -path '/proc/*' -and ! -path '/sys/*' -and ! -path '/selinux/*' -and ! -path "$ROOTFS_MNT/*" \) -delete 2>/dev/null || true
"$ROOTFS_MNT/lib/ld-musl-x86_64.so.1" "$ROOTFS_MNT/bin/busybox" cp -a "$ROOTFS_MNT"/* / && rm -rf "$ROOTFS_MNT"
apk update
setup-hostname -n $HOST
apk add openrc openssh alpine-base curl syslinux util-linux sgdisk sudo bash
rc-update -q add devfs sysinit
rc-update -q add dmesg sysinit
rc-update -q add mdev sysinit
rc-update -q add hwdrivers sysinit
rc-update -q add hwclock boot
rc-update -q add modules boot
rc-update -q add sysctl boot
rc-update -q add hostname boot
rc-update -q add bootmisc boot
rc-update -q add syslog boot
rc-update -q add networking boot
rc-update -q add mount-ro shutdown
rc-update -q add killprocs shutdown
rc-update -q add savecache shutdown
rc-update -q add acpid default
rc-update -q add crond default
rc-update -q add sshd default
rc-update -q add cgroups default
ssh-keygen -A
echo features=\""$FEATURES"\" > /etc/mkinitfs/mkinitfs.conf
cat << EOF | tee /etc/update-extlinux.conf
overwrite=1
vesa_menu=0
default_kernel_opts="quiet"
modules=$MODULES
root=$ROOT
verbose=0
hidden=1
timeout=1
default=grsec
serial_port=
serial_baud=115200
xen_opts=dom0_mem=256M
password=''
EOF
cat <<EOF | tee /etc/fstab
$ROOT / ext4 rw,discard,errors=remount-ro 0 1
EOF
adduser --disabled-password --gecos "" $XUSER sudo && echo "$XUSER:$HOST" | chpasswd
mkdir -p /home/$XUSER/.ssh && echo "$PEM" >> /home/$XUSER/.ssh/authorized_keys
{
echo "$PEM"
} >> /home/$XUSER/.ssh/authorized_keys
chmod 600 /home/$XUSER/.ssh/authorized_keys && chown -R "$XUSER:root" /home/$XUSER/.ssh
echo "$XUSER ALL=(ALL) NOPASSWD:ALL" | tee -a /etc/sudoers.d/$XUSER
apk add linux-lts
extlinux --install /boot
sgdisk "$ROOT_DEV" --attributes=1:set:2
dd bs=440 count=1 conv=notrunc if="$BOOT_LIB"/gptmbr.bin of="$ROOT_DEV"
sync; reboot -f
Just another update that it could works after reboot
, but with linux-virt
instead of linux-lts
on the VM machine. But to be mentioned that the Alpine 3.19
seems cannot detect the /boot/extlinux.conf
, so I moved it to /boot/syslinux.cfg
.
#!/bin/dash
_OS=alpine
_ARC=$(dpkg --print-architecture)
_MIRROR=http://images.linuxcontainers.org
_FILTERED_INDEX=$(curl -fsSL "${_MIRROR}/meta/1.0/index-system" | grep -v edge)
_INDEX=$(echo "$_FILTERED_INDEX" | awk -F';' -v os="$_OS" -v arch="$_ARC" '$1==os && $3==arch {print $NF}' | tail -1)
_TARGET="${_MIRROR}/${_INDEX}rootfs.tar.xz"
XUSER=m0nius
HOST=computing-alpine
ROOTFS_MNT=/mnt.$_ARC
PEM="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBUG8QsUdArpYbyQPgXIYISf6G2q9t6s+qxP5K8Vafc6"
FEATURES="ata base ide scsi usb virtio ext4 network"
MODULES="sd-mod,usb-storage,ext4,e1000e"
ROOT=$(findmnt -no SOURCE /)
ROOT_DEV="/dev/$(lsblk -ndo pkname "$ROOT")"
BOOT_LIB="/usr/share/syslinux"
sudo mkdir -p "$ROOTFS_MNT"/boot
curl -fsSL "$_TARGET" | sudo tar -C "$ROOTFS_MNT" -xJ
IFACE=$(ip route get 8.8.8.8 | sed -n 's/.*dev \([^\ ]*\).*/\1/p' | head -n 1)
_IPV4=$(ip addr show dev "$IFACE" | awk '/inet /{print $2}' | cut -d' ' -f2)
_IPv6=$(ip addr show dev "$IFACE" | awk '/inet6 /{print $2}' | cut -d' ' -f2)
GATEWAY=$(ip route show default | awk '/default/ {print $3}')
cat <<EOF | sudo tee "$ROOTFS_MNT"/etc/network/interfaces
auto lo
iface lo inet loopback
auto $IFACE
iface $IFACE inet static
address $_IPV4
gateway $GATEWAY
EOF
cat <<EOF | sudo tee "$ROOTFS_MNT"/etc/resolv.conf
nameserver 1.1.1.1
EOF
find / \( ! -path '/dev/*' -and ! -path '/proc/*' -and ! -path '/sys/*' -and ! -path '/selinux/*' -and ! -path "$ROOTFS_MNT/*" \) -delete 2>/dev/null || true
"$ROOTFS_MNT/lib/ld-musl-x86_64.so.1" "$ROOTFS_MNT/bin/busybox" cp -a "$ROOTFS_MNT"/* / && rm -rf "$ROOTFS_MNT"
apk update
setup-hostname -n $HOST
apk add openrc openssh alpine-base curl syslinux util-linux sgdisk sudo bash
rc-update -q add devfs sysinit
rc-update -q add dmesg sysinit
rc-update -q add mdev sysinit
rc-update -q add hwdrivers sysinit
rc-update -q add hwclock boot
rc-update -q add modules boot
rc-update -q add sysctl boot
rc-update -q add hostname boot
rc-update -q add bootmisc boot
rc-update -q add syslog boot
rc-update -q add networking boot
rc-update -q add mount-ro shutdown
rc-update -q add killprocs shutdown
rc-update -q add savecache shutdown
rc-update -q add acpid default
rc-update -q add crond default
rc-update -q add sshd default
rc-update -q add cgroups default
ssh-keygen -A
echo features=\""$FEATURES"\" > /etc/mkinitfs/mkinitfs.conf
cat << EOF | tee /etc/update-extlinux.conf
overwrite=1
vesa_menu=0
default_kernel_opts="quiet"
modules=$MODULES
root=$ROOT
verbose=0
hidden=1
timeout=1
default=grsec
serial_port=
serial_baud=115200
xen_opts=dom0_mem=256M
password=''
EOF
apk add linux-virt
cat <<EOF | tee /etc/fstab
$ROOT / ext4 rw,discard,errors=remount-ro 0 1
EOF
mv /boot/extlinux.conf /boot/syslinux.cfg
adduser --disabled-password --gecos "" $XUSER sudo && echo "$XUSER:$HOST" | chpasswd
mkdir -p /home/$XUSER/.ssh && echo "$PEM" >> /home/$XUSER/.ssh/authorized_keys
{
echo "$PEM"
} >> /home/$XUSER/.ssh/authorized_keys
chmod 600 /home/$XUSER/.ssh/authorized_keys && chown -R "$XUSER:root" /home/$XUSER/.ssh
echo "$XUSER ALL=(ALL) NOPASSWD:ALL" | tee -a /etc/sudoers.d/$XUSER
extlinux --install /boot
sgdisk "$ROOT_DEV" --attributes=1:set:2
dd bs=440 count=1 conv=notrunc if="$BOOT_LIB"/gptmbr.bin of="$ROOT_DEV"
sync; reboot -f
However, the weird thing that, when perform apk
related things, it reports the error, ERROR: Unable to lock database: Read-only file system, ERROR: Failed to open apk database: Read-only file system
Oh, man, Your MODULES="sd-mod,usb-storage,$ROOT_FS,e1000e"
here make me confused for days.
I removed e1000e
, then everything works perfect. It may be removed from the mainline of Alpine Linux 3.19
, thus /etc/update-extlinux.conf
cannot figure it out, which leads to the disk error, so I cannot perform operation due to DISK is read-only now 🤗
Update for Alpine Linux 3.9, adapted and tested on Kimsufi (installed from NetBoot: rescue):