whoizit/alpine-setup

## alpine-setup
### FDE
    man mkinitfs-bootparam

    # filename and path is important
    dd bs=512 count=4 if=/dev/urandom of=/crypto_keyfile.bin
    cryptsetup luksAddKey /dev/sda1 /crypto_keyfile.bin
    chmod 0 /crypto_keyfile.bin

    cat /etc/mkinitfs/mkinitfs.conf
        features="... cryptsetup cryptkey"

    cat /etc/default/grub
        GRUB_CMDLINE_LINUX_DEFAULT="cryptroot=UUID=<UUID> cryptdm=lvmcrypt cryptkey"
        GRUB_ENABLE_CRYPTODISK=y
        ...

    mkinitfs -c /etc/mkinitfs/mkinitfs.conf -b /
    grub-mkconfig -o /boot/grub/grub.cfg

### ENCRYPTED HOME (mounting)
    cat /etc/conf.d/dmcrypt
        ...
        target='home'
        source='/dev/mapper/vg-crypthome'
        key='/key.home'
        ...

    /etc/fstab
        /dev/mapper/home /home          ext4 defaults,noatime,lazytime,commit=300 0 2


    rc-update add dmcrypt boot

### SSD TRIM
    man mkinitfs-bootparam

    cat /etc/default/grub
        GRUB_CMDLINE_LINUX_DEFAULT="... cryptdiscards"

    /etc/lvm.conf
        issue_discards = 1

    /etc/fstab
        /dev/vg0/root   /       ext4    rw,relatime,discard,lazytime 0 1

    cat /etc/periodic/weekly/fstrim
        #!/bin/sh
        fstrim /

    chmod u+x /etc/periodic/weekly/fstrim


### SWAP
    blkid | grep swap >> /etc/fstab
        UUID=<UUID1> none swap defaults,pri=0 0 0
        UUID=<UUID2> none swap defaults,pri=0 0 0
        UUID=<UUID3> none swap defaults,pri=0 0 0

### ALSA (USB-card first)
    apk add alsa-utils alsa-lib

    adduser $USER audio

    cat /etc/mkinitfs/features.d/alsa.modules
        kernel/sound/usb/snd-usb-audio.ko

    cat /etc/mkinitfs/mkinitfs.conf
        features="... alsa"

    rc-service alsa start
    /etc/init.d/alsa save
    rc-update add alsa

### OTHER
    adduser $USER video
    adduser $USER input
    adduser $USER netdev
    adduser $USER games

    # lsblk
    apk add util-linux
	### FDE
	man mkinitfs-bootparam

	# filename and path is important
	dd bs=512 count=4 if=/dev/urandom of=/crypto_keyfile.bin
	cryptsetup luksAddKey /dev/sda1 /crypto_keyfile.bin
	chmod 0 /crypto_keyfile.bin

	cat /etc/mkinitfs/mkinitfs.conf
	features="... cryptsetup cryptkey"

	cat /etc/default/grub
	GRUB_CMDLINE_LINUX_DEFAULT="cryptroot=UUID=<UUID> cryptdm=lvmcrypt cryptkey"
	GRUB_ENABLE_CRYPTODISK=y
	...

	mkinitfs -c /etc/mkinitfs/mkinitfs.conf -b /
	grub-mkconfig -o /boot/grub/grub.cfg

	### ENCRYPTED HOME (mounting)
	cat /etc/conf.d/dmcrypt
	...
	target='home'
	source='/dev/mapper/vg-crypthome'
	key='/key.home'
	...

	/etc/fstab
	/dev/mapper/home /home ext4 defaults,noatime,lazytime,commit=300 0 2


	rc-update add dmcrypt boot

	### SSD TRIM
	man mkinitfs-bootparam

	cat /etc/default/grub
	GRUB_CMDLINE_LINUX_DEFAULT="... cryptdiscards"

	/etc/lvm.conf
	issue_discards = 1

	/etc/fstab
	/dev/vg0/root / ext4 rw,relatime,discard,lazytime 0 1

	cat /etc/periodic/weekly/fstrim
	#!/bin/sh
	fstrim /

	chmod u+x /etc/periodic/weekly/fstrim


	### SWAP
	blkid \| grep swap >> /etc/fstab
	UUID=<UUID1> none swap defaults,pri=0 0 0
	UUID=<UUID2> none swap defaults,pri=0 0 0
	UUID=<UUID3> none swap defaults,pri=0 0 0

	### ALSA (USB-card first)
	apk add alsa-utils alsa-lib

	adduser $USER audio

	cat /etc/mkinitfs/features.d/alsa.modules
	kernel/sound/usb/snd-usb-audio.ko

	cat /etc/mkinitfs/mkinitfs.conf
	features="... alsa"

	rc-service alsa start
	/etc/init.d/alsa save
	rc-update add alsa

	### OTHER
	adduser $USER video
	adduser $USER input
	adduser $USER netdev
	adduser $USER games

	# lsblk
	apk add util-linux