# Alpine Linux # Installation d'Alpine Linux Récupérer l'ISO sur le site d'Alpine : https://www.alpinelinux.org/downloads/ Je prends par habitude la version standard ### **Installation** ```shell localhost:~# setup- setup-acf setup-bootable setup-hostname setup-mta setup-timezone setup-alpine setup-disk setup-interfaces setup-ntp setup-xen-dom0 setup-apkcache setup-dns setup-keymap setup-proxy setup-xorg-base setup-apkrepos setup-gparted-desktop setup-lbu setup-sshd ``` L’installation ce fait via la commande **setup-alpine** ```shell localhost:~# setup-alpine ``` ##### Choix du clavier ```shell Available keyboard layouts: af at be by cn dz fi ge hu in it kr lk md mm nl pl ru sy tr uz al az bg ca cz ee fo gh id iq jp kz lt me mt no pt se th tw vn am ba br ch de epo fr gr ie ir ke la lv mk my ph ro si tj ua ara bd brai cm dk es gb hr il is kg latam ma ml ng pk rs sk tm us Select keyboard layout [none]: fr Available variants: fr-afnor fr-azerty fr-bepo fr-bepo_afnor fr-bepo_latin9 fr-bre fr-dvorak fr-geo fr-latin9 fr-latin9_nodeadkeys fr-latin9_sundeadkeys fr-mac fr-nodeadkeys fr-oci fr-oss fr-oss_latin9 fr-oss_nodeadkeys fr-oss_sundeadkeys fr-sundeadkeys fr-us fr Select variant []: fr-azerty * WARNING: you are stopping a boot service * Caching service dependencies ... [ ok ] * Setting keymap ... [ ok ] ``` ##### Configuration du hostname ```shell Enter system hostname (short form, e.g. 'foo') [localhost]: alpine ``` ##### Configuration du réseaux Comme je suis une grosse feignasse, je laisse en dhcp ```shell Available interfaces are: eth0. Enter '?' for help on bridges, bonding and vlans. Which one do you want to initialize? (or '?' or 'done') [eth0] eth0 Ip address for eth0? (or 'dhcp', 'none', '?') dhcp ``` ##### Mot de passe root ```shell Changing password for root New password: Retype password: passwd: password for root changed by root ``` ##### Fuseau horaire ```shell Which timezone are you in? ('?' for list) [UTC] Europe/Paris ``` ##### Choix du client NTP Je laisse celui par défaut : **chrony** ```shell HTTP/FTP proxy URL? (e.g. 'http://proxy:8080', or 'none') [none] Which NTP client to run? ('busybox', 'openntpd', 'chrony' or 'none') [chrony] * service chronyd added to runlevel default * Caching service dependencies ... [ ok ] * Starting chronyd ... [ ok ] ``` ##### Choix du miroir d’installation ```shell Available mirrors: 1) dl-cdn.alpinelinux.org 2) uk.alpinelinux.org 3) dl-2.alpinelinux.org 4) dl-4.alpinelinux.org 5) dl-5.alpinelinux.org 6) dl-8.alpinelinux.org 7) mirror.yandex.ru 8) mirrors.gigenet.com 9) mirror1.hs-esslingen.de 10) mirror.leaseweb.com 11) mirror.fit.cvut.cz 12) alpine.mirror.far.fi 13) alpine.mirror.wearetriple.com 14) mirror.clarkson.edu 15) linorg.usp.br 16) ftp.yzu.edu.tw 17) mirror.aarnet.edu.au 18) speglar.siminn.is 19) mirrors.dotsrc.org 20) ftp.halifax.rwth-aachen.de 21) mirrors.tuna.tsinghua.edu.cn 22) mirrors.ustc.edu.cn 23) mirrors.xjtu.edu.cn 24) mirrors.nju.edu.cn 25) mirror.lzu.edu.cn 26) ftp.acc.umu.se 27) mirror.xtom.com.hk 28) mirror.csclub.uwaterloo.ca 29) alpinelinux.mirror.iweb.com 30) mirror.neostrada.nl 31) pkg.adfinis-sygroup.ch 32) mirror.ps.kz 33) mirror.rise.ph 34) mirror.operationtulip.com 35) mirrors.ircam.fr 36) alpine.42.fr 37) mirror.math.princeton.edu 38) mirrors.sjtug.sjtu.edu.cn 39) alpine.mirror.didstopia.com 40) ftp.icm.edu.pl 41) mirror.ungleich.ch 42) alpine.mirror.vexxhost.ca 43) sjc.edge.kernel.org 44) ewr.edge.kernel.org 45) ams.edge.kernel.org 46) download.nus.edu.sg 47) alpine.yourlabs.org 48) mirror.pit.teraswitch.com 49) mirror.reenigne.net r) Add random from the above list f) Detect and add fastest mirror from above list e) Edit /etc/apk/repositories with text editor Enter mirror number (1-49) or URL to add (or r/f/e/done) [1]: f ``` Je choisi le mirroir le plus rapide via la commande : **f** ```shell Enter mirror number (1-49) or URL to add (or r/f/e/done) [1]: f Finding fastest mirror... 0.11 http://dl-cdn.alpinelinux.org/alpine/ 0.05 http://uk.alpinelinux.org/alpine/ 0.19 http://dl-2.alpinelinux.org/alpine/ 0.06 http://dl-4.alpinelinux.org/alpine/ 0.05 http://dl-5.alpinelinux.org/alpine/ 0.1 http://dl-8.alpinelinux.org/alpine/ 0.1 http://mirror.yandex.ru/mirrors/alpine/ 0.23 http://mirrors.gigenet.com/alpinelinux/ 0.06 http://mirror1.hs-esslingen.de/pub/Mirrors/alpine/ 0.07 http://mirror.leaseweb.com/alpine/ 0.08 http://mirror.fit.cvut.cz/alpine/ 0.11 http://alpine.mirror.far.fi/ 0.31 http://alpine.mirror.wearetriple.com/ wget: server returned error: HTTP/1.1 404 Not Found 0.48 http://linorg.usp.br/AlpineLinux/ 0.91 http://ftp.yzu.edu.tw/Linux/alpine/ 0.63 http://mirror.aarnet.edu.au/pub/alpine 0.13 http://speglar.siminn.is/alpine/ 0.11 http://mirrors.dotsrc.org/alpine/ 0.08 http://ftp.halifax.rwth-aachen.de/alpine/ 0.59 http://mirrors.tuna.tsinghua.edu.cn/alpine/ 0.42 http://mirrors.ustc.edu.cn/alpine/ wget: download timed out 0.65 http://mirrors.nju.edu.cn/alpine/ 0.64 http://mirror.lzu.edu.cn/alpine/ 0.13 http://ftp.acc.umu.se/mirror/alpinelinux.org/ 0.41 http://mirror.xtom.com.hk/alpine/ 0.32 http://mirror.csclub.uwaterloo.ca/alpine/ 0.2 http://alpinelinux.mirror.iweb.com/ 0.06 http://mirror.neostrada.nl/alpine/ 0.05 http://pkg.adfinis-sygroup.ch/alpine/ 0.24 http://mirror.ps.kz/alpine/ 0.46 http://mirror.rise.ph/alpine-linux/ 0.11 http://mirror.operationtulip.com/alpine/ 0.03 http://mirrors.ircam.fr/pub/alpine/ 0.04 http://alpine.42.fr/ 0.19 http://mirror.math.princeton.edu/pub/alpinelinux/ wget: download timed out 0.06 http://alpine.mirror.didstopia.com/ 0.13 http://ftp.icm.edu.pl/pub/Linux/distributions/alpine/ 0.46 http://mirror.ungleich.ch/mirror/packages/alpine/ 0.19 http://alpine.mirror.vexxhost.ca/ 0.31 http://sjc.edge.kernel.org/alpine/ 0.18 http://ewr.edge.kernel.org/alpine/ 0.06 http://ams.edge.kernel.org/alpine/ 0.4 http://download.nus.edu.sg/mirror/alpine/ 0.27 http://alpine.yourlabs.org 0.22 http://mirror.pit.teraswitch.com/alpine 0.21 http://mirror.reenigne.net/alpine/ Added mirror mirrors.ircam.fr Updating repository indexes... done. ``` ##### Choix du serveur SSH Je laisse par défaut avec OpenSSH ```shell Which SSH server? ('openssh', 'dropbear' or 'none') [openssh] ``` ##### Choix du disque d’installation ```shell Available disks are: sda (21.5 GB VMware, VMware Virtual S) Which disk(s) would you like to use? (or '?' for help or 'none') [none] sda The following disk is selected: sda (21.5 GB VMware, VMware Virtual S) ``` ##### Type d’installation pour Alpine Linux La on ce trouve avec un choix important en fonction de l'usage que l'on veut en faire. - sys : mode d’installation traditionnel sur disk avec /boot, / (filesystem root) et swap. - data : seul seront les données stokées sur le disque, l'OS n'est pas installé car celui ci est lancé en mémoire. - lvm : partition en lvm - lvmsys : installation sys sur un volume en lvm - lvmdata : installation data sur un volume en lvm ```shell How would you like to use it? ('sys', 'data', 'lvm' or '?' for help) [?] ? You can select between 'sys', 'data', 'lvm', 'lvmsys' or 'lvmdata'. sys: This mode is a traditional disk install. The following partitions will be created on the disk: /boot, / (filesystem root) and swap. This mode may be used for development boxes, desktops, virtual servers, etc. data: This mode uses your disk(s) for data storage, not for the operating system. The system itself will run from tmpfs (RAM). Use this mode if you only want to use the disk(s) for a mailspool, databases, logs, etc. lvm: Enable logical volume manager and ask again for 'sys' or 'data'. lvmsys: Same as 'sys' but use logical volume manager for partitioning. lvmdata: Same as 'data' but use logical volume manager for partitioning. The following disk is selected: sda (21.5 GB VMware, VMware Virtual S) How would you like to use it? ('sys', 'data', 'lvm' or '?' for help) [?] sys WARNING: The following disk(s) will be erased: sda (21.5 GB VMware, VMware Virtual S) WARNING: Erase the above disk(s) and continue? [y/N]: y Creating file systems... Installing system on /dev/sda3: /mnt/boot is device /dev/sda1 100% #########################==> initramfs: creating /boot/initramfs-lts /boot is device /dev/sda1 ``` ##### Fin de l’installation L’installation est terminer, on reboot pour démarrer sur l'OS fraîchement installé. Comme vous avez pu le constater, l'Alpine Linux est très léger au vu du temps d’installation. ```shell Installation is complete. Please reboot. ``` ##### Pour aller plus loin Dans le cadre d'une installation automatisée, il est possible de créer un fichier de réponses pour ne pas avoir besoin d'interagir (et accessoirement aller boire un café :-) ) avec le programme d'installation. Celui-ci peut-être créé à la main ou (plus simple) en ajoutant l'option **'-c <le\_nom\_de\_mon\_fichier\_de\_reponses\_a\_creer>'** à la commande **setup-alpine**. ```shell setup-alpine -c answers ``` Le programme va effectuer toutes les étapes vues plus haut sans pour autant installer le système. Il en résultera un fichier **answers** avec tout les paramètres indiqués. L'installation automatisée se fait via **'-f <le\_nom\_de\_mon\_fichier\_de\_reponses\_precedemment\_cree>'**, dans ce cas précis cela donne simplement: ```shell setup-alpine -f answers ``` source : [https://wiki.alpinelinux.org/wiki/Alpine\_setup\_scripts#setup-alpine](https://wiki.alpinelinux.org/wiki/Alpine_setup_scripts#setup-alpine) # Post configuration ### **Modification du fichier repository** Le gestionnaire de paquet est apk et sa configuration s'effectue dans le fichier : **etc/apk/repositories** ```shell #/media/cdrom/apks http://mirrors.ircam.fr/pub/alpine/v3.12/main #http://mirrors.ircam.fr/pub/alpine/v3.12/community #http://mirrors.ircam.fr/pub/alpine/edge/main #http://mirrors.ircam.fr/pub/alpine/edge/community #http://mirrors.ircam.fr/pub/alpine/edge/testing ``` Décommettez la ligne : http://mirrors.ircam.fr/pub/alpine/v3.12/community

La version **edge** est la version en cours de développement.

Mise a jour de la liste des paquets ```shell alpine:~# apk update fetch http://mirrors.ircam.fr/pub/alpine/v3.12/main/x86_64/APKINDEX.tar.gz fetch http://mirrors.ircam.fr/pub/alpine/v3.12/community/x86_64/APKINDEX.tar.gz v3.12.0-45-g0e4d4e3558 [http://mirrors.ircam.fr/pub/alpine/v3.12/main] v3.12.0-47-gda1c1b9ae4 [http://mirrors.ircam.fr/pub/alpine/v3.12/community] OK: 12727 distinct packages available ``` ### **Les paquets utiles** Certaines commande ne sont pas installées comme par exemple useradd ou usermod ou setfacl.
**Commandes****Paquet à installer****Repository**
usermod & useraddapk add shadowcommunity
setfaclapk add aclmain
### **VMware tools** Comme sur les autres distribution linux cela ce fait via le paquet : open-vm-tools. Mais il y a une subtilité chez Alpine, il faut démarrer le service manuellement et l'inscrire pour le démarrage. #### Installation ```shell alpine:~# apk add --update open-vm-tools fetch http://mirrors.ircam.fr/pub/alpine/v3.12/main/x86_64/APKINDEX.tar.gz fetch http://mirrors.ircam.fr/pub/alpine/v3.12/community/x86_64/APKINDEX.tar.gz (1/10) Installing libgcc (9.3.0-r2) (2/10) Installing libffi (3.3-r2) (3/10) Installing libintl (0.20.2-r0) (4/10) Installing libmount (2.35.2-r0) (5/10) Installing pcre (8.44-r0) (6/10) Installing glib (2.64.3-r0) (7/10) Installing libtirpc-conf (1.2.6-r0) (8/10) Installing libtirpc-nokrb (1.2.6-r0) (9/10) Installing open-vm-tools (11.1.0-r3) Executing open-vm-tools-11.1.0-r3.pre-install (10/10) Installing open-vm-tools-openrc (11.1.0-r3) Executing busybox-1.31.1-r16.trigger OK: 830 MiB in 154 packages ``` #### Lancement du service ```shell alpine:~# rc-service open-vm-tools start * Starting open-vm-tools ... [ ok ] ``` #### Démarrage automatique au boot ```shell alpine:~# rc-update add open-vm-tools * service open-vm-tools added to runlevel default ``` # MariaDB ### Installation ```shell apk add mariadb mariadb-common mariadb-client ``` ### Initialisation Il faut lancer la commande pour initialiser le service et créer la base SQL de départ. ```shell alpine:~# rc-service mariadb setup * Creating a new MySQL database ... Installing MariaDB/MySQL system tables in '/var/lib/mysql' ... OK To start mysqld at boot time you have to copy support-files/mysql.server to the right place for your system Two all-privilege accounts were created. One is root@localhost, it has no password, but you need to be system 'root' user to connect. Use, for example, sudo mysql The second is mysql@localhost, it has no password either, but you need to be the system 'mysql' user to connect. After connecting you can set the password, if you would need to be able to connect as any of these users with a password and without sudo See the MariaDB Knowledgebase at http://mariadb.com/kb or the MySQL manual for more instructions. You can start the MariaDB daemon with: cd '/usr' ; /usr/bin/mysqld_safe --datadir='/var/lib/mysql' You can test the MariaDB daemon with mysql-test-run.pl cd '/usr/mysql-test' ; perl mysql-test-run.pl Please report any problems at http://mariadb.org/jira The latest information about MariaDB is available at http://mariadb.org/. You can find additional information about the MySQL part at: http://dev.mysql.com Consider joining MariaDB's strong and vibrant community: https://mariadb.org/get-involved/ [ ok ] ``` #### Inscription du service au boot ```shell alpine:~# rc-update add mariadb default * service mariadb added to runlevel default ``` #### Lancement du service ```shell alpine:~# rc-service mariadb start * Starting mariadb ... 200606 17:17:43 mysqld_safe Logging to syslog. 200606 17:17:43 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql [ ok ] ``` #### Configuration Il y a une petite subtilité, c'est **mariadb-secure-installation** même si *mysql\_secure\_instalation* est toujours présent. ```shell alpine:~# mariadb-secure-installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and haven't set the root password yet, you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password or using the unix_socket ensures that nobody can log into the MariaDB root user without the proper authorisation. You already have your root account protected, so you can safely answer 'n'. Switch to unix_socket authentication [Y/n] y Enabled successfully! Reloading privilege tables.. ... Success! You already have your root account protected, so you can safely answer 'n'. Change the root password? [Y/n] y New password: Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] y ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] y ... Success! By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] y - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] y ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB! ```