|
1 | 1 | # Bootstrap Alpine Linux on a headless system |
2 | 2 |
|
3 | | -[Alpine Linux documentation](https://docs.alpinelinux.org/user-handbook/0.1a/Installing/setup_alpine.html) assumes **initial setup** is carried-out on a system with a keyboard & display to interract with.\ |
| 3 | +[Alpine Linux documentation](https://docs.alpinelinux.org/user-handbook/0.1a/Installing/setup_alpine.html) assumes **initial setup** is carried-out on a system with a keyboard & display.\ |
4 | 4 | However, in many cases one might want to deploy a headless system that is only available through a network connection (ethernet, wifi or as USB ethernet gadget). |
5 | 5 |
|
6 | | -This repo provides an **overlay file** to initially bootstrap[^1] a headless system (leveraging Alpine distro's `initramfs` feature): it starts a ssh server to log-into from another Computer, so that actual install on fresh system (or rescue on existing disk-based system) can then be performed remotely.\ |
| 6 | +This repo provides an **overlay file** to initially bootstrap[^1] such headless system (leveraging Alpine distro's `initramfs` feature): it starts a ssh server to log-into from another Computer, so that actual install on fresh system (or rescue on existing disk-based system[^2]) can then be performed remotely.\ |
7 | 7 | An optional script may also be launched during that same initial bootstrap, to perform fully automated setup. |
8 | 8 |
|
9 | 9 |
|
10 | 10 | ## Setup procedure: |
11 | 11 | Please follow [Alpine Linux Wiki](https://wiki.alpinelinux.org/wiki/Installation#Installation_Overview) to download & create installation media for the target platform.\ |
12 | 12 | Tools provided here can be used on any hardware platform to prepare for any install modes (diskless, data disk, system disk). |
13 | 13 |
|
14 | | -Just add [**headless.apkovl.tar.gz**](https://is.gd/apkovl_master)[^2] overlay file *as-is* at the root of Alpine Linux boot media (or onto any custom side-media) and boot-up the system.\ |
| 14 | +Just add [**headless.apkovl.tar.gz**](https://is.gd/apkovl_master) overlay file *as-is* at the root of Alpine Linux boot media (or onto any custom side-media) and boot-up the system.\ |
15 | 15 | With default DCHP-based network interface definitions (and [SSID/pass](#extra-configuration) file if using wifi), system can then be remotely accessed with: `ssh root@<IP>`\ |
16 | 16 | (system IP address may be determined with any IP scanning tools such as `nmap`). |
17 | 17 |
|
18 | 18 | As with Alpine Linux initial bring-up, `root` account has no password initially.\ |
19 | | -From there, actual system install can be performed as usual with `setup-alpine` for instance (check [wiki](https://wiki.alpinelinux.org/wiki/Alpine_setup_scripts#setup-alpine) for details). |
| 19 | +From there, actual system install can be performed as usual with `setup-alpine` for instance (check Alpine [wiki](https://wiki.alpinelinux.org/wiki/Alpine_setup_scripts#setup-alpine) for details). |
20 | 20 |
|
21 | 21 | ## Extra configuration: |
22 | 22 | Extra files may be added next to `headless.apkovl.tar.gz` to customise boostrapping configuration (check sample files): |
23 | | -- `wpa_supplicant.conf`[^3] (*mandatory for wifi usecase*): define wifi SSID & password. |
| 23 | +- `wpa_supplicant.conf`[^3] (*mandatory for wifi*): define wifi SSID, password and regulatory country [code](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2). |
24 | 24 | - `unattended.sh`[^3] (*optional*): provide a deployment script to automate setup & customizations during initial bootstrap. |
25 | 25 | - `interfaces`[^3] (*optional*): define network interfaces at will, if defaults DCHP-based are not suitable. |
26 | 26 | - `authorized_keys` (*optional*): provide client's public SSH key to secure `root` ssh login. |
27 | | -- `ssh_host_*_key*` (*optional*): provide server's custom ssh keys to be injected (may be stored), instead of using bundled ones[^2] (not stored). Providing an empty key file will trigger new keys generation (ssh server may take longer to start). |
| 27 | +- `ssh_host_*_key*` (*optional*): provide server's custom ssh keys to be injected (may be stored), instead of using bundled ones[^4] (not stored). Providing an empty key file will trigger new keys generation (ssh server may take longer to start). |
28 | 28 | - `opt-out` (*optional*): dummy file to opt-out internet features (connection status, version check, auto-update) and related links usage anonymous [telemetry](https://is.gd/privacy.php). |
29 | 29 | - `auto-updt` (*optional*): enable automatic `headless.apkovl.tar.gz` file update with latest from master branch. If it contains `reboot` keyword all in one line, system will reboot after succesful update (unless ssh session is active or `unattended.sh` script is available). |
30 | 30 |
|
31 | 31 | Main execution steps are logged: `cat /var/log/messages | grep headless`. |
32 | 32 |
|
33 | 33 | ## Goody: |
34 | | -Seamless USB-gadget mode: serial console, ethernet and mass-storage (*e.g. on PiZero*), leveraging [xg_multi](https://github.com/macmpi/xg_multi/). |
35 | | -- Make sure `dwc2` (or `dwc3`) driver is previously loaded on device, and configuration is set to **OTG peripheral** mode: this may be driven by hardware (including cable) and/or software.\ |
| 34 | +Seamless USB-gadget mode on capable devices (*e.g. on PiZero*): serial console, ethernet and mass-storage |
| 35 | +- Make sure `dwc2` (or `dwc3`) driver is previously loaded on capable device, and configuration is set to **OTG peripheral** mode: this may be driven by hardware (including cable) and/or software.\ |
36 | 36 | (on supporting Pi devices, just add `dtoverlay=dwc2,dr_mode=peripheral` in `usercfg.txt` (or `config.txt`) to force both by software) |
37 | | -- Plug USB cable into host Computer port before boot.\ |
38 | | --- serial terminal can then be connected-to from host Computer (e.g. `cu -l ttyACM0` on Linux. xon/xoff flow control).\ |
39 | | --- alternatively, with host Computer ECM/RNDIS interface set-up as 10.42.0.1 (sharing internet or not), one can log into device from host with: `ssh [email protected]`. \ |
40 | | --- volume containing `headless.apkovl.tar.gz` file may be accessed/mounted from host, and config files easily edited. Make sure to unmount properly before removing USB plug. |
41 | | - |
42 | | -[^1]: Initial boot fully preserves system's original state (config files & installed packages): a fresh system will therefore come-up as unconfigured. |
43 | | - |
44 | | -[^2]: About bundled ssh keys: this overlay is meant to **quickly bootstrap** system in order to then proceed with proper install; therefore it purposely embeds [some ssh keys](https://github.com/macmpi/alpine-linux-headless-bootstrap/tree/main/overlay/tmp/.trash) so that bootstrapping is as fast as possible. Those temporary keys are moved in RAM /tmp: they will **not be stored/reused** once actual system install is performed (whether or not ssh server is installed in final setup). |
45 | | - |
46 | | -[^3]: These files are linux text files: Windows/macOS users need to use text editors supporting linux text line-ending (such as [notepad++](https://notepad-plus-plus.org/), BBEdit or any similar). |
| 37 | +- Plug USB cable into host Computer port before booting device. |
| 38 | + - serial terminal can then be connected-to from host Computer (e.g. `cu -l ttyACM0` on Linux. xon/xoff flow control). |
| 39 | + - alternatively, with host Computer ECM/RNDIS interface set-up as 10.42.0.1 (sharing internet or not), one can log into device from host with: `ssh [email protected]`. |
| 40 | + - volume containing `headless.apkovl.tar.gz` file may be accessed/mounted from host, and config files easily edited. Make sure to unmount properly before removing USB plug. |
47 | 41 |
|
| 42 | +_Note:_ optionally, same USB-gadget feature may be easily enabled on final system by installing `xg_multi` Alpine [package](https://pkgs.alpinelinux.org/packages?name=xg_multi&branch=edge&repo=&arch=&origin=&flagged=&maintainer=) and service during system setup phase (refer to [`xg_multi`](https://github.com/macmpi/xg_multi/) project). |
48 | 43 |
|
49 | 44 | ## Want to tweak more ? |
50 | 45 | This repository may be forked/cloned/downloaded.\ |
51 | | -Main script file is [`headless_bootstrap`](https://github.com/macmpi/alpine-linux-headless-bootstrap/tree/main/overlay/usr/local/bin/headless_bootstrap).\ |
52 | | -Execute `./make.sh` to rebuild `headless.apkovl.tar.gz` after changes.\ |
| 46 | +Main script file is [`headless_bootstrap`](https://github.com/macmpi/alpine-linux-headless-bootstrap/tree/main/overlay/tmp/.ALHB/headless_bootstrap).\ |
| 47 | +Execute `./make_ALHB.sh` to rebuild `headless.apkovl.tar.gz` after changes.\ |
53 | 48 | (requires `busybox`; check `busybox` build options if not running from Alpine or Ubuntu) |
54 | 49 |
|
55 | 50 |
|
56 | 51 | ## Credits |
57 | 52 | Thanks for the initial guides & scripts from @sodface and @davidmytton. |
| 53 | + |
| 54 | +[^1]: Initial boot fully preserves system's original state (config files & installed packages): a fresh system will therefore come-up as unconfigured. |
| 55 | + |
| 56 | +[^2]: Temporarily remove `root=*` statement from kernel command-line parameters list to disable disk-based boot mode. |
| 57 | + |
| 58 | +[^3]: These files are linux text files: Windows/macOS users need to use text editors supporting linux text line-ending (such as [notepad++](https://notepad-plus-plus.org/), BBEdit or any similar). |
| 59 | + |
| 60 | +[^4]: About bundled ssh keys: this overlay is meant to **quickly bootstrap** system in order to then proceed with proper install; therefore it purposely embeds [some ssh keys](https://github.com/macmpi/alpine-linux-headless-bootstrap/tree/main/overlay/tmp/.ALHB) so that bootstrapping is as fast as possible. Those temporary keys are moved in RAM /tmp: they will **not be stored/reused** once actual system install is performed (whether or not ssh server is installed in final setup). |
0 commit comments