ashikk
/
alpine-linux-headless-bootstrap
mirror of https://github.com/macmpi/alpine-linux-headless-bootstrap.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: ashikk:b6c76f26664f40a017b6edfcfe3126febdac08c8
Branches Tags
ashikk:main
ashikk:dev
ashikk:v1.2
ashikk:v1.1
ashikk:v1.0
ashikk:v0.9
ashikk:v0.8
ashikk:v0.7
..
compare: ashikk:2c82439dd4812c358e80affa6379ef0465ac2188
Branches Tags
ashikk:dev
ashikk:main
ashikk:v1.2
ashikk:v1.1
ashikk:v1.0
ashikk:v0.9
ashikk:v0.8
ashikk:v0.7

1 Commits
b6c76f2666 ... 2c82439dd4

Author SHA1 Message Date
macmpi 2c82439dd4 SPDX stuff 2023-05-12 10:46:03 +02:00
5 changed files with 26 additions and 38 deletions
Show Stats Expand all files Collapse all files

34
README.md
View File

@ -3,42 +3,40 @@
[Alpine Linux documentation](https://docs.alpinelinux.org/user-handbook/0.1a/Installing/setup_alpine.html) assumes **initial setup** is carried-out on a system with a keyboard & display to interract with.\
However, there are many cases where one might want to deploy a headless system, only available through a network connection (ethernet, wifi or as USB ethernet gadget).
This repo provides an **overlay file** to initially boot such headless system (leveraging Alpine distro's `initramfs` feature): it starts a basic ssh server to log-into from another Computer, in order to then perform actual system setup.
This repo provides an **overlay file** to initially boot such headless system (leveraging Alpine distro's `initramfs` feature): it enables a basic ssh server to log-into from another Computer, in order to finalize system setup.
## Install procedure:
Please follow [Alpine Linux Wiki](https://wiki.alpinelinux.org/wiki/Installation#Installation_Overview) to download & create installation media for the target platform.\
Tools provided here can be used on any plaform for any install modes (diskless, data disk, system disk).
Just add [**headless.apkovl.tar.gz**](https://github.com/macmpi/alpine-linux-headless-bootstrap/raw/main/headless.apkovl.tar.gz)[^1] overlay file at the root of Alpine Linux boot media (or onto any custom side-media) and boot-up the system.\
With default network interface definitions (and SSID/pass file if using wifi), system can then be accessed under `ssh` with: \
`ssh root@<IP>`\
Just add [**headless.apkovl.tar.gz**](https://github.com/macmpi/alpine-linux-headless-bootstrap/raw/main/headless.apkovl.tar.gz)[^1] overlay file at the root of Alpine Linux boot media (or onto any custom side-media) and boot the system.
With default network interface definitions (and SSID/pass file if using wifi), one may then access the system under `ssh` with: `ssh root@<IP>`\
(system IP address may be determined with any IP scanning tools such as `nmap`).
As with Alpine Linux initial bring-up, `root` account has no password initially (change that during setup!).\
From there, system install can be performed as usual with `setup-alpine` for instance (check [wiki](https://wiki.alpinelinux.org/wiki/Alpine_setup_scripts#setup-alpine) for details).
As with Alpine Linux initial bring-up, `root` account has no password initially (change that after setup!).\
From there, system install can be fine-tuned as usual with `setup-alpine` for instance (check [wiki](https://wiki.alpinelinux.org/wiki/Alpine_setup_scripts#setup-alpine) for details).
Add-on files may be added next to `headless.apkovl.tar.gz` to customise boostrapping configuration (sample files are provided):
- `wpa_supplicant.conf`[^2] (*mandatory for wifi usecase*): define wifi SSID & password.
- `interfaces`[^2] (*optional*): define network interfaces at will, if defaults DCHP-based are not suitable.
- `ssh_host_*_key*` (*optional*): provide custom ssh keys to be injected (may be stored), instead of using bundled ones[^1] (not stored). Providing an empty key file will trigger new keys generation (ssh server may take longer to start).
- `unattended.sh`[^2] (*optional*): create custom automated deployment script to further tune & extend actual setup (backgrounded).
Add-on files may be added next to `headless.apkovl.tar.gz` to customise setup (sample files are provided):
- `wpa_supplicant.conf` (*mandatory for wifi usecase*): define wifi SSID & password.
- `interfaces` (*optional*): define network interfaces at will, if defaults DCHP-based are not suitable.
- `ssh_host_*_key*` (*optional*): provide custom ssh keys to be injected (can be stored), instead of bundled ones[^1] (not stored).
- `unattended.sh` (*optional*): make custom automated deployment script to further tune & extend setup (backgrounded).
*Note:* these files are linux text files: Windows/macOS users need to use text editors supporting linux text line-ending (such as [notepad++](https://notepad-plus-plus.org/), BBEdit or any other).
**Goody:** seamless USB bootstrapping for PiZero devices (or similar supporting USB ethernet gadget networking):\
Just add `dtoverlay=dwc2` in `usercfg.txt` (or `config.txt`), and plug-in USB cable to Computer port.\
With Computer set-up to share networking with USB interface as 10.42.0.1 gateway, one can log into device from Computer with:\
`ssh root@10.42.0.2`
**Goody:** seamless USB bootstrapping for PiZero devices (or similar which can support USB ethernet gadget networking):\
Just add `dtoverlay=dwc2` in `usercfg.txt` (or `config.txt`), and plug-in USB to Computer port.\
With Computer set-up to share networking with USB interface as 10.42.0.1 gateway, one can log into device from Computer with `ssh root@10.42.0.2` !...
Main execution steps are logged in `/var/log/messages`.
[^1]: About bundled ssh keys: as this package is essentially intended to **quickly bootstrap** system in order to configure it, it purposely embeds [some ssh keys](https://github.com/macmpi/alpine-linux-headless-bootstrap/tree/main/overlay/etc/ssh) so that bootstrapping is as fast as possible. Those (temporary) keys are moved in RAM /tmp, so they will **not be saved/reused** once permanent configuration is set (with or without ssh server voluntarily installed in permanent setup).
[^2]: These files are linux text files: Windows/macOS users need to use text editors supporting linux text line-ending (such as [notepad++](https://notepad-plus-plus.org/), BBEdit or any similar).
## How to customize ?
## How to customize further ?
This repository may be forked/cloned/downloaded.\
Main script file is [`headless.start`](https://github.com/macmpi/alpine-linux-headless-bootstrap/blob/main/overlay/etc/local.d/headless.start).\
Execute `./make.sh` to rebuild `headless.apkovl.tar.gz` after changes.

BIN
headless.apkovl.tar.gz
View File

Binary file not shown.

4
make.sh
View File

@ -1,8 +1,8 @@
#!/bin/sh
# Copyright 2022 - 2023, macmpi
# SPDX-License-Identifier: MIT
#!/bin/sh
chmod 600 overlay/etc/ssh/ssh_host_*_key
chmod +x overlay/etc/local.d/headless.start
tar czvf headless.apkovl.tar.gz -C overlay etc --owner=0 --group=0

22
overlay/etc/local.d/headless.start
View File

@ -1,8 +1,8 @@
#!/bin/sh
# Copyright 2022 - 2023, macmpi
# SPDX-License-Identifier: MIT
#!/bin/sh
VERSION="0.6"
# Redirect stdout and errors to console as rc.local does not log anything
@ -94,6 +94,10 @@ cat <<-EOF >> /etc/ssh/sshd_config
Banner /tmp/.trash/banner
EOF
cat <<-EOF >> /etc/conf.d/sshd
sshd_disable_keygen=yes
EOF
# banner file
cat <<-EOF > /tmp/.trash/banner
@ -111,20 +115,6 @@ if ! install -m600 "${ovlpath}"/ssh_host_*_key* /etc/ssh/; then
HostKey /tmp/.trash/ssh_host_ed25519_key
HostKey /tmp/.trash/ssh_host_rsa_key
EOF
cat <<-EOF >> /etc/conf.d/sshd
sshd_disable_keygen=yes
EOF
else
# look for empty key within injected ones: generate new keys if found
if find /etc/ssh/ -maxdepth 1 -type f -name 'ssh_host_*_key*' -empty | grep -q .; then
rm /etc/ssh/ssh_host_*_key*
logger -st ${0##*/} "Will generate new SSH keys..."
else
logger -st ${0##*/} "Using injected SSH keys..."
cat <<-EOF >> /etc/conf.d/sshd
sshd_disable_keygen=yes
EOF
fi
fi
rc-service sshd start

4
sample_unattended.sh
View File

@ -1,8 +1,8 @@
#/bin/sh
# Copyright 2022 - 2023, macmpi
# SPDX-License-Identifier: MIT
#/bin/sh
## collection of few code snippets as sample unnatteded actions some may find usefull