2023-12-27 12:06:05 +01:00
# Provisioning
2023-12-27 13:52:44 +01:00
After flasing the Alpine Linux extended ISO, partition a disk. For this action internet is required since `gptfdisk` is not included on the extended ISO, therefore it needs to be obtained from the repository.
2023-12-27 12:06:05 +01:00
To set it up `setup-interfaces` and `setup-apkrepos` will be used.
```
# setup-interfaces -ar
# setup-apkrepos -c1
```
2024-10-27 12:04:30 +01:00
> To use wifi simply run `setup-interfaces -r` and select `wlan0` or similar.
2024-01-03 13:58:23 +01:00
A few packages will have to be installed first:
2023-12-27 12:06:05 +01:00
```
2024-10-27 12:04:30 +01:00
# apk add zfs lsblk sgdisk wipefs dosfstools acpid
```
and load the ZFS kernel module
```
# modprobe zfs
2023-12-27 12:06:05 +01:00
```
2024-08-31 12:53:55 +02:00
Wipe the existing disk partitions
2023-12-27 12:06:05 +01:00
2024-08-31 12:53:55 +02:00
```
2024-10-27 12:04:30 +01:00
# zpool labelclear -f /dev/<disk>
2024-08-31 12:53:55 +02:00
# wipefs -a /dev/<disk>
# sgdisk --zap-all /dev/<disk>
```
Create on the disk an `EFI system` partition (ESP) and a `Linux filesystem` partition
```
# sgdisk -n 1:1m:+512m -t 1:ef00 /dev/<disk>
# sgdisk -n 2:0:-10m -t 2:8300 /dev/<disk>
```
2023-12-27 12:06:05 +01:00
2024-08-31 12:53:55 +02:00
Reload the device nodes
2023-12-27 12:06:05 +01:00
```
2024-08-31 12:53:55 +02:00
# mdev -s
2023-12-27 12:06:05 +01:00
```
2024-08-31 12:53:55 +02:00
Then, format the ESP with a FAT32 filesystem
2023-12-27 12:06:05 +01:00
```
2024-08-31 12:53:55 +02:00
# mkfs.fat -F 32 -n esp /dev/<disk>1
2024-01-03 13:58:23 +01:00
```
2024-10-27 12:04:30 +01:00
## ZFS pool creation
2024-08-31 12:53:55 +02:00
2024-10-27 12:04:30 +01:00
The ZFS system pool is going to be encrypted. First generate an encryption key and save it temporarily to the file `/tmp/tank.key` with:
2024-08-31 12:53:55 +02:00
```
2024-10-27 12:04:30 +01:00
# cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1 > /tmp/tank.key && cat /tmp/tank.key
2024-08-31 12:53:55 +02:00
```
2024-10-27 12:04:30 +01:00
> Later on in the guide `clevis` will be used for automatic decryption, so this key only has to be entered a few times. However, if any changes are made to the bios or secureboot then this key will be needed again, so make sure to write it down.
2023-12-27 12:06:05 +01:00
2024-10-27 12:04:30 +01:00
Create the system pool:
2023-12-27 12:06:05 +01:00
```
2024-10-27 12:04:30 +01:00
# zpool create -f \
-o ashift=12 \
-O canmount=off \
-O compression=lz4 \
-O acltype=posix \
-O xattr=sa \
-O dnodesize=auto \
-O atime=off \
-O normalization=formD \
-O encryption=on \
-O keyformat=passphrase \
-O keylocation=prompt \
-m none \
tank /dev/< disk2 >
2023-12-27 12:06:05 +01:00
```
2024-10-27 12:04:30 +01:00
Then create the system datasets:
2023-12-27 12:06:05 +01:00
```
2024-10-27 12:04:30 +01:00
# zfs create -o mountpoint=none tank/root
# zfs create -o mountpoint=legacy -o quota=24g tank/root/alpine
# zfs create -o mountpoint=/home -o setuid=off -o devices=off -o quota=<home-quota> tank/home
# zfs create -o mountpoint=/var -o exec=off -o setuid=off -o devices=off -o quota=16g tank/var
2023-12-27 12:06:05 +01:00
```
2024-10-27 12:04:30 +01:00
> Setting the `<home-quota>` depends on the total size of the pool, generally try to reserve some empty space in the pool.
2023-12-27 12:06:05 +01:00
2024-10-27 12:04:30 +01:00
Finally, export the zpool:
2023-12-27 12:06:05 +01:00
```
2024-10-27 12:04:30 +01:00
# zpool export tank
2023-12-27 12:06:05 +01:00
```
