lnorg/documentation
1
2
Fork 0
Code Issues 30 Pull requests Projects 6 Activity

Fixed some minor errors.

Browse source
This commit is contained in:
Luc Bijl 2024-07-08 11:50:40 +02:00
parent 7f039d4f55
commit 2306ec2b73
1 changed files with 16 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
docs/alpine-server-setup/installation/installation.md
View file

@ -51,13 +51,19 @@ clock_systohc="NO"
Edit `/etc/fstab` for correct mounts: Edit `/etc/fstab` for correct mounts:
``` ```
/dev/disk/by-label/efi /efi vfat defaults,nodev,nosuid,noexec 0 2 /dev/disk/by-label/efi /efi vfat defaults,nodev,nosuid,noexec 0 2
/dev/disk/by-label/main / btrfs defaults,noatime,subvol=/@root 0 1 /dev/disk/by-uuid/<volume-uuid> / btrfs defaults,noatime,subvol=/@root 0 1
/dev/disk/by-label/main /home btrfs defaults,noatime,nosuid,nodev,subvol=/@home 0 2 /dev/disk/by-uuid/<volume-uuid> /home btrfs defaults,noatime,nodev,nosuid,subvol=/@home 0 2
/dev/disk/by-label/main /var btrfs defaults,nodev,nosuid,noexec,subvol=/@var 0 2 /dev/disk/by-uuid/<volume-uuid> /var btrfs defaults,nodev,nosuid,noexec,subvol=/@var 0 2
/dev/disk/by-label/main /nix btrfs defaults,noatime,nodev,nosuid,subvol=/@nix 0 2 /dev/disk/by-uuid/<volume-uuid> /nix btrfs defaults,noatime,nodev,nosuid,subvol=/@nix 0 2
tmpfs /tmp tmpfs rw,size=4G,nr_inodes=5k,noexec,nodev,nosuid,mode=1777 0 0 tmpfs /tmp tmpfs rw,size=4G,nr_inodes=5k,noexec,nodev,nosuid,mode=1777 0 0
proc /proc proc nosuid,nodev,noexec,hidepid=2 0 0 proc /proc proc nosuid,nodev,noexec,hidepid=2 0 0
```
Here `<volume-uuid>` has to be replaced with the uuid of the main volume:
```
# blkid /dev/mapper/luks >> /etc/fstab
``` ```
By default, Alpine Linux uses `mkinitfs` to create an initial ram filesystem, although it is minimal that also means that it lacks some functionality which is needed for a proper setup. Because of this `mkinitfs` and `grub-efi `will be replaced with `booster` and `secureboot-hook`. By default, Alpine Linux uses `mkinitfs` to create an initial ram filesystem, although it is minimal that also means that it lacks some functionality which is needed for a proper setup. Because of this `mkinitfs` and `grub-efi `will be replaced with `booster` and `secureboot-hook`.
@ -89,7 +95,7 @@ to:
and configure `/etc/kernel-hooks.d/secureboot.conf` for cmdline and secureboot. and configure `/etc/kernel-hooks.d/secureboot.conf` for cmdline and secureboot.
``` ```
cmdline="rw rd.luks.name=<uuid>=luks root=/dev/disk/by-label/main rootflags=subvol=/@root quiet splash" cmdline="rw rd.luks.name="<partition-uuid>"=luks root=/dev/disk/by-uuid/<volume-uuid> rootflags=subvol=/@root quiet splash"
signing_cert="/usr/share/secureboot/keys/db/db.pem" signing_cert="/usr/share/secureboot/keys/db/db.pem"
signing_key="/usr/share/secureboot/keys/db/db.key" signing_key="/usr/share/secureboot/keys/db/db.key"
@ -99,10 +105,11 @@ output_dir="/efi/EFI/Linux"
output_name="alpine-linux-{flavor}.efi" output_name="alpine-linux-{flavor}.efi"
``` ```
Here `<uuid>` has to be replaced with the uuid of the partition which contains the volume group: Here `<partition-uuid>` and `<volume-uuid>` have to be replaced with the uuid of the main partition and volume respectively.
``` ```
# blkid /dev/<disk>2 >> /etc/kernel-hooks.d/secureboot.conf # blkid /dev/<disk>2 >> /etc/kernel-hooks.d/secureboot.conf
# blkid /dev/mapper/luks >> /etc/kernel-hooks.d/secureboot.conf
``` ```
Use `sbctl` to create secureboot keys and sign them. Use `sbctl` to create secureboot keys and sign them.