docs/alpine-server-setup/installation.md: change tank to rpool and update w.rt. zlevis 2.0
This commit is contained in:
parent
e6434602c8
commit
48ab49c9ee
1 changed files with 10 additions and 14 deletions
|
@ -5,16 +5,16 @@ To install the Alpine Linux distribution on the system, the datasets of the syst
|
||||||
First import and decrypt the system pool:
|
First import and decrypt the system pool:
|
||||||
|
|
||||||
```
|
```
|
||||||
# zpool import -N -R /mnt tank
|
# zpool import -N -R /mnt rpool
|
||||||
# zfs load-key -L file:///tmp/tank.key tank
|
# zfs load-key -L file:///tmp/rpool.key rpool
|
||||||
```
|
```
|
||||||
|
|
||||||
Mount the datasets in the system pool and decrypt the home dataset:
|
Mount the datasets in the system pool and decrypt the home dataset:
|
||||||
|
|
||||||
```
|
```
|
||||||
# mount tank/root/alpine /mnt -t zfs -o noatime
|
# mount rpool/root/alpine /mnt -t zfs -o noatime
|
||||||
# zfs mount tank/home
|
# zfs mount rpool/home
|
||||||
# zfs mount tank/var
|
# zfs mount rpool/var
|
||||||
```
|
```
|
||||||
|
|
||||||
Mount the ESP:
|
Mount the ESP:
|
||||||
|
@ -106,10 +106,12 @@ features="... zlevis"
|
||||||
disable_trigger="yes"
|
disable_trigger="yes"
|
||||||
```
|
```
|
||||||
|
|
||||||
|
> The `mkinitfs` package that supports `zlevis` is as of this moment not yet in the alpine package repository, for the relevant steps see the [zlevis mkinitfs-implementation wiki](https://git.bijl.us/luc/zlevis/wiki/mkinitfs-implementation).
|
||||||
|
|
||||||
The most important step is the creation of a UKI using `secureboot-hook` which also automatically signs them. Configure `/etc/kernel-hooks.d/secureboot.conf` to set kernel cmdline options and secureboot:
|
The most important step is the creation of a UKI using `secureboot-hook` which also automatically signs them. Configure `/etc/kernel-hooks.d/secureboot.conf` to set kernel cmdline options and secureboot:
|
||||||
|
|
||||||
```
|
```
|
||||||
cmdline="rw root=ZFS=tank/root/alpine rootflags=noatime quiet splash"
|
cmdline="rw root=ZFS=rpool/root/alpine rootflags=noatime quiet splash"
|
||||||
|
|
||||||
signing_cert="/var/lib/sbctl/keys/db/db.pem"
|
signing_cert="/var/lib/sbctl/keys/db/db.pem"
|
||||||
signing_key="/var/lib/sbctl/keys/db/db.key"
|
signing_key="/var/lib/sbctl/keys/db/db.key"
|
||||||
|
@ -130,13 +132,7 @@ Use `sbctl` to create secureboot keys and sign them:
|
||||||
Set the cache-file of the ZFS pool:
|
Set the cache-file of the ZFS pool:
|
||||||
|
|
||||||
```
|
```
|
||||||
# zpool set cachefile=/etc/zfs/zpool.cache tank
|
# zpool set cachefile=/etc/zfs/zpool.cache rpool
|
||||||
```
|
|
||||||
|
|
||||||
Now to see if everything went successfully, run:
|
|
||||||
|
|
||||||
```
|
|
||||||
# apk fix kernel-hooks
|
|
||||||
```
|
```
|
||||||
|
|
||||||
Now to see if everything went successfully, run:
|
Now to see if everything went successfully, run:
|
||||||
|
@ -177,6 +173,6 @@ Now exit the chroot and you should be able to reboot into a working Alpine syste
|
||||||
```
|
```
|
||||||
# exit
|
# exit
|
||||||
# umount -lf /mnt
|
# umount -lf /mnt
|
||||||
# zpool export tank
|
# zpool export rpool
|
||||||
# reboot
|
# reboot
|
||||||
```
|
```
|
Loading…
Reference in a new issue