Install Alpine Linux on Hetzner cloud

README.md

1. Create an hetzner server using Ubuntu
2. Go to the Hetzner's Server dashboard > Images
3. Click on "Mount" over the alpine-linux-extended.iso image
4. Shutdown the server
5. Start the server
6. Click the "Console" icon from the dashboard to open an interactive terminal session
7. Login is root
8. Configure the interface using the command setup-interfaces
9. Pick to setup default eth0
10. Custom config: no 10 (bis). When asked if you want to include a custom configuration type yes
11. Put this:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp
    dns-nameservers 213.133.100.100 213.133.98.98 213.133.99.99

# control-alias eth0
iface eth0 inet6 static
    address <YOUR_IPV6_ADDRESS_FOUND_AT_THE_TOP_OF_THE_SERVER_DASHBOARD>
    gateway fe80::1

12. Restart network service: /etc/init.d/networking restart

13. Check internet is available: ping 8.8.8.8

14. Configure SSH: setup-sshd

15. Keep openssh as default

16. Create a user: adduser Jhon

17. Setup password

18. Temporarily soften ssh config to share ssh key: vi /etc/ssh/sshd_config

19. type i in your keyboard to go in "insert mode"

20. Find each of the following options and modify to look like this:

# TEMPORARILY Allow authentication with a password
PasswordAuthentication yes

21. Once finished, type ESC, then :wq to quit and save changes
22. Restart sshd service sshd restart
23. On your laptop or somewhere else (not in the Hetzner server), generate an ssh-key: ssh-keygen -t rsa -C "[email protected]"
24. Give a name to the ssh key, for example: alpine_server_rsa (your choice)
25. Copy public key to alpine server: ssh-copy-id -i ~/.ssh/alpine_server_rsa.pub -p 22 [email protected] (WW.XX.YY.ZZ is the IPv4 of the Hetzner server)
26. Enter user's password to check it's you
27. Now you should be connected from both your local laptop and the Hetzner console. Quit your local connection: type exit then Enter.
28. Go back to the still opened Hetzner console. We want to secure the SSH server before anything.
29. Open SSH server config: vi /etc/ssh/sshd_config
30. type i in your keyboard to go in "insert mode"
31. Find each of the following options and modify to look like this:

# WOULD BE BETTER TO CHANGE DEFAULT 22 TO SOMETHING RANDOM
Port 7580

# Do not allow connection as "root"
PermitRootLogin prohibit-password

# Prevent retrying more than 6 times
MaxAuthTries 6

# Prevent authenticating with password: rsa file only
PasswordAuthentication no

# Do not allow empty/null passwords
PermitEmptyPasswords no

32. Once finished, type ESC, then :wq to quit and save changes
33. Restart sshd service sshd restart
34. Now you can finally quit the Hetzner console: type exit then Enter.
35. From your local machine, now connect using ssh: ssh -i ~/.ssh/alpine_server_rsa [email protected]

Hopefully you should be in, logged as the user John.

There may be some issues regarding the rsa key if shared to someone or used from another machine. Two options:

1. In /etc/ssh/sshd_config set StrictModes no (dirty, not recommended)
2. Make sure that:
   • ~/.ssh/authorized_keys in the remote server holds the proper PUBLIC rsa key.
   • ls -l ~/.ssh/authorized_keys prints permissions to only your current user -rw------- or chmod 600 ~/.ssh/authorized_keys
   • Both your private and public keys (in your local machine) have only -rw------- or chmod 600 ~/.ssh/* them.
   • Your/home directory (in your local machine) have only drwx------ or chmod 700 /home
   • Your /home/.ssh directory (in your local machine) have only drwx------ or chmod 700 /home
   • Check your /home directory owneship (in your local machine) matches with your remote /home directory ownership: like both root root. This one is usually tricky since people don't want to change ownership of their /home to match a server config. So in that case do the opposite: change the location of the remote ~/.ssh/authorized_keys to /etc/<WHATEVER>/authorized_keys then don't forget to change AuthorizedKeysFile /etc/<WHATEVER>/authorized_keys in /etc/ssh/sshd_config and service sshd restart.

(Optional)

Install Docker + Git + Curl:

1. Switch user to root: su root
2. Enter password
3. Add apk repos to /etc/apk/repositories:

echo "http://dl-cdn.alpinelinux.org/alpine/latest-stable/community" >> /etc/apk/repositories
echo "http://dl-cdn.alpinelinux.org/alpine/latest-stable/main" >> /etc/apk/repositories

4. Update repos: apk update
5. Install Docker: apk add --no-cache docker git curl
6. Make Docker run at boot: rc-update add docker boot
7. Launch Docker daemon manually: service docker start
8. Autorize users to manage docker: chmod 666 /var/run/docker.sock
9. Switch to user: su John
10. Try Docker: docker run hello-world

Install docker-compose:

apk add --no-cache py-pip
apk add --no-cache python-dev libffi-dev openssl-dev gcc libc-dev make
pip install docker-compose

Todo

[ ] Mount /dev/sda1 to root /

So far I have come to see that the device /dev/sda has one partition /dev/sda1 but it is not mounted as root. In fact, root seems to be mounted in ram with tmpfs.

Useful commands are:

fdisk -l

and

df -h

Since root is mounted on RAM only, it uses half the available RAM and the system (and all changes to it) is volatile: everything is wiped at reboot...

Maybe your attempt is not the right way.
After mounting the Alpine Image, go to bash.
You are now on a CD/DVD booted Livesystem, so there is only a RAM TMPFS Systemavailable.
Next you should do a simple "setup-alpine". This will do a harddisk-installation wizard on for in your case maybe sda1.
Within this wizard you can configure keyboard layout, repo a.s.o.
Best wishes... have fun!

For others, Just run setup-alpine or setup-alpine -f ANSWER_FILE (for automatic installation).
(Mount Alpine Virtual 3.x from available images and reboot)

answer_files