Alpine linux для raspberry pi

Small. Simple. Secure.

Alpine Linux is a security-oriented, lightweight Linux distribution based on musl libc and busybox.

Downloads

Current Alpine Version 3.14.2 (Released Aug 27, 2021)

Standard

Alpine as it was intended. Just enough to get you started. Network connection is required.

aarch64	sha256	GPG
ppc64le	sha256	GPG
s390x	sha256	GPG
x86	sha256	GPG
x86_64	sha256	GPG

Extended

Most common used packages included. Suitable for routers and servers. Runs from RAM. Includes AMD and Intel microcode updates.

Netboot

Kernel, initramfs and modloop for netboot.

aarch64	sha256	GPG
armhf	sha256	GPG
armv7	sha256	GPG
ppc64le	sha256	GPG
s390x	sha256	GPG
x86	sha256	GPG
x86_64	sha256	GPG

Raspberry Pi

Includes Raspberry Pi kernel. Designed for RPI 1, 2, 3 and 4. And much more.

aarch64	sha256	GPG
armhf	sha256	GPG
armv7	sha256	GPG

Generic ARM

Has default ARM kernel. Includes the uboot bootloader. Supports armv7 and aarch64.

Mini root filesystem

Minimal root filesystem. For use in containers and minimal chroots.

aarch64	sha256	GPG
armhf	sha256	GPG
armv7	sha256	GPG
ppc64le	sha256	GPG
s390x	sha256	GPG
x86	sha256	GPG
x86_64	sha256	GPG

Virtual

Similar to standard. Slimmed down kernel. Optimized for virtual systems.

aarch64	sha256	GPG
armv7	sha256	GPG
x86	sha256	GPG
x86_64	sha256	GPG

Built-in support for Xen Hypervisor. Includes packages targetted at Xen usage. Use for Xen Dom0.

Источник

Raspberry Pi

Contents

This tutorial will help you install Alpine Linux on your Raspberry Pi.

Preparation

1. Download the Alpine for Raspberry Pi tarball. You should be safe using the armhf build on all versions of Raspberry Pi (including Pi Zero and Compute Modules); but it may perform less optimally on recent versions of Raspberry Pi. The armv7 build is compatible with Raspberry Pi 2 Model B. The aarch64 build should be compatible with Raspberry Pi 2 Model v1.2, Raspberry Pi 3 and Compute Module 3, and Raspberry Pi 4 model B.
2. Create a bootable FAT32 partition on your SD card. The partition type should be W95 FAT32 (LBA) . (The current type can be found in the «Type» column in the output of fdisk -l .) You can use a partitioning tool such as gnome-disks or fdisk.
3. Create a filesystem on the partition with mkdosfs -F 32 /dev/sdX1 (Replace sdX1 with the correct reference to the partition you just created.)
4. Mount the partition and extract the tarball contents onto it.

Optionally create a usercfg.txt file on the partition to configure low-level system settings. Specifications can be found here. However, note some settings can only be set directly in config.txt, which may be overwritten after updates. In particular, gpu_mem will have no effect when specified in usercfg.txt (source). Some interesting values include:

• To enable audio: dtparam=audio=on
• If you see black edges around your screen after booting the Pi, you can add disable_overscan=1

Recent versions include Broadcom firmware files. If you’re using an older Alpine version, see section below.

Installation

Alpine Linux will be installed in diskless mode, hence you need to use Alpine Local Backup (lbu) to save your modifications between reboots.

For users who will be using their Raspberry Pi in scenarios where there is not expected to be significant changes to disk after setup (like running a static HTTP server), this is likely preferable, as running the entire system from memory will improve performance (by avoiding the slow SD card) and improve the SD card life (by reducing the writes to the card, as all logging will happen in RAM). Diskless installations still allow you to install packages, save local files, and tune the system to your needs.

• Expect there will be constant changes to the disk after initial setup (for example, if you expect people to login and save files to their home directories)
• Need logs to persist after reboot
• Plan to install packages which consume more space than can be loaded into RAM
• Want to install kernel modules (such as ZFS or Wireguard)

Then you may be better served by a sys-mode installation.

Follow these steps to install Alpine Linux in Diskless Mode:

1. Insert the SD card into the Raspberry Pi and power it on
2. Login into the Alpine system as root. Leave the password empty.
3. Type setup-alpine
4. Once the installation is complete, commit the changes by typing lbu commit -d

Type reboot to verify that the installation was indeed successful.

Post Installation

Update the System

After installation, make sure your system is up-to-date:

apk update apk upgrade

Don’t forget to save the changes:

Note: this does not upgrade the kernel. In order to upgrade the kernel, a full upgrade of the Alpine Linux version must be performed as described in upgrading Alpine Linux for removable media.

Clock-related error messages

During the booting time, you might notice errors related to the hardware clock. The Raspberry Pi does not have a hardware clock, thus you need to disable the hwclock daemon and enable swclock:

rc-update add swclock boot # enable the software clock rc-update del hwclock boot # disable the hardware clock

Since the Raspberry Pi does not have a clock, Alpine Linux needs to know what the time is by using a Network Time Protocol (NTP) daemon. Make sure you have a NTP daemon installed and running. If you are not sure, you can install an NTP client by running the following command:

The Busybox NTP client might be the most lightweight solution. Save the changes and reboot, once the NTP software is installed and running:

lbu commit -d reboot

After reboot, make sure the date command outputs the correct date and time.

WiFi on boot

If you have already configured WiFi during the setup, the connection will not return on reboot. You will need to start up a service to automatically connect to the wireless access point.

1. Run rc-update add wpa_supplicant boot to connect to the wireless access point during bootup.
2. Run it manually with /etc/init.d/wpa_supplicant start .

Enable OpenGL (Raspberry Pi 3/4)

Remount the boot partition writeable (i.e. /media/mmcblk0p1 ):

mount /media/mmcblk0p1 -o rw,remount

Add the following lines to /media/mmcblk0p1/config.txt :

256MB (and more on the Raspberry Pi 4) gpu_mem is also possible.

Install the Mesa drivers:

# Raspberry Pi 3: apk add mesa-dri-vc4 # Raspberry Pi 4: apk add mesa-dri-gallium

lbu_commit -d; reboot

WiFi drivers

As of Alpine 3.14, the WiFi drivers for the Raspberry Pi were moved from linux-firmware-brcm to the linux-firmware-cypress package (source?). Since the images seem to be an outdated version of the former, Wi-Fi will work during installation, but after the first update it will break. Use the ethernet interface to download the required packages:

apk add linux-firmware-cypress

Persistent storage

Loopback image with overlayfs

When you install Alpine in diskless mode, the entire system is loaded into memory at boot. If you want additional storage (for example, if you need more space than offered by your RAM) we need to create loop-back storage onto the SD card mounted with overlayfs.

First, make the SD card writable again and change fstab to always do so:

mount /media/mmcblk0p1 -o rw,remount sed -i ‘s/vfat\ ro,/vfat\ rw,/’ /etc/fstab

Create the loop-back file, this example is 1 GB:

dd if=/dev/zero of=/media/mmcblk0p1/persist.img bs=1024 count=0 seek=1048576

Install the ext utilities:

apk add e2fsprogs

Format the loop-back file:

Mount the storage:

echo «/media/mmcblk0p1/persist.img /media/persist ext4 rw,relatime,errors=remount-ro 0 0» >> /etc/fstab mkdir /media/persist mount -a

Make the overlay folders, we are using the /usr directory here, but you can use /home or anything else.

mkdir /media/persist/usr mkdir /media/persist/.work_usr echo «overlay /usr overlay lowerdir=/usr,upperdir=/media/persist/usr,workdir=/media/persist/.work_usr 0 0» >> /etc/fstab mount -a

Your /etc/fstab should look something like this:

/dev/cdrom /media/cdrom iso9660 noauto,ro 0 0 /dev/usbdisk /media/usb vfat noauto,ro 0 0 /dev/mmcblk0p1 /media/mmcblk0p1 vfat rw,relatime,fmask=0022,dmask=0022,errors=remount-ro 0 0 /media/mmcblk0p1/persist.img /media/persist ext4 rw,relatime,errors=remount-ro 0 0 overlay /usr overlay lowerdir=/usr,upperdir=/media/persist/usr,workdir=/media/persist/.work_usr 0 0

Now commit the changes: (optionally remove the e2fsprogs, but it does contain repair tools)

Remember, with this setup if you install things and you have done this overlay for /usr, you must not commit the ‘apk add’, otherwise, while it boots it will try and install it to memory, not to the persistent storage.

If you do want to install something small at boot, you can use `apk add` and `lbu commit -d`.

If it is something a bit bigger, then you can use `apk add` but then not commit it. It will be persistent (in /user), but be sure to check everything you need is in that directory and not in folders you have not made persistent.

Traditional disk-based (sys) installation

It should be merged with Classic install or sys mode on Raspberry Pi. There’s an existing page for sys-installations on RasPi. (Discuss)

It is also possible to switch to a fully disk-based installation. This is not yet formally supported, but can be done somewhat manually. This frees all the memory otherwise needed for the root filesystem, allowing more installed packages.

Split your SD card into two partitions: the FAT32 boot partition described above (in this example it’ll be mmcblk0p1 ) , and a second partition to hold the root filesystem (here it’ll be mmcblk0p2 ). Boot and configure your diskless system as above, then create a root filesystem:

apk add e2fsprogs mkfs.ext4 /dev/mmcblk0p2

Now do a disk install via a mountpoint. The setup-disk script will give some errors about syslinux/extlinux, but you can ignore them. The Raspberry Pi doesn’t need them to boot.

mkdir /stage mount /dev/mmcblk0p2 /stage setup-disk -o /media/mmcblk0p1/MYHOSTNAME.apkovl.tar.gz /stage # (ignore errors about syslinux/extlinux)

Add a line to /stage/etc/fstab to mount the Pi’s boot partition again:

/dev/mmcblk0p1 /media/mmcblk0p1 vfat defaults 0 0

Now add a root=/dev/mmcblk0p2 parameter to the Pi’s boot command line, either cmdline-rpi2.txt or cmdline-rpi.txt depending on model:

mount -o remount,rw /media/mmcblk0p1 sed -i ‘$ s/$/ root=\/dev\/mmcblk0p2/’ /media/mmcblk0p1/cmdline-rpi2.txt

You might also consider overlaytmpfs=yes here, which will cause the underlying SD card root filesystem to be mounted read-only, with an overlayed tmpfs for modifications which will be discarded at shutdown.

N.B. the contents of /boot will be ignored when the Pi boots. It will use the kernel, initramfs, and modloop images from the FAT32 boot partition. To update the kernel, initfs or modules, you will need to manually (generate and) copy these to the boot partition or you could use bind mount, in which case, copying the files to boot partition manually, is not needed.

echo /media/mmcblk0p1/boot /boot none defaults,bind 0 0 >> /etc/fstab

Persistent Installation on Raspberry Pi 3

Persistent Installation on Raspberry Pi 4

As of 3.14, setup-alpine should ask you if you want to create a sys mode partition on your Raspberry Pi 4.

Troubleshooting

Long boot time when running headless

If no peripherals are connected, the system might hang for an exceptionally long period of time while it attempts to accumulate entropy.

If this is the case, simply plugging in any USB device should work around this issue.

Alternatively, installing haveged, the random numbers generator, would speed up the process:

(Tested on a raspberry pi zero W in headless mode, no USB connected, Alpine 3.10.3)

apk indicating ‘No space left on device’

Note some models of the Raspberry Pi such as the 3A+ only have 512M of RAM, which on fresh Alpine deployment will only leave around 200M for tmpfs root. It’s important to keep this limitation in mind when using these boards.

Wireless support with older Alpine images

If you need Wi-Fi, you’ll need to download the latest Broadcom drivers to your SD card. (Replace /mnt/sdcard with the correct mount point.)

Источник

Raspberry Pi Zero W — Installation

Contents

Introduction

This wiki describes how I installed Alpine Linux 3.9.2 armhf on a Raspberry Pi Zero W. I had problems with it initially as WiFi wouldn’t connect when going through the setup-alpine script and when I was able to get it connect (after numerous failed manual attempts) it wouldn’t reconnect on reboot. The solution documented below adds and starts the rngd service prior to running setup-alpine which fixes the wifi connection problems and allows you to walk through the setup script successfully. It also adds the rngd and wpa_supplicant services to start at boot and removes the network service from the rc-update list completely, which seems like the wrong thing to do and probably is — networking still gets started, probably as a dependency to something else, and it starts after rngd and wpa_supplicant, which is what I needed. When the networking service was set to «boot» (which it was out of the box) it was starting before rngd and wpa_supplicant so wlan0 would never connect.

I need to go back through this again but it should work as written. Some steps may not be necessary for your use case and some steps may not be necessary at all, but don’t seem to hurt. I’m still learning about Alpine Linux and hope to improve this process as I do more reading and experimentation.

Update — 7 Dec 2019 — I went through installation again on a Pi Zero W with Alpine 3.10.3 for armhf. First boot after writing the image to the SD card seems to work ok as far as WiFi functionality is concerned. Setup script completes and I was able to connect to WiFi and pull down packages etc. I decided to not install the rngd related packages at this point to see how a reboot looked, answer is not good. The dhcp request just times out. Running setup-alpine again at this point also doesn’t work. If you start over and rewrite the image to the SD card, the first boot will again work ok, it’s only rebooting that breaks Wifi. I think it’s best to follow the steps for installing the rngd related packages and configuring the service to start at boot. Note that you can install what you need on first boot using apk, you don’t need to copy the packages to the SD card offline as written below.

Update — 29 Dec 2019 — See also a method to perform a headless setup: Raspberry Pi — Headless Installation

Write image to SD

First, format an SD card with the FAT filesystem. That can be done with a graphical tool like GParted once the SD card is mounted on your operating system. The following assumes the SD card device is at /dev/sdb1.

Mount the SD card:

sudo mount /dev/sdb1 /mnt

Then, copy the files:

tar -xzvf alpine-rpi-3.9.2-armhf.tar.gz -C /mnt —no-same-owner

If you have no means to mount the SD card normally with an SD reader, it can be mounted via USB via the Raspberry Pi Zero W, using the usbbootgui tool to mount as eMMC/SD card reader. On Ubuntu, this can be installed as follows:

sudo add-apt-repository ppa:rpi-distro/ppa

sudo apt install usbbootgui

A GUI should open as soon as you plug in your Pi; otherwise run

Edit cmdline.txt and add line for serial console (Optional)

This is for my use case and optional if you are using a local keyboard and monitor. I do not connect a keyboard and monitor but rather do the setup via the Pi’s serial GPIO pins.

Create a file called cmdline.txt in the root of the SD card and place the following text in it:

modules=loop,squashfs,sd-mod,usb-storage quiet dwc_otg.lpm_enable=0 console=tty1 console=ttyAMA0,115200

Create usercfg.txt and edit (Optional)

This is mostly optional I believe and applies to my use case where I will be running the Pi in a headless appliance type mode. I reduce the memory allocated for the GPU, turn off audio (not sure I still need this on the Zero W), disable bluetooth (which I think puts the serial console back on the real uart, again, need to double check), add w1 for a temperature sensor, and set the enable_uart to 1 (may not be necessary, need to verify and add comments). This can be done by creating a file called usercfg.txt at the base of the SD card with the following contents:

gpu_mem=16 dtparam=audio=off dtoverlay=pi3-disable-bt dtoverlay=w1-gpio enable_uart=1

Create cache folder and add rng-tools packages

I copied/pasted the following into the cache dir on the SD card. I have another Alpine env to apk fetch packages from (chroot on Fedora)

Boot Pi with prepared SD card, login as root and add packages

I’m still new to Alpine, not sure if the setup-apkcache step is necessary or accomplishes anything here.

# setup-apkcache Enter apk cache directory (or ‘?’ or ‘none’) [/var/cache/apk]: /media/mmcblk0p1/cache/ localhost:

# apk add —allow-untrusted /media/mmcblk0p1/cache/rng-tools-6.3.1-r1.652a1399.apk (1/1) Installing rng-tools (6.3.1-r1) Executing busybox-1.29.3-r10.trigger OK: 8 MiB in 21 packages localhost:

# apk add —allow-untrusted /media/mmcblk0p1/cache/rng-tools-openrc-6.3.1-r1.e9b063f8.apk (1/1) Installing rng-tools-openrc (6.3.1-r1) OK: 8 MiB in 22 packages

Start rngd service

# service rngd start * Caching service dependencies . [ ok ] * Starting rngd . Initalizing available sources [ ok ]

Run setup-alpine. Wifi connection should setup ok with rngd running.

The setup process turns off the rngd service at some point, but that happens after wifi is connected.

Configure services and reboot

Removing networking from boot results in it not being present in any stage which seems like the wrong fix, but it runs after rngd and wpa_supplicant, which is what we want:

# rc-update add rngd boot * service rngd added to runlevel boot pet-protect:

# rc-update add wpa_supplicant boot * service wpa_supplicant added to runlevel boot pet-protect:

# rc-update del networking boot * service networking removed from runlevel boot pet-protect:

# rc-update -u * Caching service dependencies . [ ok ] pet-protect:

Источник