neale
/
toolbox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Working version

This commit is contained in:
Neale Pickett 2023-12-20 20:04:23 +00:00
commit 4ebf8a33fc
8 changed files with 121 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Containerfile Normal file
View File

@ -0,0 +1,5 @@
FROM alpine
RUN apk update
RUN apk add alpine-conf doas runit openssh-server
COPY etc/ /etc/
CMD [ "/sbin/runit" ]

65
README.md Normal file
View File

@ -0,0 +1,65 @@
Alpine Toolbox
==============
This is a little Alpine container I run to provide SSH logins with a bunch of tools.
Persistence
----------
If `/mnt/toolbox` exists,
toolbox will persist installed packages and system changes
by using methods that already exist in arch.
* [Alpine Local Backup](https://wiki.alpinelinux.org/wiki/Alpine_local_backup)
is pre-configured to use `/mnt/toolbox/lbu`.
* [Local APK cache](https://wiki.alpinelinux.org/wiki/Local_APK_cache)
is pre-configured to use `/mnt/toolbox/apk`.
It's important to `lbu` that your machine have a hostname.
If you change hostnames,
you will need to rename files in `/mnt/toolbox/lbu`.
```
podman run \
--hostname toolbox \
--volume /path/to/toolbox:/mnt/toolbox \
git.woozle.org/neale/toolbox
```
First Run
---------
You may want to `podman exec` into the container,
in order to edit `/etc/doas.conf`
set up user accounts,
and/or install ssh `authorized_keys`.
Once set up,
you should be able to ssh in for most of your needs.
Why This Exists
---------------
I run my server in Alpine's "diskless mode".
The Raspberry Pi uses a MicroSD card,
which will "wear out" after many writes.
This means my system runs entirely in RAM.
However, I also like my creature comforts.
Running a more robust installation in a container
allows me to use my magnetic storage for the larger system,
and install and remove packages when I like,
without worrying about wearing out the MicroSD card.
Shout Out
---------
Alpine Linux is cool.
It provides all the difficult parts of this,
I just had to set up some config files.
The really cool part is that my container works the same way as the host it runs on!

5
build.sh Executable file
View File

@ -0,0 +1,5 @@
#! /bin/sh
image=git.woozle.org/neale/toolbox
podman build --tag $image .
podman push $image

16
etc/lbu/lbu.conf Normal file
View File

@ -0,0 +1,16 @@
# what cipher to use with -e option
DEFAULT_CIPHER=aes-256-cbc
# Uncomment the row below to encrypt config by default
# ENCRYPTION=$DEFAULT_CIPHER
# Uncomment below to avoid <media> option to 'lbu commit'
# Can also be set to 'floppy'
# LBU_MEDIA=mmcblk0p1
# Set the LBU_BACKUPDIR variable in case you prefer to save the apkovls
# in a normal directory instead of mounting an external media.
LBU_BACKUPDIR=/mnt/toolbox/backups
# Uncomment below to let lbu make up to 3 backups
# BACKUP_LIMIT=3

20
etc/runit/1 Executable file
View File

@ -0,0 +1,20 @@
#! /bin/sh
error () {
printf '\033[31mFLAGRANT SYSTEM ERROR\033[0m - %s' "$*" >> /etc/motd
}
echo "*** Setting up directories"
[ -d /mnt/toolbox ] && mkdir -p /mnt/toolbox/lbu /mnt/toolbox/apk
[ -d /etc/apk/cache ] || ln -s /mnt/toolbox/apk /etc/apk/cache
echo "*** Restoring system from backup"
apkovl=/mnt/toolbox/lbu/$(hostname).apkovl.tar.gz
if [ -f $apkovl ]; then
tar xf $apkovl || error "restoring system: untar $apkovl failed"
else
echo "$apkovl missing, skipping restore"
fi
echo "*** Updating packages"
apk fix

3
etc/runit/2 Executable file
View File

@ -0,0 +1,3 @@
#! /bin/sh
exec /sbin/runsvdir /etc/service

3
etc/runit/3 Executable file
View File

@ -0,0 +1,3 @@
#! /bin/sh
echo "*** Goodbye."

4
etc/service/sshd/run Executable file
View File

@ -0,0 +1,4 @@
#! /bin/sh
ssh-keygen -A
/usr/sbin/sshd -D