-
Notifications
You must be signed in to change notification settings - Fork 0
Configure Alpine Linux
Danny Bouwers edited this page Nov 26, 2022
·
3 revisions
To install Docker and Docker-Compose, community repositories should be enabled. Edit the file /etc/apk/repositories using an editor (e.g. vi) and uncomment the line that points to the "community" directory (i.e. https://<mirror-server>/alpine/<version>/community).
apk update # update package list since community repository is added
apk add docker docker-compose # install docker and docker compose
rc-update add docker boot # configure docker to start at boot
service docker start # start dockerLogin on the server as root and create a user
adduser USERNAME
# set any easy password, we are removing it anyway
addgroup USERNAME docker
addgroup USERNAME usersapk add openssh
rc-update add sshd
service sshd startFor optimal security, I don't want to expose the root user to SSH and only create SSH enabled users without password (but with keys).
Add your public key by running this command on the machine from which you want to login (assuming you already generated a key pair)
ssh-copy-id -i ~/.ssh/id_rsa.pub USERNAME@SERVER
# If you don't own the private key (e.g. the key for your cloud CI/CD provider)
# cat ~/.ssh/KEY.pub | ssh USERNAME@SERVER "cat - >> ~/.ssh/authorized_keys"Back on the server, harden your SSH config
sed -i 's|\(USERNAME\):[^:]*:|\1:\*:|' /etc/shadow # completely disable password login for user
sed -i 's|^.\?\+PasswordAuthentication yes$|PasswordAuthentication no|g' /etc/ssh/sshd_config # disable disable password login for SSH
sed -i 's|^PermitRootLogin yes$|PermitRootLogin no|g' /etc/ssh/sshd_config # disable SSH access for root user
service sshd restart