selfhosted-apps-docker/arch_linux_host_install/readme.md
DoTheEvolution 592de7705b update
2020-05-10 03:32:48 +02:00

6.1 KiB

Arch Linux installation to serve as a docker host

guide by example

logo

Purpose

Linux that will run docker.

This is not a hand hodling guide how to install arch.
It's more of a what to do if you already done it and know what you are doing.
Google for plenty of tutorials and youtube videos alongside arch wiki.

Files and directory structure

/home/
└── bastard/
    └── docker/
        ├── container-setup #1
        ├── container-setup #2
        ├── ...

Make installation usb

wiki

sudo dd bs=4M if=archlinux-2020.05.01-x86_64.iso of=/dev/sdX status=progress oflag=direct

The above command will fuck your machine up if you dunno what you are doing.

Boot from the usb

This is BIOS/MBR setup as I am running on an old thinkpad with a busted screen, plus I like the simplicity of it.
So if theres boot menu option choose non-uefi.

Installation

  • create a single partition and mark it bootable
    cfdisk /dev/sda
  • build ext4 filesystem on it
    mkfs.ext4 /dev/sda1
  • mount the new partition
    mount /dev/sda1 /mnt
  • choose geographicly close mirror, ctrl+k deletes a line in nano
    nano /etc/pacman.d/mirrorlist
  • install the base system
    pacstrap /mnt base linux linux-firmware base-devel grub dhcpcd nano
  • gnerate fstab
    genfstab -U /mnt > /mnt/etc/fstab
  • chroot in to the new system
    arch-chroot /mnt
  • install grub
    grub-install /dev/sda
    grub-mkconfig -o /boot/grub/grub.cfg
  • remove the bootable media and restart the machine
    exit
    reboot

Basic configuration after the first boot

  • login as root
  • set password for root
    passwd
  • set hostname
    echo docker-host > /etc/hostname
  • add new user and set their password
    useradd -m -G wheel bastard
    passwd bastard
  • edit sudoers to allow users of the group wheel to sudo
    EDITOR=nano visudo
    %wheel ALL=(ALL) ALL
  • check the network interface name
    ip link
  • enable aquiring dynamic IP
    systemctl enable --now dhcpcd@enp0s25
  • uncomment desidred locales in locale.gen
    nano /etc/locale.gen
  • generate new locales and set one system wide
    locale-gen
    localectl set-locale LANG=en_US.UTF-8
  • select timezone and set it permanent
    tzselect
    timedatectl set-timezone 'Europe/Bratislava'
  • set hardware clock and sync using ntp
    hwclock --systohc --utc
    timedatectl set-ntp true
  • setup a swap file
    fallocate -l 8G /swapfile
    chmod 600 /swapfile
    mkswap /swapfile
    nano /etc/fstab
    /swapfile none swap defaults 0 0
  • reboot
    reboot

SSH, ZSH, Docker, AUR

From now on its login as non-root user.

Setup SSH access

wiki

  • install openssh package
    sudo pacman -S openssh
  • edit sshd_config
    sudo nano /etc/ssh/sshd_config
    PermitRootLogin prohibit-password
    PasswordAuthentication yes
  • enable sshd service
    sudo systemctl enable --now sshd

ZSH shell

wiki

I like Zim, it's the fastest zsh framework and out of the box setup nicely

  • install zsh and curl packages
    sudo pacman -S zsh curl
  • install zim, it changes users default shell to zsh
    curl -fsSL https://raw.githubusercontent.com/zimfw/install/master/install.zsh | zsh
Adding stuff to .zshrc

export EDITOR=nano

for ctrl+f prepending sudo

add_sudo (){
    BUFFER="sudo $BUFFER"
    zle -w end-of-line
}
zle -N add_sudo
bindkey "^f" add_sudo

Setup docker

Wiki

  • have docker and docker-compose packages installed
    sudo pacman -S docker docker-compose
  • enable docker service
    sudo systemctl enable --now docker
  • add non-root user to the docker group
    sudo gpasswd -a bastard docker

Access to AUR

Using Yay.

  • install git package
    sudo pacman -S git
  • install yay
    git clone https://aur.archlinux.org/yay-bin.git
    cd yay-bin && makepkg -si
    cd .. && rm -rf yay-bin

ctop and inxi are good AUR packages.

Extra stuff

wiki - general general recommendations
wiki - improving performance

Some packages

Tools

  • sudo pacman -S fuse curl wget vim nnn bind-tools borg python-llfuse

Monitoring and testing

  • sudo pacman -S htop lm_sensors iotop powertop iproute2

Performance and maintenance

  • install cron and enable the service
    sudo pacman -S cronie
    sudo systemctl enable --now cronie
  • if ssd, enable periodic trim
    sudo pacman -S util-linux
    sudo systemctl enable --now fstrim.timer
  • set noatime in fstab to prevent unnecessary keep of read times
    sudo nano /etc/fstab
    UUID=cdd..addb / ext4 rw,noatime 0 1
  • enable use of all cpu cores for makepkg jobs and disable compression
    sudo nano /etc/makepkg
    MAKEFLAGS="-j$(nproc)"
    PKGEXT='.pkg.tar'
  • clean up old packages weekly, keep last 3
    sudo pacman -S pacman-contrib
    sudo systemctl enable --now paccache.timer
  • use reflector to get the fastes mirrors based on country -c <country code>
    sudo pacman -S reflector
    sudo reflector -l 200 -n 20 -c SK -c CZ -p http --sort rate --save /etc/pacman.d/mirrorlist

Comfort

  • enable colors in pacman.conf
    sudo nano /etc/pacman.conf
    Color