diff --git a/README.md b/README.md index 98c4bad..1f237ad 100644 --- a/README.md +++ b/README.md @@ -29,6 +29,14 @@ doas apk update doas apk upgrade ``` +## Usable editor by default (not vi) + +``` +doas apk add micro +echo "export EDITOR=micro" >>.profile +echo "permit setenv { EDITOR=\$EDITOR } nopass :wheel as root" | tee -a /etc/doas.d/doas.conf +``` + ## Installing river ``` @@ -106,6 +114,12 @@ For time to work, doas apk add tzdata ``` +For icons to work, +``` +doas apk add font-roboto +``` +(do not add `font-awesome`, for some reason it looks awful, kerning is terrible, and the text is all-caps in waybar with it) + ### HiDPI ``` @@ -270,7 +284,7 @@ But sometimes network disappears after wakeup. For suspend on lid close and unsuspend on open, follow https://wiki.alpinelinux.org/wiki/Suspend_on_LID_close : ``` doas mkdir -p /etc/acpi/LID -doas nano /etc/acpi/LID/00000080 +doas micro /etc/acpi/LID/00000080 ``` should have the following content ``` @@ -293,7 +307,7 @@ Otherwise, alpine wiki describes how to configure WiFi using `iwd`. ``` doas apk add light -doas nano /etc/udev/rules.d/backlight.rules +doas micro /etc/udev/rules.d/backlight.rules ``` add the following lines into backlight.rules to make it possible for all users in video group (not just superusers) to control backlight: ``` @@ -511,7 +525,7 @@ If there are no IPv4 address for eth0, you'll have to configure it manually, by editing `/etc/network/interfaces`. The easiest way to do it is by ``` -doas nano ~/.local/share/lxc/CONTAINERNAME/rootfs/etc/network/interfaces` +doas micro ~/.local/share/lxc/CONTAINERNAME/rootfs/etc/network/interfaces` ``` on the host. @@ -538,10 +552,10 @@ echo nameserver 8.8.8.8 >> /etc/resolv.conf echo nameserver 8.8.4.4 >> /etc/resolv.conf ``` -(or add them using nano on the host, as you did for interfaces) +(or add them using micro on the host, as you did for interfaces) Make sure `ping 8.8.8.8` works. -APK should work too: `apd add nano neofetch` +APK should work too: `apk add micro neofetch` #### Creating an user inside container @@ -549,12 +563,12 @@ In container root shell: ``` adduser -g USERNAME USERNAME adduser USERNAME wheel -echo "permit persist :wheel" > /etc/doas.d/doas.conf +echo "permit persist :wheel" >> /etc/doas.d/doas.conf ``` Now exit root shell (just with `exit`), and try `lxc-console -n CONTAINERNAME`. You should be able to log in using the new username and password. -(To exit lxc console, use Ctrl+A, Q) +(To exit lxc console, use Ctrl+A, Q). ### Alternatively: unprivileged LXC using LXD @@ -597,8 +611,32 @@ doas lxc exec test-alpine-container -- /bin/ash ``` Networking should work inside of container. +#### OpenSSH + +With password-based auth (not recommended): in container (from root, `lxc-attach`/`lxc exec`) + +``` +apk add openssh +rc-update add sshd +rc-service sshd start +``` + +Check IP of container with `ifconfig`, and then on host, +``` +doas apk add openssh-client +ssh CONTAINER_IP +``` + +With keys-based auth: TODO + ### Docker +For container terminal apps to be usable: + +``` +doas apk add ncurses-terminfo +``` + #### (inside LXC) TODO once nesting in LXC works (reference: https://discuss.linuxcontainers.org/t/lxc-on-alpine-host-sys-fs-cgroup-is-not-mounted-into-unprivileged-alpine-guest/15026/1) @@ -611,11 +649,16 @@ doas apk add docker doas rc-update docker start doas docker run hello-world ``` +in the guest. + +For networked docker containers, `doas lxc config edit CONTAINERNAME`, +add `linux.kernel_modules: br_netfilter` to the `config:` section, +and restart container (`doas lxc restart CONTAINERNAME`). ## TODO * Fix internal mic -* Docker +* Docker in containers ran by unprivileged users * IDE (code-oss?) * Make river usable * Make waybar usable (+waybar fonts)