Installing Alpine Linux on PCEngines APU1C4

After some deliberation, due to the nature of my work, I decided to install Linux on my firewall. I basically have to interact with iptables five days a week, and my skills with it are seriously lacking, BSD’s pf(4) utterly spoils us in it’s simplicity!

I considered Ubuntu, but after some research, Alpine looked very interesting so I gave that a go instead. I’m extremely happy with Alpine, it keeps the partitions mounted read-only at runtime, with a convenient lbu utility to commit the configuration to disk for you. As long as it’s not during one of these writes, you can pull the power at any point and the system will recover without issue. I gushed a bit more about Alpine on the related journal entry, so here’s how to install it (because the documentation is pretty piss-poor online).

Create a bootable filesystem on a USB drive and boot the APU

Download alpine-standard-3.7.0-x86_64.iso and write it to a USB or SD card, I used Rufus but dd will work fine too. Then mount the device (it’s FAT, so you can do this under Windows with a suitable text editor) and add the line “serial” to the top of syslinux.cfg:

serial 0 115200
DEFAULT loadconfig

LABEL loadconfig
  CONFIG /boot/syslinux/syslinux.cfg
  APPEND /boot/syslinux/

Next, edit boot/syslinux/syslinux.cfg and add the serial console option to the append line:

DEFAULT hardened

LABEL hardened
MENU LABEL Linux hardened
KERNEL /boot/vmlinuz-hardened
INITRD /boot/initramfs-hardened
APPEND modules=loop,squashfs,sd-mod,usb-storage quiet nomodeset console=ttyS0,115200

Now eject (cleanly unmount) the filesystem, put the USB into the APU along with an empty (or unneeded) SD card, connect your serial console, boot the APU and if necessary press F12 when prompted and boot from the correct device.

After some seconds, you should be presented with the Alpine login screen, login as root to proceed.

Configure Alpine

Run setup-alpine to configure the system to your liking - I configured eth0 (the port closest to the serial console on the APU1) to use DHCP. I set a few other things like my time zone, and configured updates to be saved to USB. I left SSH options as default, and disabled NTP.

Now run adduser fwaggle (replacing with your desired username), setting an appropriate password.

Finally, run lbu commit to save the configuration changes to USB, and then reboot and see what happens. With any luck, the machine will come right back in some 30 seconds having remembered all your settings.

Other tasks

You may want a few of these things:




Filed under:


Navigation: Older Entry