[[Image:package_edutainment.svg|right|link=]]
{{TOC left}}

'''Welcome to Tutorials and Howtos, a place of basic and advanced configuration tasks for your Alpine Linux.'''

'''Howtos are smaller articles''' explaining how to perform a particular task with Alpine Linux, that expects a minimal knowledge from reader to perform actions. Howto's have been organized in the below page based on the topics.

'''The [[#Tutorials|tutorials]] are hands-on''' and the reader is expected to try and achieve the goals described in each step, possibly with the help of a good example. The output in one step is the starting point for the following step.

{{Note|
* Contributors are requested to refer to [[Help:Editing]] first and make use of resources like [[How to write a HOWTO]].
* Contributions must be complete articles.
* Don't override already made contributions, unless there is a mistake.
* If you want to request a topic, please add your request in this page's [[Talk:Tutorials_and_Howtos|Discussion]].}}

== Desktop ==

* {{:Daily driver guide}}

=== Networking ===

* [[Bluetooth]] - Instructions for installing and configuring Bluetooth
* [[Bonding]] - Bond (or aggregate) multiple ethernet interfaces
* [[Bridge]] - Configuring a network bridge
** [[Bridge wlan0 to eth0]]
* [[Configure Networking]]
* [[How to configure static routes]]
* Modem
** [[Using HSDPA modem]]
** [[Using serial modem]]
* [[mDNS]] - Howto implement multicast DNS resolution in Alpine.
* [[Multi ISP]] ''(Dual-ISP setup with load-balancing and automatic failover)''
* [[PXE boot]]
* Wi-Fi
** [[Wi-Fi|Connecting to a wireless access point]]
** [[How to setup a wireless access point]] ''(Setting up Secure Wireless AP w/ WPA encryption with bridge to wired network)''
* Use [https://github.com/ifupdown-ng/ifupdown-ng/blob/main/doc/interfaces-vxlan.scd vxlan], if using [[Ifupdown-ng]] instead of [[VLAN]]
* [[Setting up a Home Router]]

=== Backup and data migration ===

* [[Migrating data]]
* [[Rsnapshot]] - setting up periodic backups

=== Other topics ===

* [[Gaming on Alpine]]
* [[Remote Desktop Server]]
* [[Default applications|How to change default application]]
* [[CPU frequency scaling]]
* [[Mimalloc]]
* [[Enable Serial Console on Boot]]
* [[How to build the Alpine Linux kernel]]
* [[Nextcloud]] ''(Self hostable cloud suite - Dropbox Alternative)''
* [[Setting up lm_sensors]]
* [[Fingerprint Authentication with swaylock]]
* [[Mounting a LUKS Encrypted Data Partition at Boot]]
* [[Desktop environments and Window managers|List of supported Desktop environments and Window managers]]

== Diskless ==

* [[Alpine local backup|Alpine local backup (lbu)]] ''(Permanently store your modifications in case your box needs reboot)''
** [[Back Up a Flash Memory Installation]]
** [[Manually editing a existing apkovl]]

== Other Architectures ==

=== APU (PCEngines) ===

* [[Alpine Install: from a disc to PC Engines APU|Alpine on PC Engines APU]]
* [https://github.com/huubsch/Installation-of-Alpine-Linux-on-PC-Engines-APU3/tree/main?tab=readme-ov-file Installation of Alpine Linux on PCEngines APU, legacy BIOS]

=== ARM ===

* [[Alpine on ARM]]

==== Raspberry Pi ====

* [[Raspberry Pi|Raspberry Pi main page]]
* [[Raspberry Pi Bluetooth Speaker|Raspberry Pi - Bluetooth Speaker]]
* [[Linux Router with VPN on a Raspberry Pi|Raspberry Pi - Router with VPN]]
* [[Linux Router with VPN on a Raspberry Pi (IPv6)|Raspberry Pi - Router with VPN (IPv6)]]
* [[Classic install or sys mode on Raspberry Pi|Raspberry Pi - Sys mode install]]
* [[Raspberry Pi LVM on LUKS|Raspberry Pi - Sys mode install - LVM on LUKS]]
* [[RPI Video Receiver|Raspberry Pi - Video Receiver]] ''(network video decoder using Rasperry Pi and omxplayer)''
* [[Raspberry Pi 3 - Browser Client]] - kiosk or digital sign
* [[Raspberry Pi 3 - Configuring it as wireless access point -AP Mode]]
* [[Raspberry Pi 3 - Setting Up Bluetooth]]
* [[Raspberry Pi 4 - Persistent system acting as a NAS and Time Machine]]
* [[Raspberry_Pi_Zero_W_-_Installation|Raspberry Pi Zero W - Installation]]
* [[How to set up Alpine as a wireless router|Raspberry Pi Zero W - Wireless router]] ''(Setting up a firewalled, Wireless AP with wired network on a Pi Zero W)''

=== IBM Z (IBM z Systems) ===

* [[s390x|s390x - Installation]]

=== PowerPC ===

* [[Ppc64le|Powerpc64le - Installation]]

== Security ==

* [[#Desktop security|Desktop security]] lists steps for securing Alpine Linux desktops
* [[Setting up a laptop]] page has detailed guidelines to configure a secured laptop
* [[Securing Alpine Linux|Secure Alpine Linux]] using Security Technical Implementation Guides (STIGs)
* [[Sshguard|SSHGuard]] - Protects hosts against brute-force attacks: monitoring logs, attack detection, blocking using firewall.

== Services ==

{{Note| Services are arranged in alphabetical order.}}

=== Content management systems ===

* [[DokuWiki]] ''(Simple and easy to use wiki, no database required)''
* [[Drupal]] ''(Content Management System (CMS) written in PHP)''
* [[Kopano]] ''(Microsoft Outlook compatible Groupware)''
* [[Mahara]] ''(E-portfolio and social networking system)''
* [[MediaWiki]] ''(Free web-based wiki software application)''
* [[Pastebin]] ''(Pastebin software application)''
* [[WordPress]] ''(Web software to create website or blog)''
* [[Moodle]] ''(Online Learning Management system)''

=== Database ===

* [[MariaDB]] or [[MySQL|MySQL]]

=== DNS ===

* [[DNSCrypt-Proxy]] ''Encrypt and authenticate DNS calls from your system''
* [[Setting up nsd DNS server]]
* [[Small-Time DNS with BIND9]] ''(A simple configuration with ad blocking for your home network)''
* Unbound
** [[Setting up unbound DNS server]]
** [[Using Unbound as an Ad-blocker]] ''(Setup ad blocking for your network)''
* [[TinyDNS Format]]

=== File server ===

* [[Setting up an NFS server|nfs-server]]
* [[Setting up a Samba server|samba-server]] ''(standard file sharing)''
* [[Setting up a samba-ad-dc|samba-ad-dc]] ''(Active Directory compatible domain controller)''

=== Firewall ===

* [https://git.alpinelinux.org/awall/about/ Alpine Wall User's Guide]
** [[Zero-To-Awall]] -''AWall for dummies''
** [[How-To Alpine Wall]] - ''AWall for Shorewall users''
** [[Alpine Wall]] - ''AWall - Firewall management framework - Design Document''
* [[Iptables]]
* [[nftables]]
* [[Uncomplicated Firewall|Uncomplicated Firewall or UFW]]

=== HTTP and web services ===

* [[Althttpd]]
* [[Apache]]
** [[Apache with php-fpm]]
** [[Setting Up Apache with PHP]]
** [[Apache authentication: NTLM Single Signon]]
* [[Darkhttpd]]
* [[Lighttpd]]
** [[Lighttpd Advanced security]]
** [[Setting Up Lighttpd With FastCGI]]
** [[Production Web server: Lighttpd|Production web server: Lighttpd‎‎]]
* [[Nginx]]
** [[Nginx as reverse proxy with acme (letsencrypt)]]
** [[Nginx with PHP]]
* Squid Proxy
** [[Setting up Explicit Squid Proxy]]
** [[Setting up Transparent Squid Proxy]] ''(Covers Squid proxy and URL Filtering system)''
** [[SqStat]] ''(Script to look at active squid users connections)''
* [[Tomcat]]
** [[Production LAMP system: Lighttpd + PHP + MySQL‎‎|Production LAMP system: Lighttpd + PHP + MariaDB/MySQL‎‎]]

=== IRC ===

* [[NgIRCd]] ''(Server for Internet Relay Chat/IRC)''

=== Mail ===

* [[Hosting services on Alpine]] ''(Hosting mail, webservices and other services)''
* [[Hosting Web/Email services on Alpine]]
* Exim/Dovecot
** [[Small-Time Email with Exim and Dovecot]] ''(A simple configuration for your home network.)
** [[Setting up dovecot with imap and tls]]
* [[relay email to gmail (msmtp, mailx, sendmail]]
* [[relay email (nullmailer)]]
* [[Roundcube]] ''(Webmail system)''
* [[Setting up postfix with virtual domains]]
* Server protection
** [[Setting up clamsmtp]]

=== Monitoring ===

* [[Awstats]] ''(Free log file analyzer)''
* [[Cacti: traffic analysis and monitoring network]] ''(Front-end for rrdtool networking monitor)''
* [[Cvechecker]] ''(Compare installed packages for Common Vulnerabilities Exposure)'' 
* [[Linfo]]
* [[Obtaining user information via SNMP]] ''(Using squark-auth-snmp as a Squid authentication helper)'' 
* [[PhpSysInfo]] ''(A simple application that displays information about the host it's running on)''
* [[Logcheck]] ''(log file monitoring tool)''
* [[Matomo]] ''(A real time web analytics software program)''
* [[Rasdaemon]] ''(Platform Reliability, Availability and Serviceability monitoring tool)''
* [[Setting up A Network Monitoring and Inventory System]] ''(Nagios + OpenAudit and related components)'' 
** [[Setting up NRPE daemon]] ''(Performs remote Nagios checks)'' 
* [[Setting Up Fprobe And Ntop|Ntop]] ''(NetFlow collection and analysis using a remote fprobe instance; for alpine 3.10-3.12 only)'' 
* [[SqStat]] ''(Script to look at active squid users connections)''
* [[Traffic monitoring]] 
** [[Setting up monitoring using rrdtool (and rrdcollect)]]
** [[Setting up traffic monitoring using rrdtool (and snmp)]] 
* [[Zabbix|Zabbix - the professional complete manager]] ''(Monitor and track the status of network services and hardware)''
* [[ZoneMinder video camera security and surveillance]]

=== Remote Administration ===

* ACF
** [[Changing passwords for ACF|ACF - changing passwords]]
** [[Generating SSL certs with ACF]] 
** [[setup-acf| ACF - setup]] ''(Configures ACF (webconfiguration/webmin) so you can manage your box through https)''
* [[Setting up a SSH server]] ''(Using ssh is a good way to administer your box remotely)''
** [[HOWTO OpenSSH 2FA with password and Google Authenticator |OpenSSH 2FA]] ''(A simple two factor setup for OpenSSH)''
* [[OpenVCP]] ''(VServer Control Panel)''
* [[PhpMyAdmin]] ''(Web-based administration tool for MYSQL)''
* [[PhpPgAdmin]] ''(Web-based administration tool for PostgreSQL)''
* [[Webmin]] ''(A web-based interface for Linux system)''

=== Telephony ===

* [[FreePBX|FreePBX on Alpine Linux]]
* [[Setting up Zaptel/Asterisk on Alpine]]
* [[Kamailio]] ''(SIP Server, formerly OpenSER)''

=== VPN ===
* [[Freeradius Active Directory Integration]]
* [[GNUnet]]
* [[IGMPproxy]]
* [[Setting up a OpenVPN server|OpenVPN server]] ''(Allowing single users or devices to remotely connect to your network)''
* [[OpenVSwitch]]
* [[Openconnect-SSO in Docker]]
* [[Tor]]
* [[Using Alpine on Windows domain with IPSEC isolation]]
* [[Configure a Wireguard interface (wg)|Wireguard]]
* [[Vpnc]]

=== Other Servers ===

* [[apcupsd]] ''(UPS Monitoring with apcupsd)''
* [[Chrony and GPSD | Chrony, gpsd, and a garmin LVC 18 as a Stratum 1 NTP source ]]
* [[Glpi]] ''(Manage inventory of technical resources)''
* [[How to setup a Alpine Linux mirror]]
* [[nut-ups|NUT UPS]] ''(UPS Monitoring with Network UPS Tools)''
* [[Odoo]]
* [[Configure OpenLDAP | OpenLDAP]] ''(Installing and configuring the Alpine package for OpenLDAP)''
* [[Setting up a LLDAP server|lldap-server]] ''(Directory Server)''
* [[Setting up Transmission (bittorrent) with Clutch WebUI]]

== Software development ==

* [[Cgit]]
* [[OsTicket]] ''(Ticket system)''
* [[Patchwork]] ''(Patch review management system)''
* [[Redmine]] ''(Project management system) [Deprecated]''
* [[Request Tracker]] ''(Ticket system)''
* [[Setting up trac wiki|Trac]] ''(Enhanced wiki and issue tracking system for software development projects)''
* [[Ansible]] ''(Configuration management)''
* [[Installing Oracle Java|Oracle Java (installation)]]

== Storage ==

* [[Setting up disks manually|Manual partitioning]]
* [[Disk Replication with DRBD|DRBD: Disk Replication]]
* [[Filesystems]]
** [[Burning ISOs]]
* [[Setting up iSCSI|iSCSI Setup]]
** [[iSCSI Raid and Clustered File Systems]]
** [[Linux iSCSI Target (TCM)|iSCSI Target (TCM)/LinuxIO (LIO)]]
** [[Linux iSCSI Target (tgt)|User space iSCSI Target (tgt)]]
* [[Setting up Logical Volumes with LVM|LVM Setup]]
** [[Setting up LVM on GPT-labeled disks|LVM on GPT-labeled disks]]
** [[Installing on GPT LVM|LVM on GPT-labeled disks (updated)]]
** [[LVM on LUKS]]
* RAID
** [[Raid Administration]]
** [[Setting up a software RAID array]]
* [[ZFS]]
** [[Root on ZFS with native encryption]]
** [[Setting up ZFS on LUKS]]
* [[CEPH|CEPH]]

== Virtualization ==

* [[Docker]]
* [[Installing Alpine in a virtual machine]]
** [[Install Alpine on VMware ESXi]]
* [[KVM]] ''(Setting up Alpine as a KVM hypervisor)''
* [[LXC]] ''(Setting up a Linux container in Alpine Linux)''
* [[QEMU]]
* Xen
** [[Xen Dom0]] ''(Setting up Alpine as a dom0 for Xen hypervisor)''
** [[Xen Dom0 on USB or SD]]
** [[Create Alpine Linux PV DomU|Xen DomU (paravirtualized)]]
** [[Xen LiveCD]]
** [[Xen PCI Passthrough]]
** [[K8s]] Building a K8s Kubernetes Cluster on Alpine Linux
* [[Runc]]

== [[Simple_Walkthrough]] ==
* [[About-virtualization-simple]]
* [[LXC_Alpinelinux_Simple]]
* [[Qemu-simple]]

== Tutorials ==

* [[TTY_Autologin|TTY Autologin]]
* [[Kexec|Faster rebooting with kexec]]
* [[Dynamic Multipoint VPN (DMVPN)]] combined with [[Small Office Services]]
* [[DIY Fully working Alpine Linux for Allwinner and Other ARM SOCs]]
* [[Fault Tolerant Routing with Alpine Linux]]
* [[High Availability High Performance Web Cache]] ''(uCarp + HAProxy for High Availability Services such as Squid web proxy)''
* [[Linux iSCSI Target (TCM)]]
* [[ISP Mail Server 3.x HowTo]] ''(Postfix+PostfixAdmin+DoveCot+Roundcube+ClamAV+Spamd - A full-service ISP mail server)''
* [[Grommunio Mail Server]] ''(Mariadb+Postfix+Rspamd+Grommunio - Full-service mail server as MS exchange replacement)''
* [[Replacing non-Alpine Linux with Alpine remotely]]
* [[Streaming Security Camera Video with VLC]]
* [[Install Alpine on a btrfs filesystem with refind as boot manager]]
* [[Compile software from source|How to Compile a software from source in Alpine Linux]]
* [https://ww2.coastal.edu/mmurphy2/oer/alpine/ Alpine Linux tutorials - Dr Murphy, Computing Science Associate Professor]
* [[Michael's base installation procedure|Michael's base installation procedure]]
* [[Michael's cwm desktop (minimal)|Michael's cwm desktop (minimal)]]
* [[Michael's sway desktop (minimal)|Michael's Sway desktop (minimal)]]
* [[Sway_customization_guide|Sway customization guide]] ''(Tutorial re Sway config file basics)''
* [[Using Distrobox For VR Gaming|Using Distrobox For VR Gaming]]

Unlock an encrypted data partition on login

2026-02-07T14:40:58Z

Benaki: Blanked the page

Mounting a LUKS Encrypted Data Partition at Boot

2026-02-07T14:38:59Z

Benaki: /* Mounting a LUKS Encrypted Data Partition at Boot */

This guide covers how to set up a secondary LUKS-encrypted partition as a data drive that is automatically unlocked and mounted when Alpine Linux boots. This is useful if, for example, you have a root partition on one drive and want an encrypted data partition on another — or if you simply want a separate encrypted volume for personal data.

== Prerequisites ==

* A spare partition (this guide uses <code>/dev/sda1</code> as an example)
* <code>cryptsetup</code> installed: <code>doas apk add cryptsetup</code>
* An Alpine system using OpenRC (the default)

== 1. Set Up the LUKS Container ==

If you are starting with a fresh or existing partition, format it as a LUKS container. '''This will erase all data on the partition.'''

<pre>
doas cryptsetup luksFormat /dev/sda1
doas cryptsetup luksOpen /dev/sda1 data
doas mkfs.ext4 /dev/mapper/data
doas cryptsetup luksClose data
</pre>

== 2. Create a Keyfile for Automatic Unlocking ==

A keyfile allows the partition to be unlocked at boot without a passphrase prompt. The keyfile itself is stored on your root partition, so it is protected by whatever encryption or access controls that partition has.

<pre>
doas dd if=/dev/urandom of=/etc/crypto_keyfile.bin bs=512 count=1
doas chmod 600 /etc/crypto_keyfile.bin
doas cryptsetup luksAddKey /dev/sda1 /etc/crypto_keyfile.bin
</pre>

Your original passphrase remains as a fallback for manual unlocking.

== 3. Create the Mount Point ==

<pre>
doas mkdir -p /mnt/data
</pre>

== 4. Add an fstab Entry ==

Add the following line to <code>/etc/fstab</code>:

<pre>
/dev/mapper/data /mnt/data ext4 defaults,nofail 0 2
</pre>

The <code>nofail</code> option ensures that if the device or keyfile is missing for any reason, the system will still boot.

== 5. Create an OpenRC Init Script ==

Alpine's OpenRC does not process <code>/etc/crypttab</code> by default. The root partition's LUKS container is typically unlocked via kernel parameters (<code>cryptroot</code>, <code>cryptdm</code>) in the initramfs, not via <code>crypttab</code>. For additional encrypted partitions, you need a custom init script to handle both the unlock and the mount.

Create <code>/etc/init.d/cryptdata</code> with the following contents:

<pre>
#!/sbin/openrc-run
description="Unlock and mount LUKS encrypted data partition"

RC_NEEDED="modules lvm"
RC_AFTER="modules lvm"
RC_BEFORE="local"

start() {
ebegin "Unlocking /dev/sda1"
cryptsetup luksOpen /dev/sda1 data --key-file /etc/crypto_keyfile.bin
eend $?

ebegin "Mounting /mnt/data"
mount /dev/mapper/data /mnt/data
eend $?
}
</pre>

=== Why both unlock and mount in the script? ===

The <code>RC_BEFORE="local"</code> directive is intended to make this script run before OpenRC processes <code>fstab</code> mounts. In practice, the timing is not always reliable, and the mount in <code>fstab</code> may be attempted before the LUKS container is open. Putting the mount directly in the init script guarantees the correct order: unlock first, then mount.

=== Dependencies ===

* <code>RC_AFTER="modules lvm"</code> — ensures kernel modules and LVM volumes are available before this script runs.
* <code>RC_BEFORE="local"</code> — requests that this script runs before the <code>local</code> service, which is where general <code>fstab</code> mounts are processed.

== 6. Enable the Service ==

<pre>
doas chmod +x /etc/init.d/cryptdata
doas rc-update add cryptdata boot
</pre>

== 7. Test ==

Reboot and verify:

<pre>
df -h | grep data
# Should show something like:
# /dev/mapper/data 219G 2.0M 208G 0% /mnt/data
</pre>

You can also confirm the LUKS container is active:

<pre>
doas cryptsetup status data
</pre>

== Manual Unlock (Fallback) ==

If you ever need to unlock the partition by hand (e.g. the keyfile is missing), you can do so with your original passphrase:

<pre>
doas cryptsetup luksOpen /dev/sda1 data
doas mount /dev/mapper/data /mnt/data
</pre>

Mounting a LUKS Encrypted Data Partition at Boot

2026-02-07T14:38:45Z

Benaki: Created page with "= Mounting a LUKS Encrypted Data Partition at Boot = This guide covers how to set up a secondary LUKS-encrypted partition as a data drive that is automatically unlocked and mounted when Alpine Linux boots. This is useful if, for example, you have a root partition on one drive and want an encrypted data partition on another — or if you simply want a separate encrypted volume for personal data. == Prerequisites == * A spare partition (this guide uses <code>/dev/sda1</..."

= Mounting a LUKS Encrypted Data Partition at Boot =

This guide covers how to set up a secondary LUKS-encrypted partition as a data drive that is automatically unlocked and mounted when Alpine Linux boots. This is useful if, for example, you have a root partition on one drive and want an encrypted data partition on another — or if you simply want a separate encrypted volume for personal data.

== Prerequisites ==

* A spare partition (this guide uses <code>/dev/sda1</code> as an example)
* <code>cryptsetup</code> installed: <code>doas apk add cryptsetup</code>
* An Alpine system using OpenRC (the default)

== 1. Set Up the LUKS Container ==

If you are starting with a fresh or existing partition, format it as a LUKS container. '''This will erase all data on the partition.'''

<pre>
doas cryptsetup luksFormat /dev/sda1
doas cryptsetup luksOpen /dev/sda1 data
doas mkfs.ext4 /dev/mapper/data
doas cryptsetup luksClose data
</pre>

== 2. Create a Keyfile for Automatic Unlocking ==

A keyfile allows the partition to be unlocked at boot without a passphrase prompt. The keyfile itself is stored on your root partition, so it is protected by whatever encryption or access controls that partition has.

<pre>
doas dd if=/dev/urandom of=/etc/crypto_keyfile.bin bs=512 count=1
doas chmod 600 /etc/crypto_keyfile.bin
doas cryptsetup luksAddKey /dev/sda1 /etc/crypto_keyfile.bin
</pre>

Your original passphrase remains as a fallback for manual unlocking.

== 3. Create the Mount Point ==

<pre>
doas mkdir -p /mnt/data
</pre>

== 4. Add an fstab Entry ==

Add the following line to <code>/etc/fstab</code>:

<pre>
/dev/mapper/data /mnt/data ext4 defaults,nofail 0 2
</pre>

The <code>nofail</code> option ensures that if the device or keyfile is missing for any reason, the system will still boot.

== 5. Create an OpenRC Init Script ==

Alpine's OpenRC does not process <code>/etc/crypttab</code> by default. The root partition's LUKS container is typically unlocked via kernel parameters (<code>cryptroot</code>, <code>cryptdm</code>) in the initramfs, not via <code>crypttab</code>. For additional encrypted partitions, you need a custom init script to handle both the unlock and the mount.

Create <code>/etc/init.d/cryptdata</code> with the following contents:

<pre>
#!/sbin/openrc-run
description="Unlock and mount LUKS encrypted data partition"

RC_NEEDED="modules lvm"
RC_AFTER="modules lvm"
RC_BEFORE="local"

start() {
ebegin "Unlocking /dev/sda1"
cryptsetup luksOpen /dev/sda1 data --key-file /etc/crypto_keyfile.bin
eend $?

ebegin "Mounting /mnt/data"
mount /dev/mapper/data /mnt/data
eend $?
}
</pre>

=== Why both unlock and mount in the script? ===

The <code>RC_BEFORE="local"</code> directive is intended to make this script run before OpenRC processes <code>fstab</code> mounts. In practice, the timing is not always reliable, and the mount in <code>fstab</code> may be attempted before the LUKS container is open. Putting the mount directly in the init script guarantees the correct order: unlock first, then mount.

=== Dependencies ===

* <code>RC_AFTER="modules lvm"</code> — ensures kernel modules and LVM volumes are available before this script runs.
* <code>RC_BEFORE="local"</code> — requests that this script runs before the <code>local</code> service, which is where general <code>fstab</code> mounts are processed.

== 6. Enable the Service ==

<pre>
doas chmod +x /etc/init.d/cryptdata
doas rc-update add cryptdata boot
</pre>

== 7. Test ==

Reboot and verify:

<pre>
df -h | grep data
# Should show something like:
# /dev/mapper/data 219G 2.0M 208G 0% /mnt/data
</pre>

You can also confirm the LUKS container is active:

<pre>
doas cryptsetup status data
</pre>

== Manual Unlock (Fallback) ==

If you ever need to unlock the partition by hand (e.g. the keyfile is missing), you can do so with your original passphrase:

<pre>
doas cryptsetup luksOpen /dev/sda1 data
doas mount /dev/mapper/data /mnt/data
</pre>

Tutorials and Howtos

2026-02-07T14:38:05Z

Benaki: /* Other topics */

[[Image:package_edutainment.svg|right|link=]]
{{TOC left}}

'''Welcome to Tutorials and Howtos, a place of basic and advanced configuration tasks for your Alpine Linux.'''

'''Howtos are smaller articles''' explaining how to perform a particular task with Alpine Linux, that expects a minimal knowledge from reader to perform actions. Howto's have been organized in the below page based on the topics.

'''The [[#Tutorials|tutorials]] are hands-on''' and the reader is expected to try and achieve the goals described in each step, possibly with the help of a good example. The output in one step is the starting point for the following step.

{{Note|
* Contributors are requested to refer to [[Help:Editing]] first and make use of resources like [[How to write a HOWTO]].
* Contributions must be complete articles.
* Don't override already made contributions, unless there is a mistake.
* If you want to request a topic, please add your request in this page's [[Talk:Tutorials_and_Howtos|Discussion]].}}

== Desktop ==

* {{:Daily driver guide}}

=== Networking ===

* [[Bluetooth]] - Instructions for installing and configuring Bluetooth
* [[Bonding]] - Bond (or aggregate) multiple ethernet interfaces
* [[Bridge]] - Configuring a network bridge
** [[Bridge wlan0 to eth0]]
* [[Configure Networking]]
* [[How to configure static routes]]
* Modem
** [[Using HSDPA modem]]
** [[Using serial modem]]
* [[mDNS]] - Howto implement multicast DNS resolution in Alpine.
* [[Multi ISP]] ''(Dual-ISP setup with load-balancing and automatic failover)''
* [[PXE boot]]
* Wi-Fi
** [[Wi-Fi|Connecting to a wireless access point]]
** [[How to setup a wireless access point]] ''(Setting up Secure Wireless AP w/ WPA encryption with bridge to wired network)''
* Use [https://github.com/ifupdown-ng/ifupdown-ng/blob/main/doc/interfaces-vxlan.scd vxlan], if using [[Ifupdown-ng]] instead of [[VLAN]]
* [[Setting up a Home Router]]

=== Backup and data migration ===

* [[Migrating data]]
* [[Rsnapshot]] - setting up periodic backups

=== Other topics ===

* [[Gaming on Alpine]]
* [[Remote Desktop Server]]
* [[Default applications|How to change default application]]
* [[CPU frequency scaling]]
* [[Mimalloc]]
* [[Enable Serial Console on Boot]]
* [[How to build the Alpine Linux kernel]]
* [[Nextcloud]] ''(Self hostable cloud suite - Dropbox Alternative)''
* [[Setting up lm_sensors]]
* [[Fingerprint Authentication with swaylock]]
* [[Mounting a LUKS Encrypted Data Partition at Boot]]
* [[Desktop environments and Window managers|List of supported Desktop environments and Window managers]]

== Diskless ==

* [[Alpine local backup|Alpine local backup (lbu)]] ''(Permanently store your modifications in case your box needs reboot)''
** [[Back Up a Flash Memory Installation]]
** [[Manually editing a existing apkovl]]

== Other Architectures ==

=== APU (PCEngines) ===

* [[Alpine Install: from a disc to PC Engines APU|Alpine on PC Engines APU]]
* [https://github.com/huubsch/Installation-of-Alpine-Linux-on-PC-Engines-APU3/tree/main?tab=readme-ov-file Installation of Alpine Linux on PCEngines APU, legacy BIOS]

=== ARM ===

* [[Alpine on ARM]]

==== Raspberry Pi ====

* [[Raspberry Pi|Raspberry Pi main page]]
* [[Raspberry Pi Bluetooth Speaker|Raspberry Pi - Bluetooth Speaker]]
* [[Linux Router with VPN on a Raspberry Pi|Raspberry Pi - Router with VPN]]
* [[Linux Router with VPN on a Raspberry Pi (IPv6)|Raspberry Pi - Router with VPN (IPv6)]]
* [[Classic install or sys mode on Raspberry Pi|Raspberry Pi - Sys mode install]]
* [[Raspberry Pi LVM on LUKS|Raspberry Pi - Sys mode install - LVM on LUKS]]
* [[RPI Video Receiver|Raspberry Pi - Video Receiver]] ''(network video decoder using Rasperry Pi and omxplayer)''
* [[Raspberry Pi 3 - Browser Client]] - kiosk or digital sign
* [[Raspberry Pi 3 - Configuring it as wireless access point -AP Mode]]
* [[Raspberry Pi 3 - Setting Up Bluetooth]]
* [[Raspberry Pi 4 - Persistent system acting as a NAS and Time Machine]]
* [[Raspberry_Pi_Zero_W_-_Installation|Raspberry Pi Zero W - Installation]]
* [[How to set up Alpine as a wireless router|Raspberry Pi Zero W - Wireless router]] ''(Setting up a firewalled, Wireless AP with wired network on a Pi Zero W)''
* [[RPI Video Receiver]]

=== IBM Z (IBM z Systems) ===

* [[s390x|s390x - Installation]]

=== PowerPC ===

* [[Ppc64le|Powerpc64le - Installation]]

== Security ==

* [[#Desktop security|Desktop security]] lists steps for securing Alpine Linux desktops
* [[Setting up a laptop]] page has detailed guidelines to configure a secured laptop
* [[Securing Alpine Linux|Secure Alpine Linux]] using Security Technical Implementation Guides (STIGs)
* [[Sshguard|SSHGuard]] - Protects hosts against brute-force attacks: monitoring logs, attack detection, blocking using firewall.

== Services ==

{{Note| Services are arranged in alphabetical order.}}

=== Content management systems ===

* [[DokuWiki]] ''(Simple and easy to use wiki, no database required)''
* [[Drupal]] ''(Content Management System (CMS) written in PHP)''
* [[Kopano]] ''(Microsoft Outlook compatible Groupware)''
* [[Mahara]] ''(E-portfolio and social networking system)''
* [[MediaWiki]] ''(Free web-based wiki software application)''
* [[Pastebin]] ''(Pastebin software application)''
* [[WordPress]] ''(Web software to create website or blog)''
* [[Moodle]] ''(Online Learning Management system)''

=== Database ===

* [[MariaDB]] or [[MySQL|MySQL]]

=== DNS ===

* [[DNSCrypt-Proxy]] ''Encrypt and authenticate DNS calls from your system''
* [[Setting up nsd DNS server]]
* [[Small-Time DNS with BIND9]] ''(A simple configuration with ad blocking for your home network)''
* Unbound
** [[Setting up unbound DNS server]]
** [[Using Unbound as an Ad-blocker]] ''(Setup ad blocking for your network)''
* [[TinyDNS Format]]

=== File server ===

* [[Setting up an NFS server|nfs-server]]
* [[Setting up a Samba server|samba-server]] ''(standard file sharing)''
* [[Setting up a samba-ad-dc|samba-ad-dc]] ''(Active Directory compatible domain controller)''

=== Firewall ===

* [https://git.alpinelinux.org/awall/about/ Alpine Wall User's Guide]
** [[Zero-To-Awall]] -''AWall for dummies''
** [[How-To Alpine Wall]] - ''AWall for Shorewall users''
** [[Alpine Wall]] - ''AWall - Firewall management framework - Design Document''
* [[Iptables]]
* [[nftables]]
* [[Uncomplicated Firewall|Uncomplicated Firewall or UFW]]

=== HTTP and web services ===

* [[Althttpd]]
* [[Apache]]
** [[Apache with php-fpm]]
** [[Setting Up Apache with PHP]]
** [[Apache authentication: NTLM Single Signon]]
* [[Darkhttpd]]
* [[Lighttpd]]
** [[Lighttpd Advanced security]]
** [[Setting Up Lighttpd With FastCGI]]
** [[Production Web server: Lighttpd|Production web server: Lighttpd‎‎]]
* [[Nginx]]
** [[Nginx as reverse proxy with acme (letsencrypt)]]
** [[Nginx with PHP]]
* Squid Proxy
** [[Obtaining user information via SNMP]] ''(Using squark-auth-snmp as a Squid authentication helper)'' 
** [[Setting up Explicit Squid Proxy]]
** [[Setting up Transparent Squid Proxy]] ''(Covers Squid proxy and URL Filtering system)''
** [[SqStat]] ''(Script to look at active squid users connections)''
* [[Tomcat]]
** [[Production LAMP system: Lighttpd + PHP + MySQL‎‎|Production LAMP system: Lighttpd + PHP + MariaDB/MySQL‎‎]]

=== IRC ===

* [[NgIRCd]] ''(Server for Internet Relay Chat/IRC)''

=== Mail ===

* [[Hosting services on Alpine]] ''(Hosting mail, webservices and other services)''
* [[Hosting Web/Email services on Alpine]]
* Exim/Dovecot
** [[Small-Time Email with Exim and Dovecot]] ''(A simple configuration for your home network.)
** [[Setting up dovecot with imap and tls]]
* [[relay email to gmail (msmtp, mailx, sendmail]]
* [[relay email (nullmailer)]]
* [[Roundcube]] ''(Webmail system)''
* [[Setting up postfix with virtual domains]]
* Server protection
** [[Setting up clamsmtp]]

=== Monitoring ===

* [[Awstats]] ''(Free log file analyzer)''
* [[Cacti: traffic analysis and monitoring network]] ''(Front-end for rrdtool networking monitor)''
* [[Cvechecker]] ''(Compare installed packages for Common Vulnerabilities Exposure)'' 
* [[Linfo]]
* [[Obtaining user information via SNMP]] ''(Using squark-auth-snmp as a Squid authentication helper)'' 
* [[PhpSysInfo]] ''(A simple application that displays information about the host it's running on)''
* [[Logcheck]] ''(log file monitoring tool)''
* [[Matomo]] ''(A real time web analytics software program)''
* [[Rasdaemon]] ''(Platform Reliability, Availability and Serviceability monitoring tool)''
* [[Setting up A Network Monitoring and Inventory System]] ''(Nagios + OpenAudit and related components)'' 
** [[Setting up NRPE daemon]] ''(Performs remote Nagios checks)'' 
* [[Setting Up Fprobe And Ntop|Ntop]] ''(NetFlow collection and analysis using a remote fprobe instance; for alpine 3.10-3.12 only)'' 
* [[SqStat]] ''(Script to look at active squid users connections)''
* [[Traffic monitoring]] 
** [[Setting up monitoring using rrdtool (and rrdcollect)]]
** [[Setting up traffic monitoring using rrdtool (and snmp)]] 
* [[Zabbix|Zabbix - the professional complete manager]] ''(Monitor and track the status of network services and hardware)''
* [[ZoneMinder video camera security and surveillance]]

=== Remote Administration ===

* ACF
** [[Changing passwords for ACF|ACF - changing passwords]]
** [[Generating SSL certs with ACF]] 
** [[setup-acf| ACF - setup]] ''(Configures ACF (webconfiguration/webmin) so you can manage your box through https)''
* [[Setting up a SSH server]] ''(Using ssh is a good way to administer your box remotely)''
** [[HOWTO OpenSSH 2FA with password and Google Authenticator |OpenSSH 2FA]] ''(A simple two factor setup for OpenSSH)''
* [[OpenVCP]] ''(VServer Control Panel)''
* [[PhpMyAdmin]] ''(Web-based administration tool for MYSQL)''
* [[PhpPgAdmin]] ''(Web-based administration tool for PostgreSQL)''
* [[Webmin]] ''(A web-based interface for Linux system)''

=== Telephony ===

* [[FreePBX|FreePBX on Alpine Linux]]
* [[Setting up Zaptel/Asterisk on Alpine]]
* [[Kamailio]] ''(SIP Server, formerly OpenSER)''

=== VPN ===
* [[Freeradius Active Directory Integration]]
* [[GNUnet]]
* [[IGMPproxy]]
* [[Setting up a OpenVPN server|OpenVPN server]] ''(Allowing single users or devices to remotely connect to your network)''
* [[OpenVSwitch]]
* [[Tor]]
* [[Using Alpine on Windows domain with IPSEC isolation]]
* [[Configure a Wireguard interface (wg)|Wireguard]]
* [[Vpnc]]

=== Other Servers ===

* [[apcupsd]] ''(UPS Monitoring with apcupsd)''
* [[Chrony and GPSD | Chrony, gpsd, and a garmin LVC 18 as a Stratum 1 NTP source ]]
* [[Glpi]] ''(Manage inventory of technical resources)''
* [[How to setup a Alpine Linux mirror]]
* [[nut-ups|NUT UPS]] ''(UPS Monitoring with Network UPS Tools)''
* [[Odoo]]
* [[Configure OpenLDAP | OpenLDAP]] ''(Installing and configuring the Alpine package for OpenLDAP)''
* [[Setting up a LLDAP server|lldap-server]] ''(Directory Server)''
* [[Setting up Transmission (bittorrent) with Clutch WebUI]]

== Software development ==

* [[Cgit]]
* [[OsTicket]] ''(Ticket system)''
* [[Patchwork]] ''(Patch review management system)''
* [[Redmine]] ''(Project management system) [Deprecated]''
* [[Request Tracker]] ''(Ticket system)''
* [[Setting up trac wiki|Trac]] ''(Enhanced wiki and issue tracking system for software development projects)''
* [[Ansible]] ''(Configuration management)''
* [[Installing Oracle Java|Oracle Java (installation)]]

== Storage ==

* [[Setting up disks manually|Manual partitioning]]
* [[Disk Replication with DRBD|DRBD: Disk Replication]]
* [[Filesystems]]
** [[Burning ISOs]]
* [[Setting up iSCSI|iSCSI Setup]]
** [[iSCSI Raid and Clustered File Systems]]
** [[Linux iSCSI Target (TCM)|iSCSI Target (TCM)/LinuxIO (LIO)]]
** [[Linux iSCSI Target (tgt)|User space iSCSI Target (tgt)]]
* [[Setting up Logical Volumes with LVM|LVM Setup]]
** [[Setting up LVM on GPT-labeled disks|LVM on GPT-labeled disks]]
** [[Installing on GPT LVM|LVM on GPT-labeled disks (updated)]]
** [[LVM on LUKS]]
* RAID
** [[Raid Administration]]
** [[Setting up a software RAID array]]
* [[ZFS]]
** [[Root on ZFS with native encryption]]
** [[Setting up ZFS on LUKS]]
* [[CEPH|CEPH]]

== Virtualization ==

* [[Docker]]
* [[Installing Alpine in a virtual machine]]
** [[Install Alpine on VMware ESXi]]
* [[KVM]] ''(Setting up Alpine as a KVM hypervisor)''
* [[LXC]] ''(Setting up a Linux container in Alpine Linux)''
* [[QEMU]]
* Xen
** [[Xen Dom0]] ''(Setting up Alpine as a dom0 for Xen hypervisor)''
** [[Xen Dom0 on USB or SD]]
** [[Create Alpine Linux PV DomU|Xen DomU (paravirtualized)]]
** [[Xen LiveCD]]
** [[Xen PCI Passthrough]]
** [[K8s]] Building a K8s Kubernetes Cluster on Alpine Linux
* [[Runc]]

== [[Simple_Walkthrough]] ==
* [[About-virtualization-simple]]
* [[LXC_Alpinelinux_Simple]]
* [[Qemu-simple]]

== Tutorials ==

* [[TTY_Autologin|TTY Autologin]]
* [[Kexec|Faster rebooting with kexec]]
* [[Dynamic Multipoint VPN (DMVPN)]] combined with [[Small Office Services]]
* [[DIY Fully working Alpine Linux for Allwinner and Other ARM SOCs]]
* [[Fault Tolerant Routing with Alpine Linux]]
* [[High Availability High Performance Web Cache]] ''(uCarp + HAProxy for High Availability Services such as Squid web proxy)''
* [[Linux iSCSI Target (TCM)]]
* [[ISP Mail Server 3.x HowTo]] ''(Postfix+PostfixAdmin+DoveCot+Roundcube+ClamAV+Spamd - A full-service ISP mail server)''
* [[Grommunio Mail Server]] ''(Mariadb+Postfix+Rspamd+Grommunio - Full-service mail server as MS exchange replacement)''
* [[Replacing non-Alpine Linux with Alpine remotely]]
* [[Setting up A Network Monitoring and Inventory System]] ''(Nagios + OpenAudit and related components)'' 
* [[Streaming Security Camera Video with VLC]]
* [[Install Alpine on a btrfs filesystem with refind as boot manager]]
* [[Compile software from source|How to Compile a software from source in Alpine Linux]]
* [https://ww2.coastal.edu/mmurphy2/oer/alpine/ Alpine Linux tutorials - Dr Murphy, Computing Science Associate Professor]
* [[Michael's base installation procedure|Michael's base installation procedure]]
* [[Michael's cwm desktop (minimal)|Michael's cwm desktop (minimal)]]
* [[Michael's sway desktop (minimal)|Michael's Sway desktop (minimal)]]
* [[Sway_customization_guide|Sway customization guide]] ''(Tutorial re Sway config file basics)''
* [[Using Distrobox For VR Gaming|Using Distrobox For VR Gaming]]

Unlock an encrypted data partition on login

2026-02-07T14:35:35Z

Tutorials and Howtos

2026-02-07T14:30:10Z

Benaki: /* Other topics */

[[Image:package_edutainment.svg|right|link=]]
{{TOC left}}

'''Welcome to Tutorials and Howtos, a place of basic and advanced configuration tasks for your Alpine Linux.'''

'''Howtos are smaller articles''' explaining how to perform a particular task with Alpine Linux, that expects a minimal knowledge from reader to perform actions. Howto's have been organized in the below page based on the topics.

'''The [[#Tutorials|tutorials]] are hands-on''' and the reader is expected to try and achieve the goals described in each step, possibly with the help of a good example. The output in one step is the starting point for the following step.

{{Note|
* Contributors are requested to refer to [[Help:Editing]] first and make use of resources like [[How to write a HOWTO]].
* Contributions must be complete articles.
* Don't override already made contributions, unless there is a mistake.
* If you want to request a topic, please add your request in this page's [[Talk:Tutorials_and_Howtos|Discussion]].}}

== Desktop ==

* {{:Daily driver guide}}

=== Networking ===

* [[Bluetooth]] - Instructions for installing and configuring Bluetooth
* [[Bonding]] - Bond (or aggregate) multiple ethernet interfaces
* [[Bridge]] - Configuring a network bridge
** [[Bridge wlan0 to eth0]]
* [[Configure Networking]]
* [[How to configure static routes]]
* Modem
** [[Using HSDPA modem]]
** [[Using serial modem]]
* [[mDNS]] - Howto implement multicast DNS resolution in Alpine.
* [[Multi ISP]] ''(Dual-ISP setup with load-balancing and automatic failover)''
* [[PXE boot]]
* Wi-Fi
** [[Wi-Fi|Connecting to a wireless access point]]
** [[How to setup a wireless access point]] ''(Setting up Secure Wireless AP w/ WPA encryption with bridge to wired network)''
* Use [https://github.com/ifupdown-ng/ifupdown-ng/blob/main/doc/interfaces-vxlan.scd vxlan], if using [[Ifupdown-ng]] instead of [[VLAN]]
* [[Setting up a Home Router]]

=== Backup and data migration ===

* [[Migrating data]]
* [[Rsnapshot]] - setting up periodic backups

=== Other topics ===

* [[Gaming on Alpine]]
* [[Remote Desktop Server]]
* [[Default applications|How to change default application]]
* [[CPU frequency scaling]]
* [[Mimalloc]]
* [[Enable Serial Console on Boot]]
* [[How to build the Alpine Linux kernel]]
* [[Nextcloud]] ''(Self hostable cloud suite - Dropbox Alternative)''
* [[Setting up lm_sensors]]
* [[Fingerprint Authentication with swaylock]]
* [[Unlock an encrypted data partition on login]]
* [[Desktop environments and Window managers|List of supported Desktop environments and Window managers]]

== Diskless ==

* [[Alpine local backup|Alpine local backup (lbu)]] ''(Permanently store your modifications in case your box needs reboot)''
** [[Back Up a Flash Memory Installation]]
** [[Manually editing a existing apkovl]]

== Other Architectures ==

=== APU (PCEngines) ===

* [[Alpine Install: from a disc to PC Engines APU|Alpine on PC Engines APU]]
* [https://github.com/huubsch/Installation-of-Alpine-Linux-on-PC-Engines-APU3/tree/main?tab=readme-ov-file Installation of Alpine Linux on PCEngines APU, legacy BIOS]

=== ARM ===

* [[Alpine on ARM]]

==== Raspberry Pi ====

* [[Raspberry Pi|Raspberry Pi main page]]
* [[Raspberry Pi Bluetooth Speaker|Raspberry Pi - Bluetooth Speaker]]
* [[Linux Router with VPN on a Raspberry Pi|Raspberry Pi - Router with VPN]]
* [[Linux Router with VPN on a Raspberry Pi (IPv6)|Raspberry Pi - Router with VPN (IPv6)]]
* [[Classic install or sys mode on Raspberry Pi|Raspberry Pi - Sys mode install]]
* [[Raspberry Pi LVM on LUKS|Raspberry Pi - Sys mode install - LVM on LUKS]]
* [[RPI Video Receiver|Raspberry Pi - Video Receiver]] ''(network video decoder using Rasperry Pi and omxplayer)''
* [[Raspberry Pi 3 - Browser Client]] - kiosk or digital sign
* [[Raspberry Pi 3 - Configuring it as wireless access point -AP Mode]]
* [[Raspberry Pi 3 - Setting Up Bluetooth]]
* [[Raspberry Pi 4 - Persistent system acting as a NAS and Time Machine]]
* [[Raspberry_Pi_Zero_W_-_Installation|Raspberry Pi Zero W - Installation]]
* [[How to set up Alpine as a wireless router|Raspberry Pi Zero W - Wireless router]] ''(Setting up a firewalled, Wireless AP with wired network on a Pi Zero W)''
* [[RPI Video Receiver]]

=== IBM Z (IBM z Systems) ===

* [[s390x|s390x - Installation]]

=== PowerPC ===

* [[Ppc64le|Powerpc64le - Installation]]

== Security ==

* [[#Desktop security|Desktop security]] lists steps for securing Alpine Linux desktops
* [[Setting up a laptop]] page has detailed guidelines to configure a secured laptop
* [[Securing Alpine Linux|Secure Alpine Linux]] using Security Technical Implementation Guides (STIGs)
* [[Sshguard|SSHGuard]] - Protects hosts against brute-force attacks: monitoring logs, attack detection, blocking using firewall.

== Services ==

{{Note| Services are arranged in alphabetical order.}}

=== Content management systems ===

* [[DokuWiki]] ''(Simple and easy to use wiki, no database required)''
* [[Drupal]] ''(Content Management System (CMS) written in PHP)''
* [[Kopano]] ''(Microsoft Outlook compatible Groupware)''
* [[Mahara]] ''(E-portfolio and social networking system)''
* [[MediaWiki]] ''(Free web-based wiki software application)''
* [[Pastebin]] ''(Pastebin software application)''
* [[WordPress]] ''(Web software to create website or blog)''
* [[Moodle]] ''(Online Learning Management system)''

=== Database ===

* [[MariaDB]] or [[MySQL|MySQL]]

=== DNS ===

* [[DNSCrypt-Proxy]] ''Encrypt and authenticate DNS calls from your system''
* [[Setting up nsd DNS server]]
* [[Small-Time DNS with BIND9]] ''(A simple configuration with ad blocking for your home network)''
* Unbound
** [[Setting up unbound DNS server]]
** [[Using Unbound as an Ad-blocker]] ''(Setup ad blocking for your network)''
* [[TinyDNS Format]]

=== File server ===

* [[Setting up an NFS server|nfs-server]]
* [[Setting up a Samba server|samba-server]] ''(standard file sharing)''
* [[Setting up a samba-ad-dc|samba-ad-dc]] ''(Active Directory compatible domain controller)''

=== Firewall ===

* [https://git.alpinelinux.org/awall/about/ Alpine Wall User's Guide]
** [[Zero-To-Awall]] -''AWall for dummies''
** [[How-To Alpine Wall]] - ''AWall for Shorewall users''
** [[Alpine Wall]] - ''AWall - Firewall management framework - Design Document''
* [[Iptables]]
* [[nftables]]
* [[Uncomplicated Firewall|Uncomplicated Firewall or UFW]]

=== HTTP and web services ===

* [[Althttpd]]
* [[Apache]]
** [[Apache with php-fpm]]
** [[Setting Up Apache with PHP]]
** [[Apache authentication: NTLM Single Signon]]
* [[Darkhttpd]]
* [[Lighttpd]]
** [[Lighttpd Advanced security]]
** [[Setting Up Lighttpd With FastCGI]]
** [[Production Web server: Lighttpd|Production web server: Lighttpd‎‎]]
* [[Nginx]]
** [[Nginx as reverse proxy with acme (letsencrypt)]]
** [[Nginx with PHP]]
* Squid Proxy
** [[Obtaining user information via SNMP]] ''(Using squark-auth-snmp as a Squid authentication helper)'' 
** [[Setting up Explicit Squid Proxy]]
** [[Setting up Transparent Squid Proxy]] ''(Covers Squid proxy and URL Filtering system)''
** [[SqStat]] ''(Script to look at active squid users connections)''
* [[Tomcat]]
** [[Production LAMP system: Lighttpd + PHP + MySQL‎‎|Production LAMP system: Lighttpd + PHP + MariaDB/MySQL‎‎]]

=== IRC ===

* [[NgIRCd]] ''(Server for Internet Relay Chat/IRC)''

=== Mail ===

* [[Hosting services on Alpine]] ''(Hosting mail, webservices and other services)''
* [[Hosting Web/Email services on Alpine]]
* Exim/Dovecot
** [[Small-Time Email with Exim and Dovecot]] ''(A simple configuration for your home network.)
** [[Setting up dovecot with imap and tls]]
* [[relay email to gmail (msmtp, mailx, sendmail]]
* [[relay email (nullmailer)]]
* [[Roundcube]] ''(Webmail system)''
* [[Setting up postfix with virtual domains]]
* Server protection
** [[Setting up clamsmtp]]

=== Monitoring ===

* [[Awstats]] ''(Free log file analyzer)''
* [[Cacti: traffic analysis and monitoring network]] ''(Front-end for rrdtool networking monitor)''
* [[Cvechecker]] ''(Compare installed packages for Common Vulnerabilities Exposure)'' 
* [[Linfo]]
* [[Obtaining user information via SNMP]] ''(Using squark-auth-snmp as a Squid authentication helper)'' 
* [[PhpSysInfo]] ''(A simple application that displays information about the host it's running on)''
* [[Logcheck]] ''(log file monitoring tool)''
* [[Matomo]] ''(A real time web analytics software program)''
* [[Rasdaemon]] ''(Platform Reliability, Availability and Serviceability monitoring tool)''
* [[Setting up A Network Monitoring and Inventory System]] ''(Nagios + OpenAudit and related components)'' 
** [[Setting up NRPE daemon]] ''(Performs remote Nagios checks)'' 
* [[Setting Up Fprobe And Ntop|Ntop]] ''(NetFlow collection and analysis using a remote fprobe instance; for alpine 3.10-3.12 only)'' 
* [[SqStat]] ''(Script to look at active squid users connections)''
* [[Traffic monitoring]] 
** [[Setting up monitoring using rrdtool (and rrdcollect)]]
** [[Setting up traffic monitoring using rrdtool (and snmp)]] 
* [[Zabbix|Zabbix - the professional complete manager]] ''(Monitor and track the status of network services and hardware)''
* [[ZoneMinder video camera security and surveillance]]

=== Remote Administration ===

* ACF
** [[Changing passwords for ACF|ACF - changing passwords]]
** [[Generating SSL certs with ACF]] 
** [[setup-acf| ACF - setup]] ''(Configures ACF (webconfiguration/webmin) so you can manage your box through https)''
* [[Setting up a SSH server]] ''(Using ssh is a good way to administer your box remotely)''
** [[HOWTO OpenSSH 2FA with password and Google Authenticator |OpenSSH 2FA]] ''(A simple two factor setup for OpenSSH)''
* [[OpenVCP]] ''(VServer Control Panel)''
* [[PhpMyAdmin]] ''(Web-based administration tool for MYSQL)''
* [[PhpPgAdmin]] ''(Web-based administration tool for PostgreSQL)''
* [[Webmin]] ''(A web-based interface for Linux system)''

=== Telephony ===

* [[FreePBX|FreePBX on Alpine Linux]]
* [[Setting up Zaptel/Asterisk on Alpine]]
* [[Kamailio]] ''(SIP Server, formerly OpenSER)''

=== VPN ===
* [[Freeradius Active Directory Integration]]
* [[GNUnet]]
* [[IGMPproxy]]
* [[Setting up a OpenVPN server|OpenVPN server]] ''(Allowing single users or devices to remotely connect to your network)''
* [[OpenVSwitch]]
* [[Tor]]
* [[Using Alpine on Windows domain with IPSEC isolation]]
* [[Configure a Wireguard interface (wg)|Wireguard]]
* [[Vpnc]]

=== Other Servers ===

* [[apcupsd]] ''(UPS Monitoring with apcupsd)''
* [[Chrony and GPSD | Chrony, gpsd, and a garmin LVC 18 as a Stratum 1 NTP source ]]
* [[Glpi]] ''(Manage inventory of technical resources)''
* [[How to setup a Alpine Linux mirror]]
* [[nut-ups|NUT UPS]] ''(UPS Monitoring with Network UPS Tools)''
* [[Odoo]]
* [[Configure OpenLDAP | OpenLDAP]] ''(Installing and configuring the Alpine package for OpenLDAP)''
* [[Setting up a LLDAP server|lldap-server]] ''(Directory Server)''
* [[Setting up Transmission (bittorrent) with Clutch WebUI]]

== Software development ==

* [[Cgit]]
* [[OsTicket]] ''(Ticket system)''
* [[Patchwork]] ''(Patch review management system)''
* [[Redmine]] ''(Project management system) [Deprecated]''
* [[Request Tracker]] ''(Ticket system)''
* [[Setting up trac wiki|Trac]] ''(Enhanced wiki and issue tracking system for software development projects)''
* [[Ansible]] ''(Configuration management)''
* [[Installing Oracle Java|Oracle Java (installation)]]

== Storage ==

* [[Setting up disks manually|Manual partitioning]]
* [[Disk Replication with DRBD|DRBD: Disk Replication]]
* [[Filesystems]]
** [[Burning ISOs]]
* [[Setting up iSCSI|iSCSI Setup]]
** [[iSCSI Raid and Clustered File Systems]]
** [[Linux iSCSI Target (TCM)|iSCSI Target (TCM)/LinuxIO (LIO)]]
** [[Linux iSCSI Target (tgt)|User space iSCSI Target (tgt)]]
* [[Setting up Logical Volumes with LVM|LVM Setup]]
** [[Setting up LVM on GPT-labeled disks|LVM on GPT-labeled disks]]
** [[Installing on GPT LVM|LVM on GPT-labeled disks (updated)]]
** [[LVM on LUKS]]
* RAID
** [[Raid Administration]]
** [[Setting up a software RAID array]]
* [[ZFS]]
** [[Root on ZFS with native encryption]]
** [[Setting up ZFS on LUKS]]
* [[CEPH|CEPH]]

== Virtualization ==

* [[Docker]]
* [[Installing Alpine in a virtual machine]]
** [[Install Alpine on VMware ESXi]]
* [[KVM]] ''(Setting up Alpine as a KVM hypervisor)''
* [[LXC]] ''(Setting up a Linux container in Alpine Linux)''
* [[QEMU]]
* Xen
** [[Xen Dom0]] ''(Setting up Alpine as a dom0 for Xen hypervisor)''
** [[Xen Dom0 on USB or SD]]
** [[Create Alpine Linux PV DomU|Xen DomU (paravirtualized)]]
** [[Xen LiveCD]]
** [[Xen PCI Passthrough]]
** [[K8s]] Building a K8s Kubernetes Cluster on Alpine Linux
* [[Runc]]

== [[Simple_Walkthrough]] ==
* [[About-virtualization-simple]]
* [[LXC_Alpinelinux_Simple]]
* [[Qemu-simple]]

== Tutorials ==

* [[TTY_Autologin|TTY Autologin]]
* [[Kexec|Faster rebooting with kexec]]
* [[Dynamic Multipoint VPN (DMVPN)]] combined with [[Small Office Services]]
* [[DIY Fully working Alpine Linux for Allwinner and Other ARM SOCs]]
* [[Fault Tolerant Routing with Alpine Linux]]
* [[High Availability High Performance Web Cache]] ''(uCarp + HAProxy for High Availability Services such as Squid web proxy)''
* [[Linux iSCSI Target (TCM)]]
* [[ISP Mail Server 3.x HowTo]] ''(Postfix+PostfixAdmin+DoveCot+Roundcube+ClamAV+Spamd - A full-service ISP mail server)''
* [[Grommunio Mail Server]] ''(Mariadb+Postfix+Rspamd+Grommunio - Full-service mail server as MS exchange replacement)''
* [[Replacing non-Alpine Linux with Alpine remotely]]
* [[Setting up A Network Monitoring and Inventory System]] ''(Nagios + OpenAudit and related components)'' 
* [[Streaming Security Camera Video with VLC]]
* [[Install Alpine on a btrfs filesystem with refind as boot manager]]
* [[Compile software from source|How to Compile a software from source in Alpine Linux]]
* [https://ww2.coastal.edu/mmurphy2/oer/alpine/ Alpine Linux tutorials - Dr Murphy, Computing Science Associate Professor]
* [[Michael's base installation procedure|Michael's base installation procedure]]
* [[Michael's cwm desktop (minimal)|Michael's cwm desktop (minimal)]]
* [[Michael's sway desktop (minimal)|Michael's Sway desktop (minimal)]]
* [[Sway_customization_guide|Sway customization guide]] ''(Tutorial re Sway config file basics)''
* [[Using Distrobox For VR Gaming|Using Distrobox For VR Gaming]]

Fingerprint Authentication with swaylock

2025-09-01T16:17:09Z

Benaki:

= Fingerprint Authentication with swaylock =

Not all fingerprint readers are supported, see [https://fprint.freedesktop.org/supported-devices.html here].

<code>lsusb | grep finger</code>

will give you your USB ID.

This guide shows how to configure fingerprint authentication for swaylock on Alpine Linux, allowing you to unlock using either:
* <code><enter password></code> → <code><hit enter></code>
* <code><hit enter></code> → <code><touch fingerprint sensor></code>

== Installation ==

Install the fprintd package:

doas apk add fprintd

== Configure PolicyKit Permissions ==

Upon installation, standard users are not authorized to enroll fingerprints. Create a PolicyKit rule to allow members of the <code>input</code> group to manage fingerprints:

doas tee /etc/polkit-1/rules.d/50-fingerprint.rules << 'EOF'
polkit.addRule(function (action, subject) {
if (action.id.indexOf("net.reactivated.fprint.") == 0) {
if (subject.isInGroup("input")) {
return polkit.Result.YES;
}
}
});
EOF

Add your user to the <code>input</code> group:

doas adduser $USER input

'''Note:''' You must log out and back in (or reboot) for the group membership & PolicyKit rule to take effect.

== Enroll Fingerprints ==

If you previously enrolled fingerprints as root (or want to start fresh), delete existing enrollments:

# Delete fingerprints for current user
fprintd-delete $(whoami)

# If you accidentally enrolled as root, delete those too
doas fprintd-delete root

Enroll your fingerprint(s):

fprintd-enroll

Verify the enrollment works:

fprintd-verify

== Configure PAM for swaylock ==

Create the PAM configuration for swaylock:

doas tee /etc/pam.d/swaylock << 'EOF'
# Try password authentication first
auth sufficient pam_unix.so nullok
# If no password provided, try fingerprint
auth sufficient pam_fprintd.so ignore-empty-password
auth required pam_deny.so

# KWallet integration (optional)
-auth optional pam_kwallet.so
-auth optional pam_kwallet5.so
-session optional pam_kwallet.so auto_start
-session optional pam_kwallet5.so auto_start
EOF

== Usage ==

Once configured, swaylock will accept both authentication methods:

* '''Password authentication:''' Type your password and press Enter
* '''Fingerprint authentication:''' Press Enter without typing anything, then touch the fingerprint sensor

== Troubleshooting ==

* '''Permission denied during enrollment:''' Ensure you're in the <code>input</code> group and have logged out/in after adding the group
* '''Fingerprint recognized but doesn't unlock:''' Check that fingerprints are enrolled for the correct user (not root)
* '''No fallback to password:''' Verify the PAM configuration has <code>pam_unix.so</code> before <code>pam_fprintd.so</code>

== Extending to Other Services ==

You can apply similar fingerprint authentication to other services by adding the same PAM configuration pattern to files in <code>/etc/pam.d/</code> such as:
* <code>sudo</code>
* <code>polkit-1</code>
* <code>login</code>
* <code>su</code>

Fingerprint Authentication with swaylock

2025-09-01T16:16:57Z

Benaki: usb id

= Fingerprint Authentication with swaylock =

Not all fingerprint readers are supported, see [https://fprint.freedesktop.org/supported-devices.html here].
<code>lsusb | grep finger</code>
will give you your USB ID.

This guide shows how to configure fingerprint authentication for swaylock on Alpine Linux, allowing you to unlock using either:
* <code><enter password></code> → <code><hit enter></code>
* <code><hit enter></code> → <code><touch fingerprint sensor></code>

== Installation ==

Install the fprintd package:

doas apk add fprintd

== Configure PolicyKit Permissions ==

Upon installation, standard users are not authorized to enroll fingerprints. Create a PolicyKit rule to allow members of the <code>input</code> group to manage fingerprints:

doas tee /etc/polkit-1/rules.d/50-fingerprint.rules << 'EOF'
polkit.addRule(function (action, subject) {
if (action.id.indexOf("net.reactivated.fprint.") == 0) {
if (subject.isInGroup("input")) {
return polkit.Result.YES;
}
}
});
EOF

Add your user to the <code>input</code> group:

doas adduser $USER input

'''Note:''' You must log out and back in (or reboot) for the group membership & PolicyKit rule to take effect.

== Enroll Fingerprints ==

If you previously enrolled fingerprints as root (or want to start fresh), delete existing enrollments:

# Delete fingerprints for current user
fprintd-delete $(whoami)

# If you accidentally enrolled as root, delete those too
doas fprintd-delete root

Enroll your fingerprint(s):

fprintd-enroll

Verify the enrollment works:

fprintd-verify

== Configure PAM for swaylock ==

Create the PAM configuration for swaylock:

doas tee /etc/pam.d/swaylock << 'EOF'
# Try password authentication first
auth sufficient pam_unix.so nullok
# If no password provided, try fingerprint
auth sufficient pam_fprintd.so ignore-empty-password
auth required pam_deny.so

# KWallet integration (optional)
-auth optional pam_kwallet.so
-auth optional pam_kwallet5.so
-session optional pam_kwallet.so auto_start
-session optional pam_kwallet5.so auto_start
EOF

== Usage ==

Once configured, swaylock will accept both authentication methods:

* '''Password authentication:''' Type your password and press Enter
* '''Fingerprint authentication:''' Press Enter without typing anything, then touch the fingerprint sensor

== Troubleshooting ==

* '''Permission denied during enrollment:''' Ensure you're in the <code>input</code> group and have logged out/in after adding the group
* '''Fingerprint recognized but doesn't unlock:''' Check that fingerprints are enrolled for the correct user (not root)
* '''No fallback to password:''' Verify the PAM configuration has <code>pam_unix.so</code> before <code>pam_fprintd.so</code>

== Extending to Other Services ==

You can apply similar fingerprint authentication to other services by adding the same PAM configuration pattern to files in <code>/etc/pam.d/</code> such as:
* <code>sudo</code>
* <code>polkit-1</code>
* <code>login</code>
* <code>su</code>

Fingerprint Authentication with swaylock

2025-09-01T14:11:23Z

Benaki:

= Fingerprint Authentication with swaylock =

This guide shows how to configure fingerprint authentication for swaylock on Alpine Linux, allowing you to unlock using either:
* <code><enter password></code> → <code><hit enter></code>
* <code><hit enter></code> → <code><touch fingerprint sensor></code>

== Installation ==

Install the fprintd package:

doas apk add fprintd

== Configure PolicyKit Permissions ==

Upon installation, standard users are not authorized to enroll fingerprints. Create a PolicyKit rule to allow members of the <code>input</code> group to manage fingerprints:

doas tee /etc/polkit-1/rules.d/50-fingerprint.rules << 'EOF'
polkit.addRule(function (action, subject) {
if (action.id.indexOf("net.reactivated.fprint.") == 0) {
if (subject.isInGroup("input")) {
return polkit.Result.YES;
}
}
});
EOF

Add your user to the <code>input</code> group:

doas adduser $USER input

'''Note:''' You must log out and back in (or reboot) for the group membership & PolicyKit rule to take effect.

== Enroll Fingerprints ==

If you previously enrolled fingerprints as root (or want to start fresh), delete existing enrollments:

# Delete fingerprints for current user
fprintd-delete $(whoami)

# If you accidentally enrolled as root, delete those too
doas fprintd-delete root

Enroll your fingerprint(s):

fprintd-enroll

Verify the enrollment works:

fprintd-verify

== Configure PAM for swaylock ==

Create the PAM configuration for swaylock:

doas tee /etc/pam.d/swaylock << 'EOF'
# Try password authentication first
auth sufficient pam_unix.so nullok
# If no password provided, try fingerprint
auth sufficient pam_fprintd.so ignore-empty-password
auth required pam_deny.so

# KWallet integration (optional)
-auth optional pam_kwallet.so
-auth optional pam_kwallet5.so
-session optional pam_kwallet.so auto_start
-session optional pam_kwallet5.so auto_start
EOF

== Usage ==

Once configured, swaylock will accept both authentication methods:

* '''Password authentication:''' Type your password and press Enter
* '''Fingerprint authentication:''' Press Enter without typing anything, then touch the fingerprint sensor

== Troubleshooting ==

* '''Permission denied during enrollment:''' Ensure you're in the <code>input</code> group and have logged out/in after adding the group
* '''Fingerprint recognized but doesn't unlock:''' Check that fingerprints are enrolled for the correct user (not root)
* '''No fallback to password:''' Verify the PAM configuration has <code>pam_unix.so</code> before <code>pam_fprintd.so</code>

== Extending to Other Services ==

You can apply similar fingerprint authentication to other services by adding the same PAM configuration pattern to files in <code>/etc/pam.d/</code> such as:
* <code>sudo</code>
* <code>polkit-1</code>
* <code>login</code>
* <code>su</code>

2025-09-01T13:28:38Z

Benaki: Swaylock using fprintd

To enable swaylock to unlock like so:
<enter password> <hit enter>
or
<hit enter> <touch fingerprint sensor>

To install fprintd:
doas apk add fprintd

Upon installation a standard user was not authorized to add prints.
The below was used to allow members of the 'input' group to add prints:

sudo tee /etc/polkit-1/rules.d/50-fingerprint.rules << 'EOF'
polkit.addRule(function (action, subject) {
if (action.id.indexOf("net.reactivated.fprint.") == 0) {
if (subject.isInGroup("input")) {
return polkit.Result.YES;
}
}
});
EOF

doas adduser $USER input

(reboot)

I previously enrolled a print for root accidentally, needed to delete it (as well as for my user for good measure):

fprintd-delete $(whoami)
fprintd-delete root

Then enroll fresh print(s):

fprintd-enroll
fprintd-verify

Then, to set the swaylock config:

sudo tee /etc/pam.d/swaylock << 'EOF'
# Try password authentication first
auth sufficient pam_unix.so nullok
# If no password provided, try fingerprint
auth sufficient pam_fprintd.so ignore-empty-password
auth required pam_deny.so # Keep the wallet stuff
-auth optional pam_kwallet.so
-auth optional pam_kwallet5.so
-session optional pam_kwallet.so auto_start
-session optional pam_kwallet5.so auto_start
EOF

Tutorials and Howtos

2025-09-01T13:19:48Z

Benaki: /* Other topics */

[[Image:package_edutainment.svg|right|link=]]
{{TOC left}}

'''Welcome to Tutorials and Howtos, a place of basic and advanced configuration tasks for your Alpine Linux.'''

'''Howtos are smaller articles''' explaining how to perform a particular task with Alpine Linux, that expects a minimal knowledge from reader to perform actions. Howto's have been organized in the below page based on the topics.

'''The [[#Tutorials|tutorials]] are hands-on''' and the reader is expected to try and achieve the goals described in each step, possibly with the help of a good example. The output in one step is the starting point for the following step.

{{Note|
* Contributors are requested to refer to [[Help:Editing]] first and make use of resources like [[How to write a HOWTO]].
* Contributions must be complete articles.
* Don't override already made contributions, unless there is a mistake.
* If you want to request a topic, please add your request in this page's [[Talk:Tutorials_and_Howtos|Discussion]].}}

== Desktop ==

* {{:Daily driver guide}}

=== Networking ===

* [[Bluetooth]] - Instructions for installing and configuring Bluetooth
* [[Bonding]] - Bond (or aggregate) multiple ethernet interfaces
* [[Bridge]] - Configuring a network bridge
** [[Bridge wlan0 to eth0]]
* [[Configure Networking]]
* [[How to configure static routes]]
* Modem
** [[Using HSDPA modem]]
** [[Using serial modem]]
* [[mDNS]] - Howto implement multicast DNS resolution in Alpine.
* [[Multi ISP]] ''(Dual-ISP setup with load-balancing and automatic failover)''
* [[PXE boot]]
* Wi-Fi
** [[Wi-Fi|Connecting to a wireless access point]]
** [[How to setup a wireless access point]] ''(Setting up Secure Wireless AP w/ WPA encryption with bridge to wired network)''
* Use [https://github.com/ifupdown-ng/ifupdown-ng/blob/main/doc/interfaces-vxlan.scd vxlan], if using [[Ifupdown-ng]] instead of [[VLAN]]

=== Backup and data migration ===

* [[Migrating data]]
* [[Rsnapshot]] - setting up periodic backups

=== Other topics ===

* [[Gaming on Alpine]]
* [[Remote Desktop Server]]
* [[Default applications|How to change default application]]
* [[CPU frequency scaling]]
* [[Mimalloc]]
* [[Enable Serial Console on Boot]]
* [[How to build the Alpine Linux kernel]]
* [[Nextcloud]] ''(Self hostable cloud suite - Dropbox Alternative)''
* [[Setting up lm_sensors]]
* [[Setting up fprintd for swaylock]]
* [[Desktop environments and Window managers|List of supported Desktop environments and Window managers]]

== Diskless ==

* [[Alpine local backup|Alpine local backup (lbu)]] ''(Permanently store your modifications in case your box needs reboot)''
** [[Back Up a Flash Memory Installation]]
** [[Manually editing a existing apkovl]]

== Other Architectures ==

=== ARM ===

* [[Alpine on ARM]]

==== Raspberry Pi ====

* [[Raspberry Pi|Raspberry Pi main page]]
* [[Raspberry Pi Bluetooth Speaker|Raspberry Pi - Bluetooth Speaker]]
* [[Linux Router with VPN on a Raspberry Pi|Raspberry Pi - Router with VPN]]
* [[Linux Router with VPN on a Raspberry Pi (IPv6)|Raspberry Pi - Router with VPN (IPv6)]]
* [[Classic install or sys mode on Raspberry Pi|Raspberry Pi - Sys mode install]]
* [[Raspberry Pi LVM on LUKS|Raspberry Pi - Sys mode install - LVM on LUKS]]
* [[RPI Video Receiver|Raspberry Pi - Video Receiver]] ''(network video decoder using Rasperry Pi and omxplayer)''
* [[Raspberry Pi 3 - Browser Client]] - kiosk or digital sign
* [[Raspberry Pi 3 - Configuring it as wireless access point -AP Mode]]
* [[Raspberry Pi 3 - Setting Up Bluetooth]]
* [[Raspberry Pi 4 - Persistent system acting as a NAS and Time Machine]]
* [[How to set up Alpine as a wireless router|Raspberry Pi Zero W - Wireless router]] ''(Setting up a firewalled, Wireless AP with wired network on a Pi Zero W)''
* [[RPI Video Receiver]]

=== IBM Z (IBM z Systems) ===

* [[s390x|s390x - Installation]]

=== PowerPC ===

* [[Ppc64le|Powerpc64le - Installation]]

== Security ==

* [[#Desktop security|Desktop security]] lists steps for securing Alpine Linux desktops
* [[Setting up a laptop]] page has detailed guidelines to configure a secured laptop
* [[Securing Alpine Linux|Secure Alpine Linux]] using Security Technical Implementation Guides (STIGs)

== Services ==

{{Note| Services are arranged in alphabetical order.}}

=== Content management systems ===

* [[DokuWiki]] ''(Simple and easy to use wiki, no database required)''
* [[Drupal]] ''(Content Management System (CMS) written in PHP)''
* [[Kopano]] ''(Microsoft Outlook compatible Groupware)''
* [[Mahara]] ''(E-portfolio and social networking system)''
* [[MediaWiki]] ''(Free web-based wiki software application)''
* [[Pastebin]] ''(Pastebin software application)''
* [[WordPress]] ''(Web software to create website or blog)''
* [[Moodle]] ''(Online Learning Management system)''

=== Database ===

* [[MariaDB]] or [[MySQL|MySQL]]

=== DNS ===

* [[DNSCrypt-Proxy]] ''Encrypt and authenticate DNS calls from your system''
* [[Setting up nsd DNS server]]
* [[Small-Time DNS with BIND9]] ''(A simple configuration with ad blocking for your home network)''
* Unbound
** [[Setting up unbound DNS server]]
** [[Using Unbound as an Ad-blocker]] ''(Setup ad blocking for your network)''
* [[TinyDNS Format]]

=== File server ===

* [[Setting up an NFS server|nfs-server]]
* [[Setting up a Samba server|samba-server]] ''(standard file sharing)''
* [[Setting up a samba-ad-dc|samba-ad-dc]] ''(Active Directory compatible domain controller)''

=== Firewall ===

* [https://git.alpinelinux.org/awall/about/ Alpine Wall User's Guide]
** [[Zero-To-Awall]] -''AWall for dummies''
** [[How-To Alpine Wall]] - ''AWall for Shorewall users''
** [[Alpine Wall]] - ''AWall - Firewall management framework - Design Document''
* [[Iptables]]
* [[nftables]]
* [[Uncomplicated Firewall|Uncomplicated Firewall or UFW]]

=== HTTP and web services ===

* [[Althttpd]]
* [[Apache]]
** [[Apache with php-fpm]]
** [[Setting Up Apache with PHP]]
** [[Apache authentication: NTLM Single Signon]]
* [[Darkhttpd]]
* [[Lighttpd]]
** [[Lighttpd Advanced security]]
** [[Setting Up Lighttpd With FastCGI]]
** [[Production Web server: Lighttpd|Production web server: Lighttpd‎‎]]
* [[Nginx]]
** [[Nginx as reverse proxy with acme (letsencrypt)]]
** [[Nginx with PHP]]
* Squid Proxy
** [[Obtaining user information via SNMP]] ''(Using squark-auth-snmp as a Squid authentication helper)'' 
** [[Setting up Explicit Squid Proxy]]
** [[Setting up Transparent Squid Proxy]] ''(Covers Squid proxy and URL Filtering system)''
** [[SqStat]] ''(Script to look at active squid users connections)''
* [[Tomcat]]
** [[Production LAMP system: Lighttpd + PHP + MySQL‎‎|Production LAMP system: Lighttpd + PHP + MariaDB/MySQL‎‎]]

=== IRC ===

* [[NgIRCd]] ''(Server for Internet Relay Chat/IRC)''

=== Mail ===

* [[Hosting services on Alpine]] ''(Hosting mail, webservices and other services)''
* [[Hosting Web/Email services on Alpine]]
* Exim/Dovecot
** [[Small-Time Email with Exim and Dovecot]] ''(A simple configuration for your home network.)
** [[Setting up dovecot with imap and tls]]
* [[relay email to gmail (msmtp, mailx, sendmail]]
* [[relay email (nullmailer)]]
* [[Roundcube]] ''(Webmail system)''
* [[Setting up postfix with virtual domains]]
* Server protection
** [[Setting up clamsmtp]]

=== Monitoring ===

* [[Awstats]] ''(Free log file analyzer)''
* [[Cacti: traffic analysis and monitoring network]] ''(Front-end for rrdtool networking monitor)''
* [[Cvechecker]] ''(Compare installed packages for Common Vulnerabilities Exposure)'' 
* [[Linfo]]
* [[Obtaining user information via SNMP]] ''(Using squark-auth-snmp as a Squid authentication helper)'' 
* [[PhpSysInfo]] ''(A simple application that displays information about the host it's running on)''
* [[Logcheck]] ''(log file monitoring tool)''
* [[Matomo]] ''(A real time web analytics software program)''
* [[Rasdaemon]] ''(Platform Reliability, Availability and Serviceability monitoring tool)''
* [[Setting up A Network Monitoring and Inventory System]] ''(Nagios + OpenAudit and related components)'' 
** [[Setting up NRPE daemon]] ''(Performs remote Nagios checks)'' 
* [[Setting Up Fprobe And Ntop|Ntop]] ''(NetFlow collection and analysis using a remote fprobe instance; for alpine 3.10-3.12 only)'' 
* [[SqStat]] ''(Script to look at active squid users connections)''
* [[Traffic monitoring]] 
** [[Setting up monitoring using rrdtool (and rrdcollect)]]
** [[Setting up traffic monitoring using rrdtool (and snmp)]] 
* [[Zabbix|Zabbix - the professional complete manager]] ''(Monitor and track the status of network services and hardware)''
* [[ZoneMinder video camera security and surveillance]]

=== Remote Administration ===

* ACF
** [[Changing passwords for ACF|ACF - changing passwords]]
** [[Generating SSL certs with ACF]] 
** [[setup-acf| ACF - setup]] ''(Configures ACF (webconfiguration/webmin) so you can manage your box through https)''
* [[Setting up a SSH server]] ''(Using ssh is a good way to administer your box remotely)''
** [[HOWTO OpenSSH 2FA with password and Google Authenticator |OpenSSH 2FA]] ''(A simple two factor setup for OpenSSH)''
* [[OpenVCP]] ''(VServer Control Panel)''
* [[PhpMyAdmin]] ''(Web-based administration tool for MYSQL)''
* [[PhpPgAdmin]] ''(Web-based administration tool for PostgreSQL)''
* [[Webmin]] ''(A web-based interface for Linux system)''

=== Telephony ===

* [[FreePBX|FreePBX on Alpine Linux]]
* [[Setting up Zaptel/Asterisk on Alpine]]
* [[Kamailio]] ''(SIP Server, formerly OpenSER)''

=== VPN ===
* [[Freeradius Active Directory Integration]]
* [[GNUnet]]
* [[IGMPproxy]]
* [[Setting up a OpenVPN server|OpenVPN server]] ''(Allowing single users or devices to remotely connect to your network)''
* [[OpenVSwitch]]
* [[Tor]]
* [[Using Alpine on Windows domain with IPSEC isolation]]
* [[Configure a Wireguard interface (wg)|Wireguard]]

=== Other Servers ===

* [[apcupsd]] ''(UPS Monitoring with apcupsd)''
* [[Chrony and GPSD | Chrony, gpsd, and a garmin LVC 18 as a Stratum 1 NTP source ]]
* [[Glpi]] ''(Manage inventory of technical resources)''
* [[How to setup a Alpine Linux mirror]]
* [[nut-ups|NUT UPS]] ''(UPS Monitoring with Network UPS Tools)''
* [[Odoo]]
* [[Configure OpenLDAP | OpenLDAP]] ''(Installing and configuring the Alpine package for OpenLDAP)''
* [[Setting up a LLDAP server|lldap-server]] ''(Directory Server)''
* [[Setting up Transmission (bittorrent) with Clutch WebUI]]

== Software development ==

* [[Cgit]]
* [[OsTicket]] ''(Ticket system)''
* [[Patchwork]] ''(Patch review management system)''
* [[Redmine]] ''(Project management system) [Deprecated]''
* [[Request Tracker]] ''(Ticket system)''
* [[Setting up trac wiki|Trac]] ''(Enhanced wiki and issue tracking system for software development projects)''
* [[Ansible]] ''(Configuration management)''
* [[Installing Oracle Java|Oracle Java (installation)]]

== Storage ==

* [[Setting up disks manually|Manual partitioning]]
* [[Disk Replication with DRBD|DRBD: Disk Replication]]
* [[Filesystems]]
** [[Burning ISOs]]
* [[Setting up iSCSI|iSCSI Setup]]
** [[iSCSI Raid and Clustered File Systems]]
** [[Linux iSCSI Target (TCM)|iSCSI Target (TCM)/LinuxIO (LIO)]]
** [[Linux iSCSI Target (tgt)|User space iSCSI Target (tgt)]]
* [[Setting up Logical Volumes with LVM|LVM Setup]]
** [[Setting up LVM on GPT-labeled disks|LVM on GPT-labeled disks]]
** [[Installing on GPT LVM|LVM on GPT-labeled disks (updated)]]
** [[LVM on LUKS]]
* RAID
** [[Raid Administration]]
** [[Setting up a software RAID array]]
* [[ZFS]]
** [[Root on ZFS with native encryption]]
** [[Setting up ZFS on LUKS]]
* [[CEPH|CEPH]]

== Virtualization ==

* [[Docker]]
* [[Installing Alpine in a virtual machine]]
** [[Install Alpine on VMware ESXi]]
* [[KVM]] ''(Setting up Alpine as a KVM hypervisor)''
* [[LXC]] ''(Setting up a Linux container in Alpine Linux)''
* [[QEMU]]
* Xen
** [[Xen Dom0]] ''(Setting up Alpine as a dom0 for Xen hypervisor)''
** [[Xen Dom0 on USB or SD]]
** [[Create Alpine Linux PV DomU|Xen DomU (paravirtualized)]]
** [[Xen LiveCD]]
** [[Xen PCI Passthrough]]
** [[K8s]] Building a K8s Kubernetes Cluster on Alpine Linux
* [[Runc]]

== Tutorials ==

* [[TTY_Autologin|TTY Autologin]]
* [[Kexec|Faster rebooting with kexec]]
* [[Dynamic Multipoint VPN (DMVPN)]] combined with [[Small Office Services]]
* [[DIY Fully working Alpine Linux for Allwinner and Other ARM SOCs]]
* [[Fault Tolerant Routing with Alpine Linux]]
* [[High Availability High Performance Web Cache]] ''(uCarp + HAProxy for High Availability Services such as Squid web proxy)''
* [[Linux iSCSI Target (TCM)]]
* [[ISP Mail Server 3.x HowTo]] ''(Postfix+PostfixAdmin+DoveCot+Roundcube+ClamAV+Spamd - A full-service ISP mail server)''
* [[Grommunio Mail Server]] ''(Mariadb+Postfix+Rspamd+Grommunio - Full-service mail server as MS exchange replacement)''
* [[Replacing non-Alpine Linux with Alpine remotely]]
* [[Setting up A Network Monitoring and Inventory System]] ''(Nagios + OpenAudit and related components)'' 
* [[Streaming Security Camera Video with VLC]]
* [[Install Alpine on a btrfs filesystem with refind as boot manager]]
* [[Compile software from source|How to Compile a software from source in Alpine Linux]]
* [https://ww2.coastal.edu/mmurphy2/oer/alpine/ Alpine Linux tutorials - Dr Murphy, Computing Science Associate Professor]
* [[Michael's base installation procedure|Michael's base installation procedure]]
* [[Michael's sway desktop (minimal)|Michael's sway desktop (minimal)]]
* [[Michael's cwm desktop (minimal)|Michael's cwm desktop (minimal)]]