Mostly overhaul Arch installation guide to how I'm using it.
- Add rEFInd - Add more explaination on /efi vs /boot - Remove GRUB - Remove F2FS - Remove old headings - Change shell command presentation - Change LUKS setup - Use new btrfs command to create swapfile - Generally slightly more commentary on choices or steps
This commit is contained in:
parent
67e6d374f5
commit
41556ada44
@ -5,26 +5,59 @@ visible: true
|
||||
|
||||
[toc]
|
||||
|
||||
Last modified: 2023-11-17
|
||||
|
||||
## Keyboard layout
|
||||
|
||||
`loadkeys de_CH-latin1`
|
||||
[shroot]
|
||||
|
||||
```
|
||||
loadkeys de_CH-latin1
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
## Check UEFI mode
|
||||
|
||||
If the following command works, the system is booted in EFI.
|
||||
`ls /sys/firmware/efi/efivars`
|
||||
|
||||
[shroot]
|
||||
|
||||
```
|
||||
ls /sys/firmware/efi/efivars
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
## Verify internet connection
|
||||
|
||||
`ping www.realstickman.net`
|
||||
[shroot]
|
||||
|
||||
```
|
||||
ping wiki.exu.li
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
## Update system clock
|
||||
|
||||
`timedatectl set-ntp true`
|
||||
[shroot]
|
||||
|
||||
```
|
||||
timedatectl set-ntp true
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
## Creating partitions
|
||||
|
||||
`cfdisk`
|
||||
[shroot]
|
||||
|
||||
```
|
||||
cfdisk
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
Use `EFI System` for EFI partition
|
||||
Use `Linux filesystem` for other partitions
|
||||
@ -33,15 +66,25 @@ Use `Linux filesystem` for other partitions
|
||||
|
||||
_Note: Do not put your /efi partition on an encrypted partition!_
|
||||
|
||||
Create encrypted Partition
|
||||
`cryptsetup luksFormat /dev/(partition) --type luks1`
|
||||
Create encrypted Partition with a label. This label will later be used to identified the bootdevice as a simpler alternative to UUIDs.
|
||||
|
||||
To view if this worked correctly
|
||||
`cryptsetup luksDump /dev/(partition)`
|
||||
[shroot]
|
||||
|
||||
Open the partition
|
||||
Give it a fitting name
|
||||
`cryptsetup open /dev/(partition) (name)`
|
||||
```
|
||||
cryptsetup luksFormat --label=(label) /dev/(partition)
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
Open the partition and specify a name
|
||||
|
||||
[shroot]
|
||||
|
||||
```
|
||||
cryptsetup open /dev/(partition) (name)
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
Check if this worked with `ls /dev/mapper/`
|
||||
The name should show up there
|
||||
@ -49,26 +92,50 @@ The name should show up there
|
||||
## Format partitions
|
||||
|
||||
Fat 32:
|
||||
`mkfs.fat -F32 /dev/(partition)`
|
||||
|
||||
[shroot]
|
||||
|
||||
```
|
||||
mkfs.fat -F32 /dev/(partition)
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
_For EFI or BOOT partition_
|
||||
|
||||
Ext4:
|
||||
`mkfs.ext4 /dev/(partition)`
|
||||
|
||||
[shroot]
|
||||
|
||||
```
|
||||
mkfs.ext4 /dev/(partition)
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
_All other partitions_
|
||||
|
||||
btrfs:
|
||||
`mkfs.btrfs /dev/(partition)`
|
||||
_All other partitions_
|
||||
Btrfs:
|
||||
|
||||
[shroot]
|
||||
|
||||
```
|
||||
mkfs.btrfs /dev/(partition)
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
F2FS:
|
||||
`mkfs.f2fs -O extra_attr,inode_checksum,sb_checksum,compression /dev/(partition)`
|
||||
_All other partitions_
|
||||
|
||||
## Mounting partitions
|
||||
|
||||
Generally partitions have to be mounted where you will later use them in your system.
|
||||
BTRFS with its subvolumes is a special case
|
||||
For EFI, prefer the /efi mountpoint
|
||||
BTRFS with its subvolumes is a special case, see the additional chapter below.
|
||||
Be careful in choosing you EFI mountpoint when using full disk encryption.
|
||||
Using `/efi` will lead to much longer boot times in GRUB and be completely unsupported in other bootloaders.
|
||||
See [this feature comparison](https://wiki.archlinux.org/title/Arch_boot_process#Boot_loader) for details.
|
||||
For `/efi` size really doesn't matter much and can be 1 or 2 megabytes. 16MB is probably a good size.
|
||||
If you're using `/boot`, the kernel and initramfs will also be stored on this partition among others. Recommended sizes range from 256MB to 512MB
|
||||
|
||||
```
|
||||
Root: /mnt
|
||||
@ -80,105 +147,137 @@ etc...
|
||||
### (BTRFS) Btrfs preparation of subvolumes and mounting
|
||||
|
||||
Mount root partition
|
||||
`mount /dev/(partition) /mnt`
|
||||
|
||||
[shroot]
|
||||
|
||||
```
|
||||
mount /dev/(partition) /mnt
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
Root subvolume
|
||||
`btrfs subv create /mnt/@`
|
||||
|
||||
[shroot]
|
||||
|
||||
```
|
||||
btrfs subv create /mnt/@
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
Home subvolume
|
||||
`btrfs subv create /mnt/@home`
|
||||
|
||||
[shroot]
|
||||
|
||||
```
|
||||
btrfs subv create /mnt/@home
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
Snapshots subvolume for snapper
|
||||
`btrfs subv create /mnt/@snapshots`
|
||||
|
||||
Snapshots subvolume for timeshift
|
||||
`btrfs subv create /mnt/@timeshift`
|
||||
[shroot]
|
||||
|
||||
```
|
||||
btrfs subv create /mnt/@snapshots
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
Var subvolume
|
||||
`btrfs subv create /mnt/@var_log`
|
||||
|
||||
[shroot]
|
||||
|
||||
```
|
||||
btrfs subv create /mnt/@var_log
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
_If you want to use a swapfile with Snapper, create a new subvolume now_
|
||||
Swap subvolume
|
||||
`btrfs subv create /mnt/@swap`
|
||||
|
||||
`umount /mnt`
|
||||
[shroot]
|
||||
|
||||
```
|
||||
btrfs subv create /mnt/@swap
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
[shroot]
|
||||
|
||||
```
|
||||
umount /mnt
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
Mount root
|
||||
`mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@ /dev/(partition) /mnt`
|
||||
`mount -o noatime,compress-force=zstd,subvol=@ /dev/(partition) /mnt`
|
||||
|
||||
With /efi
|
||||
`mkdir -p /mnt/{efi,home,.snapshots,var/log,swap}`
|
||||
With /boot
|
||||
`mkdir -p /mnt/{boot,home,.snapshots,var/log,swap}`
|
||||
With /boot and timeshift
|
||||
`mkdir -p /mnt/{boot,home,timeshift-btrfs,var/log,swap}`
|
||||
|
||||
Mount home
|
||||
`mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@home /dev/(partition) /mnt/home`
|
||||
`mount -o noatime,compress-force=zstd,subvol=@home /dev/(partition) /mnt/home`
|
||||
|
||||
Mount snapshots for snapper
|
||||
`mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@snapshots /dev/(partition) /mnt/.snapshots`
|
||||
Mount snapshots for timeshift
|
||||
`mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@timeshift /dev/(partition) /mnt/timeshift-btrfs`
|
||||
`mount -o noatime,compress-force=zstd,subvol=@snapshots /dev/(partition) /mnt/.snapshots`
|
||||
|
||||
Mount var
|
||||
`mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@var_log /dev/(partition) /mnt/var/log`
|
||||
`mount -o noatime,compress-force=zstd,subvol=@var_log /dev/(partition) /mnt/var/log`
|
||||
|
||||
Swap subvolume
|
||||
`mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@swap /dev/(partition) /mnt/swap`
|
||||
|
||||
**Don't forget mounting other partitions!!**
|
||||
|
||||
### (F2FS) Mounting
|
||||
|
||||
Mount partition with compression algorithm specified
|
||||
`mount -o compress_algorithm=zstd /dev/(partition) /mnt`
|
||||
|
||||
With /efi
|
||||
`mkdir -p /mnt/efi`
|
||||
With /boot
|
||||
`mkdir -p /mnt/boot`
|
||||
`mount -o noatime,subvol=@swap /dev/(partition) /mnt/swap`
|
||||
|
||||
**Don't forget mounting other partitions!!**
|
||||
|
||||
## Swap
|
||||
|
||||
### Swap partition
|
||||
|
||||
TODO
|
||||
|
||||
### Swapfile
|
||||
|
||||
#### Normal way
|
||||
|
||||
**NOT FOR BTRFS!**
|
||||
`dd if=/dev/zero of=/mnt/swapfile bs=1M count=(size) status=progress`
|
||||
|
||||
[shroot]
|
||||
|
||||
```
|
||||
dd if=/dev/zero of=/mnt/swapfile bs=1M count=(size) status=progress
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
#### (BTRFS) Swapfile in btrfs
|
||||
|
||||
_Does not work with snapper_
|
||||
_Use a separate subvolume in that case_
|
||||
_Use a separate subvolume to work with snapper_
|
||||
|
||||
```sh
|
||||
truncate -s 0 /mnt/swapfile
|
||||
chattr +C /mnt/swapfile
|
||||
btrfs property set /mnt/swapfile compression none
|
||||
fallocate -l (size)M /mnt/swapfile
|
||||
[shroot]
|
||||
|
||||
```
|
||||
btrfs fi mkswapfile --size [SIZE]g --uuid clear /mnt/swap/swapfile
|
||||
swapon /mnt/swap/swapfile
|
||||
```
|
||||
|
||||
#### Initialising swapfile
|
||||
|
||||
```sh
|
||||
chmod 600 /mnt/swapfile
|
||||
mkswap /mnt/swapfile
|
||||
swapon /mnt/swapfile
|
||||
```
|
||||
[/shroot]
|
||||
|
||||
## Essential packages
|
||||
|
||||
Some things like the userspace utilities for file management will vary.
|
||||
See [file systems](https://wiki.archlinux.org/index.php/File_systems#Types_of_file_systems)
|
||||
`pacstrap /mnt base linux linux-firmware vim git openssh networkmanager network-manager-applet dialog base-devel linux-headers`
|
||||
Install a few essential packages using `pacstrap`.
|
||||
Additional packages might also be necessary, see the list below.
|
||||
|
||||
[shroot]
|
||||
|
||||
```
|
||||
pacstrap /mnt base base-devel linux linux-firmware linux-headers vim git openssh networkmanager dialog
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
### Microcode
|
||||
|
||||
@ -197,9 +296,6 @@ Ext4:
|
||||
Btrfs:
|
||||
`btrfs-progs compsize`
|
||||
|
||||
F2FS:
|
||||
`f2fs-tools`
|
||||
|
||||
### Wifi
|
||||
|
||||
`wpa_supplicant`
|
||||
@ -218,12 +314,25 @@ F2FS:
|
||||
|
||||
## Generate fstab
|
||||
|
||||
`genfstab -U /mnt >> /mnt/etc/fstab`
|
||||
[shroot]
|
||||
|
||||
```
|
||||
genfstab -U /mnt >> /mnt/etc/fstab
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
**Make sure the fstab file has everything included**
|
||||
|
||||
## Chroot into the system
|
||||
|
||||
`arch-chroot /mnt`
|
||||
[shroot]
|
||||
|
||||
```
|
||||
arch-chroot /mnt
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
## Set timezone
|
||||
|
||||
@ -254,89 +363,63 @@ Make sure to use a UTF-8 entry.
|
||||
Edit `/etc/hosts`
|
||||
|
||||
```
|
||||
127.0.0.1 localhost
|
||||
127.0.0.1 localhost (hostname)
|
||||
::1 localhost
|
||||
127.0.1.1 (hostname).localdomain (hostname)
|
||||
```
|
||||
|
||||
## Change root password
|
||||
|
||||
`passwd`
|
||||
[shroot]
|
||||
|
||||
```
|
||||
passwd
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
## Bootloader installation
|
||||
|
||||
### GRUB UEFI
|
||||
### rEFInd
|
||||
|
||||
`pacman -S grub efibootmgr`
|
||||
[shroot]
|
||||
|
||||
If you are using encryption, see the next section first. **Make sure to come back here again though**
|
||||
`grub-install --target=x86_64-efi --efi-directory=(efi partition mountpoint) --bootloader-id=GRUB`
|
||||
```
|
||||
pacman -S refind
|
||||
```
|
||||
|
||||
`grub-mkconfig -o /boot/grub/grub.cfg`
|
||||
[/shroot]
|
||||
|
||||
#### (LUKS) Encryption with /efi
|
||||
Use the rEFInd installation script. In most cases no specific configuration is necessary
|
||||
|
||||
Create keyfile and add it to mkinitcpio.conf
|
||||
`dd bs=512 count=4 if=/dev/random of=/crypto_keyfile.bin iflag=fullblock`
|
||||
[shroot]
|
||||
|
||||
`chmod 600 /crypto_keyfile.bin`
|
||||
```
|
||||
refind-install
|
||||
```
|
||||
|
||||
**This command should be run after installing a new kernel!**
|
||||
`chmod 600 /boot/initramfs-linux*`
|
||||
[/shroot]
|
||||
|
||||
`cryptsetup luksAddKey /dev/(partition) /crypto_keyfile.bin`
|
||||
**Manual editing of the generated configuration file is necessary when installing rEFInd from the Arch boot ISO**
|
||||
|
||||
Include the file in `/etc/mkinitcpio.conf`
|
||||
`FILES=(/crypto_keyfile.bin)`
|
||||
_TODO insert config here_
|
||||
|
||||
Edit the `HOOKS` section as well. _Example:_
|
||||
`HOOKS=(base udev autodetect keyboard keymap modconf block encrypt filesystems fsck)`
|
||||
### mkinitcpio with LUKS
|
||||
|
||||
`mkinitcpio -p linux`
|
||||
Some additional settings are necessary in `/etc/mkinitcpio.conf` in order to enable booting from LUKS-encrypted disks.
|
||||
|
||||
Edit `/etc/default/grub`
|
||||
`GRUB_ENABLE_CRYPTODISK=y`
|
||||
Edit the `HOOKS` section in `/etc/mkinitcpio.conf` by adding `encrypt` after `block` and before `filesystems`
|
||||
|
||||
Some options in `GRUB_CMDLINE_LINUX_DEFAULT`
|
||||
**Make sure to change /dev/(partition) to UUID ASAP!**
|
||||
_Not sure how to actually do that though, will have to read some more._
|
||||
`cryptdevice=/dev/(partition):(name)`
|
||||
`cryptkey=/dev/mapper/(name):(filesystem):/crypto_keyfile.bin`
|
||||
Also ensure `keyboard keymap` are present before `encrypt` in order to allow the loading of the default keyboard language from `/etc/vconsole.conf` to enter the decryption password.
|
||||
|
||||
**Go back and install grub!!**
|
||||
Regenerate all initramfs presets
|
||||
|
||||
#### (LUKS) Encryption with /boot
|
||||
[shroot]
|
||||
|
||||
Edit the `HOOKS` section in `/etc/mkinitcpio.conf` _Example:_
|
||||
`HOOKS=(base udev autodetect keyboard keymap modconf block encrypt filesystems fsck)`
|
||||
```
|
||||
mkinitcpio -P
|
||||
```
|
||||
|
||||
`mkinitcpio -p linux`
|
||||
|
||||
Next, edit `/etc/default/grub`
|
||||
|
||||
Add an option in `GRUB_CMDLINE_LINUX_DEFAULT`
|
||||
**Make sure to change /dev/(partition) to UUID ASAP!**
|
||||
_Not sure how to actually do that though, will have to read some more._
|
||||
`cryptdevice=/dev/(partition):(name)`
|
||||
|
||||
**Go back and install grub!!**
|
||||
|
||||
## Mkinitcpio
|
||||
|
||||
### BTRFS
|
||||
|
||||
Load required modules
|
||||
`vim /etc/mkinitcpio.conf`
|
||||
`MODULES=(btrfs)`
|
||||
`BINARIES=("/usr/bin/btrfs")`
|
||||
|
||||
`mkinitcpio -p linux`
|
||||
|
||||
**Go back and install grub!!**
|
||||
|
||||
### EXT4
|
||||
|
||||
### F2FS
|
||||
[/shroot]
|
||||
|
||||
## Networking
|
||||
|
||||
@ -391,7 +474,7 @@ Change these things:
|
||||
```
|
||||
TIMELINE_LIMIT_HOURLY="5"
|
||||
TIMELINE_LIMIT_DAILY="7"
|
||||
TIMELINE_LIMIT_WEEKLY="0"
|
||||
TIMELINE_LIMIT_WEEKLY="4"
|
||||
TIMELINE_LIMIT_MONTHLY="0"
|
||||
TIMELINE_LIMIT_YEARLY="0"
|
||||
```
|
||||
@ -406,22 +489,33 @@ Allow user to access snapshots
|
||||
|
||||
## Install AUR helper
|
||||
|
||||
### yay
|
||||
|
||||
```sh
|
||||
git clone https://aur.archlinux.org/yay.git
|
||||
cd yay
|
||||
makepkg -si
|
||||
```
|
||||
|
||||
### paru
|
||||
|
||||
```sh
|
||||
git clone https://aur.archlinux.org/paru.git
|
||||
cd paru
|
||||
[shuser]
|
||||
|
||||
```
|
||||
cd $(mktemp -d)
|
||||
git clone https://aur.archlinux.org/paru-bin.git
|
||||
cd paru-bin
|
||||
makepkg -si
|
||||
```
|
||||
|
||||
## (Snapper) Snap pac and GUI
|
||||
[/shuser]
|
||||
|
||||
`$ paru -S snap-pac-grub snapper-gui`
|
||||
## Automatic snapshots on package changes
|
||||
|
||||
[shroot]
|
||||
|
||||
```
|
||||
pacman -S snap-pac
|
||||
```
|
||||
|
||||
[/shroot]
|
||||
|
||||
## (rEFInd) Show snapshots in bootmenu
|
||||
|
||||
_WIP_
|
||||
|
||||
`paru -S refind-btrfs`
|
||||
|
||||
`systemctl enable --now refind-btrfs.service`
|
||||
|
Loading…
Reference in New Issue
Block a user