diff --git a/pages/02.linux/guides/arch/default.en.md b/pages/02.linux/guides/arch/default.en.md index a0aae74..5d6a9d7 100644 --- a/pages/02.linux/guides/arch/default.en.md +++ b/pages/02.linux/guides/arch/default.en.md @@ -5,26 +5,59 @@ visible: true [toc] +Last modified: 2023-11-17 + ## Keyboard layout -`loadkeys de_CH-latin1` +[shroot] + +``` +loadkeys de_CH-latin1 +``` + +[/shroot] ## Check UEFI mode If the following command works, the system is booted in EFI. -`ls /sys/firmware/efi/efivars` + +[shroot] + +``` +ls /sys/firmware/efi/efivars +``` + +[/shroot] ## Verify internet connection -`ping www.realstickman.net` +[shroot] + +``` +ping wiki.exu.li +``` + +[/shroot] ## Update system clock -`timedatectl set-ntp true` +[shroot] + +``` +timedatectl set-ntp true +``` + +[/shroot] ## Creating partitions -`cfdisk` +[shroot] + +``` +cfdisk +``` + +[/shroot] Use `EFI System` for EFI partition Use `Linux filesystem` for other partitions @@ -33,15 +66,25 @@ Use `Linux filesystem` for other partitions _Note: Do not put your /efi partition on an encrypted partition!_ -Create encrypted Partition -`cryptsetup luksFormat /dev/(partition) --type luks1` +Create encrypted Partition with a label. This label will later be used to identified the bootdevice as a simpler alternative to UUIDs. -To view if this worked correctly -`cryptsetup luksDump /dev/(partition)` +[shroot] -Open the partition -Give it a fitting name -`cryptsetup open /dev/(partition) (name)` +``` +cryptsetup luksFormat --label=(label) /dev/(partition) +``` + +[/shroot] + +Open the partition and specify a name + +[shroot] + +``` +cryptsetup open /dev/(partition) (name) +``` + +[/shroot] Check if this worked with `ls /dev/mapper/` The name should show up there @@ -49,26 +92,50 @@ The name should show up there ## Format partitions Fat 32: -`mkfs.fat -F32 /dev/(partition)` + +[shroot] + +``` +mkfs.fat -F32 /dev/(partition) +``` + +[/shroot] + _For EFI or BOOT partition_ Ext4: -`mkfs.ext4 /dev/(partition)` + +[shroot] + +``` +mkfs.ext4 /dev/(partition) +``` + +[/shroot] + _All other partitions_ -btrfs: -`mkfs.btrfs /dev/(partition)` -_All other partitions_ +Btrfs: + +[shroot] + +``` +mkfs.btrfs /dev/(partition) +``` + +[/shroot] -F2FS: -`mkfs.f2fs -O extra_attr,inode_checksum,sb_checksum,compression /dev/(partition)` _All other partitions_ ## Mounting partitions Generally partitions have to be mounted where you will later use them in your system. -BTRFS with its subvolumes is a special case -For EFI, prefer the /efi mountpoint +BTRFS with its subvolumes is a special case, see the additional chapter below. +Be careful in choosing you EFI mountpoint when using full disk encryption. +Using `/efi` will lead to much longer boot times in GRUB and be completely unsupported in other bootloaders. +See [this feature comparison](https://wiki.archlinux.org/title/Arch_boot_process#Boot_loader) for details. +For `/efi` size really doesn't matter much and can be 1 or 2 megabytes. 16MB is probably a good size. +If you're using `/boot`, the kernel and initramfs will also be stored on this partition among others. Recommended sizes range from 256MB to 512MB ``` Root: /mnt @@ -80,105 +147,137 @@ etc... ### (BTRFS) Btrfs preparation of subvolumes and mounting Mount root partition -`mount /dev/(partition) /mnt` + +[shroot] + +``` +mount /dev/(partition) /mnt +``` + +[/shroot] Root subvolume -`btrfs subv create /mnt/@` + +[shroot] + +``` +btrfs subv create /mnt/@ +``` + +[/shroot] Home subvolume -`btrfs subv create /mnt/@home` + +[shroot] + +``` +btrfs subv create /mnt/@home +``` + +[/shroot] Snapshots subvolume for snapper -`btrfs subv create /mnt/@snapshots` -Snapshots subvolume for timeshift -`btrfs subv create /mnt/@timeshift` +[shroot] + +``` +btrfs subv create /mnt/@snapshots +``` + +[/shroot] Var subvolume -`btrfs subv create /mnt/@var_log` + +[shroot] + +``` +btrfs subv create /mnt/@var_log +``` + +[/shroot] _If you want to use a swapfile with Snapper, create a new subvolume now_ Swap subvolume -`btrfs subv create /mnt/@swap` -`umount /mnt` +[shroot] + +``` +btrfs subv create /mnt/@swap +``` + +[/shroot] + +[shroot] + +``` +umount /mnt +``` + +[/shroot] Mount root -`mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@ /dev/(partition) /mnt` +`mount -o noatime,compress-force=zstd,subvol=@ /dev/(partition) /mnt` With /efi `mkdir -p /mnt/{efi,home,.snapshots,var/log,swap}` With /boot `mkdir -p /mnt/{boot,home,.snapshots,var/log,swap}` -With /boot and timeshift -`mkdir -p /mnt/{boot,home,timeshift-btrfs,var/log,swap}` Mount home -`mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@home /dev/(partition) /mnt/home` +`mount -o noatime,compress-force=zstd,subvol=@home /dev/(partition) /mnt/home` Mount snapshots for snapper -`mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@snapshots /dev/(partition) /mnt/.snapshots` -Mount snapshots for timeshift -`mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@timeshift /dev/(partition) /mnt/timeshift-btrfs` +`mount -o noatime,compress-force=zstd,subvol=@snapshots /dev/(partition) /mnt/.snapshots` Mount var -`mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@var_log /dev/(partition) /mnt/var/log` +`mount -o noatime,compress-force=zstd,subvol=@var_log /dev/(partition) /mnt/var/log` Swap subvolume -`mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@swap /dev/(partition) /mnt/swap` - -**Don't forget mounting other partitions!!** - -### (F2FS) Mounting - -Mount partition with compression algorithm specified -`mount -o compress_algorithm=zstd /dev/(partition) /mnt` - -With /efi -`mkdir -p /mnt/efi` -With /boot -`mkdir -p /mnt/boot` +`mount -o noatime,subvol=@swap /dev/(partition) /mnt/swap` **Don't forget mounting other partitions!!** ## Swap -### Swap partition - -TODO - ### Swapfile #### Normal way **NOT FOR BTRFS!** -`dd if=/dev/zero of=/mnt/swapfile bs=1M count=(size) status=progress` + +[shroot] + +``` +dd if=/dev/zero of=/mnt/swapfile bs=1M count=(size) status=progress +``` + +[/shroot] #### (BTRFS) Swapfile in btrfs -_Does not work with snapper_ -_Use a separate subvolume in that case_ +_Use a separate subvolume to work with snapper_ -```sh -truncate -s 0 /mnt/swapfile -chattr +C /mnt/swapfile -btrfs property set /mnt/swapfile compression none -fallocate -l (size)M /mnt/swapfile +[shroot] + +``` +btrfs fi mkswapfile --size [SIZE]g --uuid clear /mnt/swap/swapfile +swapon /mnt/swap/swapfile ``` -#### Initialising swapfile - -```sh -chmod 600 /mnt/swapfile -mkswap /mnt/swapfile -swapon /mnt/swapfile -``` +[/shroot] ## Essential packages -Some things like the userspace utilities for file management will vary. -See [file systems](https://wiki.archlinux.org/index.php/File_systems#Types_of_file_systems) -`pacstrap /mnt base linux linux-firmware vim git openssh networkmanager network-manager-applet dialog base-devel linux-headers` +Install a few essential packages using `pacstrap`. +Additional packages might also be necessary, see the list below. + +[shroot] + +``` +pacstrap /mnt base base-devel linux linux-firmware linux-headers vim git openssh networkmanager dialog +``` + +[/shroot] ### Microcode @@ -197,9 +296,6 @@ Ext4: Btrfs: `btrfs-progs compsize` -F2FS: -`f2fs-tools` - ### Wifi `wpa_supplicant` @@ -218,12 +314,25 @@ F2FS: ## Generate fstab -`genfstab -U /mnt >> /mnt/etc/fstab` +[shroot] + +``` +genfstab -U /mnt >> /mnt/etc/fstab +``` + +[/shroot] + **Make sure the fstab file has everything included** ## Chroot into the system -`arch-chroot /mnt` +[shroot] + +``` +arch-chroot /mnt +``` + +[/shroot] ## Set timezone @@ -254,89 +363,63 @@ Make sure to use a UTF-8 entry. Edit `/etc/hosts` ``` -127.0.0.1 localhost +127.0.0.1 localhost (hostname) ::1 localhost -127.0.1.1 (hostname).localdomain (hostname) ``` ## Change root password -`passwd` +[shroot] + +``` +passwd +``` + +[/shroot] ## Bootloader installation -### GRUB UEFI +### rEFInd -`pacman -S grub efibootmgr` +[shroot] -If you are using encryption, see the next section first. **Make sure to come back here again though** -`grub-install --target=x86_64-efi --efi-directory=(efi partition mountpoint) --bootloader-id=GRUB` +``` +pacman -S refind +``` -`grub-mkconfig -o /boot/grub/grub.cfg` +[/shroot] -#### (LUKS) Encryption with /efi +Use the rEFInd installation script. In most cases no specific configuration is necessary -Create keyfile and add it to mkinitcpio.conf -`dd bs=512 count=4 if=/dev/random of=/crypto_keyfile.bin iflag=fullblock` +[shroot] -`chmod 600 /crypto_keyfile.bin` +``` +refind-install +``` -**This command should be run after installing a new kernel!** -`chmod 600 /boot/initramfs-linux*` +[/shroot] -`cryptsetup luksAddKey /dev/(partition) /crypto_keyfile.bin` +**Manual editing of the generated configuration file is necessary when installing rEFInd from the Arch boot ISO** -Include the file in `/etc/mkinitcpio.conf` -`FILES=(/crypto_keyfile.bin)` +_TODO insert config here_ -Edit the `HOOKS` section as well. _Example:_ -`HOOKS=(base udev autodetect keyboard keymap modconf block encrypt filesystems fsck)` +### mkinitcpio with LUKS -`mkinitcpio -p linux` +Some additional settings are necessary in `/etc/mkinitcpio.conf` in order to enable booting from LUKS-encrypted disks. -Edit `/etc/default/grub` -`GRUB_ENABLE_CRYPTODISK=y` +Edit the `HOOKS` section in `/etc/mkinitcpio.conf` by adding `encrypt` after `block` and before `filesystems` -Some options in `GRUB_CMDLINE_LINUX_DEFAULT` -**Make sure to change /dev/(partition) to UUID ASAP!** -_Not sure how to actually do that though, will have to read some more._ -`cryptdevice=/dev/(partition):(name)` -`cryptkey=/dev/mapper/(name):(filesystem):/crypto_keyfile.bin` +Also ensure `keyboard keymap` are present before `encrypt` in order to allow the loading of the default keyboard language from `/etc/vconsole.conf` to enter the decryption password. -**Go back and install grub!!** +Regenerate all initramfs presets -#### (LUKS) Encryption with /boot +[shroot] -Edit the `HOOKS` section in `/etc/mkinitcpio.conf` _Example:_ -`HOOKS=(base udev autodetect keyboard keymap modconf block encrypt filesystems fsck)` +``` +mkinitcpio -P +``` -`mkinitcpio -p linux` - -Next, edit `/etc/default/grub` - -Add an option in `GRUB_CMDLINE_LINUX_DEFAULT` -**Make sure to change /dev/(partition) to UUID ASAP!** -_Not sure how to actually do that though, will have to read some more._ -`cryptdevice=/dev/(partition):(name)` - -**Go back and install grub!!** - -## Mkinitcpio - -### BTRFS - -Load required modules -`vim /etc/mkinitcpio.conf` -`MODULES=(btrfs)` -`BINARIES=("/usr/bin/btrfs")` - -`mkinitcpio -p linux` - -**Go back and install grub!!** - -### EXT4 - -### F2FS +[/shroot] ## Networking @@ -391,7 +474,7 @@ Change these things: ``` TIMELINE_LIMIT_HOURLY="5" TIMELINE_LIMIT_DAILY="7" -TIMELINE_LIMIT_WEEKLY="0" +TIMELINE_LIMIT_WEEKLY="4" TIMELINE_LIMIT_MONTHLY="0" TIMELINE_LIMIT_YEARLY="0" ``` @@ -406,22 +489,33 @@ Allow user to access snapshots ## Install AUR helper -### yay - -```sh -git clone https://aur.archlinux.org/yay.git -cd yay -makepkg -si -``` - ### paru -```sh -git clone https://aur.archlinux.org/paru.git -cd paru +[shuser] + +``` +cd $(mktemp -d) +git clone https://aur.archlinux.org/paru-bin.git +cd paru-bin makepkg -si ``` -## (Snapper) Snap pac and GUI +[/shuser] -`$ paru -S snap-pac-grub snapper-gui` +## Automatic snapshots on package changes + +[shroot] + +``` +pacman -S snap-pac +``` + +[/shroot] + +## (rEFInd) Show snapshots in bootmenu + +_WIP_ + +`paru -S refind-btrfs` + +`systemctl enable --now refind-btrfs.service`