wiki-grav/pages/02.linux/guides/arch/default.en.md
2023-11-17 16:05:11 +01:00

7.5 KiB

title visible
Arch true

[toc]

Last modified: 2023-11-17

Keyboard layout

[shroot]

loadkeys de_CH-latin1

[/shroot]

Check UEFI mode

If the following command works, the system is booted in EFI.

[shroot]

ls /sys/firmware/efi/efivars

[/shroot]

Verify internet connection

[shroot]

ping wiki.exu.li

[/shroot]

Update system clock

[shroot]

timedatectl set-ntp true

[/shroot]

Creating partitions

[shroot]

cfdisk

[/shroot]

Use EFI System for EFI partition
Use Linux filesystem for other partitions

(LUKS) Create encrypted partition

Note: Do not put your /efi partition on an encrypted partition!

Create encrypted Partition with a label. This label will later be used to identified the bootdevice as a simpler alternative to UUIDs.

[shroot]

cryptsetup luksFormat --label=(label) /dev/(partition)

[/shroot]

Open the partition and specify a name

[shroot]

cryptsetup open /dev/(partition) (name)

[/shroot]

Check if this worked with ls /dev/mapper/
The name should show up there

Format partitions

Fat 32:

[shroot]

mkfs.fat -F32 /dev/(partition)

[/shroot]

For EFI or BOOT partition

Ext4:

[shroot]

mkfs.ext4 /dev/(partition)

[/shroot]

All other partitions

Btrfs:

[shroot]

mkfs.btrfs /dev/(partition)

[/shroot]

All other partitions

Mounting partitions

Generally partitions have to be mounted where you will later use them in your system.
BTRFS with its subvolumes is a special case, see the additional chapter below.
Be careful in choosing you EFI mountpoint when using full disk encryption.
Using /efi will lead to much longer boot times in GRUB and be completely unsupported in other bootloaders.
See this feature comparison for details.
For /efi size really doesn't matter much and can be 1 or 2 megabytes. 16MB is probably a good size.
If you're using /boot, the kernel and initramfs will also be stored on this partition among others. Recommended sizes range from 256MB to 512MB

Root: /mnt
EFI: /mnt/efi or /mnt/boot
Home: /mnt/home
etc...

(BTRFS) Btrfs preparation of subvolumes and mounting

Mount root partition

[shroot]

mount /dev/(partition) /mnt

[/shroot]

Root subvolume

[shroot]

btrfs subv create /mnt/@

[/shroot]

Home subvolume

[shroot]

btrfs subv create /mnt/@home

[/shroot]

Snapshots subvolume for snapper

[shroot]

btrfs subv create /mnt/@snapshots

[/shroot]

Var subvolume

[shroot]

btrfs subv create /mnt/@var_log

[/shroot]

If you want to use a swapfile with Snapper, create a new subvolume now
Swap subvolume

[shroot]

btrfs subv create /mnt/@swap

[/shroot]

[shroot]

umount /mnt

[/shroot]

Mount root
mount -o noatime,compress-force=zstd,subvol=@ /dev/(partition) /mnt

With /efi
mkdir -p /mnt/{efi,home,.snapshots,var/log,swap}
With /boot
mkdir -p /mnt/{boot,home,.snapshots,var/log,swap}

Mount home
mount -o noatime,compress-force=zstd,subvol=@home /dev/(partition) /mnt/home

Mount snapshots for snapper
mount -o noatime,compress-force=zstd,subvol=@snapshots /dev/(partition) /mnt/.snapshots

Mount var
mount -o noatime,compress-force=zstd,subvol=@var_log /dev/(partition) /mnt/var/log

Swap subvolume
mount -o noatime,subvol=@swap /dev/(partition) /mnt/swap

Don't forget mounting other partitions!!

Swap

Swapfile

Normal way

NOT FOR BTRFS!

[shroot]

dd if=/dev/zero of=/mnt/swapfile bs=1M count=(size) status=progress

[/shroot]

(BTRFS) Swapfile in btrfs

Use a separate subvolume to work with snapper

[shroot]

btrfs fi mkswapfile --size [SIZE]g --uuid clear /mnt/swap/swapfile
swapon /mnt/swap/swapfile

[/shroot]

Essential packages

Install a few essential packages using pacstrap.
Additional packages might also be necessary, see the list below.

[shroot]

pacstrap /mnt base base-devel linux linux-firmware linux-headers vim git openssh networkmanager dialog

[/shroot]

Microcode

amd-ucode

intel-ucode

Filesystems

Fat32:
dosfstools mtools

Ext4:
e2fsprogs

Btrfs:
btrfs-progs compsize

Wifi

wpa_supplicant

Snapper

snapper

Certificates

ca-certificates ca-certificates-mozilla

other

cups hplip xdg-utils xdg-user-dirs inetutils

Generate fstab

[shroot]

genfstab -U /mnt >> /mnt/etc/fstab

[/shroot]

Make sure the fstab file has everything included

Chroot into the system

[shroot]

arch-chroot /mnt

[/shroot]

Set timezone

ln -sf /usr/share/zoneinfo/Europe/Zurich /etc/localtime

Set hardware clock

hwclock --systohc

Set locale

vim /etc/locale.gen
Uncomment the locales that should be generated.
Make sure to use a UTF-8 entry.

locale-gen

echo "LANG=de_CH.UTF-8" > /etc/locale.conf

Set keymap permanently

echo "KEYMAP=de_CH-latin1" > /etc/vconsole.conf

Set hostname

echo "(hostname)" > /etc/hostname

Edit /etc/hosts

127.0.0.1   localhost (hostname)
::1         localhost

Change root password

[shroot]

passwd

[/shroot]

Bootloader installation

rEFInd

[shroot]

pacman -S refind

[/shroot]

Use the rEFInd installation script. In most cases no specific configuration is necessary

[shroot]

refind-install

[/shroot]

Manual editing of the generated configuration file is necessary when installing rEFInd from the Arch boot ISO

TODO insert config here

"Boot with standard options" "rw loglevel=3 quiet cryptdevice=LABEL=(label):(name) root=/dev/mapper/(name) rootflags=subvol=@"

mkinitcpio with LUKS

Some additional settings are necessary in /etc/mkinitcpio.conf in order to enable booting from LUKS-encrypted disks.

Edit the HOOKS section in /etc/mkinitcpio.conf by adding encrypt after block and before filesystems

Also ensure keyboard keymap are present before encrypt in order to allow the loading of the default keyboard language from /etc/vconsole.conf to enter the decryption password.

Regenerate all initramfs presets

[shroot]

mkinitcpio -P

[/shroot]

Networking

systemctl enable NetworkManager

(CUPS) Printing

systemctl enable cups

Add user

useradd -mG wheel (user)

Set password
passwd (user)

Enable sudo

visudo
Uncomment %wheel ALL=(ALL) ALL

Finishing installation

exit
poweroff
Remove the installation cd

(Snapper) Setup

# umount /.snapshots

# rm -r /.snapshots

Create snapper config
# snapper -c root create-config /

Delete unneeded volume
# btrfs subv del /.snapshots/

# mkdir /.snapshots

Mount snapshots volume
# mount -a

# chmod 750 /.snapshots

# vim /etc/snapper/configs/root

Change these things:
ALLOW_USERS="(user)"

TIMELINE_LIMIT_HOURLY="5"
TIMELINE_LIMIT_DAILY="7"
TIMELINE_LIMIT_WEEKLY="4"
TIMELINE_LIMIT_MONTHLY="0"
TIMELINE_LIMIT_YEARLY="0"

Enable snapper
# systemctl enable --now snapper-timeline.timer
# systemctl enable --now snapper-cleanup.timer

Allow user to access snapshots
# chmod a+rx /.snapshots
# chown :(user) /.snapshots

Install AUR helper

paru

[shuser]

cd $(mktemp -d)
git clone https://aur.archlinux.org/paru-bin.git
cd paru-bin
makepkg -si

[/shuser]

Automatic snapshots on package changes

[shroot]

pacman -S snap-pac

[/shroot]

(rEFInd) Show snapshots in bootmenu

WIP

paru -S refind-btrfs

systemctl enable --now refind-btrfs.service