wiki-grav/pages/02.linux/23.guides/02.arch/default.en.md
2022-05-20 21:26:28 +02:00

8.3 KiB

title
Arch

Keyboard layout

loadkeys de_CH-latin1

Check UEFI mode

If the following command works, the system is booted in EFI.
ls /sys/firmware/efi/efivars

Verify internet connection

ping www.realstickman.net

Update system clock

timedatectl set-ntp true

Creating partitions

cfdisk

Use EFI System for EFI partition
Use Linux filesystem for other partitions

(LUKS) Create encrypted partition

Note: Do not put your /efi partition on an encrypted partition!

Create encrypted Partition
cryptsetup luksFormat /dev/(partition) --type luks1

To view if this worked correctly
cryptsetup luksDump /dev/(partition)

Open the partition
Give it a fitting name
cryptsetup open /dev/(partition) (name)

Check if this worked with ls /dev/mapper/
The name should show up there

Format partitions

Fat 32:
mkfs.fat -F32 /dev/(partition)
For EFI or BOOT partition

Ext4:
mkfs.ext4 /dev/(partition)
All other partitions

btrfs:
mkfs.btrfs /dev/(partition)
All other partitions

F2FS: mkfs.f2fs -O extra_attr,inode_checksum,sb_checksum,compression /dev/(partition)
All other partitions

Mounting partitions

Generally partitions have to be mounted where you will later use them in your system.
BTRFS with its subvolumes is a special case
For EFI, prefer the /efi mountpoint

Root: /mnt
EFI: /mnt/efi or /mnt/boot
Home: /mnt/home
etc...

(BTRFS) Btrfs preparation of subvolumes and mounting

Mount root partition
mount /dev/(partition) /mnt

Root subvolume
btrfs subv create /mnt/@

Home subvolume
btrfs subv create /mnt/@home

Snapshots subvolume for snapper
btrfs subv create /mnt/@snapshots
Snapshots subvolume for timeshift
btrfs subv create /mnt/@timeshift

Var subvolume
btrfs subv create /mnt/@var_log

If you want to use a swapfile with Snapper, create a new subvolume now
Swap subvolume
btrfs subv create /mnt/@swap

umount /mnt

Mount root
mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@ /dev/(partition) /mnt

With /efi
mkdir -p /mnt/{efi,home,.snapshots,var/log,swap}
With /boot
mkdir -p /mnt/{boot,home,.snapshots,var/log,swap}
With /boot and timeshift
mkdir -p /mnt/{boot,home,timeshift-btrfs,var/log,swap}

Mount home
mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@home /dev/(partition) /mnt/home

Mount snapshots for snapper
mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@snapshots /dev/(partition) /mnt/.snapshots Mount snapshots for timeshift
mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@timeshift /dev/(partition) /mnt/timeshift-btrfs

Mount var
mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@var_log /dev/(partition) /mnt/var/log

Swap subvolume
mount -o noatime,compress-force=zstd,space_cache=v2,subvol=@swap /dev/(partition) /mnt/swap

Don't forget mounting other partitions!!

(F2FS) Mounting

Mount partition with compression algorithm specified
mount -o compress_algorithm=zstd /dev/(partition) /mnt

With /efi
mkdir -p /mnt/efi
With /boot
mkdir -p /mnt/boot

Don't forget mounting other partitions!!

Swap

Swap partition

TODO

Swapfile

Normal way

NOT FOR BTRFS!
dd if=/dev/zero of=/mnt/swapfile bs=1M count=(size) status=progress

(BTRFS) Swapfile in btrfs

Does not work with snapper
Use a separate subvolume in that case
truncate -s 0 /mnt/swapfile

chattr +C /mnt/swapfile

btrfs property set /mnt/swapfile compression none

fallocate -l (size)M /mnt/swapfile

Initialising swapfile

chmod 600 /mnt/swapfile

mkswap /mnt/swapfile

swapon /mnt/swapfile

Essential packages

Some things like the userspace utilities for file management will vary.
See file systems
pacstrap /mnt base linux linux-firmware vim git openssh networkmanager network-manager-applet dialog base-devel linux-headers

Microcode

amd-ucode

intel-ucode

Filesystems

Fat32:
dosfstools mtools

Ext4:
e2fsprogs

Btrfs:
btrfs-progs compsize

F2FS: f2fs-tools

Wifi

wpa_supplicant

Snapper

snapper

Certificates

ca-certificates ca-certificates-mozilla

other

cups hplip xdg-utils xdg-user-dirs inetutils

Generate fstab

genfstab -U /mnt >> /mnt/etc/fstab
Make sure the fstab file has everything included

Chroot into the system

arch-chroot /mnt

Set timezone

ln -sf /usr/share/zoneinfo/Europe/Zurich /etc/localtime

Set hardware clock

hwclock --systohc

Set locale

vim /etc/locale.gen
Uncomment the locales that should be generated.
Make sure to use a UTF-8 entry.

locale-gen

echo "LANG=de_CH.UTF-8" > /etc/locale.conf

Set keymap permanently

echo "KEYMAP=de_CH-latin1" > /etc/vconsole.conf

Set hostname

echo "(hostname)" > /etc/hostname

Edit /etc/hosts

127.0.0.1   localhost
::1         localhost
127.0.1.1   (hostname).localdomain  (hostname)

Change root password

passwd

Bootloader installation

GRUB UEFI

pacman -S grub efibootmgr

If you are using encryption, see the next section first. Make sure to come back here again though
grub-install --target=x86_64-efi --efi-directory=(efi partition mountpoint) --bootloader-id=GRUB

grub-mkconfig -o /boot/grub/grub.cfg

(LUKS) Encryption with /efi

Create keyfile and add it to mkinitcpio.conf
dd bs=512 count=4 if=/dev/random of=/crypto_keyfile.bin iflag=fullblock

chmod 600 /crypto_keyfile.bin

This command should be run after installing a new kernel!
chmod 600 /boot/initramfs-linux*

cryptsetup luksAddKey /dev/(partition) /crypto_keyfile.bin

Include the file in /etc/mkinitcpio.conf
FILES=(/crypto_keyfile.bin)

Edit the HOOKS section as well. Example:
HOOKS=(base udev autodetect keyboard keymap modconf block encrypt filesystems fsck)

mkinitcpio -p linux

Edit /etc/default/grub
GRUB_ENABLE_CRYPTODISK=y

Some options in GRUB_CMDLINE_LINUX_DEFAULT
Make sure to change /dev/(partition) to UUID ASAP!
Not sure how to actually do that though, will have to read some more.
cryptdevice=/dev/(partition):(name)
cryptkey=/dev/mapper/(name):(filesystem):/crypto_keyfile.bin

Go back and install grub!!

(LUKS) Encryption with /boot

Edit the HOOKS section in /etc/mkinitcpio.conf Example:
HOOKS=(base udev autodetect keyboard keymap modconf block encrypt filesystems fsck)

mkinitcpio -p linux

Next, edit /etc/default/grub

Add an option in GRUB_CMDLINE_LINUX_DEFAULT
Make sure to change /dev/(partition) to UUID ASAP!
Not sure how to actually do that though, will have to read some more.
cryptdevice=/dev/(partition):(name)

Go back and install grub!!

Mkinitcpio

BTRFS

Load required modules
vim /etc/mkinitcpio.conf
MODULES=(btrfs)
BINARIES=("/usr/bin/btrfs")

mkinitcpio -p linux

Go back and install grub!!

EXT4

F2FS

Networking

systemctl enable NetworkManager

(CUPS) Printing

systemctl enable cups

Add user

useradd -mG wheel (user)

Set password
passwd (user)

Enable sudo

visudo
Uncomment %wheel ALL=(ALL) ALL

Finishing installation

exit
poweroff
Remove the installation cd

(Snapper) Setup

# umount /.snapshots

# rm -r /.snapshots

Create snapper config
# snapper -c root create-config /

Delete unneeded volume
# btrfs subv del /.snapshots/

# mkdir /.snapshots

Mount snapshots volume
# mount -a

# chmod 750 /.snapshots

# vim /etc/snapper/configs/root

Change these things:
ALLOW_USERS="(user)"

TIMELINE_LIMIT_HOURLY="5"
TIMELINE_LIMIT_DAILY="7"
TIMELINE_LIMIT_WEEKLY="0"
TIMELINE_LIMIT_MONTHLY="0"
TIMELINE_LIMIT_YEARLY="0"

Enable snapper
# systemctl enable --now snapper-timeline.timer
# systemctl enable --now snapper-cleanup.timer

Allow user to access snapshots
# chmod a+rx /.snapshots
# chown :(user) /.snapshots

Install AUR helper

yay

git clone https://aur.archlinux.org/yay.git
cd yay
makepkg -si

paru

git clone https://aur.archlinux.org/paru.git
cd paru
makepkg -si

(Snapper) Snap pac and GUI

$ paru -S snap-pac-grub snapper-gui