2022-04-14 18:02:16 +02:00
# Arch Installation
This document describes my ArchLinux installation steps. It skips over the preparation of the installation medium. Otherwise it mostly follows the [ArchWiki Installation Guide ](https://wiki.archlinux.org/title/Installation_guide ), but explicitly states some decisions:
- use `systemd-boot` as the bootloader
- use `NetworkManager` for network configuration
- use `btrfs` as the main file system
- use `LUKS` for disk encryption
- **try** to only use native wayland with sway as WM
- no swap partition (i might use zram or a swapfile in the future though)
- no display manager (for now at least)
My setup is opinionated and so is this doc.
## Pre-Installation aka things to do in the arch-iso liveboot
### Prerequisites
Set keyboard layout
```console
# loadkeys de-latin1
```
Check if booted in UEFI mode
```console
# ls /sys/firmware/efi/efivars
```
Check internet connectivity
```console
# ip link
# ping archlinux.org
```
Update system clock
```console
timedatectl set-ntp true
```
### Disk partitioning
GPT partitioning scheme:
|Mount point|Partition|Partition type|Size|
|---|---|---|---|
|/mnt/boot|/dev/*efi-partition*|EFI system partition|500MiB|
|/mnt|/dev/*root-partition*|Linux x86-64 root(/)|max|
Check available disks and start `fdisk`
```console
fdisk -l
fdisk /dev/< disk-to-install-to >
```
Create GPT partition table
```md
Command (m for help): *g*
```
Create *efi-partition*
```md
Command (m for help): *n*
Partition number (1-128, default 1): *<Return>*
First sector (x-y, default x): *<Return>*
Last sector [...] (x-y, default y): *+500M*
Command (m for help): *t*
Selected partition 1
Partition type or alias: *1*
Changed type of partition 'Linux Filesystem' to 'EFI System'.
```
Create *root-partition*
```md
Command (m for help): *n*
Partition number (1-128, default 2): *<Return>*
First sector (x-y, default x): *<Return>*
Last sector [...] (x-y, default y): *<Return>*
Command (m for help): *t*
Partition number (1,2, default 2): *2*
Partition type or alias: *23*
Changed type of partition 'Linux Filesystem' to 'Linux root (x86-64)'.
```
Write partitions to disk
```md
Command (m for help): *w*
```
### Format partitions / create filesystems
Format the efi partition with Fat32
```console
# mkfs.fat -F 32 /dev/<efi_partition>
```
Setup the root partition with LUKS
```console
# cryptsetup -v --verify-passphrase --type=luks2 --hash=sha256 --key-size=512 --cipher=aes-xts-plain64 luksFormat /dev/<root-partition>
```
Note: `man cryptsetup` is a really nice resource. Especially the section about the LuksHeader and the `luksHeaderBackup` command are really valuable.
Mount LUKS device
```console
# cryptsetup luksOpen /dev/<root-partition> luks-root
```
Format luks root partition with btrfs
```console
# mkfs.btrfs -L archlinuxroot /dev/mapper/luks-root
```
Create btrfs subvolumes
```console
# mount -o compress=zstd /dev/mapper/luks-root /mnt
# btrfs sub create /mnt/@
# btrfs sub create /mnt/@home
# btrfs sub create /mnt/@pkg
# btrfs sub create /mnt/@snapshots
# btrfs sub create /mnt/@tmp
# umount /mnt
```
Associate subvolumes and filesystem directories
```console
# mount -o noatime,nodiratime,compress=zstd,subvol=@ /dev/mapper/luks-root /mnt
# mkdir -p /mnt/{boot,home,var/cache/pacman/pkg,tmp,.snapshots}
# mount -o noatime,nodiratime,compress=zstd,subvol=@home /dev/mapper/luks-root /mnt/home
# mount -o noatime,nodiratime,compress=zstd,subvol=@pkg /dev/mapper/luks-root /mnt/var/cache/pacman/pkg
# mount -o noatime,nodiratime,compress=zstd,subvol=@tmp /dev/mapper/luks-root /mnt/tmp
# mount -o noatime,nodiratime,compress=zstd,subvol=@snapshots /dev/mapper/luks-root /mnt/.snapshots
```
Mount EFI partition
```console
# mount /dev/<efi-partition> /mnt/boot
```
## Installation
### Bootstrap & filesystemtable
Bootstrap base arch install
```console
# pacstrap /mnt linux linux-firmware base btrfs-progs amd-ucode git vi vim sudo networkmanager zsh
```
Generate `fstab`
```console
# genfstab -U /mnt >> /mnt/etc/fstab
```
### Basic system configuration
Chroot into new system
```console
# arch-chroot /mnt
```
Set hostname
```console
# echo <HOSTNAME> > /etc/hostname
```
Set and generate locale
```console
# echo LANG=en_US.UTF-8 > /etc/locale.conf
2022-04-18 23:42:53 +02:00
# sed -i -e 's/^#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' -e 's/^#de_DE.UTF-8 UTF-8/de_DE.UTF-8 UTF-8/' /etc/locale.gen
2022-04-14 18:02:16 +02:00
# locale-gen
```
Set keyboard layout
```console
# echo KEYMAP=de-latin1 > /etc/vconsole.conf
```
Set time zone
```console
# ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
# hwclock --systohc
```
Set root password
```console
# passwd
```
Add btrfs and encrypt initramfs hooks to `/etc/mkinitcpio.conf`
e.g.:
```ini
HOOKS=(base udev autodetect modconf block encrypt btrfs filesystems keyboard fsck)
```
Regenerate initramfs
```console
# mkinitcpio -p linux
```
### Configure boot loader
Install systemd-boot
```console
# bootctl --path=/boot install
```
Fetch UUID of the root partition
```console
# blkid -s UUID -o value /dev/<root-partition>
```
Create arch boot entry `/boot/loader/entries/arch.conf`
```conf
title Arch Linux
linux /vmlinuz-linux
initrd /amd-ucode.img
initrd /initramfs-linux.img
2022-04-21 09:58:36 +02:00
options cryptdevice=UUID=< UUID-OF-ROOT-PARTITION > :luks-root root=/dev/mapper/luks-root rootflags=subvol=@,x-systemd.device-timeout=0 rd.luks.options=timeout=0 rw quiet loglevel=0 splash rd.systemd.show_status=0 rd.udev.log_level=0
```
Copy arch boot entry to `/boot/loader/entries/arch-fallback.conf` and set the initramfs to the fallback one. Resulting in the following
```conf
title Arch Linux (fallback)
linux /vmlinuz-linux
initrd /amd-ucode.img
initrd /initramfs-linux-fallback.img
options cryptdevice=UUID=< UUID-OF-ROOT-PARTITION > :luks-root root=/dev/mapper/luks-root rootflags=subvol=@,x-systemd.device-timeout=0 rd.luks.options=timeout=0 rw quiet loglevel=0 splash rd.systemd.show_status=0 rd.udev.log_level=0
2022-04-14 18:02:16 +02:00
```
Edit boot loader config `/boot/loader/loader.conf`
```conf
default arch.conf
timeout 3
console-mode max
editor no
```
Exit chroot, unmount disk, reboot
```console
# exit
# umount -R /mnt
# reboot
```
## Finish installation
### Enable and check networking
Enable and start NetworkManager
```console
# systemctl enable --now NetworkManager
```
Test network connectivity
```console
# ping archlinux.org
```
### Setup user account
Create a sudo group for sudo access
```console
# groupadd -r sudo
```
Use `visudo` to uncomment the following line
```sudoers
# %sudo ALL=(ALL:ALL) ALL
```
2022-04-21 10:35:51 +02:00
Create user account with sudo and journal access
2022-04-14 18:02:16 +02:00
```console
2022-04-21 10:35:51 +02:00
# useradd -m -G sudo,systemd-journal -s /bin/zsh histalek
2022-04-14 18:02:16 +02:00
```
Set password for useraccount
```console
# passwd histalek
```
Exit out of the root session and login as user
### Install and setup personal preferences
Setup my dotfiles
```console
$ echo ".dotfiles" >> .gitignore
$ git clone --bare < remote-git-repo-url > $HOME/.dotfiles
$ alias dotfiles='/usr/bin/git --git-dir=$HOME/.dotfiles/ --work-tree=$HOME'
$ dotfiles config --local status.showUntrackedFiles no
$ dotfiles checkout
```
Install various packages from dotfiles
```console
$ sudo pacman -S --needed - < $HOME/.dotfiles/pkglist.txt
```
2022-04-18 23:42:53 +02:00
Update system just to be sure
```console
$ sudo pacman -Syu
```
### AUR
Install `paru` as AUR helper
```console
$ sudo pacman -S --needed base-devel
$ git clone https://aur.archlinux.org/paru.git
$ cd paru
$ makepkg -si
```
Install packages from AUR
```console
$ paru -Sa wlogout
```
### Flatpak
Install flatpak package
```console
$ sudo pacman -S flatpak
```
Add the flathub repo
```console
$ flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
```
Install `Flatseal` to manage flatpak permissions via GUI
```console
$ flatpak install flathub com.github.tchx84.Flatseal
```
2022-04-21 09:58:36 +02:00
### (optional) Configure boot splash screen
Install `plymouth`
```console
2022-04-21 10:35:51 +02:00
$ sudo paru -Sa plymouth-git
2022-04-21 09:58:36 +02:00
```
Adapt mkinitcpio hooks. Add `plymouth plymouth-encrypt` **after** `base udev` and remove `encrypt` . Resulting in e.g.
```ini
HOOKS=(base udev plymouth plymouth-encrypt autodetect modconf block btrfs filesystems keyboard fsck)
```
Set theme for plymouth (this also regenerates the initramfs)
```console
$ sudo plymouth-set-default-theme -R script
```