From 8f5481553f4bfb77346a81acb5cea79f5fae86fa Mon Sep 17 00:00:00 2001
From: histalek <histalek@posteo.de>
Date: Thu, 14 Apr 2022 18:02:16 +0200
Subject: [PATCH] docs: Add arch installation instructions

---
 .dotfiles/arch_install.md | 329 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 329 insertions(+)
 create mode 100644 .dotfiles/arch_install.md

diff --git a/.dotfiles/arch_install.md b/.dotfiles/arch_install.md
new file mode 100644
index 0000000..08ac4d9
--- /dev/null
+++ b/.dotfiles/arch_install.md
@@ -0,0 +1,329 @@
+# Arch Installation
+
+This document describes my ArchLinux installation steps. It skips over the preparation of the installation medium. Otherwise it mostly follows the [ArchWiki Installation Guide](https://wiki.archlinux.org/title/Installation_guide), but explicitly states some decisions:
+
+- use `systemd-boot` as the bootloader
+- use `NetworkManager` for network configuration
+- use `btrfs` as the main file system
+- use `LUKS` for disk encryption
+- **try** to only use native wayland with sway as WM
+- no swap partition (i might use zram or a swapfile in the future though)
+- no display manager (for now at least)
+
+My setup is opinionated and so is this doc.
+
+## Pre-Installation aka things to do in the arch-iso liveboot
+
+### Prerequisites
+
+Set keyboard layout
+
+```console
+# loadkeys de-latin1
+```
+
+Check if booted in UEFI mode
+
+```console
+# ls /sys/firmware/efi/efivars
+```
+
+Check internet connectivity
+
+```console
+# ip link
+# ping archlinux.org
+```
+
+Update system clock
+
+```console
+timedatectl set-ntp true
+```
+
+### Disk partitioning
+
+GPT partitioning scheme:
+
+|Mount point|Partition|Partition type|Size|
+|---|---|---|---|
+|/mnt/boot|/dev/*efi-partition*|EFI system partition|500MiB|
+|/mnt|/dev/*root-partition*|Linux x86-64 root(/)|max|
+
+Check available disks and start `fdisk`
+
+```console
+fdisk -l
+fdisk /dev/<disk-to-install-to>
+```
+
+Create GPT partition table
+
+```md
+Command (m for help): *g*
+```
+
+Create *efi-partition*
+
+```md
+Command (m for help): *n*
+Partition number (1-128, default 1): *<Return>*
+First sector (x-y, default x): *<Return>*
+Last sector [...] (x-y, default y): *+500M*
+
+Command (m for help): *t*
+Selected partition 1
+Partition type or alias: *1*
+Changed type of partition 'Linux Filesystem' to 'EFI System'.
+```
+
+Create *root-partition*
+
+```md
+Command (m for help): *n*
+Partition number (1-128, default 2): *<Return>*
+First sector (x-y, default x): *<Return>*
+Last sector [...] (x-y, default y): *<Return>*
+
+Command (m for help): *t*
+Partition number (1,2, default 2): *2*
+Partition type or alias: *23*
+Changed type of partition 'Linux Filesystem' to 'Linux root (x86-64)'.
+```
+
+Write partitions to disk
+
+```md
+Command (m for help): *w*
+```
+
+### Format partitions / create filesystems
+
+Format the efi partition with Fat32
+
+```console
+# mkfs.fat -F 32 /dev/<efi_partition>
+```
+
+Setup the root partition with LUKS
+
+```console
+# cryptsetup -v --verify-passphrase --type=luks2 --hash=sha256 --key-size=512 --cipher=aes-xts-plain64 luksFormat /dev/<root-partition>
+```
+
+Note: `man cryptsetup` is a really nice resource. Especially the section about the LuksHeader and the `luksHeaderBackup` command are really valuable.
+
+Mount LUKS device
+
+```console
+# cryptsetup luksOpen /dev/<root-partition> luks-root
+```
+
+Format luks root partition with btrfs
+
+```console
+# mkfs.btrfs -L archlinuxroot /dev/mapper/luks-root
+```
+
+Create btrfs subvolumes
+
+```console
+# mount -o compress=zstd /dev/mapper/luks-root /mnt
+# btrfs sub create /mnt/@
+# btrfs sub create /mnt/@home
+# btrfs sub create /mnt/@pkg
+# btrfs sub create /mnt/@snapshots
+# btrfs sub create /mnt/@tmp
+# umount /mnt
+```
+
+Associate subvolumes and filesystem directories
+
+```console
+# mount -o noatime,nodiratime,compress=zstd,subvol=@ /dev/mapper/luks-root /mnt
+# mkdir -p /mnt/{boot,home,var/cache/pacman/pkg,tmp,.snapshots}
+# mount -o noatime,nodiratime,compress=zstd,subvol=@home /dev/mapper/luks-root /mnt/home
+# mount -o noatime,nodiratime,compress=zstd,subvol=@pkg /dev/mapper/luks-root /mnt/var/cache/pacman/pkg
+# mount -o noatime,nodiratime,compress=zstd,subvol=@tmp /dev/mapper/luks-root /mnt/tmp
+# mount -o noatime,nodiratime,compress=zstd,subvol=@snapshots /dev/mapper/luks-root /mnt/.snapshots
+```
+
+Mount EFI partition
+
+```console
+# mount /dev/<efi-partition> /mnt/boot
+```
+
+## Installation
+
+### Bootstrap & filesystemtable
+
+Bootstrap base arch install
+
+```console
+# pacstrap /mnt linux linux-firmware base btrfs-progs amd-ucode git vi vim sudo networkmanager zsh
+```
+
+Generate `fstab`
+
+```console
+# genfstab -U /mnt >> /mnt/etc/fstab
+```
+
+### Basic system configuration
+
+Chroot into new system
+
+```console
+# arch-chroot /mnt
+```
+
+Set hostname
+
+```console
+# echo <HOSTNAME> > /etc/hostname
+```
+
+Set and generate locale
+
+```console
+# echo LANG=en_US.UTF-8 > /etc/locale.conf
+# sed -i 's/^#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen
+# locale-gen
+```
+
+Set keyboard layout
+
+```console
+# echo KEYMAP=de-latin1 > /etc/vconsole.conf
+```
+
+Set time zone
+
+```console
+# ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
+# hwclock --systohc
+```
+
+Set root password
+
+```console
+# passwd
+```
+
+Add btrfs and encrypt initramfs hooks to `/etc/mkinitcpio.conf`
+
+e.g.:
+
+```ini
+HOOKS=(base udev autodetect modconf block encrypt btrfs filesystems keyboard fsck)
+```
+
+Regenerate initramfs
+
+```console
+# mkinitcpio -p linux
+```
+
+### Configure boot loader
+
+Install systemd-boot
+
+```console
+# bootctl --path=/boot install
+```
+
+Fetch UUID of the root partition
+
+```console
+# blkid -s UUID -o value /dev/<root-partition>
+```
+
+Create arch boot entry `/boot/loader/entries/arch.conf`
+
+```conf
+title Arch Linux
+linux /vmlinuz-linux
+initrd /amd-ucode.img
+initrd /initramfs-linux.img
+options cryptdevice=UUID=<UUID-OF-ROOT-PARTITION>:luks-root root=/dev/mapper/luks-root rootflags=subvol=@,x-systemd.device-timeout=0 rd.luks.options=timeout=0 rw
+```
+
+Edit boot loader config `/boot/loader/loader.conf`
+
+```conf
+default arch.conf
+timeout 3
+console-mode max
+editor no
+```
+
+Exit chroot, unmount disk, reboot
+
+```console
+# exit
+# umount -R /mnt
+# reboot
+```
+
+## Finish installation
+
+### Enable and check networking
+
+Enable and start NetworkManager
+
+```console
+# systemctl enable --now NetworkManager
+```
+
+Test network connectivity
+
+```console
+# ping archlinux.org
+```
+
+### Setup user account
+
+Create a sudo group for sudo access
+
+```console
+# groupadd -r sudo
+```
+
+Use `visudo` to uncomment the following line
+
+```sudoers
+# %sudo ALL=(ALL:ALL) ALL
+```
+
+Create user account
+
+```console
+# useradd -m -G sudo -s /bin/zsh histalek
+```
+
+Set password for useraccount
+
+```console
+# passwd histalek
+```
+
+Exit out of the root session and login as user
+
+### Install and setup personal preferences
+
+Setup my dotfiles
+
+```console
+$ echo ".dotfiles" >> .gitignore
+$ git clone --bare <remote-git-repo-url> $HOME/.dotfiles
+$ alias dotfiles='/usr/bin/git --git-dir=$HOME/.dotfiles/ --work-tree=$HOME'
+$ dotfiles config --local status.showUntrackedFiles no
+$ dotfiles checkout
+```
+
+Install various packages from dotfiles
+
+```console
+$ sudo pacman -S --needed - < $HOME/.dotfiles/pkglist.txt
+```