# Arch Installation This document describes my ArchLinux installation steps. It skips over the preparation of the installation medium. Otherwise it mostly follows the [ArchWiki Installation Guide](https://wiki.archlinux.org/title/Installation_guide), but explicitly states some decisions: - use `systemd-boot` as the bootloader - use `NetworkManager` for network configuration - use `btrfs` as the main file system - use `LUKS` for disk encryption - **try** to only use native wayland with sway as WM - no swap partition (i might use zram or a swapfile in the future though) - no display manager (for now at least) My setup is opinionated and so is this doc. ## Pre-Installation aka things to do in the arch-iso liveboot ### Prerequisites Set keyboard layout ```console # loadkeys de-latin1 ``` Check if booted in UEFI mode ```console # ls /sys/firmware/efi/efivars ``` Check internet connectivity ```console # ip link # ping archlinux.org ``` Update system clock ```console timedatectl set-ntp true ``` ### Disk partitioning GPT partitioning scheme: |Mount point|Partition|Partition type|Size| |---|---|---|---| |/mnt/boot|/dev/*efi-partition*|EFI system partition|500MiB| |/mnt|/dev/*root-partition*|Linux x86-64 root(/)|max| Check available disks and start `fdisk` ```console fdisk -l fdisk /dev/ ``` Create GPT partition table ```md Command (m for help): *g* ``` Create *efi-partition* ```md Command (m for help): *n* Partition number (1-128, default 1): ** First sector (x-y, default x): ** Last sector [...] (x-y, default y): *+500M* Command (m for help): *t* Selected partition 1 Partition type or alias: *1* Changed type of partition 'Linux Filesystem' to 'EFI System'. ``` Create *root-partition* ```md Command (m for help): *n* Partition number (1-128, default 2): ** First sector (x-y, default x): ** Last sector [...] (x-y, default y): ** Command (m for help): *t* Partition number (1,2, default 2): *2* Partition type or alias: *23* Changed type of partition 'Linux Filesystem' to 'Linux root (x86-64)'. ``` Write partitions to disk ```md Command (m for help): *w* ``` ### Format partitions / create filesystems Format the efi partition with Fat32 ```console # mkfs.fat -F 32 /dev/ ``` Setup the root partition with LUKS ```console # cryptsetup -v --verify-passphrase --type=luks2 --hash=sha256 --key-size=512 --cipher=aes-xts-plain64 luksFormat /dev/ ``` Note: `man cryptsetup` is a really nice resource. Especially the section about the LuksHeader and the `luksHeaderBackup` command are really valuable. Mount LUKS device ```console # cryptsetup luksOpen /dev/ luks-root ``` Format luks root partition with btrfs ```console # mkfs.btrfs -L archlinuxroot /dev/mapper/luks-root ``` Create btrfs subvolumes ```console # mount -o compress=zstd /dev/mapper/luks-root /mnt # btrfs sub create /mnt/@ # btrfs sub create /mnt/@home # btrfs sub create /mnt/@pkg # btrfs sub create /mnt/@snapshots # btrfs sub create /mnt/@tmp # umount /mnt ``` Associate subvolumes and filesystem directories ```console # mount -o noatime,nodiratime,compress=zstd,subvol=@ /dev/mapper/luks-root /mnt # mkdir -p /mnt/{boot,home,var/cache/pacman/pkg,tmp,.snapshots} # mount -o noatime,nodiratime,compress=zstd,subvol=@home /dev/mapper/luks-root /mnt/home # mount -o noatime,nodiratime,compress=zstd,subvol=@pkg /dev/mapper/luks-root /mnt/var/cache/pacman/pkg # mount -o noatime,nodiratime,compress=zstd,subvol=@tmp /dev/mapper/luks-root /mnt/tmp # mount -o noatime,nodiratime,compress=zstd,subvol=@snapshots /dev/mapper/luks-root /mnt/.snapshots ``` Mount EFI partition ```console # mount /dev/ /mnt/boot ``` ## Installation ### Bootstrap & filesystemtable Bootstrap base arch install ```console # pacstrap /mnt linux linux-firmware base btrfs-progs amd-ucode git vi vim sudo networkmanager zsh ``` Generate `fstab` ```console # genfstab -U /mnt >> /mnt/etc/fstab ``` ### Basic system configuration Chroot into new system ```console # arch-chroot /mnt ``` Set hostname ```console # echo > /etc/hostname ``` Set and generate locale ```console # echo LANG=en_US.UTF-8 > /etc/locale.conf # sed -i -e 's/^#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' -e 's/^#de_DE.UTF-8 UTF-8/de_DE.UTF-8 UTF-8/' /etc/locale.gen # locale-gen ``` Set keyboard layout ```console # echo KEYMAP=de-latin1 > /etc/vconsole.conf ``` Set time zone ```console # ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime # hwclock --systohc ``` Set root password ```console # passwd ``` Add btrfs and encrypt initramfs hooks to `/etc/mkinitcpio.conf` e.g.: ```ini HOOKS=(base udev autodetect modconf block encrypt btrfs filesystems keyboard fsck) ``` Regenerate initramfs ```console # mkinitcpio -p linux ``` ### Configure boot loader Install systemd-boot ```console # bootctl --path=/boot install ``` Fetch UUID of the root partition ```console # blkid -s UUID -o value /dev/ ``` Create arch boot entry `/boot/loader/entries/arch.conf` ```conf title Arch Linux linux /vmlinuz-linux initrd /amd-ucode.img initrd /initramfs-linux.img options cryptdevice=UUID=:luks-root root=/dev/mapper/luks-root rootflags=subvol=@,x-systemd.device-timeout=0 rd.luks.options=timeout=0 rw quiet loglevel=0 splash rd.systemd.show_status=0 rd.udev.log_level=0 ``` Copy arch boot entry to `/boot/loader/entries/arch-fallback.conf` and set the initramfs to the fallback one. Resulting in the following ```conf title Arch Linux (fallback) linux /vmlinuz-linux initrd /amd-ucode.img initrd /initramfs-linux-fallback.img options cryptdevice=UUID=:luks-root root=/dev/mapper/luks-root rootflags=subvol=@,x-systemd.device-timeout=0 rd.luks.options=timeout=0 rw quiet loglevel=0 splash rd.systemd.show_status=0 rd.udev.log_level=0 ``` Edit boot loader config `/boot/loader/loader.conf` ```conf default arch.conf timeout 3 console-mode max editor no ``` Exit chroot, unmount disk, reboot ```console # exit # umount -R /mnt # reboot ``` ## Finish installation ### Enable and check networking Enable and start NetworkManager ```console # systemctl enable --now NetworkManager ``` Test network connectivity ```console # ping archlinux.org ``` ### Setup user account Create a sudo group for sudo access ```console # groupadd -r sudo ``` Use `visudo` to uncomment the following line ```sudoers # %sudo ALL=(ALL:ALL) ALL ``` Create user account with sudo and journal access ```console # useradd -m -G sudo,systemd-journal -s /bin/zsh histalek ``` Set password for useraccount ```console # passwd histalek ``` Exit out of the root session and login as user ### Install and setup personal preferences Setup my dotfiles ```console $ echo ".dotfiles" >> .gitignore $ git clone --bare $HOME/.dotfiles $ alias dotfiles='/usr/bin/git --git-dir=$HOME/.dotfiles/ --work-tree=$HOME' $ dotfiles config --local status.showUntrackedFiles no $ dotfiles checkout ``` Install various packages from dotfiles ```console $ sudo pacman -S --needed - < $HOME/.dotfiles/pkglist.txt ``` Update system just to be sure ```console $ sudo pacman -Syu ``` ### AUR Install `paru` as AUR helper ```console $ sudo pacman -S --needed base-devel $ git clone https://aur.archlinux.org/paru.git $ cd paru $ makepkg -si ``` Install packages from AUR ```console $ paru -Sa wlogout ``` ### Flatpak Install flatpak package ```console $ sudo pacman -S flatpak ``` Add the flathub repo ```console $ flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo ``` Install `Flatseal` to manage flatpak permissions via GUI ```console $ flatpak install flathub com.github.tchx84.Flatseal ``` ### (optional) Configure boot splash screen Install `plymouth` ```console $ sudo paru -Sa plymouth-git ``` Adapt mkinitcpio hooks. Add `plymouth plymouth-encrypt` **after** `base udev` and remove `encrypt`. Resulting in e.g. ```ini HOOKS=(base udev plymouth plymouth-encrypt autodetect modconf block btrfs filesystems keyboard fsck) ``` Set theme for plymouth (this also regenerates the initramfs) ```console $ sudo plymouth-set-default-theme -R script ```