histalek/dotfiles
histalek/dotfiles
1
0
Fork 0
Code Releases Activity
dotfiles/.dotfiles/arch_install.md

10 KiB
Raw Blame History

Arch Installation

This document describes my ArchLinux installation steps. It skips over the preparation of the installation medium. Otherwise it mostly follows the ArchWiki Installation Guide, but explicitly states some decisions:

  • use systemd-boot as the bootloader
  • use NetworkManager for network configuration
  • use btrfs as the main file system
  • use LUKS for disk encryption
  • use greetd as display manager
  • try to only use native wayland with sway as WM
  • use zram instead of a swap partition/file

My setup is opinionated and so is this doc.

Pre-Installation aka things to do in the arch-iso liveboot

Prerequisites

Set keyboard layout

# loadkeys de-latin1

Check if booted in UEFI mode

# ls /sys/firmware/efi/efivars

Check internet connectivity

# ip link
# ping archlinux.org

Update system clock

timedatectl set-ntp true

Disk partitioning

GPT partitioning scheme:

Mount point Partition Partition type Size
/mnt/boot /dev/efi-partition EFI system partition 500MiB
/mnt /dev/root-partition Linux x86-64 root(/) max

Check available disks and start fdisk

fdisk -l
fdisk /dev/<disk-to-install-to>

Create GPT partition table

Command (m for help): *g*

Create efi-partition

Command (m for help): *n*
Partition number (1-128, default 1): *<Return>*
First sector (x-y, default x): *<Return>*
Last sector [...] (x-y, default y): *+500M*

Command (m for help): *t*
Selected partition 1
Partition type or alias: *1*
Changed type of partition 'Linux Filesystem' to 'EFI System'.

Create root-partition

Command (m for help): *n*
Partition number (1-128, default 2): *<Return>*
First sector (x-y, default x): *<Return>*
Last sector [...] (x-y, default y): *<Return>*

Command (m for help): *t*
Partition number (1,2, default 2): *2*
Partition type or alias: *23*
Changed type of partition 'Linux Filesystem' to 'Linux root (x86-64)'.

Write partitions to disk

Command (m for help): *w*

Format partitions / create filesystems

Format the efi partition with Fat32

# mkfs.fat -F 32 /dev/<efi_partition>

Setup the root partition with LUKS

# cryptsetup -v --verify-passphrase --type=luks2 --hash=sha256 --key-size=512 --cipher=aes-xts-plain64 luksFormat /dev/<root-partition>

Note: man cryptsetup is a really nice resource. Especially the section about the LuksHeader and the luksHeaderBackup command are really valuable.

Mount LUKS device

# cryptsetup luksOpen /dev/<root-partition> luks-root

Format luks root partition with btrfs

# mkfs.btrfs -L archlinuxroot /dev/mapper/luks-root

Create btrfs subvolumes

# mount -o compress=zstd /dev/mapper/luks-root /mnt
# btrfs sub create /mnt/@
# btrfs sub create /mnt/@home
# btrfs sub create /mnt/@pkg
# btrfs sub create /mnt/@snapshots
# btrfs sub create /mnt/@tmp
# umount /mnt

Associate subvolumes and filesystem directories

# mount -o noatime,nodiratime,compress=zstd,subvol=@ /dev/mapper/luks-root /mnt
# mkdir -p /mnt/{boot,home,var/cache/pacman/pkg,tmp,.snapshots}
# mount -o noatime,nodiratime,compress=zstd,subvol=@home /dev/mapper/luks-root /mnt/home
# mount -o noatime,nodiratime,compress=zstd,subvol=@pkg /dev/mapper/luks-root /mnt/var/cache/pacman/pkg
# mount -o noatime,nodiratime,compress=zstd,subvol=@tmp /dev/mapper/luks-root /mnt/tmp
# mount -o noatime,nodiratime,compress=zstd,subvol=@snapshots /dev/mapper/luks-root /mnt/.snapshots

Mount EFI partition

# mount /dev/<efi-partition> /mnt/boot

Installation

Bootstrap & filesystemtable

Bootstrap base arch install

# pacstrap /mnt linux linux-firmware base btrfs-progs amd-ucode git vi vim sudo networkmanager zsh

Generate fstab

# genfstab -U /mnt >> /mnt/etc/fstab

Basic system configuration

Chroot into new system

# arch-chroot /mnt

Set hostname

# echo <HOSTNAME> > /etc/hostname

Set and generate locale

# echo LANG=en_US.UTF-8 > /etc/locale.conf
# sed -i -e 's/^#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' -e 's/^#de_DE.UTF-8 UTF-8/de_DE.UTF-8 UTF-8/' /etc/locale.gen
# locale-gen

Set keyboard layout

# echo KEYMAP=de-latin1 > /etc/vconsole.conf

Set time zone

# ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
# hwclock --systohc

Set root password

# passwd

Add btrfs and encrypt initramfs hooks to /etc/mkinitcpio.conf

e.g.:

HOOKS=(base udev autodetect modconf block encrypt btrfs filesystems keyboard fsck)

Regenerate initramfs

# mkinitcpio -p linux

Configure boot loader

Install systemd-boot

# bootctl --path=/boot install

Fetch UUID of the root partition

# blkid -s UUID -o value /dev/<root-partition>

Create arch boot entry /boot/loader/entries/arch.conf

title Arch Linux
linux /vmlinuz-linux
initrd /amd-ucode.img
initrd /initramfs-linux.img
options cryptdevice=UUID=<UUID-OF-ROOT-PARTITION>:luks-root root=/dev/mapper/luks-root rootflags=subvol=@,x-systemd.device-timeout=0 rd.luks.options=timeout=0 rw quiet loglevel=0 splash rd.systemd.show_status=0 rd.udev.log_level=0

Copy arch boot entry to /boot/loader/entries/arch-fallback.conf and set the initramfs to the fallback one. Resulting in the following

title Arch Linux (fallback)
linux /vmlinuz-linux
initrd /amd-ucode.img
initrd /initramfs-linux-fallback.img
options cryptdevice=UUID=<UUID-OF-ROOT-PARTITION>:luks-root root=/dev/mapper/luks-root rootflags=subvol=@,x-systemd.device-timeout=0 rd.luks.options=timeout=0 rw quiet loglevel=0 splash rd.systemd.show_status=0 rd.udev.log_level=0

Edit boot loader config /boot/loader/loader.conf

default arch.conf
timeout 3
console-mode max
editor no

Exit chroot, unmount disk, reboot

# exit
# umount -R /mnt
# reboot

Finish installation

Enable and check networking

Enable and start NetworkManager

# systemctl enable --now NetworkManager

Test network connectivity

# ping archlinux.org

Setup user account

Create a sudo group for sudo access

# groupadd -r sudo

Use visudo to uncomment the following line

# %sudo ALL=(ALL:ALL) ALL

Create user account with sudo and journal access

# useradd -m -G sudo,systemd-journal -s /bin/zsh histalek

Set password for useraccount

# passwd histalek

Exit out of the root session and login as user

Install and setup personal preferences

Setup my dotfiles

$ echo ".dotfiles" >> .gitignore
$ git clone --bare <remote-git-repo-url> $HOME/.dotfiles
$ alias dotfiles='/usr/bin/git --git-dir=$HOME/.dotfiles/ --work-tree=$HOME'
$ dotfiles config --local status.showUntrackedFiles no
$ dotfiles checkout

Install and update various packages

$ sudo pacman -Syu --needed - < $HOME/.dotfiles/pkglist.txt

AUR

Install paru as AUR helper

$ sudo pacman -Syu --needed base-devel
$ git clone https://aur.archlinux.org/paru.git
$ cd paru
$ makepkg -si

Install packages from AUR

$ paru -Syua --needed - < $HOME/.dotfiles/pkglist-aur.txt

Flatpak

Install flatpak package

$ sudo pacman -Syu flatpak

Add the flathub repo

$ flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo

Install Flatseal to manage flatpak permissions via GUI

$ flatpak install flathub com.github.tchx84.Flatseal

Setup zram

Install zram-generator

$ sudo pacman -Syu zram-generator

Create zram config file /etc/systemd/zram-generator.conf, e.g.:

[zram0]
zram-size = min(ram, 8192)

(optional) Configure boot splash screen

Install plymouth

$ sudo paru -Syua plymouth-git

Adapt mkinitcpio hooks. Add plymouth plymouth-encrypt after base udev and remove encrypt. Resulting in e.g.

HOOKS=(base udev plymouth plymouth-encrypt autodetect modconf block btrfs filesystems keyboard fsck)

Set theme for plymouth (this also regenerates the initramfs)

$ sudo plymouth-set-default-theme -R script

(optional) Configure display manager

These steps will use greetd with the gtkgreet greeter and will use sway as compositor.

Install greetd and greetd-gtkgreet-git

$ sudo paru -Syua greetd greetd-gtkgreet-git

Create greetd config directory

$ sudo mkdir -p /etc/greetd

Create /etc/greetd/environments file with all environments that gtkgreet should be able to start, e.g.:

sway
bash

Create greetd config file /etc/greetd/config.toml, e.g.:

[terminal]
# The VT to run the greeter on. Can be "next", "current" or a number
# designating the VT.
vt = 1

# The default session, also known as the greeter.
[default_session]
command = "sway --config /etc/greetd/sway-config"
user = "greeter"

Create /etc/greetd/sway-config which will be used by the sway greeter session, e.g.:

exec "gtkgreet --layer-shell --style /etc/greetd/gtkgreet-style.css; swaymsg exit"

bindsym Mod4+shift+e exec swaynag \
-t warning \
-m 'What do you want to do?' \
-b 'Poweroff' 'systemctl poweroff' \
-b 'Reboot' 'systemctl reboot'
 
include /etc/sway/config.d/*

It is advisable to also set the correct output and input configuration. Either write them into the same file or place additional files into /etc/sway/config.d/.

Optionally one can style the gtkgreet greeter with /etc/greetd/gtkgreet-style.css, e.g.:

window {
  background-color: rgba(0, 0, 0, 0);
  background-size: contain;
  background-position: center;
  color: rgba(200, 200, 200, 0.9);      
}

box#body {
  background-color: rgba(50, 50, 50, 0.8);
  border-radius: 10px;
  color: rgba(250, 250, 250, 0.9);      
  padding: 50px;
}

Enable and start greetd.service

$ sudo systemctl enable --now greetd.service