10 KiB
Arch Installation
This document describes my ArchLinux installation steps. It skips over the preparation of the installation medium. Otherwise it mostly follows the ArchWiki Installation Guide, but explicitly states some decisions:
- use
systemd-boot
as the bootloader - use
NetworkManager
for network configuration - use
btrfs
as the main file system - use
LUKS
for disk encryption - use
greetd
as display manager - try to only use native wayland with sway as WM
- use zram instead of a swap partition/file
My setup is opinionated and so is this doc.
[[TOC]]
Pre-Installation aka things to do in the arch-iso liveboot
Prerequisites
Set keyboard layout
# loadkeys de-latin1
Check if booted in UEFI mode
# ls /sys/firmware/efi/efivars
Check internet connectivity
# ip link
# ping archlinux.org
Update system clock
timedatectl set-ntp true
Disk partitioning
GPT partitioning scheme:
Mount point | Partition | Partition type | Size |
---|---|---|---|
/mnt/boot | /dev/efi-partition | EFI system partition | 500MiB |
/mnt | /dev/root-partition | Linux x86-64 root(/) | max |
Check available disks and start fdisk
fdisk -l
fdisk /dev/<disk-to-install-to>
Create GPT partition table
Command (m for help): _g_
Create efi-partition
Command (m for help): _n_
Partition number (1-128, default 1): _<Return>_
First sector (x-y, default x): _<Return>_
Last sector [...] (x-y, default y): _+500M_
Command (m for help): _t_
Selected partition 1
Partition type or alias: _1_
Changed type of partition 'Linux Filesystem' to 'EFI System'.
Create root-partition
Command (m for help): _n_
Partition number (1-128, default 2): _<Return>_
First sector (x-y, default x): _<Return>_
Last sector [...] (x-y, default y): _<Return>_
Command (m for help): _t_
Partition number (1,2, default 2): _2_
Partition type or alias: _23_
Changed type of partition 'Linux Filesystem' to 'Linux root (x86-64)'.
Write partitions to disk
Command (m for help): _w_
Format partitions / create filesystems
Format the efi partition with Fat32
# mkfs.fat -F 32 /dev/<efi_partition>
Setup the root partition with LUKS
# cryptsetup -v --verify-passphrase --type=luks2 --hash=sha256 --key-size=512 --cipher=aes-xts-plain64 luksFormat /dev/<root-partition>
Note: man cryptsetup
is a really nice resource. Especially the section about the LuksHeader and the luksHeaderBackup
command are really valuable.
Mount LUKS device
# cryptsetup luksOpen /dev/<root-partition> luks-root
Format luks root partition with btrfs
# mkfs.btrfs -L archlinuxroot /dev/mapper/luks-root
Create btrfs subvolumes
# mount -o compress=zstd /dev/mapper/luks-root /mnt
# btrfs sub create /mnt/@
# btrfs sub create /mnt/@home
# btrfs sub create /mnt/@pkg
# btrfs sub create /mnt/@snapshots
# btrfs sub create /mnt/@tmp
# umount /mnt
Associate subvolumes and filesystem directories
# mount -o noatime,nodiratime,compress=zstd,subvol=@ /dev/mapper/luks-root /mnt
# mkdir -p /mnt/{boot,home,var/cache/pacman/pkg,tmp,.snapshots}
# mount -o noatime,nodiratime,compress=zstd,subvol=@home /dev/mapper/luks-root /mnt/home
# mount -o noatime,nodiratime,compress=zstd,subvol=@pkg /dev/mapper/luks-root /mnt/var/cache/pacman/pkg
# mount -o noatime,nodiratime,compress=zstd,subvol=@tmp /dev/mapper/luks-root /mnt/tmp
# mount -o noatime,nodiratime,compress=zstd,subvol=@snapshots /dev/mapper/luks-root /mnt/.snapshots
Mount EFI partition
# mount /dev/<efi-partition> /mnt/boot
Installation
Bootstrap & filesystemtable
Bootstrap base arch install
# pacstrap /mnt linux linux-firmware base btrfs-progs amd-ucode git vi vim sudo networkmanager zsh
Generate fstab
# genfstab -U /mnt >> /mnt/etc/fstab
Basic system configuration
Chroot into new system
# arch-chroot /mnt
Set hostname
# echo <HOSTNAME> > /etc/hostname
Set and generate locale
# echo LANG=en_US.UTF-8 > /etc/locale.conf
# sed -i -e 's/^#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' -e 's/^#de_DE.UTF-8 UTF-8/de_DE.UTF-8 UTF-8/' /etc/locale.gen
# locale-gen
Set keyboard layout
# echo KEYMAP=de-latin1 > /etc/vconsole.conf
Set time zone
# ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
# hwclock --systohc
Set root password
# passwd
Add btrfs and encrypt initramfs hooks to /etc/mkinitcpio.conf
e.g.:
HOOKS=(base udev autodetect modconf block encrypt btrfs filesystems keyboard fsck)
Regenerate initramfs
# mkinitcpio -p linux
Configure boot loader
Install systemd-boot
# bootctl --path=/boot install
Fetch UUID of the root partition
# blkid -s UUID -o value /dev/<root-partition>
Create arch boot entry /boot/loader/entries/arch.conf
title Arch Linux
linux /vmlinuz-linux
initrd /amd-ucode.img
initrd /initramfs-linux.img
options cryptdevice=UUID=<UUID-OF-ROOT-PARTITION>:luks-root root=/dev/mapper/luks-root rootflags=subvol=@,x-systemd.device-timeout=0 rd.luks.options=timeout=0 rw quiet loglevel=0 splash rd.systemd.show_status=0 rd.udev.log_level=0
Copy arch boot entry to /boot/loader/entries/arch-fallback.conf
and set the initramfs to the fallback one. Resulting in the following
title Arch Linux (fallback)
linux /vmlinuz-linux
initrd /amd-ucode.img
initrd /initramfs-linux-fallback.img
options cryptdevice=UUID=<UUID-OF-ROOT-PARTITION>:luks-root root=/dev/mapper/luks-root rootflags=subvol=@,x-systemd.device-timeout=0 rd.luks.options=timeout=0 rw quiet loglevel=0 splash rd.systemd.show_status=0 rd.udev.log_level=0
Edit boot loader config /boot/loader/loader.conf
default arch.conf
timeout 3
console-mode max
editor no
Exit chroot, unmount disk, reboot
# exit
# umount -R /mnt
# reboot
Finish installation
Enable and check networking
Enable and start NetworkManager
# systemctl enable --now NetworkManager
Test network connectivity
# ping archlinux.org
Setup user account
Create a sudo group for sudo access
# groupadd -r sudo
Use visudo
to uncomment the following line
# %sudo ALL=(ALL:ALL) ALL
Create user account with sudo and journal access
# useradd -m -G sudo,systemd-journal -s /bin/zsh histalek
Set password for useraccount
# passwd histalek
Exit out of the root session and login as user
Install and setup personal preferences
Setup my dotfiles
$ echo ".dotfiles" >> .gitignore
$ git clone --bare <remote-git-repo-url> $HOME/.dotfiles
$ alias dotfiles='/usr/bin/git --git-dir=$HOME/.dotfiles/ --work-tree=$HOME'
$ dotfiles config --local status.showUntrackedFiles no
$ dotfiles checkout
Install and update various packages
$ sudo pacman -Syu --needed - < $HOME/.dotfiles/pkglist.txt
AUR
Install paru
as AUR helper
$ sudo pacman -Syu --needed base-devel
$ git clone https://aur.archlinux.org/paru.git
$ cd paru
$ makepkg -si
Install packages from AUR
$ paru -Syua --needed - < $HOME/.dotfiles/pkglist-aur.txt
Flatpak
Install flatpak package
$ sudo pacman -Syu flatpak
Add the flathub repo
$ flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
Install Flatseal
to manage flatpak permissions via GUI
$ flatpak install flathub com.github.tchx84.Flatseal
Setup zram
Install zram-generator
$ sudo pacman -Syu zram-generator
Create zram config file /etc/systemd/zram-generator.conf
, e.g.:
[zram0]
zram-size = min(ram, 8192)
(optional) Configure boot splash screen
Install plymouth
$ sudo paru -Syua plymouth-git
Adapt mkinitcpio hooks. Add plymouth plymouth-encrypt
after base udev
and remove encrypt
. Resulting in e.g.
HOOKS=(base udev plymouth plymouth-encrypt autodetect modconf block btrfs filesystems keyboard fsck)
Set theme for plymouth (this also regenerates the initramfs)
$ sudo plymouth-set-default-theme -R script
NOTE: After updating to Kernel 6.0 plymouth didn't show up on boot. I could still type my luks passwort and proceed,
but looking at a black screen was not particularly fun.
I solved this by configuring early Kernel modesetting.
Effectively adding amdgpu
to the mkinitcpio modules in /etc/mkinitcpio.conf
:
MODULES=( ... amdgpu ... )
(optional) Configure display manager
These steps will use greetd
with the gtkgreet
greeter and will use sway
as compositor.
Install greetd
and greetd-gtkgreet-git
$ sudo paru -Syua greetd greetd-gtkgreet-git
Create greetd config directory
$ sudo mkdir -p /etc/greetd
Create /etc/greetd/environments
file with all environments that gtkgreet should be able to start, e.g.:
sway
bash
Create greetd config file /etc/greetd/config.toml
, e.g.:
[terminal]
# The VT to run the greeter on. Can be "next", "current" or a number
# designating the VT.
vt = 1
# The default session, also known as the greeter.
[default_session]
command = "sway --config /etc/greetd/sway-config"
user = "greeter"
Create /etc/greetd/sway-config
which will be used by the sway greeter session, e.g.:
exec "gtkgreet --layer-shell --style /etc/greetd/gtkgreet-style.css; swaymsg exit"
bindsym Mod4+shift+e exec swaynag \
-t warning \
-m 'What do you want to do?' \
-b 'Poweroff' 'systemctl poweroff' \
-b 'Reboot' 'systemctl reboot'
include /etc/sway/config.d/*
It is advisable to also set the correct output and input configuration.
Either write them into the same file or place additional files into /etc/sway/config.d/
.
Optionally one can style the gtkgreet greeter with /etc/greetd/gtkgreet-style.css
, e.g.:
window {
background-color: rgba(0, 0, 0, 0);
background-size: contain;
background-position: center;
color: rgba(200, 200, 200, 0.9);
}
box#body {
background-color: rgba(50, 50, 50, 0.8);
border-radius: 10px;
color: rgba(250, 250, 250, 0.9);
padding: 50px;
}
Enable and start greetd.service
$ sudo systemctl enable --now greetd.service