Last active
April 24, 2025 08:56
-
-
Save Soulsuke/45cd0beb95d14e8791492281f6656c52 to your computer and use it in GitHub Desktop.
Arch mbr+efi bootable usb installation using zfs with encryption at rest
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Partition the drive: | |
| parted /dev/sdX | |
| mklabel gpt | |
| mkpart primary fat32 1MiB 2MiB | |
| mkpart ESP fat32 2MiB 514MiB | |
| mkpart primary ext4 514MiB 100% | |
| set 1 bios_grub on | |
| set 2 esp on | |
| set 2 boot on | |
| quit | |
| # Format the EFI partition: | |
| mkfs.fat -F32 /dev/sdX2 | |
| # Install the system as detailed in my other gist, but: | |
| # - user a pool name other than zroot/rpool (a more unique name the better) | |
| # - do not install the bootloader | |
| # - do not install/configure ZfsBootMenu | |
| # All the following commands are to be given WITHIN the chrooted environment. | |
| # Disable cache for the pool: | |
| zpool set cachefile=none pool_name | |
| rm /etc/zfs/zpool.cache | |
| systemctl disable zfs-import-cache | |
| # Install grub: | |
| pacman -S grub | |
| # Configure grub to work with zfs (using the real zfs pool): | |
| vim /etc/default/grub | |
| GRUB_CMDLINE_LINUX_DEFAULT="" | |
| GRUB_CMDLINE_LINUX="verbose pause_on_oops=15 zfs=pool_name/e/ROOT/arch rw" | |
| # Install grub (mbr): | |
| grub-install --target=i386-pc /dev/sdb --recheck | |
| # Install grub (efi): | |
| grub-install --target=x86_64-efi --efi-directory=/boot --recheck --removable --disable-shim-lock | |
| # Generate grub config: | |
| ZPOOL_VDEV_NAME_PATH=1 grub-mkconfig -o /boot/grub/grub.cfg | |
| # IMPORTANT: ZPOOL_VDEV_NAME_PATH=1 must be used on the live system every time | |
| # grub-mkconfig is run, or it will fail! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment