ansulev · May 29, 2024 14:28
diff --git a/inst-arch-openrc-btrfs-enc-home b/inst-arch-openrc-btrfs-enc-home
 # Install Arch Linux with OpenRC on Btrfs with Encrypted Home directory
 # The official guide: https://wiki.archlinux.org/index.php/Installation_Guide
 # OpenRC on Arch Wiki: https://wiki.archlinux.org/index.php/OpenRC
 # Arch OpenRC: https://sourceforge.net/projects/archopenrc/files/arch-openrc

 # Download the arch-openrc image from https://sourceforge.net/projects/archopenrc/files/latest/download
 # Copy to a usb-drive
 dd bs=16M if=archlinux.iso of=/dev/sdx status=progress oflag=sync # on linux

 # Boot from the usb...
 # Set spanish keymap
 loadkeys es

 # This assumes a wifi only system and wpa-psk encryption. Adjust for your network:
 create  MYNETWORK.conf
 network={
 ssid="MYSSID"
 psk="MYPSK"
 priority=3
 }
 and connect:
 wpa_supplicant -B -i wlp3s0 -c MYNETWORK.conf && dhcpcd wlp3s0

 # Create partitions (50 GB root, 880 home)
 cfdisk

 # Create luks container for home
 cryptsetup luskFormat /dev/sda2

 # Create filesystems, no swap
 mkfs.btrfs /dev/sda1 # root
 mkfs.btrfs /dev/sda2 # home

 # Mount partitions
 mkdir /mnt/home
 mount -o noatime,ssd,compress=lzo,autodefrag /dev/sda2 /mnt/
 mount -o noatime,ssd,compress=lzo,autodefrag /dev/sda1 /mnt/home

 # Install the system, wifi and some tools
 pacstrap /mnt base base-devel grub vim wpa_supplicant btrfs-progs

 # Create fstab
 genfstab -p /mnt >> /mnt/etc/fstab
 vi /etc/fstab
 ....
 /dev/sda1   /   btrfs   rw,defaults,noatime,compress=lzo,autofefrag,commit=120,space_cache,subvolid=5,subvol=/  0 0
 /dev/sda2   /   btrfs   rw,defaults,noatime,compress=lzo,autodefrag,commit=120,space_cache,subvolid=5,subvol=/  0 0
 tmpfs       /tmp    tmpfs   nodev,nosuid    0 0
 ...

 # Enter the new system
 arch-chroot /mnt /bin/bash

 # Setup system clock
 ln -s /usr/share/zoneinfo/Europe/Madrid /etc/localtime
 hwclock --systohc --utc

 # Set the hostname
 echo hostname="MYHOSTNAME" > /etc/conf.d/hostname

 # Update locale
 echo LANG=en_US.utf8 >> /etc/locale.conf
 echo LANGUAGE=en_US >> /etc/locale.conf
 echo LC_ALL=C >> /etc/locale.conf

 # Set virtual console lang and font
 echo keymap=es >> /etc/conf.d/keymaps
 echo consolefont=Lat2-Terminus16 >> /etc/conf.d/consolefont

 # Set password for root
 passwd

 # Add real user
 useradd -m -g users -G lp,wheel,storage,optical,power,scanner,input -s /bin/bash MYUSERNAME
 passwd MYUSERNAME

 # Add the user to visudo
 visudo

 # Include the key in mkinitcpio FILES and add 'encrypt' hook before filesystems
 vim /etc/mkinitcpio.conf
 HOOKS="...encrypt filesystems ..."

 # Regenerate initrd image
 mkinitcpio -p linux

 # Add "cryptdevice=/dev/sda2:crypthome" to GRUB_CMDLINE_LINUX_DEFAULT=""
 vim /etc/default/grub
 and to /etc/crypttab
 ...
 crypthome /dev/sda2   none    luks
 ...

 grub-mkconfig -o /boot/grub/grub.cfg
 grub-install /dev/sda

 # Exit new system and go into the cd shell
 exit

 # Unmount all partitions
 umount -R /mnt

 # Reboot into the new system, don't forget to remove the cd/usb
 reboot

 # Install needed services
 pacman -S acpid-openrc alsa-utils-openrc autofs-openrc syslog-ng-openrc dnsmasq-openrc cronie-openrc procps-ng-nosystemd cups-openrc hdparm-openrc autofs-openrc fuse-openrc haveged-openrc netifrc upower-pm-utils consolekit-openrc polkit-consolekit cgmanager-openrc udisks2-nosystemd privoxy-openrc irqbalance tor-openrc samba-openrc displaymanager-openrc device-mapper-openrc lvm-openrc desktop-privileges lxsession

 # Add needed services to default
 # rc-update add consolekit default (and others) or
 for daemon in acpid alsasound autofs dbus consolekit cronie cupsd xdm fuse haveged hdparm smb tor privoxy dnsmasq; do rc-update add $daemon default; done

 # TODO: Make openrc init script for dnsmasq and profile-sync-daemon

 # Optional: Install X, WM or DE. Optimize for powersave and performance

 pacman -S consolekit-openrc xorg-server xf86-video-intel xf86-video-nouveau xorg-utils xorg-xbacklight xorg-xinput xorg-xinit openbox tint2 spacefm conky scite dmenu rxvt-unicode links clipit volumeicon feh xarchiver numix-themes faience-icon-theme aria2 bash-completion unzip unrar p7zip mlocate slock intel-ucode rfkill ttf-dejavu powertop htop nethogs

 # Setup Xorg. Add kbd, touchpad, vga configuration files
 /etc/X11/xorg.conf.d/

 # Run Xorg as user
 vim /etc/X11/Xwrapper.config
 ...
 needs_root_rights = yes
 ...

 # Dependency for yaourt
 pacman -S --asdeps yajl

 # Download from AUR and install package query as dependency and yaourt...
 # Install Inox, IceCat, Sublime Text 3 and Disk Burner
 yaourt -S inox-bin icecat-bin sublime-text-dev cdw 

 # Enable multilib and install lib32 programs and libs, some useful programs too.
 pacman -S wine gimp epdfview libreoffice-fresh stardict-lite pidgin hunspell-en hunspell-es mythes-en mythes-es aspell-en aspell-es hyphen-en hyphen-es guvcview avidemux pragha pitivi winff handbrake mpv deadbeef gtk-recordmydesktop gparted ntfs-3g dosfstools graphicsmagick virtualbox virtualbox-guest-iso perl-file-mimeinfo pssh sshfs ghex geany

 # Dependencies
 pacman -S --asdeps lib32-giflib lib32-gnutls lib32-mpg123 lib32-openal lib32-alsa-plugins lib32-libxslt lib32-libxinerama qt5-x11extras  gst-plugins-ugly gst-libav

 # Add vboxdrv to /etc/openrc/conf.d/modules

 # Configure network (netfifrc) or use network-manager, connman, netcfg
 vim /etc/conf.d/net
 cd /etc/init.d/ && ln -s net.lo net.enp2s0f0

 # Tuning system: /etc/sysctl.conf, /etc/modprobe.d/, /etc/conf.d/, ...
 # Reboot ...
	# Install Arch Linux with OpenRC on Btrfs with Encrypted Home directory
	# The official guide: https://wiki.archlinux.org/index.php/Installation_Guide
	# OpenRC on Arch Wiki: https://wiki.archlinux.org/index.php/OpenRC
	# Arch OpenRC: https://sourceforge.net/projects/archopenrc/files/arch-openrc

	# Download the arch-openrc image from https://sourceforge.net/projects/archopenrc/files/latest/download
	# Copy to a usb-drive
	dd bs=16M if=archlinux.iso of=/dev/sdx status=progress oflag=sync # on linux

	# Boot from the usb...
	# Set spanish keymap
	loadkeys es

	# This assumes a wifi only system and wpa-psk encryption. Adjust for your network:
	create MYNETWORK.conf
	network={
	ssid="MYSSID"
	psk="MYPSK"
	priority=3
	}
	and connect:
	wpa_supplicant -B -i wlp3s0 -c MYNETWORK.conf && dhcpcd wlp3s0

	# Create partitions (50 GB root, 880 home)
	cfdisk

	# Create luks container for home
	cryptsetup luskFormat /dev/sda2

	# Create filesystems, no swap
	mkfs.btrfs /dev/sda1 # root
	mkfs.btrfs /dev/sda2 # home

	# Mount partitions
	mkdir /mnt/home
	mount -o noatime,ssd,compress=lzo,autodefrag /dev/sda2 /mnt/
	mount -o noatime,ssd,compress=lzo,autodefrag /dev/sda1 /mnt/home

	# Install the system, wifi and some tools
	pacstrap /mnt base base-devel grub vim wpa_supplicant btrfs-progs

	# Create fstab
	genfstab -p /mnt >> /mnt/etc/fstab
	vi /etc/fstab
	....
	/dev/sda1 / btrfs rw,defaults,noatime,compress=lzo,autofefrag,commit=120,space_cache,subvolid=5,subvol=/ 0 0
	/dev/sda2 / btrfs rw,defaults,noatime,compress=lzo,autodefrag,commit=120,space_cache,subvolid=5,subvol=/ 0 0
	tmpfs /tmp tmpfs nodev,nosuid 0 0
	...

	# Enter the new system
	arch-chroot /mnt /bin/bash

	# Setup system clock
	ln -s /usr/share/zoneinfo/Europe/Madrid /etc/localtime
	hwclock --systohc --utc

	# Set the hostname
	echo hostname="MYHOSTNAME" > /etc/conf.d/hostname

	# Update locale
	echo LANG=en_US.utf8 >> /etc/locale.conf
	echo LANGUAGE=en_US >> /etc/locale.conf
	echo LC_ALL=C >> /etc/locale.conf

	# Set virtual console lang and font
	echo keymap=es >> /etc/conf.d/keymaps
	echo consolefont=Lat2-Terminus16 >> /etc/conf.d/consolefont

	# Set password for root
	passwd

	# Add real user
	useradd -m -g users -G lp,wheel,storage,optical,power,scanner,input -s /bin/bash MYUSERNAME
	passwd MYUSERNAME

	# Add the user to visudo
	visudo

	# Include the key in mkinitcpio FILES and add 'encrypt' hook before filesystems
	vim /etc/mkinitcpio.conf
	HOOKS="...encrypt filesystems ..."

	# Regenerate initrd image
	mkinitcpio -p linux

	# Add "cryptdevice=/dev/sda2:crypthome" to GRUB_CMDLINE_LINUX_DEFAULT=""
	vim /etc/default/grub
	and to /etc/crypttab
	...
	crypthome /dev/sda2 none luks
	...

	grub-mkconfig -o /boot/grub/grub.cfg
	grub-install /dev/sda

	# Exit new system and go into the cd shell
	exit

	# Unmount all partitions
	umount -R /mnt

	# Reboot into the new system, don't forget to remove the cd/usb
	reboot

	# Install needed services
	pacman -S acpid-openrc alsa-utils-openrc autofs-openrc syslog-ng-openrc dnsmasq-openrc cronie-openrc procps-ng-nosystemd cups-openrc hdparm-openrc autofs-openrc fuse-openrc haveged-openrc netifrc upower-pm-utils consolekit-openrc polkit-consolekit cgmanager-openrc udisks2-nosystemd privoxy-openrc irqbalance tor-openrc samba-openrc displaymanager-openrc device-mapper-openrc lvm-openrc desktop-privileges lxsession

	# Add needed services to default
	# rc-update add consolekit default (and others) or
	for daemon in acpid alsasound autofs dbus consolekit cronie cupsd xdm fuse haveged hdparm smb tor privoxy dnsmasq; do rc-update add $daemon default; done

	# TODO: Make openrc init script for dnsmasq and profile-sync-daemon

	# Optional: Install X, WM or DE. Optimize for powersave and performance

	pacman -S consolekit-openrc xorg-server xf86-video-intel xf86-video-nouveau xorg-utils xorg-xbacklight xorg-xinput xorg-xinit openbox tint2 spacefm conky scite dmenu rxvt-unicode links clipit volumeicon feh xarchiver numix-themes faience-icon-theme aria2 bash-completion unzip unrar p7zip mlocate slock intel-ucode rfkill ttf-dejavu powertop htop nethogs

	# Setup Xorg. Add kbd, touchpad, vga configuration files
	/etc/X11/xorg.conf.d/

	# Run Xorg as user
	vim /etc/X11/Xwrapper.config
	...
	needs_root_rights = yes
	...

	# Dependency for yaourt
	pacman -S --asdeps yajl

	# Download from AUR and install package query as dependency and yaourt...
	# Install Inox, IceCat, Sublime Text 3 and Disk Burner
	yaourt -S inox-bin icecat-bin sublime-text-dev cdw

	# Enable multilib and install lib32 programs and libs, some useful programs too.
	pacman -S wine gimp epdfview libreoffice-fresh stardict-lite pidgin hunspell-en hunspell-es mythes-en mythes-es aspell-en aspell-es hyphen-en hyphen-es guvcview avidemux pragha pitivi winff handbrake mpv deadbeef gtk-recordmydesktop gparted ntfs-3g dosfstools graphicsmagick virtualbox virtualbox-guest-iso perl-file-mimeinfo pssh sshfs ghex geany

	# Dependencies
	pacman -S --asdeps lib32-giflib lib32-gnutls lib32-mpg123 lib32-openal lib32-alsa-plugins lib32-libxslt lib32-libxinerama qt5-x11extras gst-plugins-ugly gst-libav

	# Add vboxdrv to /etc/openrc/conf.d/modules

	# Configure network (netfifrc) or use network-manager, connman, netcfg
	vim /etc/conf.d/net
	cd /etc/init.d/ && ln -s net.lo net.enp2s0f0

	# Tuning system: /etc/sysctl.conf, /etc/modprobe.d/, /etc/conf.d/, ...
	# Reboot ...