Skip to content

Instantly share code, notes, and snippets.

@ibihim
Last active March 26, 2023 16:27
Show Gist options
  • Save ibihim/0ecc122a1867494132f2a2ffa85ea594 to your computer and use it in GitHub Desktop.
Save ibihim/0ecc122a1867494132f2a2ffa85ea594 to your computer and use it in GitHub Desktop.
Arch install in progress
# Installation on Lenovo X1 5th Generation
# Installation guide: https://wiki.archlinux.org/index.php/Installation_Guide
# Encryption: https://wiki.archlinux.org/index.php/Dm-crypt/Device_encryption#Cryptsetup_usage
# LVM: https://wiki.archlinux.org/index.php/LVM
# Set large font, if necessary
setfont latarcyrheb-sun32
# Connect to Internet
wifi-menu
# Sync clock
timedatectl set-ntp true
# Create three partitions:
# 1 1G EFI partition # Hex code ef00
# 2 1.5xRAM SWAP # Hex code 8200 (for the intellij users :D)
# 3 100% Linux partiton (to be encrypted) # Hex code 8300
cgdisk /dev/nvme0n1
# EFI part
mkfs.fat -F32 /dev/nvme0n1p1
# Enable swap
mkswap /dev/nvme0n1p1
swapon /dev/nvme0n1p2
# Encryption
# Encrypt - *uppercase* the yes...
cryptsetup --verbose --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 4000 --use-random luksFormat /dev/nvme0n1p3
# Open encrypted
cryptsetup open --type luks /dev/nvme0n1p3 encryptedroot #encryptroot
# LVM
# Create a physical volume
pvcreate /dev/mapper/encryptedroot
# Create volume group
vgcreate vg0 /dev/mapper/encryptedroot
# Create logical volumes
lvcreate -L 100G vg0 --name root
lvcreate -l +80%FREE vg0 -- name home
# Check
lvdisplay
# Create filesystem
mkfs.ext4 /dev/mapper/vg0-root
mkfs.ext4 /dev/mapper/vg0-home
# Mount the system
mkdir /mnt
mount /dev/mapper/vg0-root /mnt
mkdir /mnt/boot
mkdir /mnt/home
mount /dev/mapper/vg0-home /mnt/home
mount /dev/nvme0n1p1 /mnt/boot
# Sort by fastest mirror
rankmirror -n 10 /etc/pacman.d/mirrorlist > /etc/pacman.d/mirrorlist.sorted
# Check and replace files, I mostly don't trust certain mirrors :P
# Install the base system plus a few packages
pacstrap /mnt base zsh vim git sudo efibootmgr wpa_supplicant dialog iw
# generate fstab
# double check fstab for stuff like the EFI partition... it will blow up, when you install a new kernel :D
genfstab -U -p /mnt >> /mnt/etc/fstab
## Change...
# Change relatime on all non-boot partitions to noatime (reduces wear if using an SSD)
# Add discard to swap
# Enter the new system
arch-chroot /mnt
# Set local time
ln -s /usr/share/zoneinfo/Europe/Berlin /etc/localtime
hwclock --systohc
# Generate required locales
vim /etc/locale.gen # Uncomment desired locales, e.g. "en_US.UTF-8", "de_DE.UTF-8"
locale-gen
# Set desired locale
echo 'LANG=en_US.UTF-8' > /etc/locale.conf
# Set desired keymap and font if necessary
echo 'KEYMAP=us' > /etc/vconsole.conf
# echo 'FONT=latarcyrheb-sun32' >> /etc/vconsole.conf
# Set hostname
echo 'myhostname' > /etc/hostname
#Consider adding a matching entry to hosts(5):
#/etc/hosts
#127.0.0.1 localhost.localdomain localhost
#::1 localhost.localdomain localhost
#127.0.1.1 myhostname.localdomain myhostname
# Set password for root
passwd
# Add real user
useradd -m -g users -G wheel -s /bin/zsh <username>
passwd <username>
echo '<username> ALL=(ALL) ALL' > /etc/sudoers.d/<username>
# Configure mkinitcpio with modules needed for the initrd image
vi /etc/mkinitcpio.conf
# Add 'ext4 dm_snapshot' to MODULES
# SYSTEMD
# Change: HOOKS="base systemd autodetect modconf block keyboard sd-vconsole sd-encrypt sd-lvm2 fsck filesystems"
# BUSYBOX
# Change: HOOKS="base udev resume autodetect modconf block keyboard keymap consolefont encrypt lvm2 fsck filesystems"
# Regenerate initrd image
# if this fails, you most probably have a typo :)
mkinitcpio -p linux
# Setup systemd-boot
bootctl --path=/boot install
# Enable Intel microcode updates
pacman -S intel-ucode
# Create bootloader entry
# Get luks-uuid with: `cryptsetup luksUUID /dev/nvme0n1p3`
---
/boot/loader/entries/arch.conf # if this file does not exit, you might not have executed bootctl properly
---
title Arch Linux
linux /vmlinuz-linux
initrd /intel-ucode.img
initrd /initramfs-linux.img
options luks.uuid=<uuid> luks.name=<uuid>=luks root=/dev/mapper/vg0-root rw
---
# Set default bootloader entry
---
/boot/loader/loader.conf
---
default arch
---
# Exit and reboot
exit
reboot
## login
# setup wifi
# identify wlan interface
ip link
sudo wpa_passphrase <SSID> <PASSWORD> > /etc/wpa_supplicant/wpa_supplicant-<wifi interface>.conf
## remove psk from file
## add to the top:
## ctrl_interface=/run/wpa_supplicant.conf
## update_config=1
# enable wpa_supplicant on boot
sudo systemctl enable wpa_supplicant@<wifi interface>.service
# enable wpa_supplicant now
sudo systemctl start wpa_supplicant@<wifi interface>.service
# check status, if not running, execute sudo wpa_supplicant -B -i <wifi interface> -c /etc/wpa_supplicant/wpa_supplicant-<wifi interface>.conf and check error
sudo systemctl status wpa_supplicant@<wifi interface>.service
# enable getting ip address on boot
sudo systemctl enable dhcpcd@<wifi interface>.service
# do it now
sudo systemctl start dhcpcd@<wifi interface>.service
# check, if errors, execute sudo dhcpcd <wifi interface> and check error
sudo systemctl start dhcpcd@<wifi interface>.service
# if it does not work: most probably you failed at typing your SSID or PASSWORD
# GUI
## X11 Variation for i3
sudo pacman -S xorg-server xorg-xinit
## Shotgut approach for display driver :S
sudo pacman -S xorg-drivers
# i3
sudo pacman -S i3
# i3 menu
sudo pacman -S dmenu
# add "exec i3" to .xinitrc
# ---------------------------------
## Wayland Variation for gnome
sudo pacman -S gnome
## enable login manager
sudo systemctl enable gdm.service
# Audio
## I guess ALSA is there, but throw this in
sudo pacman -S alsa-utils
## Most distros also use Pule
sudo pacman -S pulseaudio pulseaudio-alsa
# ACPID for additional Notebook support like sleep n stuff
sudo pacman -S acpid
# FIREFOX!!! CHROME MA ASS
sudo pacman -S firefox thunderbird
# Terminal stuff # guake too if not i3 :D
sudo pacman -S awesome-terminal-fonts terminator
@ibihim
Copy link
Author

ibihim commented Apr 22, 2019

To install grub:

pacman -S grub
# efi directory is boot and boot loader is installed there as well.
# Some distros (like Ubuntu) have two different partitions for boot and efi.
grub install --target=x86_64-efi --efi-directory=/boot

# Add 'lvm' to GRUB_PRELOAD_MODULES
# Add 'rd.luks.name=XXX=cryptlvm root=/dev/mapper/vg0-root' to GRUB_CMDLINE_LINUX
vi /etc/default/grub
# Exchange XXX with the result of cryptsetup luksUUID /dev/nvme0n1p3
sed -i "s/xxx/$(cryptsetup luksUUID /dev/nvme0n1p3)/" # never tried this, so be cautious :D

@ibihim
Copy link
Author

ibihim commented Jan 16, 2023

Changes,

  • you need to install on pacstrap linux and linux-firmware
  • don't use wpa_supplicant, use iwctl
  • you need to install NetworkManager too.

@ibihim
Copy link
Author

ibihim commented Mar 26, 2023

packstrap -K seems to be a thing (initialises a keyring). Otherwise I ran into PGP issues.

For issues with it:

  1. Verify you time is set correctly with date.
  2. Install on pacstrap the archlinux-keyring, I think it should be inbase.
  3. pacman -Syu.

If you ran pacstrap without -K before, you need to remove the previous gnupg dir.

  1. Remove previous gnupg keys: rm -r /etc/pacman.d/gnupg
  2. If you don't want to re-run pacstrap, do pacman-key --init, pacman-key --populate archlinux and pacman-key --refresh-keys.
  3. pacman -Syu.

@ibihim
Copy link
Author

ibihim commented Mar 26, 2023

If there is a preference for fonts, they can be set in /etc/vconsole.conf. The available list is in ls /usr/share/kbd/consolefonts/.
TTF fonts are not supported, they must be PSF. So don't wonder if you can't find ttf-jetbrains-mono-nerd.

E.g.:

KEYMAP=us
FONT=Lat2-Terminus16

@ibihim
Copy link
Author

ibihim commented Mar 26, 2023

To start of with more useful groups:

sudo useradd -m -s /usr/bin/fish -G wheel,video,audio,optical,storage,docker,lp,scanner ibihim

  • wheel: For granting sudo access (requires configuration in the sudoers file).
  • video: For access to video devices and hardware acceleration.
  • audio: For access to audio devices.
  • optical: For access to optical drives (CD/DVD).
  • storage: For access to removable storage devices.
  • docker: For access to Docker daemon and containers (requires Docker to be installed).
  • lp: For access to printers.
  • scanner: For access to scanners.

Add docker with groupadd docker.

@ibihim
Copy link
Author

ibihim commented Mar 26, 2023

sd-lvm2 > lvm2, install it with pacstrap.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment