Arch install in progress

arch_install.sh

# Installation on Lenovo X1 5th Generation

# Installation guide: https://wiki.archlinux.org/index.php/Installation_Guide
# Encryption: https://wiki.archlinux.org/index.php/Dm-crypt/Device_encryption#Cryptsetup_usage
# LVM: https://wiki.archlinux.org/index.php/LVM

# Set large font, if necessary
setfont latarcyrheb-sun32

# Connect to Internet
wifi-menu


# Sync clock
timedatectl set-ntp true

# Create three partitions:
# 1 1G EFI partition # Hex code ef00
# 2 1.5xRAM SWAP # Hex code 8200 (for the intellij users :D)
# 3 100% Linux partiton (to be encrypted) # Hex code 8300
cgdisk /dev/nvme0n1

# EFI part
mkfs.fat -F32 /dev/nvme0n1p1

# Enable swap
mkswap /dev/nvme0n1p1
swapon /dev/nvme0n1p2

# Encryption
# Encrypt - *uppercase* the yes... 
cryptsetup --verbose --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 4000 --use-random luksFormat /dev/nvme0n1p3
# Open encrypted
cryptsetup open --type luks /dev/nvme0n1p3 encryptedroot #encryptroot

# LVM
# Create a physical volume
pvcreate /dev/mapper/encryptedroot
# Create volume group
vgcreate vg0 /dev/mapper/encryptedroot
# Create logical volumes
lvcreate -L 100G vg0 --name root
lvcreate -l +80%FREE vg0 -- name home
# Check
lvdisplay
# Create filesystem
mkfs.ext4 /dev/mapper/vg0-root
mkfs.ext4 /dev/mapper/vg0-home

# Mount the system
mkdir /mnt
mount /dev/mapper/vg0-root /mnt
mkdir /mnt/boot
mkdir /mnt/home
mount /dev/mapper/vg0-home /mnt/home
mount /dev/nvme0n1p1 /mnt/boot

# Sort by fastest mirror
rankmirror -n 10 /etc/pacman.d/mirrorlist > /etc/pacman.d/mirrorlist.sorted
# Check and replace files, I mostly don't trust certain mirrors :P

# Install the base system plus a few packages
pacstrap /mnt base zsh vim git sudo efibootmgr wpa_supplicant dialog iw

# generate fstab
# double check fstab for stuff like the EFI partition... it will blow up, when you install a new kernel :D
genfstab -U -p /mnt >> /mnt/etc/fstab

## Change...
# Change relatime on all non-boot partitions to noatime (reduces wear if using an SSD)
# Add discard to swap

# Enter the new system
arch-chroot /mnt

# Set local time
ln -s /usr/share/zoneinfo/Europe/Berlin /etc/localtime
hwclock --systohc

# Generate required locales
vim /etc/locale.gen	# Uncomment desired locales, e.g. "en_US.UTF-8", "de_DE.UTF-8"
locale-gen

# Set desired locale
echo 'LANG=en_US.UTF-8' > /etc/locale.conf

# Set desired keymap and font if necessary
echo 'KEYMAP=us' > /etc/vconsole.conf
# echo 'FONT=latarcyrheb-sun32' >> /etc/vconsole.conf

# Set hostname
echo 'myhostname' > /etc/hostname

#Consider adding a matching entry to hosts(5):
#/etc/hosts
#127.0.0.1	localhost.localdomain	localhost
#::1		localhost.localdomain	localhost
#127.0.1.1	myhostname.localdomain	myhostname

# Set password for root
passwd

# Add real user
useradd -m -g users -G wheel -s /bin/zsh <username>
passwd <username>
echo '<username> ALL=(ALL) ALL' > /etc/sudoers.d/<username>

# Configure mkinitcpio with modules needed for the initrd image
vi /etc/mkinitcpio.conf
# Add 'ext4 dm_snapshot' to MODULES
# SYSTEMD
# Change: HOOKS="base systemd autodetect modconf block keyboard sd-vconsole sd-encrypt sd-lvm2 fsck filesystems"
# BUSYBOX
# Change: HOOKS="base udev resume autodetect modconf block keyboard keymap consolefont encrypt lvm2 fsck filesystems"

# Regenerate initrd image
# if this fails, you most probably have a typo :)
mkinitcpio -p linux

# Setup systemd-boot
bootctl --path=/boot install

# Enable Intel microcode updates
pacman -S intel-ucode

# Create bootloader entry
# Get luks-uuid with: `cryptsetup luksUUID /dev/nvme0n1p3`
---
/boot/loader/entries/arch.conf # if this file does not exit, you might not have executed bootctl properly
---
title     Arch Linux
linux     /vmlinuz-linux
initrd    /intel-ucode.img
initrd    /initramfs-linux.img
options   luks.uuid=<uuid> luks.name=<uuid>=luks root=/dev/mapper/vg0-root rw
---

# Set default bootloader entry
---
/boot/loader/loader.conf
---
default		arch
---

# Exit and reboot
exit
reboot

## login

# setup wifi
# identify wlan interface
ip link
sudo wpa_passphrase <SSID> <PASSWORD> > /etc/wpa_supplicant/wpa_supplicant-<wifi interface>.conf
## remove  psk from file
## add to the top:
## ctrl_interface=/run/wpa_supplicant.conf
## update_config=1
# enable wpa_supplicant on boot
sudo systemctl enable wpa_supplicant@<wifi interface>.service
# enable wpa_supplicant now
sudo systemctl start wpa_supplicant@<wifi interface>.service
# check status, if not running, execute sudo wpa_supplicant -B -i <wifi interface> -c /etc/wpa_supplicant/wpa_supplicant-<wifi interface>.conf and check error
sudo systemctl status wpa_supplicant@<wifi interface>.service
# enable getting ip address on boot
sudo systemctl enable dhcpcd@<wifi interface>.service
# do it now 
sudo systemctl start dhcpcd@<wifi interface>.service
# check, if errors, execute sudo dhcpcd <wifi interface> and check error
sudo systemctl start dhcpcd@<wifi interface>.service
# if it does not work: most probably you failed at typing your SSID or PASSWORD

# GUI
## X11 Variation for i3
sudo pacman -S xorg-server xorg-xinit
## Shotgut approach for display driver :S
sudo pacman -S xorg-drivers
# i3
sudo pacman -S i3
# i3 menu
sudo pacman -S dmenu
# add "exec i3" to .xinitrc
# ---------------------------------
## Wayland Variation for gnome
sudo pacman -S gnome
## enable login manager
sudo systemctl enable gdm.service

# Audio
## I guess ALSA is there, but throw this in
sudo pacman -S alsa-utils
## Most distros also use Pule
sudo pacman -S pulseaudio pulseaudio-alsa

# ACPID for additional Notebook support like sleep n stuff
sudo pacman -S acpid

# FIREFOX!!! CHROME MA ASS
sudo pacman -S firefox thunderbird

# Terminal stuff # guake too if not i3 :D
sudo pacman -S awesome-terminal-fonts terminator

Changes,

• you need to install on pacstrap linux and linux-firmware
• don't use wpa_supplicant, use iwctl
• you need to install NetworkManager too.

packstrap -K seems to be a thing (initialises a keyring). Otherwise I ran into PGP issues.

For issues with it:

1. Verify you time is set correctly with date.
2. Install on pacstrap the archlinux-keyring, I think it should be inbase.
3. pacman -Syu.

If you ran pacstrap without -K before, you need to remove the previous gnupg dir.

1. Remove previous gnupg keys: rm -r /etc/pacman.d/gnupg
2. If you don't want to re-run pacstrap, do pacman-key --init, pacman-key --populate archlinux and pacman-key --refresh-keys.
3. pacman -Syu.

If there is a preference for fonts, they can be set in /etc/vconsole.conf. The available list is in ls /usr/share/kbd/consolefonts/.
TTF fonts are not supported, they must be PSF. So don't wonder if you can't find ttf-jetbrains-mono-nerd.

E.g.:

KEYMAP=us
FONT=Lat2-Terminus16

To start of with more useful groups:

sudo useradd -m -s /usr/bin/fish -G wheel,video,audio,optical,storage,docker,lp,scanner ibihim

• wheel: For granting sudo access (requires configuration in the sudoers file).
• video: For access to video devices and hardware acceleration.
• audio: For access to audio devices.
• optical: For access to optical drives (CD/DVD).
• storage: For access to removable storage devices.
• docker: For access to Docker daemon and containers (requires Docker to be installed).
• lp: For access to printers.
• scanner: For access to scanners.

Add docker with groupadd docker.

sd-lvm2 > lvm2, install it with pacstrap.