Skip to content

Instantly share code, notes, and snippets.

@williamcanin

williamcanin/archlinux_installation.txt

Last active September 19, 2025 04:00
Show Gist options
  • Save williamcanin/75a1a4714296227cd5290fac18c7d540 to your computer and use it in GitHub Desktop.
Save williamcanin/75a1a4714296227cd5290fac18c7d540 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
archlinux_installation.txt
# Arch Linux
# ===============================================================
# Installation with LVM, LUKS (in HOME /dev/sdb) and Systemd-Boot
# ===============================================================
# by: William C. Canin
# Note: Where it says >>>, that's where the command starts.
>>> loadkeys br-abnt2
>>> timedatectl set-timezone America/Sao_Paulo
>>> hwclock --systohc
------------------------------------------------------------
:: Partitioning storage for the system (IMPORTANT! Use GPT)
------------------------------------------------------------
| Dispositivo | Tamanho | Tipo | Local |
|-------------|---------|---------------------|-----------|
| /dev/sda1 | 2G | EFI System | /boot |
| /dev/sda2 | 120G | Linux LVM | |
| /dev/sdb1 | 1T | Linux filesystems | /home |
--------------------------
:: Creating LVM structure
--------------------------
>>> pvcreate /dev/sda2
>>> vgcreate linux /dev/sda2
>>> lvcreate -L 120G linux -n arch
---------------------------------------
:: Encrypt the HOME partition and open
---------------------------------------
### IMPORTANT!!! If you already have the `/dev/mapper/home` drive encrypted with your files, there
### is no need for this step, otherwise you will lose your files.
>>> cryptsetup -y -v luksFormat /dev/sdb1
>>> cryptsetup open /dev/sdb1 home
-------------------------
:: Formatting partitions
-------------------------
>>> mkfs.fat -F 32 /dev/sda1
>>> mkfs -t ext4 /dev/mapper/linux-arch
>>> mkfs -t ext4 /dev/mapper/home
### IMPORTANT!!! If you already have the `/dev/mapper/home` partition with files, do not format it
### or you will lose ALL the files.
-----------------------
:: Mounting partitions
-----------------------
>>> mount /dev/mapper/linux-arch /mnt
>>> mount --mkdir /dev/sda1 /mnt/boot
>>> mount --mkdir /dev/mapper/home /mnt/home
-----------------------
:: Install base system
-----------------------
>>> reflector --verbose --country Brazil,US --age 12 --protocol https --sort rate --save /etc/pacman.d/mirrorlist
>>> pacman -Syy
>>> pacman -Sy archlinux-keyring
>>> pacman-key --populate archlinux
>>> pacstrap -K /mnt base base-devel linux-lts linux-lts-headers linux-firmware systemd systemd-ukify sudo vim dhcpcd wireless_tools wpa_supplicant
---------------------
:: Create /etc/fstab
---------------------
>>> genfstab -U -p /mnt >> /mnt/etc/fstab
-----------------------
:: Entering the system
-----------------------
>>> arch-chroot /mnt /bin/bash
-------------------------
:: Add password for root
-------------------------
>>> passwd
-------------------------------------
:: Configuring Internet with SystemD
-------------------------------------
>>> systemctl disable --now NetworkManager.service
>>> systemctl mask NetworkManager.service
>>> systemctl enable --now systemd-networkd.service systemd-resolved.service
>>> vim /etc/systemd/network/20-wired.network
[Match]
Name=eno1 # Replace with the name of your interface
[Network]
Address=192.168.0.2/24
Gateway=192.168.0.1
DNS=8.8.8.8
## Conection via DHCP
# [Network]
# DHCP=yes
>>> ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
----------------------
:: Configuring Pacman
----------------------
>>> vim /etc/pacman.conf
IgnorePkg = linux-lts linux linux-zen linux-headers linux-zen-headers linux-lts-headers
nvidia-utils nvidia-settings nvidia lib32-nvidia cuda
[multilib]
Include = /etc/pacman.d/mirrorlist
[canin]
SigLevel = Optional TrustAll
Server = https://williamcanin.gitlab.io/archlinux/stable/x86_64
>>> pacman -Syy
-----------------------------
:: Setting up encrypted HOME
-----------------------------
>>> cat << EOF >> /etc/crypttab.initramfs
# /dev/sdb1
home UUID=$(blkid -s UUID -o value /dev/sdb1) none luks,tries=0,timeout=0
EOF
>>> cat << EOF >> /etc/fstab
# /dev/mapper/home
UUID=$(blkid -s UUID -o value /dev/mapper/home) /home ext4 rw,relatime,data=ordered 0 2
EOF
------------------------------------
:: Configuring /etc/mkinitcpio.conf
------------------------------------
>>> sed -i "s|^MODULES=.*|MODULES=(usbhid xhci_hcd ehci_hcd)|g" /etc/mkinitcpio.conf
>>> sed -i "s|^HOOKS=.*|HOOKS=(base systemd autodetect keymap modconf kms keyboard sd-vconsole block sd-encrypt lvm2 filesystems fsck)|g" /etc/mkinitcpio.conf
>>> pacman -S lvm2
--------------------------------------------------------
:: Installing and configuring Bootloader (systemd-boot)
--------------------------------------------------------
>>> pacman -S --noconfirm efibootmgr intel-ucode
>>> bootctl --path=/boot install
>>> ESP_DIR=""
>>> cat << EOF > /boot/loader/loader.conf
default arch-linux-lts.efi
timeout 3
console-mode max
editor no
EOF
>>> cp /etc/mkinitcpio.d/linux-lts.preset /etc/mkinitcpio.d/linux-lts.preset.backup
>>> cat << EOF > /etc/mkinitcpio.d/linux-lts.preset
ESP_DIR="${ESP_DIR}"
ALL_config="/etc/mkinitcpio.conf"
ALL_kver="/boot/\${ESP_DIR}vmlinuz-linux-lts"
ALL_cmdline="root=UUID=$(blkid -s UUID -o value /dev/mapper/linux-arch) rw loglevel=3 nvidia_drm.modeset=1 video=1920x1080@75"
PRESETS=('default' 'fallback')
default_config="/etc/mkinitcpio.conf"
default_image="/boot/\${ESP_DIR}initramfs-linux-lts.img"
default_uki="/boot/\${ESP_DIR}EFI/Linux/arch-linux-lts.efi"
default_options="--splash /usr/share/systemd/bootctl/splash-arch.bmp"
fallback_config="/etc/mkinitcpio.conf"
fallback_image="/boot/\${ESP_DIR}initramfs-linux-lts-fallback.img"
fallback_uki="/boot/\${ESP_DIR}EFI/Linux/arch-linux-lts-fallback.efi"
fallback_options="-S autodetect"
EOF
>>> pacman -S --noconfirm linux-lts
>>> mount --mkdir /dev/sdc1 /mnt/winboot
>>> cp -r /mnt/winboot/EFI/Microsoft /boot/EFI
-----------------------------------------
:: Installation of the drivers graphical
-----------------------------------------
# OpenGL/Vulkan (IMPORTANT!!!)
>>> pacman -S --needed --noconfirm xorg wayland dialog mesa lib32-mesa xf86-video-vesa vulkan-icd-loader lib32-vulkan-icd-loader vulkan-tools
# Intel
>>> pacman -S --needed --noconfirm mesa-vulkan-intel vulkan-intel linux-firmware-intel
# NVIDIA (Nouveau)
pacman -S --noconfirm xf86-video-nouveau vulkan-nouveau
--------------------
:: Installing fonts
--------------------
>>> pacman -S --needed --noconfirm noto-fonts noto-fonts-emoji noto-fonts-cjk ttf-liberation otf-font-awesome ttf-jetbrains-mono ttf-jetbrains-mono-nerd ttf-dejavu-nerd
---------------------------------------
:: Installation audio drivers / mixers
---------------------------------------
pacman -S --needed --noconfirm pipewire wireplumer pipewire-audio pipewire-pulse pipewire-alsa pipewire-jack lib32-pipewire lsp-plugins-lv2 mda.lv2 zam-plugins-lv2 zam-plugins-lv2 pavucontrol
--------------------------------------------------
:: Installation of the desktop environment (i3)
--------------------------------------------------
>>> pacman -S --needed --noconfirm i3 i3lock i3status polybar pcmanfm picom rofi nitrogen gtk-chtheme btop jq conky gsimplecal numlockx qt5ct qt6ct scrot dunst yazi xautolock imagemagick ranger lynx
--------------------------------------------
:: Installing utility packages (IMPORTANT!)
--------------------------------------------
>>> pacman -S --needed --noconfirm pacman-contrib util-linux dkms xdg-user-dirs ntfs-3g udisks2 dosfstools mtools cpupower reflector samba git openssh tor virtualbox-guest-utils vlc transmission-gtk gvfs gvfs-smb ttf-dejavu ttf-dejavu-nerd terminator veracrypt zip unzip xarchiver gimp inkscape make gcc go ruby perl tk python nodejs npm arch-wiki-docs arch-wiki-lite zeal qemu-full virt-manager piper steam-native-runtime firefox libreoffice-fresh libreoffice-fresh-pt-br terminator galculator leafpad calf smplayer gparted rofimoji easyeffects gnome-keyring seahorse mpv
--------------------
:: Enabled services
--------------------
>>> systemctl enable iptables.service smb.service nmb.service tor.service
----------------------------
:: Complementing /etc/fstab
----------------------------
>>> mkdir -p /media/cdrom0; mkdir /mnt/floppy; mkdir /mnt/windows
>>> ln -s /media/cdrom0 /media/cdrom
>>> cat << EOF >> /etc/fstab
### CDROM
/dev/sr0 /media/cdrom0 udf,iso9660 user,noauto 0 0
### Floppy
/dev/fd0 /mnt/floppy auto defaults,user,noauto 0 0
### Windows (optional)
#UUID=XXXXX-XXXXX-XXXXX /mnt/windows ntfs-3g defaults,user,rw,auto 0 0
EOF
-----------------
:: Enabling ZRAM
-----------------
>>> pacman -S --needed --noconfirm zram-generator
>>> cat << "EOF" > /etc/systemd/zram-generator.conf
[zram0]
zram-size = ram / 4
compression-algorithm = zstd
swap-priority = 50
fs-type = swap
EOF
>>> systemctl daemon-reload
>>> systemctl enable --now [email protected]
-------------------
:: Adding new USER
-------------------
>>> sed -i "s|# %sudo ALL=(ALL:ALL) ALL|%sudo ALL=(ALL:ALL) ALL|g" /etc/sudoers
>>> USERNAME_TEMP="will"
>>> groupadd $USERNAME_TEMP
>>> useradd -m -g $USERNAME_TEMP -G users,tty,wheel,games,power,optical,storage,scanner,lp,audio,video,input,mail,root -s /bin/zsh $USERNAME_TEMP
>>> groupadd sudo -U $USERNAME_TEMP
>>> passwd $USERNAME_TEMP
-----------------------
:: Language and region
-----------------------
>>> timedatectl set-timezone America/Sao_Paulo
>>> echo "KEYMAP=br-abnt2" > /etc/vconsole.conf
>>> sed -i "s|#en_US.UTF-8 UTF-8|en_US.UTF-8 UTF-8|g" /etc/locale.gen
>>> sed -i "s|#pt_BR.UTF-8 UTF-8|pt_BR.UTF-8 UTF-8|g" /etc/locale.gen
>>> locale-gen
>>> echo LANG=pt_BR.UTF-8 | tee /etc/locale.conf
>>> rm -f /etc/localtime && ln -s /usr/share/zoneinfo/America/Sao_Paulo /etc/localtime
>>> hwclock --systohc
>>> echo "archlinux" | tee /etc/hostname
>>> printf "127.0.0.1 archlinux\n" >> /etc/hosts
>>> echo KEYMAP=br-abnt2 | tee /etc/vconsole.conf
----------------------------------------
:: Configuring Security Boot (Optional)
----------------------------------------
>>> pacman -S --noconfirm sbctl
>>> sbctl create-keys
>>> sbctl sign -s -o /usr/lib/systemd/boot/efi/systemd-bootx64.efi.signed /usr/lib/systemd/boot/efi/systemd-bootx64.efi
>>> sbctl sign -s /boot/EFI/BOOT/BOOTX64.EFI
>>> sbctl sign -s /boot/EFI/Linux/arch-linux-lts.efi
>>> sbctl sign -s /boot/EFI/Linux/arch-linux-lts-fallback.efi
>>> sbctl verify
### If I have Windows EFI
>>> cd /boot/EFI/Microsoft && sbctl verify | sed 's/✗ /sbctl sign -s /e'
>>> systemctl reboot --firmware-setup
### Once you're in the BIOS, go to the Boot > Security Boot tab, leaving it disabled and in Custom
### mode.
### In Key Management, delete ALL keys and RESTORE to Setup Mode. After that, save and start
### Arch Linux again.
>>> sbctl enroll-keys --microsoft
>>> systemctl reboot --firmware-setup
### Now, inside the BIOS, enable Security Boot and save. When you restart, Arch Linux will be in
### Security Boot mode.
========================================
Post Install (In the user)
========================================
--------------------------------------------
:: Installing package manager for AUR (yay)
--------------------------------------------
>>> git clone https://aur.archlinux.org/yay.git;
>>> cd yay && makepkg -si PKGBUILD
-----------------------------------------------------
:: Installing essential packages from AUR (optional)
-----------------------------------------------------
>>> yay -S --noconfirm i3-volume spotify visual-studio-code-bin brave-bin google-chrome secure-delete smem
-----------------------------------------------------
:: Install Oh-My-ZSH and plugins for USER (optional)
-----------------------------------------------------
>>> sudo pacman -S --noconfirm starship
>>> sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
>>> git clone https://github.com/zsh-users/zsh-autosuggestions ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions
>>> git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting
>>> new_plugins=" zsh-autosuggestions zsh-syntax-highlighting"
>>> current_plugins=$(grep '^plugins=' "$HOME/.zshrc" | sed 's/^plugins=(//; s/)//')
>>> new_plugins_line="plugins=(${current_plugins}${new_plugins})"
>>> sed -i "s|^plugins=.*|${new_plugins_line}|" "$HOME/.zshrc"
>>> echo "eval \"\$(starship init zsh)\"" > "${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/themes/starship.zsh-theme"
>>> sed -i 's/^ZSH_THEME=".*"/ZSH_THEME="starship"/' "$HOME/.zshrc"
----------------------------------------
:: Automatic login using TTY (optional)
----------------------------------------
>>> sudo mkdir -p /etc/systemd/system/[email protected]
>>> sudo cat << EOF > /etc/systemd/system/[email protected]/skip-prompt.conf
[Service]
ExecStart=
ExecStart=-/usr/bin/agetty --skip-login --nonewline --noissue --autologin $USERNAME_TEMP --noclear %I \$TERM
EOF
>>> [ -f "$HOME/.xinitrc" ] && mv $HOME/.xinitrc $HOME/.xinitrc.bak;
>>> cat << EOF > $HOME/.xinitrc
exec i3
EOF
>>> [ -f "$HOME/.zprofile" ] && mv $HOME/.zprofile $HOME/.zprofile.bak;
>>> cat << EOF > $HOME/.zprofile
if [ -z "\$DISPLAY" ] && [ "\$XDG_VTNR" = 1 ]; then
exec startx &>/dev/null
fi
EOF
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment