|
|
|
# Notes for installing archlinux
|
|
|
|
# UEFI boot: LVM on LUKS
|
|
|
|
#
|
|
|
|
# Based on Jason Wryan's instructions.
|
|
|
|
# See his full blog post:
|
|
|
|
# http://jasonwryan.com/blog/2013/01/25/uefi/
|
|
|
|
|
|
|
|
# check you are booted in uefi
|
|
|
|
efivar -l
|
|
|
|
|
|
|
|
### Set up disk.
|
|
|
|
# Nuke disk (just in case)
|
|
|
|
sgdisk -Z /dev/sdX
|
|
|
|
|
|
|
|
# Set disk partition alignment and clear all partition data
|
|
|
|
sgdisk -a 2048 -o /dev/sdX
|
|
|
|
|
|
|
|
# New partition for boot, 0 to 200M
|
|
|
|
sgdisk -n 1:0:+200M /dev/sdX
|
|
|
|
|
|
|
|
# The rest is for the LUKS partition
|
|
|
|
sgdisk -n 2:0:0 /dev/sdX
|
|
|
|
|
|
|
|
# Boot partition's type is EFI System
|
|
|
|
sgdisk -t 1:ef00 /dev/sdX
|
|
|
|
|
|
|
|
# LUKS partition is 'Linux filesystem'
|
|
|
|
sgdisk -t 2:8300 /dev/sdX
|
|
|
|
|
|
|
|
# Set partition names
|
|
|
|
sgdisk -c 1:bootefi /dev/sdX
|
|
|
|
sgdisk -c 2:root /dev/sdX
|
|
|
|
|
|
|
|
### Set up LUKS and encrypt sdX2
|
|
|
|
# The actual setup
|
|
|
|
cryptsetup --cipher aes-xts-plain64 --key-size 512 --hash sha512\
|
|
|
|
--iter-time 5000 --use-random --verify-passphrase luksFormat /dev/sdX2
|
|
|
|
|
|
|
|
# Mount the partition
|
|
|
|
cryptsetup luksOpen /dev/sdX2 cryptdisk
|
|
|
|
|
|
|
|
### Set up LVM on the LUKS partition
|
|
|
|
# setup logical volumes
|
|
|
|
pvcreate /dev/mapper/cryptdisk
|
|
|
|
pvdisplay
|
|
|
|
|
|
|
|
vgcreate vgroup /dev/mapper/cryptdisk
|
|
|
|
vgdisplay
|
|
|
|
|
|
|
|
# Partitioning. Customize this for yourself
|
|
|
|
lvcreate --size 30G --name lvroot vgroup
|
|
|
|
lvcreate --extents +100%FREE --name lvhome vgroup
|
|
|
|
lvdisplay
|
|
|
|
|
|
|
|
### Formatting partitions
|
|
|
|
# Boot should be vfat
|
|
|
|
mkfs.vfat -F32 /dev/sdX1
|
|
|
|
# The rest are ext4
|
|
|
|
mkfs.ext4 /dev/mapper/vgroup-lvroot
|
|
|
|
mkfs.ext4 /dev/mapper/vgroup-lvhome
|
|
|
|
|
|
|
|
### Mount the partitions
|
|
|
|
mount /dev/mapper/vgroup-lvroot /mnt
|
|
|
|
mkdir -p /mnt/boot/efi
|
|
|
|
mount -t vfat /dev/sdX1 /mnt/boot
|
|
|
|
mkdir /mnt/home
|
|
|
|
mount /dev/mapper/vgroup-lvhome /mnt/home
|
|
|
|
|
|
|
|
### Install base system ###
|
|
|
|
# Select a fast mirror
|
|
|
|
vim /etc/pacman.d/mirrorlist
|
|
|
|
# Install
|
|
|
|
pacstrap -i /mnt base base-devel
|
|
|
|
|
|
|
|
### Set up the fstab
|
|
|
|
genfstab -U -p /mnt >> /mnt/etc/fstab
|
|
|
|
# Make sure the fstab isn't totally broken
|
|
|
|
vim /mnt/etc/fstab
|
|
|
|
|
|
|
|
### Chroot into the new system
|
|
|
|
arch-chroot /mnt
|
|
|
|
|
|
|
|
### Misc modifications
|
|
|
|
# vi /etc/mkinitcpio.conf
|
|
|
|
# Add the following hooks
|
|
|
|
…encrypt lvm2 filesystems… shutdown…
|
|
|
|
# Add the following modules
|
|
|
|
vfat ext4 dm_mod dm_crypt aes_x86_64 i915
|
|
|
|
# generate new images
|
|
|
|
mkinitcpio -p linux
|
|
|
|
|
|
|
|
# add options to /etc/lvm/lvm.conf
|
|
|
|
issue_discards = 1
|
|
|
|
|
|
|
|
### Timezone (customize of course)
|
|
|
|
ln -s /usr/share/zoneinfo/America/Los_Angeles /etc/localtime
|
|
|
|
|
|
|
|
### Set hostname
|
|
|
|
echo bbq > /etc/hostname
|
|
|
|
|
|
|
|
### Set up wired networking (check interface with ip link)
|
|
|
|
systemctl enable dhcpcd@enp0s3.service
|
|
|
|
|
|
|
|
### Set up wireless networking dependencies
|
|
|
|
pacman -S iw wpa_supplicant dialog wpa_actiond
|
|
|
|
|
|
|
|
### Root password
|
|
|
|
passwd
|
|
|
|
|
|
|
|
# set up bootloader
|
|
|
|
bootctl install
|
|
|
|
|
|
|
|
# create conf
|
|
|
|
# /boot/loader/loader.conf
|
|
|
|
default arch
|
|
|
|
timeout 5
|
|
|
|
|
|
|
|
# create /boot/loader/entries/arch.conf
|
|
|
|
title Arch Linux
|
|
|
|
linux /vmlinuz-linux
|
|
|
|
initrd /initramfs-linux.img
|
|
|
|
options cryptdevice=/dev/sdX2:vgroup root=/dev/mapper/vgroup-lvroot ro
|
|
|
|
|
|
|
|
|
|
|
|
###### After reboot
|
|
|
|
|
|
|
|
### Set up user account
|
|
|
|
useradd -m -g users -G wheel -s /bin/bash angrygoats
|
|
|
|
passwd angrygoats
|
|
|
|
|
|
|
|
|
|
|
|
# Add to sudoers (uncomment wheel comment)
|
|
|
|
visudo
|
|
|
|
|
|
|
|
### Pacman stuff
|
|
|
|
# Set up multilib for 32 bit applications (uncomment multilib)
|
|
|
|
vi /etc/pacman.conf
|
|
|
|
|
|
|
|
### Install yaourt
|
|
|
|
(diy)
|
|
|
|
|
|
|
|
### Extra setup for installations inside virtualbox
|
|
|
|
pacman -S virtualbox-guest-utils
|
|
|
|
modprobe -a vboxguest vboxsf vboxvideo
|
|
|
|
|
|
|
|
# Add to startup as well
|
|
|
|
systemctl enable vboxservice
|
|
|
|
|
|
|
|
# Start vbox client
|
|
|
|
VBoxClient-all
|
|
|
|
|
|
|
|
# Add to ~/.xinitrc
|
|
|
|
(diy)
|
|
|
|
|
|
|
|
### Editor (gvim for clipboard support, use console vim provided)
|
|
|
|
pacman -S gvim
|
|
|
|
|
|
|
|
### Window management
|
|
|
|
### ALTERANTIVE (Awesome WM)
|
|
|
|
### pacman -S awesome vicious
|
|
|
|
### echo "exec awesome" >> ~/.xinitrc
|
|
|
|
### mkdir -p ~/.config/awesome/
|
|
|
|
### cp /etc/xdg/awesome/rc.lua ~/.config/awesome
|
|
|
|
pacman -S xorg-xinit xmonad xmonad-contrib
|
|
|
|
cat `exec xmonad` >> ~/.xinitrc
|
|
|
|
|
|
|
|
#### Extra: System repair via livecd quick commands
|
|
|
|
cryptsetup luksOpen /dev/sdX2 cryptdisk
|
|
|
|
mount /dev/mapper/vgroup-lvroot /mnt
|
|
|
|
mount -t vfat /dev/sdX1 /mnt/boot
|
|
|
|
arch-chroot /mnt
|