Notes on Arch Linux system setup.

Martins Eglitis 3c75dee0df Update the readme		11 months ago
README.md	Update the readme	11 months ago

README.md

setup

Notes on Arch Linux system setup.

Notes

Make sure you run in UEFI mode, meaning the output of efivar -l is not empty.
If running from an older live USB, you should update the pacman keys with pacman-key --populate archlinux and pacman-key --refresh-keys.

Preparation

cryptsetup open --type plain -d /dev/urandom /dev/sda temp - create a temporary encrypted container named temp on the /dev/sda partition to be encrypted.
dd if=/dev/zero of=/dev/mapper/temp bs=4M status=progress - fill the container with zeros.
cryptsetup close temp - close the temporary container.

Partitioning

parted /dev/sda mklabel gpt - create a new gpt partition label.
parted /dev/sda mkpart boot fat32 0% 512M - create the boot partition.
parted /dev/sda set 1 boot on - set the boot flags for the boot partition.
parted /dev/sda mkpart system ext4 512M 100% - create the system partition.

Encryption

cryptsetup luksFormat --type luks2 /dev/sda2 - initialize the LUKS2 header on the system partition.
cryptsetup luksDump /dev/sda2 - check the LUKS2 header.
cryptsetup luksOpen /dev/sda2 cryptlvm - open the encrypted system partition and map it to /dev/mapper/cryptlvm.

Logical volume management

pvcreate /dev/mapper/cryptlvm - create a new physical volume from the encrypted system partition.
vgcreate vg /dev/mapper/cryptlvm - create a new volume group vg.
lvcreate --size 16G --name root vg - create a new logical volume root inside the vg.
lvcreate --extents 100%FREE --name home vg - create a new logical volume home inside the vg, taking up the remaining space.

Filesystems

mkfs.ext4 /dev/mapper/vg-root - make a filesystem for the vg-root logical volume.
mkfs.ext4 /dev/mapper/vg-home - make a filesystem for the vg-home logical volume.
mkfs.fat /dev/sda1 - make a filesystem for the boot partition.
mount /dev/mapper/vg-root /mnt - mount the vg-root.
mkdir /mnt/home - create the home dir.
mount /dev/mapper/vg-home /mnt/home - mount the home dir.
mkdir /mnt/boot - create the boot dir.
mount /dev/sda1 /mnt/boot - create the boot dir.

Installation

vim /etc/pacman.d/mirrorlist - find the best mirror from the mirrorlist.
pacstrap /mnt linux linux-firmware lvm2 base base-devel zsh git vim - an alternative approach to what is described in Arch wiki. Execute the pacstrap command and follow instructions after arch-chroot.
pacstrap /mnt intel-ucode - install microcode for Intel based CPUs (amd-ucode for AMD based CPUs).
genfstab -U /mnt > /mnt/etc/fstab - write the currently mounted filesystems to the new system.
arch-chroot /mnt - chroot to the your new OS.

Configuration

User

useradd -s /bin/zsh -g wheel -m martins - create a new user martins.
passwd martins - set the password for martins.
passwd root - set the password for root.
visudo - edit sudo user permissions.

Locale

vim /etc/locale.gen - edit the locale file.
locale-gen - generate the chosen locales.
localectl set-locale LANG=en_US.UTF-8 - set the locale.

Time

timedatectl set-timezone Europe/Zurich - set the timezone.
timedatectl set-ntp true - enable network time sync.

Hostname

vim /etc/hostname - edit the hostname.

Boot

bootctl install - install the systemd-boot bootloader.
vim /boot/loader/loader.conf - edit the bootloader conf.

default arch
editor 0
timeout 3
console-mode max

cp /usr/share/systemd/bootcl/arch.conf /boot/loader/entries/ - copy the default entry.
vim /boot/loader/entries/arch.conf - edit the default entry. Using blkid, UUID must be the UUID (not PARTUUID) of /dev/sda2 (not of /dev/mapper/cryptlvm or /dev/mapper/vg-root).

title   Arch Linux
linux   /vmlinuz-linux
initrd  /intel-ucode.img
initrd  /initramfs-linux.img
options root=/dev/mapper/vg-root rd.luks.name=UUID=cryptlvm rd.luks.options=timeout=0 rootflags=x-systemd.device-timeout=0 quiet loglevel=3 vga=current

vim /etc/mkinitcpio.conf - edit the initial ramdisk environment script.

...
HOOKS=(base systemd autodetect modconf keyboard block sd-encrypt sd-lvm2 filesystems fsck)
...

mkinitcpio -p linux - regenerate the initial ramdisk environment.

Network

There is no need to install dhcpd since systemd-networkd can handle DHCP as well.
ip l - find the names of the interfaces.
vim /etc/systemd/network/25-wired-wireless.network - add a configuration file with the respective interfaces.

[Match]
Name=enp2s0f0 wlan0

[Network]
DHCP=yes

Enable / start services after the booting into the new system (see Post section below).

Packages

pacman -S reflector - install reflector for optimizing mirrors.
reflector -p http --save /etc/pacman.d/mirrorlist - find the best mirror and update mirrorlist.
su martins - switch to the newly created user for running trizen as non-root.
Follow the trizen setup here and install the base list. Install other lists as you see fit.

Finalization

exit - exit the environment. You might repeat till you get back to the Live USB.
umount -R /mnt - recursively unmount the mounted partitions.

Post

Reboot into the new system.
systemd enable systemd-networkd.service - enable the networking service.
systemd enable systemd-resolved.service - enable the resolver service for local applications.
systemd start systemd-networkd.service - start the networking service.
systemd start systemd-resolved.service - start the resolver service for local applications.
ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf - redirect to the local stub DNS resolver file.

Extra

lists - Arch Linux package lists.
dotfiles - Linux dotfiles.
network - notes on safe network setup.
gpg - GPG key management.