setup

setup

Notes on Arch Linux system setup.

Notes

Be very careful as some of the following instructions will have permanent effect on your devices! Edit the parameters as necessary.

Preperation

• cryptsetup open --type plain -d /dev/urandom /dev/sda temp - create a temporary encrypted container named temp on the /dev/sda partition to be encrypted.
• dd if=/dev/zero of=/dev/mapper/temp bs=4M status=progress - fill the container with zeros.
• cryptsetup close temp - close the temporary container.

Partitioning

• parted /dev/sda mklabel gpt - create a new gpt partition label.
• parted /dev/sda mkpart boot fat32 0% 512M - create the boot partition.
• parted /dev/sda set 1 boot on - set the boot flags for the boot partition.
• parted /dev/sda mkpart boot ext4 512M 100% - create the system partition.

Encryption

• cryptsetup luksFormat --type luks2 /dev/sda2 - initialize the LUKS2 header on the system partition.
• cryptsetup luksDump /dev/sda2 - check the LUKS2 header.
• cryptsetup luksOpen /dev/sda2 cryptlvm - open the encrypted system partition and map it to /dev/mapper/cryptlvm.

Logical volume management

• pvcreate /dev/mapper/cryptlvm - create a new physical volume from the encrypted system partition.
• vgcreate vg /dev/mapper/cryptlvm - create a new volume group vg.
• lvcreate --size 16G --name root vg - create a new logical volume root inside the vg.
• lvcreate --extents 100%FREE --name home vg - create a new logical volume home inside the vg, taking up the remaining space.

Filesystems

• mkfs.ext4 /dev/mapper/vg-root - make a filesystem for the vg-root logical volume.
• mkfs.ext4 /dev/mapper/vg-home - make a filesystem for the vg-home logical volume.
• mkfs.fat /dev/sda1 - make a filesystem for the boot partition.
• mount /dev/mapper/vg-root /mnt - mount the vg-root.
• mkdir /mnt/home - create the home dir.
• mount /dev/mapper/vg-home /mnt/home - mount thehome` dir.
• mkdir /mnt/boot - create the boot dir.
• mount /dev/sda1 /mnt/boot - create the boot dir.

Installation

• pacstrap /mnt base base-devel - install base and base-devel packages. Note that you might want to install packages like zsh, git, wpa_supplicant, etc. here.
• genfstab -U /mnt > /mnt/etc/fstab - write the currently mounted filesystems to the new system.
• arch-chroot /mnt - chroot to the new system.

Configuration

Locale

• vi /etc/locale.gen - edit the locale file.
• locale-gen - generate the chosen locales.
• localectl set-locale LANG=en_US.UTF-8 - set the locale.

Time

• timedatectl set-timezone Europe/Stockholm - set the timezone.
• timedatectl set-ntp true - enable network time sync.

Hostname

• vi /etc/hostname - edit the hostname.

User

• useradd -s /bin/zsh martins - create a new user martins.
• passwd martins - set the password for martins.
• passwd root - set the password for root.
• visudo - edit sudo user permissions.

Boot

• bootctl install - install the systemd-boot bootloader.
• vi /boot/loader/loader.conf - edit the bootloader conf.

default arch
editor 0
timeout 3
console-mode max

• cp /usr/share/systemd/bootcl/arch.conf /boot/loader/entries/ - copy the default entry.
• vi /boot/loader/loader.conf - edit the default entry. UUID must be the UUID (not PARTUUID) of /dev/sda2 (not of /dev/mapper/cryptlvm or /dev/mapper/vg-root).

title   Arch Linux
linux   /vmlinuz-linux
initrd  /intel-ucode.img
initrd  /initramfs-linux.img
options root=/dev/mapper/vg-root rd.luks.name=UUID=cryptlvm rd.luks.options=timeout=0 rootflags=x-systemd.device-timeout=0 quiet loglevel=3 vga=current

• vi /etc/mkinitcpio.conf - edit the initial ramdisk environment script.

...
HOOKS=(base systemd autodetect keyboard modconf block sd-encrypt sd-lvm2 filesystems fsck)
...

• mkinitcpio -p linux - regenerate the initial ramdisk environment.