- 2021-01-08 Updated with instructions on LTS kernel.
Into
Recently made a fresh Arch Linux install.
The setup will looks like this. One HDD with 2 partitions. The first one is unencrypted and contains EFI and boot. Second contains the system and user home. This partition will be encrypted with LUKS and contain a EXT4 file system. For boot systemd-boot will be used.
The LUKS device contains a header with data about the device. If something would happen to the device this header data is crucial when restoring. So take a backup of that data.
Install
gdisk /dev/nvme0n1 # Disk for
# Remove all partitions
# Create two new partitions
# +1GB EF00 EFI and boot
# rest of disk 8300 home and system
mkfs.fat -F32 /dev/nvmw0n1p1
# Create LUKS device
# Check the results
# Create header backup
# Mount the device
cryptsetup -v --use-random luksFormat /dev/nvmw0n1p2
cryptsetup luksDump /dev/nvmw0n1p2
cryptsetup luksHeaderBackup /dev/nvme0n1p2 --header-backup-file luks_header_backup_`date +%Y-%m-%d`
cryptsetup luksOpen /dev/nvmw0n1p2 cryptroot
# Create file system on luks device
mkfs.ext4 /dev/mapper/cryptroot
# Mount partitions
mount /dev/mapper/cryptroot /mnt
mkdir -p /mnt/boot
mount /dev/nvmw0n1p1 /mnt/boot
# Connect to wifi
wifi-menu
pacstrap /mnt base base-devel linux linux-lts linux-firmware intel-ucode git emacs sudo networkmanager bash-completion
genfstab -pU /mnt >> /mnt/etc/fstab
arch-chroot /mnt /bin/bash
timedatectl set-timezone Europe/Stockholm
hwclock --systohc --utc
# Set host name
echo arch > /etc/hostname
emacs /etc/locale.gen
# uncomment:
# en_US.UTF-8 UTF-8
locale-gen
echo LANG=en_US.UTF-8 > /etc/locale.conf
echo LANGUAGE=en_US >> /etc/locale.conf
echo LC_ALL=C >> /etc/locale.conf
# Set root password
passwd
# Create new user
useradd -m -g users -G wheel,video john
# Set user password
passwd john
EDITOR=emacs visudo
# Uncomment line:
# %wheel ALL=(ALL) ALL
emacs /etc/mkinitcpio.conf
# Open mkinitcpio.conf and add the following to each section:
# MODULES=(ext4)
# On 'HOOKS' add 'encrypt' before 'filesystem'
# Something like this:
# HOOKS=(base udev autodetect modconf block encrypt filesystems keyboard fsck)
mkinitcpio -p linux
bootctl --path=/boot install
echo 'default arch' >> /boot/loader/loader.conf
echo 'timeout 5' >> /boot/loader/loader.conf
# Get the PARTUUID from the system partition into arch.conf
blkid -s PARTUUID -o value /dev/nvme1n1p2 >> /boot/loader/entries/arch.conf
emacs /boot/loader/entries/arch.conf
# Add the following content to arch.conf
# The partition <PARTUUID> is already in the file.
title Arch Linux
linux /vmlinuz-linux
initrd /intel-ucode.img
initrd /initramfs-linux.img
options cryptdevice=PARTUUID=<PARTUUID>:cryptroot root=/dev/mapper/cryptroot rw
# Exit new system and go into the cd shell
exit
# Unmount all
umount -R /mnt
# Reboot system
shutdown -r nowStart NetworkManager and connect to a wifi in the new system.
systemctl start NetworkManager
systemctl enable NetworkManager
nmcli device wifi connect <SSID|BSSID> password <password>LTS kernel
A LTS kernel is installed in the pacstrap process. I recommend to add that
as a boot option to systemd-boot. File location is
/boot/loader/entries/arch-lts.conf.
title Arch Linux LTS
linux /vmlinuz-linux-lts
initrd /intel-ucode.img
initrd /initramfs-linux-lts.img
options cryptdevice=PARTUUID=<PARTUUID>:cryptroot root=/dev/mapper/cryptroot rwWhen the system boots the default kernel with be the latest one, but you can choose to boot the LTS kernel if you want. This can be good if somethings is wrong with the latest kernel and the fallback is somehow unusable.
Extra
Small set of packages to get up and running with a desktop environment plus some good to have.
alacritty
acpi
chromium
clojure
emacs
fwupd
htop
jdk11-openjdk
sway
swaylock
swayidle
openssh
wofi
xorg-server-xwayland
pass