Forked from mattiaslundberg/arch-linux-install
Last active
February 15, 2022 19:58
Revisions
-
maykonchagas revised this gist
Feb 15, 2022 . 1 changed file with 12 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -129,3 +129,15 @@ cryptsetup luksOpen /dev/nvme0n1p2 arch vgscan --mknodes vgchange -ay lvscan # Post-installation ## Install i3 pacman -S dialog wpa_supplicant openssl xorg xorg-xinit xorg-server lightdm lightdm-gtk-greeter i3-gaps ### Create xinitrc `exec i3` ## Install nvidia-drivers pacman -S nvidia nvidia-utils nvidia-settings -
Feb 15, 2022 . 1 changed file with 26 additions and 5 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -85,10 +85,31 @@ HOOKS=(base udev autodetect modconf block encrypt lvm2 keymap filesystems keyboa # Regenerate initrd image mkinitcpio -p linux # Setup systemd-boot (bootctl) `bootctl --path=/boot/ install` Create bootloader. Edit `/boot/loader/loader.conf`. Replace the file's contents with: ``` default arch timeout 3 editor 0 ``` The editor 0 ensures the configuration can't be changed on boot. Next create a bootloader entry in /boot/loader/entries/arch.conf ``` title Arch Linux linux /vmlinuz-linux initrd /initramfs-linux.img options cryptdevice=UUID={UUID}:encryptd root=/dev/volume/root quiet rw ``` Replace {UUID} with the UUID of /dev/sda2ornvme0n1p2. In order to get the UUID run the following command: `blkid` Or, while stil in vim, run the following command (replacing /dev/sda2 with the relevant partition): `:read ! blkid /dev/sda2` # Exit new system and go into the cd shell exit @@ -104,7 +125,7 @@ reboot ## Broken configuration If something went go wrong you need to open the LVM VG cryptsetup luksOpen /dev/nvme0n1p2 arch vgscan --mknodes vgchange -ay lvscan -
Aug 29, 2021 . 1 changed file with 9 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -99,3 +99,12 @@ swapoff -a # Reboot into the new system, don't forget to remove the cd/usb reboot ## Broken configuration If something went go wrong you need to open the LVM VG cryptsetup luksOpen /dev/nvme0n1p2 archie vgscan --mknodes vgchange -ay lvscan -
MChagas revised this gist
Apr 24, 2020 . 1 changed file with 51 additions and 47 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,89 +1,93 @@ # Install ARCH Linux with encrypted file-system and UEFI # The official installation guide (https://wiki.archlinux.org/index.php/Installation_Guide) contains a more verbose description. ## Download the archiso image from https://www.archlinux.org/ ## Copy to a usb-drive $ dd if=archlinux.img of=/dev/sdX bs=16M && sync # on linux # Boot from the usb. If the usb fails to boot, make sure that secure boot is disabled in the BIOS configuration. ## Set brazilian portuguese keymap loadkeys br-abnt2 ## Create partitions $ cgdisk /dev/sdX 1 100MB EFI partition # Hex code ef00 2 100% size partiton # (to be encrypted) Hex code 8300 $ mkfs.vfat -F32 /dev/sdX1 ## Setup the encryption of the system $ cryptsetup -v --type luks --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 --use-random --verify-passphrase luksFormat /dev/sdX2 cryptsetup luksOpen /dev/sdX2 archie ## Create encrypted partitions ## This creates one partions for root, modify if /home or other partitions should be on separate partitions $ pvcreate /dev/mapper/archie $ vgcreate ecnryptd /dev/mapper/archie $ lvcreate --size 1G encryptd --name swap $ lvcreate --size 96G encryptd --name root $ lvcreate -l +100%FREE encryptd --name home ## Create filesystems on encrypted partitions $ mkfs.ext4 /dev/mapper/encryptd-root $ mkfs.ext4 /dev/mapper/encryptd-home $ mkswap /dev/mapper/encryptd-swap ## Mount the new system $ mount /dev/mapper/encryptd-root /mnt # /mnt is the installed system $ swapon /dev/mapper/encryptd-swap # Not needed but a good thing to test $ mkdir /mnt/boot $ mount /dev/sdX1 /mnt/boot # Install the system also includes stuff needed for starting wifi when first booting into the newly installed system # Unless vim and zsh are desired these can be removed from the command pacstrap /mnt base base-devel linux linux-firmware mkinitcpio cryptsetup lvm2 zsh vim git efibootmgr dialog wpa_supplicant # 'install' fstab $ genfstab -pU /mnt >> /mnt/etc/fstab ## Make /tmp a ramdisk (add the following line to /mnt/etc/fstab) $ tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0 # Change relatime on all non-boot partitions to noatime (reduces wear if using an SSD) ## Enter the new system $ arch-chroot /mnt /bin/bash ## Setup system clock $ ln -s /usr/share/zoneinfo/America/Sao_Paulo /etc/localtime $ hwclock --systohc --utc # Set the hostname $ echo $MYHOSTNAME > /etc/hostname # choose an hostname and change on MYHOSTNAME variable ## Update locale $ echo LANG=pt_BR.UTF-8 >> /etc/locale.conf $ echo LANGUAGE=pt_BR >> /etc/locale.conf $ echo LC_ALL=C >> /etc/locale.conf ## Set password for root $ passwd # Add real user remove -s flag if you don't whish to use zsh $ useradd -m -g users -G wheel -s /bin/zsh MYUSERNAME $ passwd MYUSERNAME # Configure mkinitcpio with modules needed for the initrd image $ vim /etc/mkinitcpio.conf ## Add 'ext4' to MODULES MODULES=(ext4) ## Add 'encrypt' and 'lvm2' and 'keymap' to HOOKS before filesystems HOOKS=(base udev autodetect modconf block encrypt lvm2 keymap filesystems keyboard fsck) # Regenerate initrd image mkinitcpio -p linux # Setup grub grub-install In /etc/default/grub edit the line GRUB_CMDLINE_LINUX to GRUB_CMDLINE_LINUX="cryptdevice=/dev/sdX2:luks:allow-discards" then run: grub-mkconfig -o /boot/grub/grub.cfg # Exit new system and go into the cd shell -
Apr 9, 2020 . 1 changed file with 12 additions and 18 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -10,46 +10,40 @@ dd if=archlinux.img of=/dev/sdX bs=16M && sync # on linux # Set swedish keymap loadkeys br-abnt2 # Create partitions cgdisk /dev/sdX 1 100MB EFI partition # Hex code ef00 2 100% size partiton # (to be encrypted) Hex code 8300 mkfs.vfat -F32 /dev/sdX1 # Setup the encryption of the system cryptsetup -v --type luks --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 --use-random --verify-passphrase luksFormat /dev/sdX2 cryptsetup luksOpen /dev/sdX2 archie # Create encrypted partitions # This creates one partions for root, modify if /home or other partitions should be on separate partitions pvcreate /dev/mapper/archie vgcreate ecnryptd /dev/mapper/archie lvcreate --size 1G encryptd --name swap lvcreate --size 96G encryptd --name root lvcreate -l +100%FREE encryptd --name home # Create filesystems on encrypted partitions mkfs.ext4 /dev/mapper/encryptd-root mkfs.ext4 /dev/mapper/encryptd-home mkswap /dev/mapper/encryptd-swap # Mount the new system mount /dev/mapper/encryptd-root /mnt # /mnt is the installed system swapon /dev/mapper/encryptd-swap # Not needed but a good thing to test mkdir /mnt/boot mount /dev/sdX1 /mnt/boot # Install the system also includes stuff needed for starting wifi when first booting into the newly installed system # Unless vim and zsh are desired these can be removed from the command pacstrap /mnt base base-devel linux linux-firmware mkinitcpio cryptsetup lvm2 zsh vim git efibootmgr dialog wpa_supplicant # 'install' fstab genfstab -pU /mnt >> /mnt/etc/fstab @@ -61,15 +55,15 @@ tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0 arch-chroot /mnt /bin/bash # Setup system clock ln -s /usr/share/zoneinfo/America/Sao_Paulo /etc/localtime hwclock --systohc --utc # Set the hostname echo MYHOSTNAME > /etc/hostname # Update locale echo LANG=pt_BR.UTF-8 >> /etc/locale.conf echo LANGUAGE=pt_BR >> /etc/locale.conf echo LC_ALL=C >> /etc/locale.conf # Set password for root -
Apr 9, 2020 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -49,7 +49,7 @@ mount /dev/sdX1 /mnt/boot/efi # Install the system also includes stuff needed for starting wifi when first booting into the newly installed system # Unless vim and zsh are desired these can be removed from the command pacstrap /mnt base base-devel linux mkinitcpio cryptsetup lvm2 grub-efi-x86_64 zsh vim git efibootmgr dialog wpa_supplicant # 'install' fstab genfstab -pU /mnt >> /mnt/etc/fstab @@ -82,7 +82,7 @@ passwd # Configure mkinitcpio with modules needed for the initrd image vim /etc/mkinitcpio.conf # Add 'ext4' to MODULES # Add 'encrypt' and 'lvm2' and 'keymap' to HOOKS before filesystems # Regenerate initrd image mkinitcpio -p linux -
Apr 9, 2020 . 1 changed file with 12 additions and 10 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -8,7 +8,7 @@ dd if=archlinux.img of=/dev/sdX bs=16M && sync # on linux # Boot from the usb. If the usb fails to boot, make sure that secure boot is disabled in the BIOS configuration. # Set swedish keymap loadkeys br-abnt2 # This assumes a wifi only system... wifi-menu @@ -24,30 +24,32 @@ mkfs.ext2 /dev/sdX2 # Setup the encryption of the system cryptsetup -c aes-xts-plain64 -y --use-random luksFormat /dev/sdX3 cryptsetup luksOpen /dev/sdX3 archie # Create encrypted partitions # This creates one partions for root, modify if /home or other partitions should be on separate partitions pvcreate /dev/mapper/luks vgcreate ecnryptd /dev/mapper/luks lvcreate --size 1G encryptd --name swap lvcreate --size 96G encryptd --name root lvcreate -l +100%FREE encryptd --name home # Create filesystems on encrypted partitions mkfs.ext4 /dev/mapper/encryptd-root mkfs.ext4 /dev/mapper/encryptd-root mkswap /dev/mapper/encryptd-swap # Mount the new system mount /dev/mapper/encryptd-root /mnt # /mnt is the installed system swapon /dev/mapper/encryptd-swap # Not needed but a good thing to test mkdir /mnt/boot mount /dev/sdX2 /mnt/boot mkdir /mnt/boot/efi mount /dev/sdX1 /mnt/boot/efi # Install the system also includes stuff needed for starting wifi when first booting into the newly installed system # Unless vim and zsh are desired these can be removed from the command pacstrap /mnt base base-devel linux grub-efi-x86_64 zsh vim git efibootmgr dialog wpa_supplicant # 'install' fstab genfstab -pU /mnt >> /mnt/etc/fstab -
mattiaslundberg revised this gist
Aug 21, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -74,7 +74,7 @@ echo LC_ALL=C >> /etc/locale.conf passwd # Add real user remove -s flag if you don't whish to use zsh # useradd -m -g users -G wheel -s /bin/zsh MYUSERNAME # passwd MYUSERNAME # Configure mkinitcpio with modules needed for the initrd image -
Jan 7, 2016 . 1 changed file with 3 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -66,9 +66,9 @@ hwclock --systohc --utc echo MYHOSTNAME > /etc/hostname # Update locale echo LANG=en_US.UTF-8 >> /etc/locale.conf echo LANGUAGE=en_US >> /etc/locale.conf echo LC_ALL=C >> /etc/locale.conf # Set password for root passwd -
Sep 3, 2015 . 1 changed file with 14 additions and 8 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -3,21 +3,21 @@ # Download the archiso image from https://www.archlinux.org/ # Copy to a usb-drive dd if=archlinux.img of=/dev/sdX bs=16M && sync # on linux # Boot from the usb. If the usb fails to boot, make sure that secure boot is disabled in the BIOS configuration. # Set swedish keymap loadkeys sv-latin1 # This assumes a wifi only system... wifi-menu # Create partitions cgdisk /dev/sdX 1 100MB EFI partition # Hex code ef00 2 250MB Boot partition # Hex code 8300 3 100% size partiton # (to be encrypted) Hex code 8300 mkfs.vfat -F32 /dev/sdX1 mkfs.ext2 /dev/sdX2 @@ -47,12 +47,13 @@ mount /dev/sdX1 /mnt/boot/efi # Install the system also includes stuff needed for starting wifi when first booting into the newly installed system # Unless vim and zsh are desired these can be removed from the command pacstrap /mnt base base-devel grub-efi-x86_64 zsh vim git efibootmgr dialog wpa_supplicant # 'install' fstab genfstab -pU /mnt >> /mnt/etc/fstab # Make /tmp a ramdisk (add the following line to /mnt/etc/fstab) tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0 # Change relatime on all non-boot partitions to noatime (reduces wear if using an SSD) # Enter the new system arch-chroot /mnt /bin/bash @@ -64,6 +65,11 @@ hwclock --systohc --utc # Set the hostname echo MYHOSTNAME > /etc/hostname # Update locale echo LANG=en_US.UTF-8 > /etc/locale.conf echo LANGUAGE=en_US > /etc/locale.conf echo LC_ALL=C > /etc/locale.conf # Set password for root passwd -
Jan 26, 2015 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -81,7 +81,7 @@ mkinitcpio -p linux # Setup grub grub-install In /etc/default/grub edit the line GRUB_CMDLINE_LINUX to GRUB_CMDLINE_LINUX="cryptdevice=/dev/sdX3:luks:allow-discards" then run: grub-mkconfig -o /boot/grub/grub.cfg # Exit new system and go into the cd shell -
Jan 25, 2014 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,95 @@ # Install ARCH Linux with encrypted file-system and UEFI # The official installation guide (https://wiki.archlinux.org/index.php/Installation_Guide) contains a more verbose description. # Download the archiso image from https://www.archlinux.org/ # Copy to a usb-drive dd if=archlinux.img of=/dev/sdX bs=16M # on linux # Boot from the usb. If the usb fails to boot, make sure that secure boot is disabeled in the BIOS configuration. # Set swedish keymap loadkeys sv-latin1 # This assumes a wifi system... wifi-menu wlo1 # wlo1 is the device name, use ip link to find your actual name # Create partitions cgdisk /dev/sdX 1 100MB EFI partition 2 250MB Boot partition 3 100% size partiton # (to be encrypted) mkfs.vfat -F32 /dev/sdX1 mkfs.ext2 /dev/sdX2 # Setup the encryption of the system cryptsetup -c aes-xts-plain64 -y --use-random luksFormat /dev/sdX3 cryptsetup luksOpen /dev/sdX3 luks # Create encrypted partitions # This creates one partions for root, modify if /home or other partitions should be on separate partitions pvcreate /dev/mapper/luks vgcreate vg0 /dev/mapper/luks lvcreate --size 8G vg0 --name swap lvcreate -l +100%FREE vg0 --name root # Create filesystems on encrypted partitions mkfs.ext4 /dev/mapper/vg0-root mkswap /dev/mapper/vg0-swap # Mount the new system mount /dev/mapper/vg0-root /mnt # /mnt is the installed system swapon /dev/mapper/vg0-swap # Not needed but a good thing to test mkdir /mnt/boot mount /dev/sdX2 /mnt/boot mkdir /mnt/boot/efi mount /dev/sdX1 /mnt/boot/efi # Install the system also includes stuff needed for starting wifi when first booting into the newly installed system # Unless vim and zsh are desired these can be removed from the command pacstrap /mnt base base-devel grub-efi-x86_64 zsh vim efibootmgr dialog wpa_supplicant # 'install' fstab genfstab -pU /mnt >> /mnt/etc/fstab # Make /tmp a ramdisk (add the following line to /mnt/etc/fstab) tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0 # Enter the new system arch-chroot /mnt /bin/bash # Setup system clock ln -s /usr/share/zoneinfo/Europe/Stockholm /etc/localtime hwclock --systohc --utc # Set the hostname echo MYHOSTNAME > /etc/hostname # Set password for root passwd # Add real user remove -s flag if you don't whish to use zsh # useradd -m -g users -G wheel,storage,power -s /bin/zsh MYUSERNAME # passwd MYUSERNAME # Configure mkinitcpio with modules needed for the initrd image vim /etc/mkinitcpio.conf # Add 'ext4' to MODULES # Add 'encrypt' and 'lvm2' to HOOKS before filesystems # Regenerate initrd image mkinitcpio -p linux # Setup grub grub-install In /etc/default/grub edit the line GRUB_CMDLINE_LINUX to GRUB_CMDLINE_LINUX="cryptdevice=/dev/sdX3:luks" then run: grub-mkconfig -o /boot/grub/grub.cfg # Exit new system and go into the cd shell exit # Unmount all partitions umount -R /mnt swapoff -a # Reboot into the new system, don't forget to remove the cd/usb reboot