My luks encrypted arch linux installation

My luks encrypted arch linux installation

loadkeys de-latin1

# ethernet
# get interface name:
ls /sys/class/net
# connect: dhcpcd <interface>

# create 3 partitons:
cgdisk /dev/sda
# 100MB partition
# 250MB partition (bootable flag!)
# 100% size partiton

mkfs.vfat -F32 /dev/sda1
mkfs.ext2 /dev/sda2

cryptsetup -c aes-xts-plain64 -y --use-random luksFormat /dev/sda3
cryptsetup luksOpen /dev/sda3 luks

pvcreate /dev/mapper/luks
vgcreate vg0 /dev/mapper/luks
lvcreate --size 4G vg0 --name swap
lvcreate -l +100%FREE vg0 --name root

mkfs.ext4 /dev/mapper/vg0-root
mkswap /dev/mapper/vg0-swap

mount /dev/mapper/vg0-root /mnt
swapon /dev/mapper/vg0-swap
mkdir /mnt/boot
mount /dev/sda2 /mnt/boot
mkdir /mnt/boot/efi
mount /dev/sda1 /mnt/boot/efi

pacstrap /mnt base base-devel grub-efi-x86_64 zsh vim git efibootmgr dialog wpa_supplicant

genfstab -pU /mnt >> /mnt/etc/fstab
echo "tmpfs	/tmp	tmpfs	defaults,noatime,mode=1777	0	0" >> /mnt/etc/fstab

arch-chroot /mnt /bin/bash

sudo pacman -S linux lvm2

ln -s /usr/share/zoneinfo/Europe/Berlin /etc/localtime
hwclock --systohc --utc

echo arch > /etc/hostname

echo LANG=de_DE.UTF-8 >> /etc/locale.conf
echo LANGUAGE=de_DE  >> /etc/locale.conf
echo LC_ALL=C >> /etc/locale.conf
echo KEYMAP=de-latin1-nodeadkeys >> /etc/vconsole.conf

echo "de_DE.UTF-8 UTF-8" >> /etc/locale.gen
locale-gen

passwd

useradd -m -g users -G wheel -s /bin/zsh USER
passwd USER

vim /etc/mkinitcpio.conf
# Add 'ext4' to MODULES
# Add 'encrypt' and 'lvm2' to HOOKS before filesystems
# 'keyboard' and 'keymap' before 'autodetect' !!

mkinitcpio -p linux

grub-install
In /etc/default/grub edit the line GRUB_CMDLINE_LINUX to GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda3:luks:allow-discards" then run:
grub-mkconfig -o /boot/grub/grub.cfg

exit

umount -R /mnt
swapoff -a

reboot