Skip to content

Instantly share code, notes, and snippets.

@adamarbour

adamarbour/chimera-linux-fieldnotes.md

Last active March 17, 2024 02:58
Show Gist options
  • Save adamarbour/b28d552560a5387f8174ae6cd6c199b9 to your computer and use it in GitHub Desktop.
Save adamarbour/b28d552560a5387f8174ae6cd6c199b9 to your computer and use it in GitHub Desktop.
Download ZIP
Field notes from installing Chimera
Raw
chimera-linux-fieldnotes.md

Welcome to Chimera Linux

This contains the field notes from installing Chimera Linux on my Lenovo z13. The primary considerations taken in this are:

  • BSD style userland + dinit initialization
  • Musl + LLVM toolchain
  • LUKs encryption on root + LVM for hibernation
  • UEFI UKI - no need for the bootloader
  • Emacs + EXWM

Partition & Bootstrap

# Set the device we will use (i.e. /dev/nvme0n1)
DEVICE=/dev/<DEVICE>
wipefs -a $DEVICE
fdisk $DEVICE

###### Partition scheme...
#   - 300M  vfat                 /efi
#   - 100%  luks  cryptroot
#       |-  lvm   vg1
#       |-- lv    vg1-TP--root   /
#       |-- lv    vg1-TP--swap   -swap-   NOTE: Memory size + 2G

# Make sure we have the requirements
apk add cryptsetup-scripts lvm2 dosfstools

# Setup the encrypted root
cryptsetup luksFormat /dev/<DEVICE>p2
cryptsetup config /dev/<DEVICE>p2 --label CRYPTROOT
cryptsetup luksOpen /dev/disk/by-label/CRYPTROOT cryptroot

# Setup the volume group
vgcreate vg1 /dev/mapper/cryptroot
lvcreate -L 32GB -n TP-swap vg1
lvcreate -l 100%FREE -n TP-root vg1

# Setup the swap
mkswap -L SWAP /dev/mapper/vg1-TP--swap
swapon -L SWAP

# Create the partitions
mkfs.vfat -n EFI -F32 /dev/<DEVICE>p1
mkfs.xfs -L ROOTFS /dev/mapper/vg1-TP--root -f

# Mount them to their appropriate locations
mount -m -L ROOTFS /mnt
chmod 755 /mnt
mkdir -p /mnt/efi
mount -m -L EFI /mnt/efi

# Bootstrap
chimera-bootstrap /mnt

Prepare System

# Chroot
chimera-chroot /mnt

# Update & Upgrade
apk update
apk upgrade --available

# Add contrib
apk add chimera-repo-contrib
apk update

## Kernel & ucode
apk add linux-stable ucode-amd firmware-linux-amd-sev firmware-linux-amd-ucode

# Needed tools
apk add base-cbuild-bootstrap bash-completion cryptsetup-scripts lvm2 efibootmgr efivar sbctl systemd-boot-efi bluez wireless-tools networkmanager curl wget2 flatpak pipewire xserver-xorg mesa mesa-dri mesa-opencl mesa-utils mesa-vaapi mesa-vulkan fonts-freefont-otf

# Switch shell
chsh -s /bin/bash && bash

# Set variables... you need to configure these
HOSTNAME=localhost
TZ=UTC
USER=dummy
CRYPTROOT=$(blkid -o value -s UUID /dev/disk/by-label/CRYPTROOT)

# Generate fstab
genfstab / > /etc/fstab
echo "tmpfs /tmp tmpfs defaults,noatime,mode=1777,size=8G 0 0" >> /etc/fstab

# Set password and allow login prompt
passwd
dinitctl -o enable agetty-ttyS0

# Set timezone
ln -sf /usr/share/zoneinfo/$TZ /etc/localtime
echo utc > /etc/hwclock

# Set hostname
echo $HOSTNAME > /etc/hostname

# Add user
useradd -m -g users -G wheel,kvm -s /bin/bash $USER
passwd $USER

# Setup cron folders (enable snooze)
mkdir /etc/cron.{daily,hourly,monthly,weekly}
dinitctl -o enable snooze-daily && \
dinitctl -o enable snooze-hourly && \
dinitctl -o enable snooze-monthly && \
dinitctl -o enable snooze-weekly

# Setup fstrim
cat <<EOF >> /etc/cron.weekly/fstrim
#!/bin/sh

fstrim /
EOF
chmod +x /etc/cron.weekly/fstrim

# Swappiness
mkdir -p /etc/sysctl.d/
echo vm.swappiness=10 > /etc/sysctl.d/99-swappiness.conf

# Networking
mkdir -p /etc/NetworkManager/conf.d
echo -e "[main]\nrc-manager=resolvconf" > /etc/NetworkManager/conf.d/rc-manager.conf
dinitctl -o enable networkmanager

# Wifi
cat <<EOF >> /etc/iwd/main.conf
[Network]
NameResolvingService=resolvconf
EOF

cat <<EOF >> /etc/NetworkManager/conf.d/wifi_backend.conf
[device]
wifi.backend=iwd
EOF
dinitctl -o enable iwd

initramfs + efistub

# Prepare the crypttab
echo -e "cryptroot\tUUID=$CRYPTROOT\tnone\tluks,discard" > /etc/crypttab

# Add initram configs
echo COMPRESS=lz4 > /etc/initramfs-tools/conf.d/compress.conf
echo RESUME=resume=/dev/mapper/vg1-TP--swap > /etc/initramfs-tools/conf.d/resume.conf

# Add specifics for initram and rebuild initram
update-initramfs -c -k all

# Prepare the cmdline
mkdir -p /etc/kernel/
echo "root=/dev/mapper/vg1-TP--root rootfstype=xfs rw quiet loglevel=3 udev.log_level=3" > /etc/kernel/cmdline

# Prepare the bundle
mkdir -p /efi/EFI/Linux
sbctl create-keys
sbctl enroll-keys -im
sbctl bundle -s --esp /efi \
-o /etc/os-release
-f /boot/initrd.img-%VERSION \
-k /boot/vmlinuz-%VERSION \
/efi/EFI/Linux/linuz-linux.efi
sbctl sign -s /efi/EFI/Linux/linuz-linux.efi

# Add the kernel to the boot manager
efibootmgr --create --disk $DEVICE --label "Chimera Linux" --loader 'EFI\Linux\linuz-linux.efi' --unicode

Reboot

exit && exit
swapoff -a
umount -R /mnt
reboot
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment