ansulev/inst-arch-openrc-btrfs-enc-home

## inst-arch-openrc-btrfs-enc-home
# Install Arch Linux with OpenRC on Btrfs with Encrypted Home directory
# The official guide: https://wiki.archlinux.org/index.php/Installation_Guide
# OpenRC on Arch Wiki: https://wiki.archlinux.org/index.php/OpenRC
# Arch OpenRC: https://sourceforge.net/projects/archopenrc/files/arch-openrc

# Download the arch-openrc image from https://sourceforge.net/projects/archopenrc/files/latest/download
# Copy to a usb-drive
dd bs=16M if=archlinux.iso of=/dev/sdx status=progress oflag=sync # on linux

# Boot from the usb...
# Set spanish keymap
loadkeys es

# This assumes a wifi only system and wpa-psk encryption. Adjust for your network:
create  MYNETWORK.conf
network={
ssid="MYSSID"
psk="MYPSK"
priority=3
}
and connect:
wpa_supplicant -B -i wlp3s0 -c MYNETWORK.conf && dhcpcd wlp3s0

# Create partitions (50 GB root, 880 home)
cfdisk

# Create luks container for home
cryptsetup luskFormat /dev/sda2

# Create filesystems, no swap
mkfs.btrfs /dev/sda1 # root
mkfs.btrfs /dev/sda2 # home

# Mount partitions
mkdir /mnt/home
mount -o noatime,ssd,compress=lzo,autodefrag /dev/sda2 /mnt/
mount -o noatime,ssd,compress=lzo,autodefrag /dev/sda1 /mnt/home

# Install the system, wifi and some tools
pacstrap /mnt base base-devel grub vim wpa_supplicant btrfs-progs

# Create fstab
genfstab -p /mnt >> /mnt/etc/fstab
vi /etc/fstab
....
/dev/sda1   /   btrfs   rw,defaults,noatime,compress=lzo,autofefrag,commit=120,space_cache,subvolid=5,subvol=/  0 0
/dev/sda2   /   btrfs   rw,defaults,noatime,compress=lzo,autodefrag,commit=120,space_cache,subvolid=5,subvol=/  0 0
tmpfs       /tmp    tmpfs   nodev,nosuid    0 0
...

# Enter the new system
arch-chroot /mnt /bin/bash

# Setup system clock
ln -s /usr/share/zoneinfo/Europe/Madrid /etc/localtime
hwclock --systohc --utc

# Set the hostname
echo hostname="MYHOSTNAME" > /etc/conf.d/hostname

# Update locale
echo LANG=en_US.utf8 >> /etc/locale.conf
echo LANGUAGE=en_US >> /etc/locale.conf
echo LC_ALL=C >> /etc/locale.conf

# Set virtual console lang and font
echo keymap=es >> /etc/conf.d/keymaps
echo consolefont=Lat2-Terminus16 >> /etc/conf.d/consolefont

# Set password for root
passwd

# Add real user
useradd -m -g users -G lp,wheel,storage,optical,power,scanner,input -s /bin/bash MYUSERNAME
passwd MYUSERNAME

# Add the user to visudo
visudo

# Include the key in mkinitcpio FILES and add 'encrypt' hook before filesystems
vim /etc/mkinitcpio.conf
HOOKS="...encrypt filesystems ..."

# Regenerate initrd image
mkinitcpio -p linux

# Add "cryptdevice=/dev/sda2:crypthome" to GRUB_CMDLINE_LINUX_DEFAULT=""
vim /etc/default/grub
and to /etc/crypttab
...
crypthome /dev/sda2   none    luks
...

grub-mkconfig -o /boot/grub/grub.cfg
grub-install /dev/sda

# Exit new system and go into the cd shell
exit

# Unmount all partitions
umount -R /mnt

# Reboot into the new system, don't forget to remove the cd/usb
reboot

# Install needed services
pacman -S acpid-openrc alsa-utils-openrc autofs-openrc syslog-ng-openrc dnsmasq-openrc cronie-openrc procps-ng-nosystemd cups-openrc hdparm-openrc autofs-openrc fuse-openrc haveged-openrc netifrc upower-pm-utils consolekit-openrc polkit-consolekit cgmanager-openrc udisks2-nosystemd privoxy-openrc irqbalance tor-openrc samba-openrc displaymanager-openrc device-mapper-openrc lvm-openrc desktop-privileges lxsession

# Add needed services to default
# rc-update add consolekit default (and others) or
for daemon in acpid alsasound autofs dbus consolekit cronie cupsd xdm fuse haveged hdparm smb tor privoxy dnsmasq; do rc-update add $daemon default; done

# TODO: Make openrc init script for dnsmasq and profile-sync-daemon

# Optional: Install X, WM or DE. Optimize for powersave and performance

pacman -S consolekit-openrc xorg-server xf86-video-intel xf86-video-nouveau xorg-utils xorg-xbacklight xorg-xinput xorg-xinit openbox tint2 spacefm conky scite dmenu rxvt-unicode links clipit volumeicon feh xarchiver numix-themes faience-icon-theme aria2 bash-completion unzip unrar p7zip mlocate slock intel-ucode rfkill ttf-dejavu powertop htop nethogs

# Setup Xorg. Add kbd, touchpad, vga configuration files
/etc/X11/xorg.conf.d/

# Run Xorg as user
vim /etc/X11/Xwrapper.config
...
needs_root_rights = yes
...

# Dependency for yaourt
pacman -S --asdeps yajl

# Download from AUR and install package query as dependency and yaourt...
# Install Inox, IceCat, Sublime Text 3 and Disk Burner
yaourt -S inox-bin icecat-bin sublime-text-dev cdw

# Enable multilib and install lib32 programs and libs, some useful programs too.
pacman -S wine gimp epdfview libreoffice-fresh stardict-lite pidgin hunspell-en hunspell-es mythes-en mythes-es aspell-en aspell-es hyphen-en hyphen-es guvcview avidemux pragha pitivi winff handbrake mpv deadbeef gtk-recordmydesktop gparted ntfs-3g dosfstools graphicsmagick virtualbox virtualbox-guest-iso perl-file-mimeinfo pssh sshfs ghex geany

# Dependencies
pacman -S --asdeps lib32-giflib lib32-gnutls lib32-mpg123 lib32-openal lib32-alsa-plugins lib32-libxslt lib32-libxinerama qt5-x11extras  gst-plugins-ugly gst-libav

# Add vboxdrv to /etc/openrc/conf.d/modules

# Configure network (netfifrc) or use network-manager, connman, netcfg
vim /etc/conf.d/net
cd /etc/init.d/ && ln -s net.lo net.enp2s0f0

# Tuning system: /etc/sysctl.conf, /etc/modprobe.d/, /etc/conf.d/, ...
# Reboot ...
	# Install Arch Linux with OpenRC on Btrfs with Encrypted Home directory
	# The official guide: https://wiki.archlinux.org/index.php/Installation_Guide
	# OpenRC on Arch Wiki: https://wiki.archlinux.org/index.php/OpenRC
	# Arch OpenRC: https://sourceforge.net/projects/archopenrc/files/arch-openrc

	# Download the arch-openrc image from https://sourceforge.net/projects/archopenrc/files/latest/download
	# Copy to a usb-drive
	dd bs=16M if=archlinux.iso of=/dev/sdx status=progress oflag=sync # on linux

	# Boot from the usb...
	# Set spanish keymap
	loadkeys es

	# This assumes a wifi only system and wpa-psk encryption. Adjust for your network:
	create MYNETWORK.conf
	network={
	ssid="MYSSID"
	psk="MYPSK"
	priority=3
	}
	and connect:
	wpa_supplicant -B -i wlp3s0 -c MYNETWORK.conf && dhcpcd wlp3s0

	# Create partitions (50 GB root, 880 home)
	cfdisk

	# Create luks container for home
	cryptsetup luskFormat /dev/sda2

	# Create filesystems, no swap
	mkfs.btrfs /dev/sda1 # root
	mkfs.btrfs /dev/sda2 # home

	# Mount partitions
	mkdir /mnt/home
	mount -o noatime,ssd,compress=lzo,autodefrag /dev/sda2 /mnt/
	mount -o noatime,ssd,compress=lzo,autodefrag /dev/sda1 /mnt/home

	# Install the system, wifi and some tools
	pacstrap /mnt base base-devel grub vim wpa_supplicant btrfs-progs

	# Create fstab
	genfstab -p /mnt >> /mnt/etc/fstab
	vi /etc/fstab
	....
	/dev/sda1 / btrfs rw,defaults,noatime,compress=lzo,autofefrag,commit=120,space_cache,subvolid=5,subvol=/ 0 0
	/dev/sda2 / btrfs rw,defaults,noatime,compress=lzo,autodefrag,commit=120,space_cache,subvolid=5,subvol=/ 0 0
	tmpfs /tmp tmpfs nodev,nosuid 0 0
	...

	# Enter the new system
	arch-chroot /mnt /bin/bash

	# Setup system clock
	ln -s /usr/share/zoneinfo/Europe/Madrid /etc/localtime
	hwclock --systohc --utc

	# Set the hostname
	echo hostname="MYHOSTNAME" > /etc/conf.d/hostname

	# Update locale
	echo LANG=en_US.utf8 >> /etc/locale.conf
	echo LANGUAGE=en_US >> /etc/locale.conf
	echo LC_ALL=C >> /etc/locale.conf

	# Set virtual console lang and font
	echo keymap=es >> /etc/conf.d/keymaps
	echo consolefont=Lat2-Terminus16 >> /etc/conf.d/consolefont

	# Set password for root
	passwd

	# Add real user
	useradd -m -g users -G lp,wheel,storage,optical,power,scanner,input -s /bin/bash MYUSERNAME
	passwd MYUSERNAME

	# Add the user to visudo
	visudo

	# Include the key in mkinitcpio FILES and add 'encrypt' hook before filesystems
	vim /etc/mkinitcpio.conf
	HOOKS="...encrypt filesystems ..."

	# Regenerate initrd image
	mkinitcpio -p linux

	# Add "cryptdevice=/dev/sda2:crypthome" to GRUB_CMDLINE_LINUX_DEFAULT=""
	vim /etc/default/grub
	and to /etc/crypttab
	...
	crypthome /dev/sda2 none luks
	...

	grub-mkconfig -o /boot/grub/grub.cfg
	grub-install /dev/sda

	# Exit new system and go into the cd shell
	exit

	# Unmount all partitions
	umount -R /mnt

	# Reboot into the new system, don't forget to remove the cd/usb
	reboot

	# Install needed services
	pacman -S acpid-openrc alsa-utils-openrc autofs-openrc syslog-ng-openrc dnsmasq-openrc cronie-openrc procps-ng-nosystemd cups-openrc hdparm-openrc autofs-openrc fuse-openrc haveged-openrc netifrc upower-pm-utils consolekit-openrc polkit-consolekit cgmanager-openrc udisks2-nosystemd privoxy-openrc irqbalance tor-openrc samba-openrc displaymanager-openrc device-mapper-openrc lvm-openrc desktop-privileges lxsession

	# Add needed services to default
	# rc-update add consolekit default (and others) or
	for daemon in acpid alsasound autofs dbus consolekit cronie cupsd xdm fuse haveged hdparm smb tor privoxy dnsmasq; do rc-update add $daemon default; done

	# TODO: Make openrc init script for dnsmasq and profile-sync-daemon

	# Optional: Install X, WM or DE. Optimize for powersave and performance

	pacman -S consolekit-openrc xorg-server xf86-video-intel xf86-video-nouveau xorg-utils xorg-xbacklight xorg-xinput xorg-xinit openbox tint2 spacefm conky scite dmenu rxvt-unicode links clipit volumeicon feh xarchiver numix-themes faience-icon-theme aria2 bash-completion unzip unrar p7zip mlocate slock intel-ucode rfkill ttf-dejavu powertop htop nethogs

	# Setup Xorg. Add kbd, touchpad, vga configuration files
	/etc/X11/xorg.conf.d/

	# Run Xorg as user
	vim /etc/X11/Xwrapper.config
	...
	needs_root_rights = yes
	...

	# Dependency for yaourt
	pacman -S --asdeps yajl

	# Download from AUR and install package query as dependency and yaourt...
	# Install Inox, IceCat, Sublime Text 3 and Disk Burner
	yaourt -S inox-bin icecat-bin sublime-text-dev cdw

	# Enable multilib and install lib32 programs and libs, some useful programs too.
	pacman -S wine gimp epdfview libreoffice-fresh stardict-lite pidgin hunspell-en hunspell-es mythes-en mythes-es aspell-en aspell-es hyphen-en hyphen-es guvcview avidemux pragha pitivi winff handbrake mpv deadbeef gtk-recordmydesktop gparted ntfs-3g dosfstools graphicsmagick virtualbox virtualbox-guest-iso perl-file-mimeinfo pssh sshfs ghex geany

	# Dependencies
	pacman -S --asdeps lib32-giflib lib32-gnutls lib32-mpg123 lib32-openal lib32-alsa-plugins lib32-libxslt lib32-libxinerama qt5-x11extras gst-plugins-ugly gst-libav

	# Add vboxdrv to /etc/openrc/conf.d/modules

	# Configure network (netfifrc) or use network-manager, connman, netcfg
	vim /etc/conf.d/net
	cd /etc/init.d/ && ln -s net.lo net.enp2s0f0

	# Tuning system: /etc/sysctl.conf, /etc/modprobe.d/, /etc/conf.d/, ...
	# Reboot ...