Skip to content

Instantly share code, notes, and snippets.

@dargmuesli

dargmuesli/arch-setup.md

Last active October 28, 2023 16:48
Show Gist options
  • Save dargmuesli/961202927629cad227a5b9e50ea8b1a8 to your computer and use it in GitHub Desktop.
Save dargmuesli/961202927629cad227a5b9e50ea8b1a8 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
arch-setup.md

Arch setup

Erase

Make sure SSD is not frozen.

  • sudo hdparm -I /dev/sdX | grep frozen

Enable security by setting a user password.

  • sudo hdparm --user-master u --security-set-pass PasSWorD /dev/sdX

Check if it says "enabled".

  • sudo hdparm -I /dev/sdX

SATA secure erase.

  • sudo hdparm --user-master u --security-erase PasSWorD /dev/sdX

Check if it says "not enabled".

  • sudo hdparm -I /dev/sdX

Fill

Open.

  • sudo cryptsetup open --type plain -d /dev/urandom /dev/sdX to_be_wiped

Verify existence.

  • lsblk

Write all.

  • sudo dd if=/dev/zero of=/dev/mapper/to_be_wiped status=progress

Close.

  • sudo cryptsetup close to_be_wiped

EFI Partition

Create.

  • sudo gdisk /dev/sdX
  • n
  • 1
  • <default>
  • +512M
  • ef00
  • w

Format.

  • sudo mkfs.fat -F32 /dev/sdxY

LUKS Partition

Create.

  • sudo gdisk /dev/sdX
  • n
  • 2
  • <default>
  • +867G
  • 8309
  • w

Install Windows

To the remaining 64GB. Run powercfg -h off in an administrator command prompt.

LUKS Setup

  • cryptsetup luksFormat /dev/sdaX
  • cryptsetup open /dev/sdaX cryptlvm
  • pvcreate /dev/mapper/cryptlvm
  • vgcreate VolGrp /dev/mapper/cryptlvm
  • lvcreate -L 128G VolGrp -n root
  • lvcreate -L 64G VolGrp -n home
  • lvcreate -L 16G VolGrp -n swap
  • lvcreate -l 100%FREE VolGrp -n data
  • mkfs.ext4 /dev/VolGrp/root
  • mkfs.ext4 /dev/VolGrp/home
  • mkfs.ext4 /dev/VolGrp/data
  • mkswap /dev/VolGrp/swap
  • mount /dev/VolGrp/root /mnt
  • mkdir /mnt/home
  • mount /dev/VolGrp/home /mnt/home
  • swapon /dev/VolGrp/swap
  • mkdir /mnt/efi
  • mount /dev/sdaX /mnt/efi

Install Arch Linux

  • loadkeys de-latin1

  • pacstrap /mnt base base-devel docker efibootmgr git gnome grub intel-ucode linux linux-firmware ntfs-3g os-prober rsync sudo vim zsh

  • systemctl enable docker

  • systemctl enable gdm

  • systemctl enable NetworkManager

  • systemctl enable dnsmasq.service

  • mv /mnt/etc/fstab /mnt/etc/fstab.orig

  • genfstab -U /mnt >> /mnt/etc/fstab

  • arch-chroot /mnt

  • ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime

  • hwclock --systohc

  • vim /etc/locale.gen, uncomment en_US.UTF-8

  • locale-gen

  • vim /etc/locale.conf, set LANG=en_US.UTF-8

  • vim /etc/vconsole.conf, set KEYMAP=de-latin1

  • vim /etc/hostname, set hostname

  • vim /etc/hosts, set

  • 127.0.0.1	localhost
::1		localhost
127.0.1.1	myhostname.localdomain	myhostname

  • vim /etc/mkinitcpio.conf, set HOOKS=(base udev autodetect keyboard keymap consolefont modconf block encrypt lvm2 filesystems resume fsck)

  • mkinitcpio -P

  • passwd, set root password

  • useradd -U -G docker,users,wheel -m -s /bin/zsh jonas

  • visudo, uncomment the first %wheel line

  • grub-install --target=x86_64-efi --efi-directory=/efi/ --bootloader-id=GRUB

  • sudo vim /etc/default/grub, add cryptdevice=UUID=<device-UUID>:cryptlvm to GRUB_CMDLINE_LINUX, resume=/dev/VolGrp/swap to GRUB_CMDLINE_LINUX_DEFAULT and lvm to GRUB_PRELOAD_MODULES

  • grub-mkconfig -o /boot/grub/grub.cfg

  • git clone https://aur.archlinux.org/yay.git
cd yay
makepkg -si

  • yay -S oh-my-zsh-git

Reenable Windows Fastboot

  • powercfg -h on, as described above.

Restore Data

  • copy: sudo rsync --acls --archive --checksum --hard-links --numeric-ids --sparse --xattrs --info=progress2 /mnt/data_old/X /mnt/data/
  • check: sudo rsync --acls --archive --checksum --delete --dry-run --hard-links --numeric-ids --sparse --verbose --xattrs /mnt/data_old/X /mnt/data/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment