Skip to content

Instantly share code, notes, and snippets.

@indeedwatson
Created September 28, 2018 19:40
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save indeedwatson/2abcfddaeec7df44c5da10d6265ca781 to your computer and use it in GitHub Desktop.
Save indeedwatson/2abcfddaeec7df44c5da10d6265ca781 to your computer and use it in GitHub Desktop.

steps

  1. verify the boot mode: ls /sys/firmware/efi/efivars
  2. verify internet ping archlinux.org
  3. update system clock timedatectl set-ntp true
  4. wipe the disk:
    1. cryptsetup open --type plain -d /dev/urandom /dev/sda to_be_wiped
    2. dd if=/dev/zero of=/dev/mapper/to_be_wiped status=progress
    3. cryptsetup close to_be_wiped
  5. partition the disk, with cfdisk:
    1. EFI/boot partition 512M (sda1), partition type EF00 on gdisk
    2. root partition, rest of the space, with LVM format (sda2)
  6. format:
    1. format boot mkfs.fat -F32 /dev/sda1
  7. encryption:
    1. cryptsetup luksFormat /dev/sda2 & cryptsetup open /dev/sda2 cryptolvm
    2. create physical volume pvcreate /dev/mapper/cryptolvm
    3. create volume groups vgcreate MyVol /dev/mapper/cryptolvm
    4. create logical volumes lvcreate -L 1G MyVol -n swap and lvcreate -L 100%FREE MyVol -n root
    5. mkfs.ext4 /dev/mapper/MyVol-root
    6. mkswap /dev/mapper/MyVol-swap
    7. mount /dev/mapper/MyVol-root /mnt & swapon /dev/mapper/MyVol-swap
    8. mkdir /mnt/boot & mount /dev/sda1 /mnt/boot
  8. installation: pacstrap /mnt base
  9. Fstab genfstab -L /mnt >> /mnt/etc/fstab
  10. arch-chroot /mnt
  11. ln -sf /usr/share/zoneinfo/region/city /etc/localtime & hwclock --systohc
  12. uncomment en_US.UTF-8 UTF-8 from /etc/locale.gen, run locale-gen
  13. set LANG=en_US.UTF-8 in /etc/locale.conf
  14. network: /etc/hostname > myhostname, etc/hosts:
    1. 127.0.0.1 localhost
    2. ::1 localhost
    3. 127.0.1.1 myhostname.localdomain myhostname
  15. mkinitcpio:
    1. MODULES="vfio vfio_iommu_type1 vfio_pci vfio_virqfd"
    2. HOOKS=modconf base udev autodetect block encrypt lvm2 filesystemds keyboard fsck
    3. mkinitcpio -p linux
    4. passwd
  16. grub:
    1. GRUB_CMDLINE_LINUX_DEFAULT="quiet threadirqs current splash intel_iommu=on video=efifb:off rd.modules-load=vfio-pci rw amdgpu.si_support=1 radeon.si_support=0 nowatchdog"
    2. cryptdevice=/dev/mapper/MyVol-root root=/dev/mapper/root
    3. or cryptdevice=/dev/sda2:cryptolvm
    4. GRUB_ENABLE_CRYPTODISK=y
    5. grub-mkconfig -o /boot/grub/grub.cfg
  17. exit and reboot
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment