-
-
Save michaelrinderle/4ba0f66349265870ef169702348e8feb to your computer and use it in GitHub Desktop.
Minimal instructions for installing arch linux on an UEFI system with full system encryption using dm-crypt and luks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wifi-menu | |
| cgdisk /dev/nvme0n1 | |
| 1 - 100MB EFI partition # Hex code ef00 | |
| 2 - 250MB Boot partition # Hex code 8300 | |
| 3 - 100% size partiton # (to be encrypted) Hex code 8300 | |
| mkfs.vfat -F32 /dev/nvme0n1p1 | |
| mkfs.ext2 /dev/nvme0n1p2 | |
| cryptsetup -c aes-xts-plain64 -y --use-random luksFormat /dev/nvme0n1p3 | |
| cryptsetup luksOpen /dev/nvme0n1p3 luks | |
| pvcreate /dev/mapper/luks | |
| vgcreate vg /dev/mapper/luks | |
| lvcreate --size 8G vg --name swap | |
| lvcreate -l +100%FREE vg --name root | |
| mkfs.ext4 /dev/mapper/vg-root | |
| mkswap /dev/mapper/vg-swap | |
| mount /dev/mapper/vg-root /mnt | |
| swapon /dev/mapper/vg-swap | |
| mkdir /mnt/boot | |
| mount /dev/nvme0n1p2 /mnt/boot | |
| mkdir /mnt/boot/efi | |
| mount /dev/nvme0n1p1 /mnt/boot/efi | |
| pacstrap /mnt base base-devel grub-efi-x86_64 git efibootmgr dialog wpa_supplicant dhcpcd | |
| mkinitcpio lvm2 linux-hardened linux-firmware neovim | |
| genfstab -pU /mnt >> /mnt/etc/fstab | |
| # /mnt/etc/fstab | |
| tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0 | |
| arch-chroot /mnt /bin/bash | |
| ln -s /usr/share/zoneinfo/America/Chicago /etc/localtime | |
| hwclock --systohc --utc | |
| echo sdc-xxx-01 > /etc/hostname | |
| echo LANG=en_US.UTF-8 >> /etc/locale.conf | |
| echo LANGUAGE=en_US >> /etc/locale.conf | |
| echo LC_ALL=C >> /etc/locale.conf | |
| passwd | |
| # useradd -m -g users -G wheel -s /bin/zsh MYUSERNAME | |
| # passwd MYUSERNAME | |
| vim /etc/mkinitcpio.conf | |
| # Add 'ext4' to MODULES | |
| # Add 'encrypt' and 'lvm2' to HOOKS before filesystems | |
| mkinitcpio -p linux-hardened | |
| grub-install | |
| # /etc/default/grub edit GRUB_CMDLINE_LINUX="cryptdevice=/dev/nvme0n1p3:luks:allow-discards" | |
| grub-mkconfig -o /boot/grub/grub.cfg | |
| exit | |
| umount -R /mnt | |
| swapoff -a | |
| reboot | |
| # I3 w/ Gaps Tile Manager | |
| sudo pacman -S i3-gaps xorg-server xorg-xinit | |
| nvim /etc/X11/xinit/xinitrc | |
| Remove the final chunk of code containing twm and apps. | |
| Replace with: exec i3 | |
| startx |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment