Last active
September 7, 2020 14:09
-
-
Save peakBreaker/e72c7c5a75cc746740038ab484dedb7d to your computer and use it in GitHub Desktop.
My entire arch install with harddrive encryption and basic setup before running PIES
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################################ MY ARCH INSTALL ################################# | |
| # Official install guide: https://wiki.archlinux.org/index.php/installation_guide | |
| #################### NOTE: Dual booting with Windows 10 UEFI: #################### | |
| ## - Use the existing EFI partition made by Windows instead of creating a new one | |
| ## - Partition up empty space for Linux install in Windows | |
| ## - Configure GRUB to choose between Windows or Arch boot | |
| ################################################################################## | |
| # Pre Install: | |
| ## Download arch from https://www.archlinux.org/download/ | |
| ## Flash to USB drive: | |
| ## dd if=archlinux.img of=/dev/sdX bs=16M && sync | |
| ## Boot from the USB - From here we assume youre on the desired system for install | |
| # Set keymap: | |
| loadkeys no-latin1 # For norwegian keyboard if needed | |
| # See my blogpost on connecting to wifi: | |
| ## http://peakbreaker.com/terminal-wifi-connect/ | |
| # Create partitions | |
| ## Arch entry: https://wiki.archlinux.org/index.php/Partitioning | |
| ## First we have to figure out if we're on an EFI based system: | |
| ls /sys/firmware/efi/efivars | |
| ## Assuming we're on an EFI, then we create an EFI partition | |
| fdisk /dev/sdX' | |
| Command (m for help): g # Create a new GPT partition tabl | |
| Command (m for help): p # Prints the partition table | |
| Command (m for help): d # Will prompt which partition we delete | |
| Command (m for help): n # Create new partition | |
| # - When it prompts for end sector, write, | |
| # for example, +200M for 200 MiB size | |
| Command (m for help): t # Set the partition type | |
| Command (m for help): w # Write the changes to disk | |
| ## The following partitions should be created | |
| 1 200MB EFI partition ## Assuming UEFI boot | |
| 2 Min 250MB Boot partition ## ext2 or ext4 is fine | |
| 3 100% size rest ## To be encrypted | |
| # Create the filesystem | |
| mkfs.vfat -F32 /dev/sdX1 # EFI partition should be FAT32 | |
| mkfs.ext4 /dev/sdX2 # The rest is partitoned to ext2 or ext4 | |
| # Encryption setup | |
| cryptsetup -c aes-xts-plain64 -y --use-random luksFormat /dev/sdX3 | |
| cryptsetup luksOpen /dev/sdX3 luks ## opens the volume | |
| # Partition the encrypted space | |
| pvcreate /dev/mapper/luks | |
| vgcreate vg0 /dev/mapper/luks | |
| lvcreate --size 32G vg0 --name swap ## Nice size could be 1.5 * RAM | |
| lvcreate --size 25G vg0 --name root ## Root should be min 20GB ish | |
| lvcreate -l +100%FREE vg0 --name home ## Home takes up the rest of the space | |
| # Create filesystem for the encrypted partitions | |
| mkfs.ext4 /dev/mapper/vg0-root | |
| mkfs.ext4 /dev/mapper/vg0-home | |
| mkswap /dev/mapper/vg0-swap | |
| # Mount the partitions for install | |
| mount /dev/mapper/vg0-root /mnt # /mnt is the installed system | |
| mkdir /mnt/home | |
| mount /dev/mapper/vg0-home /mnt/home | |
| swapon /dev/mapper/vg0-swap # Not needed but a good thing to test | |
| mkdir /mnt/boot | |
| mount /dev/sdX2 /mnt/boot | |
| mkdir /mnt/boot/efi | |
| mount /dev/sdX1 /mnt/boot/efi | |
| # Installs the system and some nice utils to get started | |
| # Unless vim and zsh are desired these can be removed from the command | |
| pacstrap /mnt base base-devel grub-efi-x86_64 zsh vim git efibootmgr dialog wpa_supplicant | |
| # 'install' fstab | |
| genfstab -pU /mnt >> /mnt/etc/fstab | |
| # Make /tmp a ramdisk (add the following line to /mnt/etc/fstab) | |
| tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0 | |
| # Enter the new system | |
| arch-chroot /mnt /bin/bash | |
| # Setup system clock | |
| ln -s /usr/share/zoneinfo/Europe/Oslo /etc/localtime | |
| hwclock --systohc --utc | |
| # Set the hostname | |
| echo MYHOSTNAME > /etc/hostname | |
| # Update locale | |
| echo LANG=en_US.UTF-8 >> /etc/locale.conf | |
| echo LANGUAGE=en_US >> /etc/locale.conf | |
| echo LC_ALL=C >> /etc/locale.conf | |
| # Set password for root | |
| passwd | |
| # Add real user remove -s flag if you don't whish to use zsh | |
| # useradd -m -g users -G wheel -s /bin/zsh MYUSERNAME | |
| # passwd MYUSERNAME | |
| # Install & enable the network manager | |
| pacman -S networkmanager | |
| systemctl enable NetworkManager | |
| # Initial ramdisk | |
| ## First configure the mkinitcpio with the modules we need: | |
| vim /etc/mkinitcpio.conf | |
| ## Add 'ext4' to MODULES | |
| ## Add 'encrypt' and 'lvm2' to HOOKS before filesystems | |
| ## Next regenerate the initrd image | |
| mkinitcpio -p linux | |
| # Setup grub | |
| ## NOTE: If dualbooting with Windows UEFI | |
| ## https://wiki.archlinux.org/index.php/GRUB#Windows_installed_in_UEFI/GPT_mode | |
| grub-install --target=i386-pc /dev/sdX (the disk) | |
| ## In /etc/default/grub edit the line | |
| ## GRUB_CMDLINE_LINUX to GRUB_CMDLINE_LINUX="cryptdevice=/dev/sdX3:luks:allow-discards" | |
| grub-mkconfig -o /boot/grub/grub.cfg | |
| # Finally exit, unmount and reboot | |
| exit | |
| Umount -R /mnt | |
| swapoff -a | |
| reboot |
Dual booting with windows uefi
- Add
linux linux-firmware lvm2to pacstrap (or install with pacman afterwards) - grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=grub --recheck
...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Installed again
Linux Filesystemin the fdisk -lThe grub config should be ok at that point. no need to do the
$fs_uuidor$hints_stringmanually (I think)