Skip to content

Instantly share code, notes, and snippets.

@vermotr

vermotr/arch-linux-installation.md

Forked from chrisleekr/install-arch-linux-lvm-luks-dell-xps-15-7590.md
Last active July 31, 2022 20:43
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save vermotr/3128268ced4e7652d00e085d244a973d to your computer and use it in GitHub Desktop.
Save vermotr/3128268ced4e7652d00e085d244a973d to your computer and use it in GitHub Desktop.
Download ZIP
Install Arch Linux with Full Disk Encryption (LVM on LUKS)
Raw
arch-linux-installation.md

Install Arch Linux with Full Disk Encryption (LVM on LUKS)

Based on:

Assumptions

  • I assume that /dev/nvme0n1 is the system's disk, and /dev/sda is USB drive.
  • RAM is 8G.

Create bootable USB

Download arch iso image from https://www.archlinux.org/ and copy to a USB drive.

dd if=arch.iso of=/dev/sdb

Prepare DELL computer

Boot up and pressing the F2 key

Under 'System Configuration', change the SATA Mode from the default "RAID" to "AHCI". This will allow Linux to detect the NVME SSD.
Under 'Secure Boot', disable secure boot to allow Linux to boot.
Under 'POST Behaviour', change "Fastboot" to "Thorough". This prevents intermittent boot failures.

Save & Reboot

Installation

1. Load keyboard translation table

loadkeys fr

2. Connect to internet

iwctl --passphrase [PASSPHRASE] station wlan0 connect [SSID]

3. Partitioning

fdisk /dev/nvme0n1
> g

# EFI partition
> n
> [ENTER]
> [ENTER]
> +512M

# /boot partition
> n
> [ENTER]
> [ENTER]
> +512M

 # LVM partition
> n
> [ENTER]
> [ENTER]
> [ENTER]

> t
> 43 # Linux LVM
> w

Format Partitions:

mkfs.fat -F32 /dev/nvme0n1p1
mkfs.ext4 /dev/nvme0n1p2

4. Setup encryption

cryptsetup -c aes-xts-plain64 -y --use-random luksFormat /dev/nvme0n1p3
cryptsetup luksOpen /dev/nvme0n1p3 luks

5. Create LVM Partitions

This creates one partions for root, modify if /home or other partitions should be on separate partitions.

pvcreate /dev/mapper/luks
vgcreate vg0 /dev/mapper/luks
lvcreate --size 8G vg0 --name lvswap
lvcreate -l +100%FREE vg0 --name lvroot

6. Format LVM partitions

mkfs.ext4 /dev/vg0/lvroot
mkswap /dev/vg0/lvswap

7. Mount the new system

mount /dev/vg0/lvroot /mnt
mkdir /mnt/boot
mount /dev/nvme0n1p2 /mnt/boot
mkdir /mnt/boot/EFI
mount /dev/nvme0n1p1 /mnt/boot/EFI
swapon /dev/vg0/lvswap

8. Generate /etc/fstab

This file can be used to define how disk partitions, various other block devices, or remote filesystems should be mounted into the filesystem.

mkdir /mnt/etc
genfstab -pU /mnt >> /mnt/etc/fstab

9. Install the base system

pacstrap /mnt base base-devel linux linux-firmware lvm2 vim networkmanager

(If you have an error with libcap)

pacman -Sy archlinux-keyring

10. Enter the new system

arch-chroot /mnt /bin/bash

11. Persist keymap

Add it to /etc/vconsole.conf

KEYMAP=fr

12. Set TimeZone

# See available timezones:
ls /usr/share/zoneinfo/

# Set timezone:
ln -s /usr/share/zoneinfo/Europe/Paris /etc/localtime

13. Set the hardware clock mode uniformly between your operating systems

Otherwise, they may overwrite the hardware clock and cause time shifts.

hwclock --systohc --utc

14. Set Locale

Uncomment line en_GB.UTF-8 UTF-8

vim /etc/locale.gen

Generate locale

locale-gen

Set LANG variable

echo LANG=en_GB.UTF-8 > /etc/locale.conf
export LANG=en_GB.UTF-8

15. Set hostname

echo [HOSTNAME] > /etc/hostname

Add it to /etc/hosts:

127.0.0.1	localhost
::1		    localhost
127.0.1.1	[HOSTNAME].localdomain [HOSTNAME]

16. Set root password

passwd

17. Create User

useradd -m -g users -G wheel [USER]
passwd [USER]

Uncomment following line from /etc/sudoers (visudo)

%wheel      ALL=(ALL) ALL

18. Configure mkinitcpio

Edit /etc/mkinitcpio.conf

Add ext4 to MODULES

MODULES="ext4

Add keymap, encrypt and lvm2 to HOOKS before filesystems

HOOKS="base udev autodetect modconf block keymap encrypt lvm2 filesystems keyboard fsck"

Regenerate initrd image

mkinitcpio -p linux

Install and configure bootloader

pacman -S grub
grub-install --target=x86_64-efi --efi-directory=/boot/EFI --bootloader-id="Arch Linux" --recheck

Edit /etc/default/grub

GRUB_CMDLINE_LINUX="cryptdevice=/dev/nvme0n1p3:luks:allow-discards"

Generate main configuration file

grub-mkconfig -o /boot/grub/grub.cfg

Finalize the installation

Enabled NetworkManager service

systemctl enable NetworkManager

Unmount all partitions

exit
umount -R /mnt
swapoff -a

Reboot and pray

reboot

Setup WIFI

nmtui
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment