Difference between revisions of "User:Rdeckard/Installation guide"

From ArchWiki
Jump to navigation Jump to search
(→‎Create fstab: cleanup)
(blanked page)
Tag: Blanking
Line 1: Line 1:
{{Warning|This is my personal guide for installing an Arch Linux system. Use it only as a guide as you follow along with the official [[Installation Guide]].}}
A guide for installing an encrypted system with just the basics. Uses UEFI to boot kernel directly via EFISTUB. Does not apply to BIOS systems or systems that dual-boot.
You may need additional packages for video drivers, etc.
== Preparation ==
[https://www.archlinux.org/download/ Download] the Arch ISO.
If you have [[GnuPG]] installed on your current system, verify the download:
$ gpg --keyserver-options auto-key-retrieve --verify archlinux-''version''-dual.iso.sig
Create a bootable USB drive by doing the following on an existing Linux installation:
# dd bs=4M if=''/path/to/''archlinux-''version''-dual.iso of=/dev/sd''x'' status=progress && sync
where {{ic|/dev/sd''x''}} is the USB drive. Now boot from the USB drive.
== Pre-installation ==
=== Set keyboard layout ===
If using a keymap other than US, set the keyboard layout by doing:
# loadkeys ''de-latin1''
Change {{ic|''de-latin1''}} to a layout found in {{ic|/usr/share/kbd/keymaps/**/*.map.gz}}
=== Connect to the internet ===
If you have a '''wired''' connection, it should connect automatically.
If you have a '''wireless''' connection, first stop the wired connection to prevent conflicts:
# systemctl stop dhcpcd@''interface''.service
A list of interfaces can be found with:
# ip link
Then connect to a wifi network with:
# wpa_supplicant -B -i ''interface'' -C/run/wpa_supplicant
# wpa_cli -i ''interface''
> scan
> scan_results
> add_network
> set_network 0 ssid "''SSID''"
> set_network 0 psk "''passphrase''"
> enable_network 0
> quit
Get an ip address:
# dhcpcd
For both '''wired''' and '''wireless''' connections, check your connection with:
# ping archlinux.org
=== Update system clock ===
# timedatectl set-ntp true
=== Partition the disk ===
# gdisk /dev/sda
Create a GUID partition table. The create an [[EFI system partition]] of size 550MiB and marked as partition type {{ic|EF00}}. Create at least one more partition for the system partition.
{{Note|This guide assumes your disk is at {{ic|/dev/sda}}. Change if needed.}}
=== Create filesystems and mount===
Format your ESP as FAT32:
# mkfs.fat -F32 /dev/sda1
Replace {{ic|''ext4''}} with the file system you are using in all of the following.
To create an '''encrypted''' system do:
# cryptsetup lukFormat /dev/sda2
# cryptsetup open /dev/sda2 cryptroot
# mkfs.''ext4'' /dev/mapper/cryptroot
# mount /dev/mapper/cryptroot /mnt
# mount /dev/sda1 /mnt/boot
To create a '''regular''' (not encrypted) system, do:
# mkfs.''ext4'' /dev/sda2
# mount /dev/sda2 /mnt
# mount /dev/sda1 /mnt/boot
{{Tip|If using [[btrfs]], create any subvolumes you wish to use as mount points now. Then unmount {{ic|/mnt}} and remount your subvolumes to the appropriate mount points. For example:
<nowiki># btrfs subvolume create /mnt/@
# btrfs subvolume create /mnt/@home
# umount /mnt/boot
# umount /mnt
# mount -o compress=zstd,subvol=@ /mnt
# mount -o compress=zstd,subvol=@home /mnt/home
# mount /dev/sda1 /mnt/boot</nowiki>
== Installation ==
# pacstrap /mnt base sudo wpa_supplicant
* Append any additional packages you desire to the end of this line, or install later while in the chroot environment.
* For a list of packages on the ISO that are not in {{grp|base}}, do:
<nowiki>$ comm -23 <(wget -q -O - https://git.archlinux.org/archiso.git/plain/configs/releng/packages.both) <(pacman -Qqg base | sort)</nowiki>
{{Note|If using btrfs, {{pkg|btrfs-progs}} should be appended, since it is not in the base group.}}
== Configuration ==
=== Create fstab ===
# genfstab -U /mnt > /mnt/etc/fstab
=== Chroot ===
# arch-chroot /mnt
=== Locale ===
Uncomment needed locales in {{ic|/etc/locale.gen}} (e.g., {{ic|en_US.UTF-8}}). Then run:
# locale-gen
Set {{ic|LANG}}:
If not using a US keymap, make they keyboard layout permanent:
=== Set the timezone ===
# ln -sf /usr/share/zoneinfo/''Region''/''City'' /etc/localtime
=== Set hardware clock from system clock ===
# hwclock --systohc
=== Set hostname ===
{{hc|/etc/hosts| localhost
::1 localhost ''hostname''.localdomain ''hostname''}}
=== Set root password ===
# passwd
=== Add normal user ===
# useradd -m -G wheel ''user''
# passwd ''user''
Open the sudoers file and uncomment the {{ic|wheel}} group:
# visudo
=== Generate intramfs ===
Add the {{ic|keyboard}}, {{ic|keymap}}, and {{ic|encrypt}} hooks. You will need to make sure you have any additional needed hooks for your setup.
HOOKS=(base udev autodetect modconf '''keyboard''' '''keymap''' block '''encrypt''' filesystems)}}
Omit {{ic|keymap}} if you are using the default US keymap.
Regenerate initramfs:
# mkinitcpio -p linux
=== Swap ===
Use either a [[swap]] file or swap partition. If using a swap partition, you should have created an additional partition earlier.
==== Swap file ====
# dd if=/dev/zero of=/swapfile bs=1M count=512
# chmod 600 /swapfile
# mkswap /swapfile
# swapon /swapfile
Update [[fstab]] with a line for the swap file:
{{hc|/etc/fstab|/swapfile none swap defaults 0 0}}
{{Warning|If using [[btrfs]] instead of ext4, do '''not''' use a swap file, since it may cause file system corruption. Instead, use a swap partition.}}
==== Swap partition ====
For an '''encrypted''' system edit the following file:
swap /dev/disk/by-partuuid/''PARTUUID'' /dev/urandom swap}}
where {{ic|''PARTUUID''}} is the partition UUID of your swap partition.
{{Warning|All data on the device listed above will be destroyed on every boot. Ensure you get it right.}}
Additionally, append to your fstab:
/dev/mapper/swap none swap defaults 0 0}}
See [[Dm-crypt/Swap encryption]].
For a '''regular''' system:
/dev/sda3 none swap defaults 0 0}}
== Exit chroot and reboot ==
# exit
# reboot
== Configure UEFI ==
In this setup we are not using a boot loader. Instead we are booting the kernel directly.
From your Arch Linux live disk, boot into the UEFI Shell v2. Then do:
Shell> map
Note the disk number for the hard drive where you are installing Arch Linux. This guide assumes it is {{ic|1}}.
Now create two UEFI entries:
Shell> bcfg boot add 0 fs1:\vmlinuz-linux "Arch Linux"
Shell> bcfg boot add 1 fs1:\vmlinuz-linux "Arch Linux (Fallback)"
Create a file with your boot parameters for the normal boot:
Shell> edit fs1:\options.txt
For an '''encrypted''' system, this file will contain at least:
root=/dev/mapper/cryptroot ro initrd=/initramfs-linux.img cryptdevice=/dev/sda2:cryptroot
{{Tip|Add {{ic|:allow-discards}} after {{ic|cryptroot}} to allow trimming if using an SSD. Then [[enable]] the {{ic|fstrim.timer}} to trim the device weekly.}}
For a '''regular''' system, this file will contain at least:
root=/dev/sda2 ro initrd=/initramfs-linux.img
{{Note|Create at least one additional space before the first character of your boot line in your options files. Otherwise, the root parameter, in this case, gets squashed by a byte order mark and will not be passed to the initramfs, resulting in an error when booting. Additionally, your options file should be one line, and one line only.}}
Press {{ic|F2}} to save and {{ic|F3}} to quit. Now add the options to your first boot entry:
Shell> bcfg boot -opt 0 fs1:\options.txt
Repeat the above process for your second, fallback entry, creating a text file named {{ic|options-fallback.txt}} containing the boot line. Change the intird to the fallback image.
Add it to the entry using {{ic|bcfg boot -opt 1 fs:1\options-fallback.txt}}.
== Reboot ==
When you reboot you should be prompted for your LUKS password if you decided to encrypt the system. See [[User:Rdeckard/Post-installation]].

Revision as of 21:43, 21 March 2019