# Arch Linux system Setup How my systems are set up. ## Preparation - Download Arch Linux ISO image - Write it to an usb drive with ``` $ dd if=[ARCH-LINUX.iso] of=[/path/to/usbdrive] ``` - Boot the computer from this stick ## Prepare the disk We will partition the disk drive for UEFI boot. The root disk will be encrypted, /boot will reside inside the unencrypted EFI service partition. The diskdevice is /dev/sda. ### Partition the disk - Write some zeros to the disk to make sure there is no bootsector left. ``` $ dd if=/dev/zero of=/dev/sda ``` - Abort after a few seconds. - Create partitions and format them ``` $ gdisk /dev/sda | o [ENTER] to create a new empty GUID partition table (GPT) | y [ENTER] to confirm | | n [ENTER] add a new partition | [ENTER] to select default partition number of 1 | [ENTER] to select default start at first sector | +512M [ENTER] make that size partition for booting | ef00 [ENTER] EFI partition type | | n [ENTER] add a new partition | [ENTER] to select default partition number of 2 | [ENTER] to select default start at first sector | +60G [ENTER] allocate whatever size wanted for linux | | w [ENTER] Write changes | y [ENTER] confirm ``` ### Encrypt the root partition - Create and open the root partition ``` $ cryptsetup luksFormat -v -s 512 -h sha512 /dev/sda2 $ cryptsetup open /dev/sda2 cryptroot ``` - Format with ext4 ``` $ mkfs.ext4 /dev/mapper/cryptroot ``` - Mount the encrypted volume ``` $ mount /dev/mapper/cryptroot /mnt ``` ### Mount the /boot partition ``` $ mkfs.fat -F32 /dev/sda1 $ mkdir /mnt/boot $ mount /dev/sda1 /mnt/boot ``` ## Install the base-system - Connect to wifi ``` $ systemctl start idw.service $ iwctl | [iwd]# station list | Devices in Station Mode * | -------------------------------------------------------------------------------- | Name State Scanning | -------------------------------------------------------------------------------- | wlan0 disconnected | | [iwd]# station wlan0 scan | [iwd]# station wlan0 get-networks | Available networks * | -------------------------------------------------------------------------------- | Network name Security Signal | -------------------------------------------------------------------------------- | MagentaWLAN-49XA psk **** | Vodafone-8154 psk **** | ..... | | [iwd]# station wlan0 connect "SSID" | Type the network passphrase for SSID | Passphrase: ******** | ``` - Select a nearby (possibly faster) mirror by editing /etc/pacman.d/mirrorlist - Install the base-system ``` $ pacstrap /mnt base \ ansible \ base-devel \ dialog \ git \ intel-ucode \ linux \ linux-firmware \ netctl \ openssl-1.0 \ stow \ vim \ wpa_supplicant \ ``` - Generate fstab for the new system ``` $ genfstab -pU /mnt >> /mnt/etc/fstab ``` ## Configure the new system - Chroot into the new system ``` $ arch-chroot /mnt /bin/bash ``` - Set the hostname ``` $ echo MYHOSTNAME > /etc/hostname ``` - Edit /etc/vconsole.conf to set keyboard and font ``` $ vi /etc/vconsole.conf FONT=latarcyrheb-sun32 KEYMAP=de ``` The FONT setting is optional. latarcyrheb-sun32 is useful for small hidpi devices like GPD Pocket. - Add encryption components to initramfs ``` $ vi /etc/mkinitcpio.conf ... HOOKS=(base udev autodetect keyboard keymap consolefont modconf block encrypt filesystems fsck) ... $ mkinitcpio -P ``` - Install bootloader ``` $ bootctl install ``` - Configure the bootloader ``` $ vi /boot/loader/loader.conf default arch auto-firmware no timeout 0 console-mode 2 editor no ``` - Configure the bootloader entry ``` $ blkid | grep sda2 | cut -d \" -f 2 > /boot/loader/entries/arch.conf $ vi /boot/loader/arch.conf title Arch Linux linux /vmlinuz-linux initrd /intel-ucode.img initrd /initramfs-linux.img options cryptdevice=UUID=[DEVICE-UUID]:cryptroot root=/dev/mapper/cryptroot rw fbcon=rotate:1 ``` DEVICE-UUID is the string we added with the first command. fbcon=rotate:1 rotates the display. This is ONLY NEEDED on device like GPD Pocket. ## More configuration - Perform basic systemconfiguration ``` $ git clone https://github.com/elfrinjo/syssetup $ cd syssetup/dotfiles $ stow */ $ cd ../system/arch $ sudo ansible-playbook baseconfig.yaml ``` - Change the root password ``` $ passwd ``` - Create useraccount ``` $ useradd -m -G sudo [USERNAME] $ passwd [USERNAME] ``` - Exit the chroot ``` $ exit ``` - Shutdown the system ``` $ shutdown -h now ``` - Remove usb-drive - Start the computer - Enter drive encryption password - Logon as the newly created user - Connect to wifi ``` $ sudo wifi-menu ``` - Perform more system configuration ``` $ git clone https://github.com/elfrinjo/dotfiles $ cd syssetup/dotfiles $ stow */ $ cd ../system/arch $ sudo ansible-playbook workstation.yaml ``` - At some point the Desktop will start. When this happens, just log on and continue inside a terminal - Update the system ``` $ pacman -Syu ``` - Reboot ``` $ reboot ```