.. | ||
lib | ||
baseconfig.yaml | ||
README.md | ||
server.yaml | ||
workstation.yaml | ||
workstation_aur.yaml | ||
workstation_aurSoftware.yaml |
Arch Linux system Setup
How my systems are set up.
Preparation
- Download Arch Linux ISO image
- Write it to an usb drive with
$ dd if=[ARCH-LINUX.iso] of=[/path/to/usbdrive]
- Boot the computer from this stick
Prepare the disk
We will partition the disk drive for UEFI boot. The root disk will be encrypted, /boot will reside inside the unencrypted EFI service partition. The diskdevice is /dev/sda.
Partition the disk
- Write some zeros to the disk to make sure there is no bootsector left.
$ dd if=/dev/zero of=/dev/sda
- Abort after a few seconds.
- Create partitions and format them
$ gdisk /dev/sda
| o [ENTER] to create a new empty GUID partition table (GPT)
| y [ENTER] to confirm
|
| n [ENTER] add a new partition
| [ENTER] to select default partition number of 1
| [ENTER] to select default start at first sector
| +512M [ENTER] make that size partition for booting
| ef00 [ENTER] EFI partition type
|
| n [ENTER] add a new partition
| [ENTER] to select default partition number of 2
| [ENTER] to select default start at first sector
| +60G [ENTER] allocate whatever size wanted for linux
|
| w [ENTER] Write changes
| y [ENTER] confirm
Encrypt the root partition
- Create and open the root partition
$ cryptsetup luksFormat -v -s 512 -h sha512 /dev/sda2
$ cryptsetup open /dev/sda2 cryptroot
- Format with ext4
$ mkfs.ext4 /dev/mapper/cryptroot
- Mount the encrypted volume
$ mount /dev/mapper/cryptroot /mnt
Mount the /boot partition
$ mkfs.fat -F32 /dev/sda1
$ mkdir /mnt/boot
$ mount /dev/sda1 /mnt/boot
Install the base-system
- Connect to wifi
$ systemctl start idw.service
$ iwctl
| [iwd]# station list
| Devices in Station Mode *
| --------------------------------------------------------------------------------
| Name State Scanning
| --------------------------------------------------------------------------------
| wlan0 disconnected
|
| [iwd]# station wlan0 scan
| [iwd]# station wlan0 get-networks
| Available networks *
| --------------------------------------------------------------------------------
| Network name Security Signal
| --------------------------------------------------------------------------------
| MagentaWLAN-49XA psk ****
| Vodafone-8154 psk ****
| .....
|
| [iwd]# station wlan0 connect "SSID"
| Type the network passphrase for SSID
| Passphrase: ********
|
- Select a nearby (possibly faster) mirror by editing /etc/pacman.d/mirrorlist
- Install the base-system
$ pacstrap /mnt base \
ansible \
base-devel \
dialog \
git \
intel-ucode \
linux \
linux-firmware \
netctl \
openssl-1.0 \
stow \
vim \
wpa_supplicant \
- Generate fstab for the new system
$ genfstab -pU /mnt >> /mnt/etc/fstab
Configure the new system
- Chroot into the new system
$ arch-chroot /mnt /bin/bash
- Set the hostname
$ echo MYHOSTNAME > /etc/hostname
- Edit /etc/vconsole.conf to set keyboard and font
$ vi /etc/vconsole.conf
FONT=latarcyrheb-sun32
KEYMAP=de
The FONT setting is optional. latarcyrheb-sun32 is useful for small hidpi devices like GPD Pocket.
- Add encryption components to initramfs
$ vi /etc/mkinitcpio.conf
...
HOOKS=(base udev autodetect keyboard keymap consolefont modconf block encrypt
filesystems fsck)
...
$ mkinitcpio -P
- Install bootloader
$ bootctl install
- Configure the bootloader
$ vi /boot/loader/loader.conf
default arch
auto-firmware no
timeout 0
console-mode 2
editor no
- Configure the bootloader entry
$ blkid | grep sda2 | cut -d \" -f 2 > /boot/loader/entries/arch.conf
$ vi /boot/loader/arch.conf
title Arch Linux
linux /vmlinuz-linux
initrd /intel-ucode.img
initrd /initramfs-linux.img
options cryptdevice=UUID=[DEVICE-UUID]:cryptroot root=/dev/mapper/cryptroot rw
fbcon=rotate:1
DEVICE-UUID is the string we added with the first command. fbcon=rotate:1 rotates the display. This is ONLY NEEDED on device like GPD Pocket.
More configuration
- Perform basic systemconfiguration
$ git clone https://code.elfring.ms/elfrinjo/dotfiles2000
$ cd dotfiles2000/dotfiles
$ stow */
$ cd ../system/arch
$ sudo ansible-playbook baseconfig.yaml
- Change the root password
$ passwd
- Create useraccount
$ useradd -m -G sudo [USERNAME]
$ passwd [USERNAME]
- Exit the chroot
$ exit
- Shutdown the system
$ shutdown -h now
- Remove usb-drive
- Start the computer
- Enter drive encryption password
- Logon as the newly created user
- Connect to wifi
$ sudo wifi-menu
- Perform more system configuration
$ git clone https://code.elfring.ms/elfrinjo/dotfiles2000
$ cd dotfiles2000/dotfiles
$ stow */
$ cd ../system/arch
$ sudo ansible-playbook workstation.yaml
- At some point the Desktop will start. When this happens, just log on and continue inside a terminal
- Update the system
$ pacman -Syu
- Reboot
$ reboot