Arch Installation
(I) Create a bootable USB¶
There are 2 method. If you don't care about the utilizing the rest of the space on the usb you can use plain dd:
dd if=/home/vector/Downloads/archlinux-2024.10.01-x86_64.iso of=/dev/sda status=progress oflag=sync bs=4M
Or you can do it manually like so:
First partition the usb drive with fdisk
, MBR partitioning scheme
doesn't matter, you can still boot the USB in UEFI mode.
Try to get this partitioning scheme (this was how a working bootable arch usb created using rufus looked like in fdisk):
Note that the type is W95 Fat32 (LBA). Also toggle the bootable flag to enabled
in fdisk with a
.
mkfs.fat -F32 /dev/sda1
mount /dev/disk/by-id/usb-SanDisk_Ultra_4C531001470309118144-0:0-part1 /mnt
bsdtar -x -f ~/Downloads/archlinux-2024.10.01-x86_64.iso -C /mnt
sync
umount /mnt
syslinux --directory boot/syslinux --install /dev/disk/by-id/usb-SanDisk_Ultra_4C531001470309118144-0:0-part1
dd bs=440 count=1 conv=notrunc if=/usr/lib/syslinux/bios/mbr.bin of=/dev/disk/by-id/usb-SanDisk_Ultra_4C531001470309118144-0:0
(II) Prepare for booting into the usb¶
This is just general advice. You can skip it.
If you plan to connect to the internet via wifi, create a wpa_supplicant.conf
in your bootable usb, this will prove handy after you've booted into the usb.
wpa_supplicant.conf | |
---|---|
Copy some files over. This is to make your insallation process a lot smoother.
mount /dev/sda1 /mnt/vector
cp /etc/wpa_supplicant/wpa_supplicant.conf /mnt/vector
cp -r ~/.ssh /mnt
Remember the permission for ssh (700 for the .ssh folder and 600 for the private file, and 644 for authorized_keys).
(III) Boot into Live USB¶
Get internet access:
# reveals your wifi device (mine is wlp3s0)
ip link
wpa_supplicant -B -i wlp3s0 -c wpa_supplicant.conf
# to check if you've internet. might need to wait for dhcpcd
ip addr
Set keybindings (I want left caps to be ctrl)
sudo pacman -S keyd
cd /etc/keyd
lftp -c "mirror --parallel=100 https://configs.vectorspace.xyz/keyd ;exit"
mv keyd/default.conf ./
rm -rf keyd
systemctl start keyd
/etc/keyd/default.conf | |
---|---|
You can fetch a simple tmux.conf file from my site with:
With the below tmux conf you can enter "visual mode" with <C-b>[
. You can
select and then copy selection with y
.
tmux.conf | |
---|---|
(IV) Partition drives¶
In these instructions I'm installing arch into the drive /dev/sdb
.
After partition of sdb:
$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 931.5G 0 disk
└─sda1 8:1 0 931.5G 0 part
sdb 8:16 0 465.8G 0 disk
├─sdb1 8:17 0 1G 0 part
├─sdb2 8:18 0 4G 0 part
└─sdb3 8:19 0 460.8G 0 part
nvme0n1 259:0 0 476.9G 0 disk
├─nvme0n1p1 259:1 0 1G 0 part /boot
├─nvme0n1p2 259:2 0 8G 0 part [SWAP]
└─nvme0n1p3 259:3 0 467.9G 0 part /
Number Start (sector) End (sector) Size Code Name
1 2048 2099199 1024.0 MiB EF00 EFI system partition
2 2099200 10487807 4.0 GiB 8200 Linux swap
3 10487808 976769023 460.8 GiB 8300 Linux filesystem
(V) Cryptsetup: Encryption¶
Optional (read more at archwiki):
Check the result of lsblk
. Note the name root
under sdb3 which
we used in earlier cryptsetup open
command. Now this partition
is available for mounted at /dev/mapper/root, but it has to be
formatted with a file system first.
$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 931.5G 0 disk
└─sda1 8:1 0 931.5G 0 part
sdb 8:16 0 465.8G 0 disk
├─sdb1 8:17 0 1G 0 part
├─sdb2 8:18 0 4G 0 part
└─sdb3 8:19 0 460.8G 0 part
└─root 253:0 0 460.7G 0 crypt
nvme0n1 259:0 0 476.9G 0 disk
├─nvme0n1p1 259:1 0 1G 0 part /boot
├─nvme0n1p2 259:2 0 8G 0 part [SWAP]
└─nvme0n1p3 259:3 0 467.9G 0 part /
You can find this device in /dev/mapper/root
.
(VI) Format partitions¶
(VII) Mount partitions, create subvolume in btrfs partition, pacstrap and genfstab¶
Note
You had to mount the btrfs partition and cd into it to create the subvolumes.
# https://youtu.be/Qgg5oNDylG8?t=1379
# pay special attention that you mention the subvol with
mount -o noatime,ssd,compress=zstd,space_cache=v2,discard=async,subvol=root /dev/mapper/root /mnt
## https://gist.github.com/orhun/02102b3af3acfdaf9a5a2164bea7c3d6?permalink_comment_id=4755423#gistcomment-4755423
mkdir /mnt/boot
mount -o fmask=0137,dmask=0027 /dev/sdb1 /mnt/boot
Note
When mentioning the packages you need in the below pacstrap, remember they form the console
environment you boot into. So mention the crucials ones: to get internet, a text editor,
keyd
to set keybindings, etc.
pacstrap -K /mnt base base-devel btrfs-progs linux-zen linux-zen-headers linux-firmware amd-ucode neovim \
wpa_supplicant dhcpcd man-db texinfo efibootmgr zsh zsh-syntax-highlighting zoxide tmux fzf \
rsync git mosh aria2 unzip tree fd ripgrep keyd
Use genfstab
command (part of arch install scripts) to generate fstab
(VIII) Chroot into the install and set root password¶
(IX) Setting up initramfs for decrypting encryped root and mounting btrfs root¶
We need prepare the kernel for decrypting the root partition. This is done by editing
HOOKs in /etc/mkinitcpio.conf
and setting kernel arguments in /etc/kernel/cmdline
.
The systemd
hook tells mkinitcpio that we need a systemd-based initramfs as opposed to
a busybox-based initramfs. sd-encrypt
hook is for decrypting the root partition.
Now you need to create the file /etc/kernel/cmdline
, which should look like this.
/etc/kernel/cmdline | |
---|---|
This is how I do it:
Note
Delete every line except that which contains TYPE="crypto_LUKS". This is
has the UUID of the encrypted partition our kernel has to decrypt. Edit
this file to look like the /etc/kernel/cmdline
above.
rootflags=subvol=root
is necessary for our btrfs setup.
Don't call mkinitcpio yet because we don't want an initramfs file but a UKI.
(X) Creating UKI¶
We now need to create the single image file that UEFI will directly call to boot the system. That's right there's no intermediary bootloader like grub or systemd-boot in this setup.
To create the UKI we edit the the preset file for our kernel found in
/etc/mkinitcpio.d
and comment out the lines that create UKI and comment the
lines that create a separate initrams.img
file.
The UKI will be created in /boot/EFI/Linux
. So make it first.
Note
Make sure default_uki and fallback_uki point to the right location, which here is
/boot/EFI/Linux/arch-linux-zen.efi
and /boot/EFI/Linux/arch-linux-zen-fallback.efi
# mkinitcpio preset file for the 'linux-zen' package
#ALL_config="/etc/mkinitcpio.conf"
ALL_kver="/boot/vmlinuz-linux-zen"
PRESETS=('default' 'fallback')
#default_config="/etc/mkinitcpio.conf"
#default_image="/boot/initramfs-linux-zen.img"
default_uki="/boot/EFI/Linux/arch-linux-zen.efi"
default_options="--splash /usr/share/systemd/bootctl/splash-arch.bmp"
#fallback_config="/etc/mkinitcpio.conf"
#fallback_image="/boot/initramfs-linux-zen-fallback.img"
fallback_uki="/boot/EFI/Linux/arch-linux-zen-fallback.efi"
fallback_options="-S autodetect"
Finally build the UKI:
(XI) Create a UEFI boot entry, set timezone, locale, hostname¶
efibootmgr --create --disk /dev/sdb --part 1 --label "archlinux" --loader '\EFI\Linux\arch-linux-zen.efi' --unicode
While you're at it, you may want to remove some UEFI boot entries. Check out efibootmgr.
ln -sf /usr/share/zoneinfo/Asia/Kolkata /etc/localtime
timedatectl set-timezone Asia/Kolkata
hwclock --systohc
Edit /etc/locale.gen and uncomment en_US.UTF-8 UTF-8
Now exit chroot with <Ctrl-d>
. Unmount partition and close cryptsetup.
Now you can finally reboot.
(XII) Finishing up¶
Add your key user.
useradd -m -G wheel -s /usr/bin/zsh vector
passwd vector
# Now uncomment the setting to allow wheel group to use sudo
EDITOR=nvim visudo
su vector
cd ~
fzf --zsh > ~/.fzf.zsh
cp /mnt/vector/.zshrc ~/
cp /mnt/vector/.zsh_history ~/
chown vector:vector ~/.zshrc ~/.zsh_history
(XIII) Setting up graphical environment: Xorg or Wayland¶
(XIV) Setting up audio: pipewire¶
After setting your grahpical environment, its time to set up audio.