Objectives
The goal of this guide is to install Arch Linux
This guide is base on the following documentation:
https://wiki.archlinux.org/index.php/User:Altercation/Bullet_Proof_Arch_Install
https://www.vultr.com/docs/install-arch-linux-with-btrfs-snapshotting
https://askubuntu.com/questions/1206157/can-i-have-a-swapfile-on-btrfs
Remote Installation (Optional)
iwctlstation wlan0 scan
station wlan0 get-networks
station wlan0 connect SSID
exitpasswd
systemctl start sshd.service
ip addrVariables
Set some variable
DRIVE=/dev/nvme0n1
o=defaults,discard,x-mount.mkdir
o_btrfs=$o,compress=zstd,ssd,noatimePartition Disk
sgdisk -Z $DRIVE
sgdisk -n1:0:+512M -t1:ef00 -c1:EFI \
-n2 -t2:8304 -c2:LINUXROOT $DRIVE
partprobe -s $DRIVEEncrypt Disk
cryptsetup luksFormat --use-random -s 512 -i 5000 -h sha512 -c aes-xts-plain64 /dev/disk/by-partlabel/LINUXROOT
cryptsetup open /dev/disk/by-partlabel/LINUXROOT linuxrootFormat disk
mkfs.fat -F32 -n EFI /dev/disk/by-partlabel/EFI
mkfs.btrfs -f -L linuxroot /dev/mapper/linuxrootCreate btrfs Subvolume
mount -t btrfs LABEL=linuxroot /mnt
btrfs subvolume create /mnt/@
btrfs subvolume create /mnt/@home
btrfs subvolume create /mnt/@root
btrfs subvolume create /mnt/@snapshots
btrfs subvolume create /mnt/@srv
btrfs subvolume create /mnt/@var-cache-pacman-pkg
btrfs subvolume create /mnt/@var-log
btrfs subvolume create /mnt/@var-tmp
chattr +C /mnt/@var-log
chattr +C /mnt/@var-tmp
btrfs subvolume set-default /mnt/@
umount -R /mntMount Partition
mount -t btrfs -o subvol=@,$o_btrfs LABEL=linuxroot /mnt
mount -t btrfs -o subvol=@home,$o_btrfs LABEL=linuxroot /mnt/home
mount -t btrfs -o subvol=@root,$o_btrfs LABEL=linuxroot /mnt/root
mount -t btrfs -o subvol=@snapshots,$o_btrfs LABEL=linuxroot /mnt/.snapshots
mount -t btrfs -o subvol=@srv,$o_btrfs LABEL=linuxroot /mnt/srv
mount -t btrfs -o subvol=@var-cache-pacman-pkg,$o_btrfs LABEL=linuxroot /mnt/var/cache/pacman/pkg
mount -t btrfs -o subvol=@var-log,$o_btrfs LABEL=linuxroot /mnt/var/log
mount -t btrfs -o subvol=@var-tmp,$o_btrfs LABEL=linuxroot /mnt/var/tmp
mount -t vfat -o $o LABEL=EFI /mnt/efiPacstrap System
reflector --country CA --age 24 --protocol http,https --sort rate --save /etc/pacman.d/mirrorlist
pacstrap -K /mnt base base-devel linux linux-firmware intel-ucode nano cryptsetup btrfs-progs dosfstools util-linux git unzip sbctl networkmanager sudo efibootmgr wget sbctlLocal Settings
sed -i -e "/^#"en_CA.UTF-8"/s/^#//" /mnt/etc/locale.gen
systemd-firstboot --root /mnt --prompt
Welcome to your new installation of Arch Linux!
Please configure your system!
-- Press any key to proceed --
‣ Please enter system keymap name or number (empty to skip, "list" to list options): us
/mnt/etc/vconsole.conf written.
‣ Please enter timezone name or number (empty to skip, "list" to list options): America/Montreal
/mnt/etc/localtime written
‣ Please enter hostname for new system (empty to skip): wks-lpt01
/mnt/etc/hostname written.
arch-chroot /mnt locale-gen
Generating locales...
en_CA.UTF-8... done
Generation complete.
genfstab -U /mnt >> /mnt/etc/fstabUser Creation
arch-chroot /mnt useradd -G wheel -m martin
arch-chroot /mnt passwd martin
sed -i -e '/^# %wheel ALL=(ALL:ALL) NOPASSWD: ALL/s/^# //' /mnt/etc/sudoersUnified Kernel
echo "quiet rw" > /mnt/etc/kernel/cmdline
mkdir -p /mnt/efi/EFI/Linux
nano /mnt/etc/mkinitcpio.conf
# vim:set ft=sh
MODULES=(btrfs)
BINARIES=()
FILES=()
HOOKS=(base systemd autodetect modconf kms keyboard sd-vconsole sd-encrypt block filesystems fsck)
nano /mnt/etc/mkinitcpio.d/linux.preset
# mkinitcpio preset file to generate UKIs
ALL_config="/etc/mkinitcpio.conf"
ALL_kver="/boot/vmlinuz-linux"
PRESETS=('default' 'fallback')
#default_config="/etc/mkinitcpio.conf"
#default_image="/boot/initramfs-linux.img"
default_uki="/efi/EFI/Linux/arch-linux.efi"
default_options="--splash /usr/share/systemd/bootctl/splash-arch.bmp"
#fallback_config="/etc/mkinitcpio.conf"
#fallback_image="/boot/initramfs-linux-fallback.img"
fallback_uki="/efi/EFI/Linux/arch-linux-fallback.efi"
fallback_options="-S autodetect"
arch-chroot /mnt mkinitcpio -P
ls -lR /mnt/efi
/mnt/efi:
total 4
drwxr-xr-x 3 root root 4096 Mar 17 21:11 EFI
/mnt/efi/EFI:
total 4
drwxr-xr-x 2 root root 4096 Mar 17 21:12 Linux
/mnt/efi/EFI/Linux:
total 171832
-rwxr-xr-x 1 root root 36822528 Mar 6 14:46 arch-linux.efi
-rwxr-xr-x 1 root root 139132416 Mar 6 14:46 arch-linux-fallback.efiServices and Boot Loader
systemctl --root /mnt enable systemd-resolved systemd-timesyncd NetworkManager
systemctl --root /mnt mask systemd-networkd
arch-chroot /mnt bootctl install --esp-path=/efi
sync
systemctl rebootGnome
sudo pacman -Syu pipewire pipewire-jack pipewire-alsa pipewire-pulse wireplumber noto-fonts-emoji gnomeSecure Boot and TMP2
sudo sbctl create-keys
sudo sbctl enroll-keys -m
sudo sbctl sign -s -o /usr/lib/systemd/boot/efi/systemd-bootx64.efi.signed /usr/lib/systemd/boot/efi/systemd-bootx64.efi
sudo sbctl sign -s /efi/EFI/BOOT/BOOTX64.EFI
sudo sbctl sign -s /efi/EFI/Linux/arch-linux.efi
sudo sbctl sign -s /efi/EFI/Linux/arch-linux-fallback.efi
systemctl reboot
sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 /dev/gpt-auto-root-luks
systemctl reboot