tiyn
/
wiki
mirror of https://github.com/Tiyn/wiki
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
These are some guides for various use.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
232 KiB
Tree: 0436082076
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0436082076'
${ noResults }
wiki/#installation.md

173 lines
8.2 KiB
Raw Normal View History

inital commit
8 months ago
  1. # Arch installation with LUKS encryption and LVM
  3. This is the german version of the [installation guide on rvbg.eu](https://wiki.rvbg.eu/#arch/installation.md).
  4. This guide is based upon a [german arch wiki entry](https://wiki.archlinux.de/title/Moderne_Installation_mit_UEFI_und_Verschlüsselung).
  6. At the end of this guide a fully functional Arch Linux will be installed.
  8. ## 1. Preparation
  9. Ahead of the installation an Arch boot-stick has to be created. The iso-file can be found on the [official website](https://www.archlinux.org/download/).
  10. The iso can be written on an USB-stick using ```dd```.
  11. After that the USB can be plugged in the system on which Arch should be installed.
  12. Boot the target system and select ```Boot Arch Linux (x86_64)```.
  14. If you need to set the keyboard layout to anything other than english you can temporarily do so by using the ```loadkeys``` command.
  15. This has to be followed by your country id (for example a german keyboard layout would be ```de```,```de-latin1``` or ```de-latin1-nodeadkeys```.
  17. ## 2. Formatting of the target drive
  18. Using ```lsblk``` you can list all the drives and partitions.
  19. Select a drive to install Arch on.
  20. For reasons of simplicity the following guide will assume the selected drive to be ```/dev/sda```.
  21. ### Clear disk completely:
  23. - `dd status=progress if=/dev/zero of=/dev/sda`
  25. Now all partitions should be removed.
  27. ### Create new partitions:
  28. If you missclick during the progress of the following commands you can press ```CTRL+C``` to close the program.
  29. No changes will be made until the confirmation at the end.
  30. The swap partition will be created later under lvm.
  32. - `gdisk /dev/sda`
  33. - `N` - Create a new empty partition table
  34. - `↵ Enter` - Create a partition
  35. - `↵ Enter` - Confirm first sector
  36. - `+512M` - Assign size of 512 MB for the first partition
  37. - `ef00` - Make the partition bootable
  38. - `n` - Create a second partition
  39. - `↵ Enter` - Confirm creation of partition
  40. - `↵ Enter` - Confirm first sector
  41. - `↵ Enter` - Confirm last sector
  42. - `↵ Enter` - Confirm partition type
  43. - `P` - Show created partitions
  44. - `W` - Save all changes
  45. - `Y` - Confirm saving changes
  47. ## 3. Encryption
  48. We need to find out which partitions is the one we want to encrypt.
  49. Using ```blkid | grep /dev/sda``` all partitions we created get listed.
  50. The right partition has the label ```Linux filesystem```.
  51. For this guide this partition is assumed to be ```/dev/sda2```.
  53. - `modprobe dm-crypt` - load kernelmodule for encryption
  54. - `cryptsetup -c aes-xts-plain -y -s 512 luksFormat /dev/sda2` - encryption
  55. - confirm with ```YES```
  56. - Now you can assign a passphrase.
  57. The passphrase has to be entered at boot to decrypt the system.
  58. Recovering of this passphrase is **not** possible.
  60. ## 4. Setup LVM
  61. - `cryptsetup luksOpen /dev/sda2 lvm` - Opening encrypted partition and mapping it to ```/dev/mapper/lvm```
  62. - `pvcreate /dev/mapper/lvm` - Create a LVM physical volume
  63. - `vgcreate main /dev/mapper/lvm` - Create LVM Volume Group
  64. - `lvcreate -L 16G -n swap main` - Create Swap in LVM (recommended: swap size is equal to ram size)
  65. - `lvcreate -l 100%FREE -n root main` - Create LVM Logical Volume for /
  67. ## 5. Create filesystems and mounting them temporarily
  68. We have to find out which partition is our boot-partition.
  69. Using ```blkid | grep /dev/sda``` once again, we can identify it by looking for the ```EFI system partition``` label.
  70. The guide assumes this partition to be at ```/dev/sda1```.
  72. - ```mkfs.fat -F 32 -n UEFI /dev/sda1``` - Assign filesystem of EFI partition
  73. - ```mkfs.ext4 -L root /dev/mapper/main-root``` - Assign filesystem of root partition
  74. - ```mkswap /dev/mapper/main-swap``` - Assign swap filesystem
  76. Now the created filesystems will be mounted for the installation.
  78. - `mount /dev/mapper/main-root /mnt` - Mounting root partition
  79. - `mkdir /mnt/boot`
  80. - `mount /dev/sda1 /mnt/boot` - Mount EFI partition
  81. - `swapon /dev/mapper/main-swap` - Mounting swap partition
  83. ## 6. Prepare base installation (optional)
  84. In this step the country specific mirrorserver for the installation will be configured.
  85. This will improve the download speed.
  86. - `cp /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.bak` - Create a backup of mirrorlist
  87. - `grep -E -A 1 ".*Germany.*$" /etc/pacman.d/mirrorlist.bak | sed '/--/d' > /etc/pacman.d/mirrorlist` - Example command to only use *German* mirrors
  88. - `cat /etc/pacman.d/mirrorlist` - Check if the file is to your liking. If it is not, you can just recover by using ```mirrorlist.bak```
  90. ## 7. Starting base installation
  91. - `pacstrap /mnt base base-devel dosfstools gptfdisk lvm2 linux linux-firmware wpa_supplicant wireless_tools networkmanager vim` - Installation of main system with needed tools
  92. - `genfstab -Up /mnt > /mnt/etc/fstab` - creation of fstab
  93. - `arch-chroot /mnt` - Switch into the newly installed system
  94. - `echo ArchLinux > /etc/hostname` - Assign hostname. ```ArchLinux``` can be changed for any name of your preference.
  95. - `echo LANG=de_DE.UTF-8 > /etc/locale.conf` - Systemsprache festlegen
  96. - `echo LANG=en_US.UTF-8 > /etc/locale.conf` - Assign system Language to be english (you can use other languages, look into the ```/etc/locale.conf``` for a list of all available languages)
  97. - `vim /etc/locale.gen` - Assigning system language
  98. - uncomment the lines depending on your needs.
  99. In this example:
  100. ```
  101. en_US.UTF-8 UTF-8
  102. ```
  103. - `locale-gen` - Generate languages
  104. - if you need any other keymap than english you can change it now for example to German by `echo KEYMAP=de-latin1 > /etc/vconsole.conf`.
  105. - `sed -i 's/MODULES=()/MODULES=(ext4)/g' /etc/mkinitcpio.conf` - Allow modules needed at boot
  106. - `sed -i 's/HOOKS=()/HOOKS=(base udev autodetect modconf block keyboard keymap encrypt lvm2 filesystems fsck shutdown)/g' /etc/mkinitcpio.conf` - Allow hooks needed at boot
  107. - `mkinitcpio -p linux` - generate Kernel-Image
  109. ## 8. Install and configure UEFI bootloader
  110. - `bootctl install` - Prepare bootloader
  111. - `vim /boot/loader/entries/arch.conf` - Create configuration
  112. It is recommended to use UUIDs where possible.
  113. Please find out what the UUID of your drive is, use ```ls -l /dev/disk/by-uuid``` to do this.
  114. ```
  115. title Arch Linux
  116. linux /vmlinuz-linux
  117. initrd /initramfs-linux.img
  118. options cryptdevice=UUID=<enter your uuid here>:lvm:allow-discards root=/dev/mapper/main-root:lvm:allow-discards resume=/dev/mapper/main-swap rw quiet lang=de init=/usr/lib/systemd/systemd locale=de_DE.UTF-8
  119. ```
  120. - `vim /boot/loader/entries/arch-fallback.conf` - Create fallback
  121. ```
  122. title Arch Linux
  123. linux /vmlinuz-linux
  124. initrd /initramfs-linux.img
  125. options cryptdevice=UUID=<enter your uuid here>:lvm:allow-discards root=/dev/mapper/main-root:lvm:allow-discards resume=/dev/mapper/main-swap rw quiet lang=de init=/usr/lib/systemd/systemd locale=de_DE.UTF-8
  126. ```
  127. - `vim /boot/loader/loader.conf` - Create loader configuration
  128. - Insert the following text
  129. ```
  130. timeout 1
  131. default arch
  132. ```
  134. ## 9. Finishing base installation
  135. - `exit` - exit the installed system
  136. - `umount /mnt/*` - unmount all partitions
  137. - `shutdown` - shutdown device
  138. - Now remove the Arch boot-stick
  140. If the system is installed in a virtual environment or a system with deactivated UEFI, don't forget to enable the EFI option, otherwise the system won't boot.
  142. ## 10. Activate Networkconnection
  143. - Start the device
  144. - Log in as ```root``` user
  145. - `systemctl enable NetworkManager.service` - Activate NetworkManager
  146. - `systemctl enable wpa_supplicant.service` - Activate wpa_supplicant
  147. - `systemctl start NetworkManager.service` - Start NetworkManager
  149. The device should connect to the internet if it is connected via LAN.
  150. Using ```nmtui``` you can administer the wired and wireless connections
  152. ## 11. Automatic timesettings
  153. - `pacman -Syu ntp` - Installing time service
  154. - `ntpd -qg` - Get current time
  155. - `hwclock --systohc` - Synchronize hardwareclock
  156. - `systemctl enable ntpd.service` - enable timeservice
  158. ## 12. Create user
  159. - `vim /etc/sudoers` - Open suoders file
  160. - uncomment the following lines
  161. ```
  162. %whell All=(ALL) ALL
  163. ```
  164. - `useradd -m user` - Create a user with ```user``` as name. For the user a home directory will be created.
  165. - `usermod -aG wheel user` - Add user ```user``` to wheel group
  166. - `passwd -d user` - Remove password for user ```user```
  168. On the freshly installed system there are 2 users.
  169. Make sure to set the password!
  170. You can add one using ```passwd```.
  172. > 03.04.2020 - Version 1.0
  173. > 03.04.2020 - Version 1.1en