Remember this area is saved in your RAM, so make sure you have enough of it
+ +``` +mount -o remount,size=5G /run/archiso/cowspace + +pacman -Syy plasma-desktop glibc konsole xorg +pacman -Scc + +startplasma-wayland +``` + +#### Set key map + ```bash loadkeys pl ``` -### Update clock + +#### Update clock + ```bash timedatectl set-ntp true ``` -### Optionally (recommended) update mirrorlist + +#### Optionally (recommended) update mirrorlist + ```bash reflector --country 'Poland' --age 24 --verbose --sort rate --save /etc/pacman.d/mirrorlist ``` - # 2. Prepare Disk -### Update btrfs-progs +## 2. Prepare Disk + +#### Update btrfs-progs + ```bash -pacman -Syy btrfs-progs +pacman -Syy btrfs-progs ``` -### Display disks setup + +#### Display disks and partitions + ```bash -fdisk -l +lsblk ``` -### Create partitions (if you have not already) + +#### Create partitions (if you have not already) + ```bash fdisk /dev/sdX ``` -1. 100MB EFI partition -2. 100% size partiton # ( encrypted optionally) for BTRFS, this partition will require formatting AFTER encryption if you do encryption -### Swap will be as file in its own subvolume -```bash -mkfs.vfat -F32 /dev/sdX1 + +1. 100MB EFI partition +2. 100% size partiton # ( encrypted optionally) for BTRFS partition, this partition will require formatting AFTER encryption if you do encryption + +##### Swap will bin in file with CoW disabled, which will be prepared later + +#### Format EFI partition + +```Bash +mkfs.vfat -F32 /dev/sdX1 ``` - -### ----------------- encryption (optional) ------------------ - -### Setup the encryption of the system, don't use letters outside en-us keyboard like ąęć etc. for password -### Grub have some kind of support for luks2 now but still cannot decrypt luks2, so specify luks1 for now + +##### ----------------- encryption (optional) ------------------ + + +#### Setup the encryption of the system, + +Don't use regional letters (not in en-us keyboard) like ąęć etc. for password. This requires additional steps, which are not covered by this tutorial.
+ +#### Grub have some kind of support for luks2, but not entirely, so for more fail-safe setup use luks1 + ```bash cryptsetup -c=aes-xts-plain64 --key-size=512 --hash=sha512 --iter-time=3000 --pbkdf=pbkdf2 --use-random luksFormat --type=luks1 /dev/sdX2 -cryptsetup luksOpen /dev/sdX2 MainPart +cryptsetup luksOpen /dev/sdX2 MainPart ``` -### Formatting as btrfs now when it is already encrypted + +### Formatting as btrfs now when it is already encrypted + ```bash mkfs.btrfs -L "Arch Linux" /dev/mapper/MainPart ``` - -### ---------------- end of encryption ------------------------ - -### Format the partition if not yet formatted: + +##### ---------------- end of encryption ------------------------ + +#### Format the partition if not yet formatted: + ```bash pacman -Syy btrfs-progs mkfs.btrfs -L "Arch Linux" /dev/sdX2 ``` -### Mount partition to be able to create btrfs subvolumes -### If using encryption, change /dev/sdX2 to /dev/mapper/MainPart: + +#### Mount partition to be able to create btrfs subvolumes + +##### If using encryption, change **/dev/sdX2** to **/dev/mapper/MainPart**: + ```bash mount /dev/sdX2 /mnt ``` -## Create subvolumes -### Using more complicated sheme, (but there actually is only need for separate @swap subvolume , other files can be on default top subvolume) + +#### Create subvolumes + +##### This scheme can be adjusted to your needs, I'd suggest at least one subvolume for root (@) and one for snapshots (@snapshots). varlog and tmp are created to easily disable Copy on Write on` /var/log` and `/tmp`. + ```bash btrfs su cr /mnt/@ -btrfs su cr /mnt/@swap - btrfs su cr /mnt/@home -btrfs su cr /mnt/@var +btrfs su cr /mnt/@varlog btrfs su cr /mnt/@tmp btrfs su cr /mnt/@snapshots -``` -#### disable copy on write on var, tmp and swap -```bash -chattr +C /mnt/@var -chattr +C /mnt/@tmp -chattr +C /mnt/@swap -umount /mnt ``` -### If using encryption, change /dev/sdX2 to /dev/mapper/MainPart: + +##### Disable copy on write on `/var/log` and `/tmp` + +```bash +chattr +C /mnt/@varlog +chattr +C /mnt/@tmp +umount /mnt + +``` + +#### If using encryption, change **/dev/sdX2** to **/dev/mapper/MainPart**: + ```bash mount -o defaults,noatime,discard,ssd,subvol=@ /dev/sdX2 /mnt - -mkdir /mnt/swap mkdir /mnt/home -mkdir /mnt/var +mkdir -p /mnt/var/log mkdir /mnt/tmp mkdir /mnt/snapshots mkdir /mnt/efi # for EFI partition /dev/sdX1 - ``` -### If using encryption, change /dev/sdX2 to /dev/mapper/MainPart -### for swap subvolume add nodatacow option to disable CoW (works only if its separate partition) -### Discard ssd and noatime are for ssd disks only -```bash -mount -o defaults,noatime,nodatacow,discard,ssd,subvol=@swap /dev/sdX2 /mnt/swap - -mount -o defaults,noatime,discard,ssd,subvol=@home /dev/sdX2 /mnt/home - -mount -o defaults,noatime,discard,ssd,subvol=@var /dev/sdX2 /mnt/var - -mount -o defaults,noatime,discard,ssd,subvol=@tmp /dev/sdX2 /mnt/tmp - -mount -o defaults,noatime,discard,ssd,subvol=@snapshots /dev/sdX2 /mnt/snapshots - -mount /dev/sdX1 /mnt/efi - ``` -# 3. Install Arch Linux - -### Select the mirror to be used if not updated with reflector on start -```bash -nano /etc/pacman.d/mirrorlist -``` -### This command can be customized with additional packages -```bash -pacstrap /mnt/ base base-devel git btrfs-progs efibootmgr linux linux-headers linux-firmware mkinitcpio dhcpcd bash-completion sudo - ``` -### Use genfstab with -U parameter if no encryption -```bash -genfstab /mnt >> /mnt/etc/fstab - ``` -### If using swapfile check if nodatacow is added for @swap -```bash -vim /mnt/etc/fstab - ``` - -# 4. Configure the system - -### Switch to installed system root user +#### Discard and ssd options and are for ssd disks only + +#### If using encryption, change **/dev/sdX2** to **/dev/mapper/MainPart** + ```bash -arch-chroot /mnt /bin/bash +mount -o defaults,noatime,discard,ssd,subvol=@home /dev/sdX2 /mnt/home + +mount -o defaults,noatime,discard,ssd,subvol=@varlog /dev/sdX2 /mnt/var/log + +mount -o defaults,noatime,discard,ssd,subvol=@tmp /dev/sdX2 /mnt/tmp + +mount -o defaults,noatime,discard,ssd,subvol=@snapshots /dev/sdX2 /mnt/snapshots + +mount /dev/sdX1 /mnt/efi ``` - -### Nano can be usefull when editing config files + +# 3. Install Arch Linux + +#### Select the mirror to be used if not updated with reflector on start + ```bash -pacman -Syy nano - ``` -### Setup system clock +vim /etc/pacman.d/mirrorlist +``` + +#### Install base system: + +##### This command can be customized with additional packages (**btrfs-progs is necessary to let the system boot up from btrfs partition !**) + +```bash +pacstrap /mnt/ base base-devel git btrfs-progs efibootmgr linux linux-headers linux-firmware mkinitcpio dhcpcd bash-completion sudo +``` + +#### Generate fstab: + +##### Use genfstab with -U parameter if no encryption + +```bash +genfstab /mnt >> /mnt/etc/fstab +``` + +#### + +# 4. Configure the system + +#### Switch to installed system root user + +```bash +arch-chroot /mnt /bin/bash +``` + +#### Nano can be usefull when editing config files + +```bash +pacman -Syy nano +``` + +#### Setup system clock + ```bash ln -s /usr/share/zoneinfo/Europe/Warsaw /etc/localtime hwclock --systohc --utc ``` - -### Set the hostname in `/etc/hostname` + +#### Set the hostname in `/etc/hostname` + ```test -myhostname - ``` -### Edit vconsole in `/etc/vconsole.conf` +myhostname +``` + +#### Edit vconsole in `/etc/vconsole.conf` + ```text KEYMAP=pl FONT=Lat2-Terminus16.psfu.gz FONT_MAP=8859-2 + ``` -### Setup locale -### Uncomment pl_PL.UTF-8 in /etc/locale.gen and then run: + +#### Setup locale + +##### Uncomment pl\_PL.UTF-8 in /etc/locale.gen and then run: + ```bash -locale-gen - ``` -### Update locale in `etc/locale.conf` +locale-gen +``` + +#### Update locale in `etc/locale.conf` + ```text LANG=en_US.UTF-8 LC_COLLATE=pl_PL.UTF-8 @@ -188,136 +259,228 @@ LC_MEASUREMENT=pl_PL.UTF-8 LC_MONETARY=pl_PL.UTF-8 LC_NUMERIC=pl_PL.UTF-8 LC_TIME=pl_PL.UTF-8 - ``` -### Hosts in `/etc/hosts` + +``` + +#### Hosts in `/etc/hosts` + ```text 127.0.0.1 localhost ::1 localhost 127.0.1.1 myhostname.localdomain myhostname - ``` -### Now create 4GiB swap file. nodatacow is already on @swap but if you follow exactly then @swap is on same partition as other subvolumes and nodatacow will not work for whole subvolume so you need to disavle CoW manualy : + +``` + +#### Now create empty (with 0 size) swap file: + +#### Create separate folder for swapfile. This folder is needed to let you make snapshot of `/`, which would not be possible with any file in it with CoW disabled! + +``` +mkdir /swap + +chattr +C /swap +``` + +#### Copy on Write should always be disabled on swap file, so it will be done in the next step + ```bash touch /swap/swapfile ``` -### Check if C attribute is enabled with + +#### Check if C attribute is enabled (should be already if created in folder with disabled CoW attribute) + ```bash lsattr /swap/swapfile' ``` -### If not then disable COW for swapfile manually: + +#### If not then disable CoW for swapfile manually: + ```bash chattr +C /swap/swapfile - ``` -### Expanding empty file to 4GiB swap file +``` + +#### Expanding empty file to 4GiB swap file + ```bash dd if=/dev/zero of=/swap/swapfile bs=1024K count=4096 - + chmod 600 /swap/swapfile - ``` -### Format the swap file. + +``` + +#### Format the swap file. + ```bash mkswap /swap/swapfile - ``` -### Turn swap file on. +``` + +#### Turn swap file on. + ```bash swapon /swap/swapfile -``` -### You also need to update `/etc/fstab` to mount swapfile on boot: +``` + +#### You also need to update `/etc/fstab` to mount swapfile on boot: + ```text /swap/swapfile none swap sw 0 0 - ``` -### Set password for root +``` + +#### Set password for root + ```bash passwd ``` -### Add real user + +#### Add real user an set password for him + ```bash useradd -m MYUSERNAME + passwd MYUSERNAME - ``` -### Configure mkinitcpio with modules needed for the initrd image +``` + +### Configure mkinitcpio with modules needed for the initrd image + ```bash vim /etc/mkinitcpio.conf ``` -### Remove 'fsck' and add 'keyboard', 'keymap', 'encrypt' and 'btrfs' to HOOKS before filesystems -### If no encryption then only remove fsck and add on that place btrfs + +#### Add 'keyboard', 'keymap', 'encrypt' and 'btrfs' to HOOKS before filesystems: + +``` +HOOKS=(base udev autodetect keyboard keymap modconf block btrfs filesystems keyboard fsck) +``` + +#### Add btrfsck to binaries: + +``` +BINARIES=(btrfsck) +``` + +#### **With encryption:** also add encrypt before btrfs: + ```text HOOKS=(... keyboard keymap block encrypt btrfs ... filesystems ...) - ``` -###### optionally add BINARIES=(/usr/bin/btrfs) for rescue? - -### Regenerate initrd images +``` + +###### + +#### Regenerate initrd images + ```bash mkinitcpio -P - ``` - # 5. Install bootloader - -### Setup grub (UEFI) +``` + +# 5. Install bootloader + +#### Setup grub (UEFI) + ```bash pacman -S grub efibootmgr os-prober dosfstools mtools - ``` - -### -------------encryption only--------------------- -#### edit `/etc/default/grub` -```text -GRUB_ENABLE_CRYPTODISK=y ``` -### Find UUID (UUID for /dev/sdX2) of crypto partition so we can add it to grub config + +#### -------------encryption only--------------------- + +#### edit `/etc/default/grub` + +```text +GRUB_ENABLE_CRYPTODISK=y +``` + +#### Find UUID (UUID for /dev/sdX2) of crypto partition so we can add it to grub config + ```bash -blkid +blkid ``` -### Now set this line including proper UUID in place of "\