First commit

2021-09-24 21:27:25 -05:00 · 2021-09-24 21:27:25 -05:00 · 015ad88c33
commit 015ad88c33
1 changed files with 254 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,254 @@
+# Artix Linux with Full Disk Encryption installation guide
+This is a cheatsheet I made for myself to use it everytime I want to install Arch/Artix, or maybe even other distros like Gentoo or Slackware, the steps are very similar. You can PR suggestions or fixes if you want!
+
+## 0. Backup your data
+Every time you are going to mess around with partitions and hard drives, SSD's, etc. Always make sure to make a backup and test that backup to make sure that you are not losing your important data.
+
+## 1. Make sure that you have an internet connection
+If you want to avoid issues just plug in an ethernet cable and 99% times Internet will just work.
+If for some reason you need to use Wi-fi, for Arch, you can type this command to connect to your wifi:
+```
+# wifi-menu
+```
+but for Artix it's a little bit more tricky. You have to:
+```
+# connmanctl enable wifi 
+# connmanctl scan wifi 
+# connmanctl services 
+# connmanctl connect [enter the code starting in "wifi_" that is assigned to the desired ssid here]
+```
+And then you can `ping` a website to make sure that you have an Internet connection.
+```
+# ping francoacg.com
+```
+
+## 2. Switch to the root user
+If you are not `root` already, switch to the root user:
+```
+$ su -
+```
+On Artix, it will prompt for a password, which is `artix`
+
+## 3. Check wether you are using UEFI or not
+This will change just a couple of steps later
+```
+# ls /sys/firmware/efi/efivars
+```
+If you see a bunch of stuff comming out, you are using UEFI. If you see something like "No such file or directory", you are using BIOS.
+Keep that in mind for the next steps.
+
+## 4. Identify your drive
+Run
+```
+# fdisk -l
+```
+to list your devices. The one with the most capacity is likely the one where you want to install your OS. If you have a SATA drive, it will probably be `/dev/sda` or `/dev/sdb`. If you have an nVME drive, it will probably be `/dev/nvme0n1`. Be careful with this to make sure that you are going to use the right drive.
+
+## 5. Drive format and partitioning
+WARNING: If you want to dualboot (probably with Windows), you have to skip this step and do other steps instead, but we will not cover that in this guide for now.
+Again, make sure to chose the right drive. In my case, I will be using `/dev/vda` because I'm testing this on a virtual machine, but in your case it will probably be `/dev/sda` or `/dev/nvme0n1`.
+NOTE: If you don't have UEFI, just skip the EFI partitions steps
+
+Start formatting the drive
+```
+# fdisk /dev/vda
+```
+Create a GPT partition. This is required if you have UEFI. On BIOS it doesn't really matter
+```
+Command (m for help): g
+```
+512M EFI partition
+```
+Command (m for help): n
+Partition number (1-128, default 1):
+First sector (...):
+Last sector (...): +512M
+Command (...): t
+Partition type or alias (type L to list all): 1
+```
+512M BOOT partition
+```
+Command (m for help): n
+Partition number (2-128, default 2):
+First sector (...):
+Last sector (...): +512M
+```
+LVM partition
+```
+Command (m for help): n
+Partition number (3-128, default 3):
+First sector (...):
+Last sector (...):
+Command (...): t
+Partition number (1-3, default 3):
+Partition type or alias (type L to list all): 30
+```
+Write changes
+```
+Command (...): w
+```
+Format the EFI partition
+```
+# mkfs.fat -F32 /dev/vda1
+```
+Format the BOOT partition
+```
+# mkfs.ext4 /dev/vda2
+```
+
+## 6. Setup encryption
+Create the encrypted partition with a passphrase, then the LVM volume and partitions
+```
+# cryptsetup luksFormat /dev/vda3
+# cryptsetup open --type luks /dev/vda3 lvm
+# pvcreate --dataalignment 1m /dev/mapper/lvm
+# vgcreate volgr0 /dev/mapper/lvm
+# lvcreate -l 100%free volgr0 -n lv_root
+# modprobe dm_mod
+# vgscan
+# vgchange -ay
+# mkfs.ext4 /dev/volgr0/lv_root
+# mount /dev/volgr0/lv_root /mnt
+# mkdir /mnt/boot
+# mount /dev/vda2 /mnt/boot
+```
+Generate the fstab with UUID
+Note: in Artix its `fstabgen` and in Arch its `genfstab`
+```
+# mkdir /mnt/etc
+# fstabgen -U -p /mnt >> /mnt/etc/fstab
+```
+
+## 7. Actually installing the system
+Note: `pacstrap` for Arch and `basestrap` for Artix
+Note: Replace `<init>` by your init system of choice or don't put any if you are on Arch (Systemd)
+Note: Don't put `linux-firmware` if you don't want proprietary drivers
+We can install all we need at once:
+```
+basestrap /mnt base base-devel linux linux-firmware <init> elogind-<init> cryptsetup networkmanager networkmanager-<init> wpa_supplicant wireless_tools lvm2 sudo grub efibootmgr dosfstools os-prober mtools vim 
+```
+Chroot to the installation. `arch-chroot` for Arch and `artix-chroot` for Artix
+```
+# artix-chroot /mnt
+```
+Enable networkmanager
+OpenRC:
+```
+# rc-update add NetworkManager
+```
+Runit:
+```
+# ln -s /etc/runit/sv/NetworkManager /etc/runit/runsvdir/default
+```
+
+Enable disk decryption at startup
+```
+/etc/mkinitcpio.conf
+
+HOOKS=(base udev ... block encrypt lvm2 ...)
+```
+Apply changes
+```
+# mkinitcpo -P
+```
+Setup your server of preference. Just copy it at top like so
+```
+vim /etc/pacman.d/mirrorlist
+
+Server = https://us-mirror.artixlinux.org/$repo/os/$arch
+```
+Setup the timezone
+```
+ln -sf /usr/share/zoneinfo/Your/Timezone /etc/localtime
+```
+Sync your hardware clock
+```
+hwclock --systohc
+```
+Configure your locale by uncommenting the lines that you want
+```
+/etc/locale.gen
+
+en_US.UTF-8 UTF-8
+en_US.ISO-8859-1
+```
+Generate the locale
+```
+# locale-gen
+```
+Put your locale at this file like so
+```
+/etc/locale.conf
+
+LANG=en_US.UTF-8
+```
+Setup hostname
+```
+/etc/hostname
+
+your-hostname
+```
+Setup hosts
+```
+/etc/hosts
+
+127.0.0.1        localhost
+::1              localhost
+127.0.1.1        your-hostname.localdomain    your-hostname
+```
+Set the root password
+```
+# passwd
+```
+Create your user
+```
+# useradd -m -g users -G wheel <your-user>
+```
+Set the password for the created user
+```
+# passwd <your-user>
+```
+Give sudo privileges to the user by spawning `visudo` and uncomment the line
+```
+# EDITOR=vim visudo
+
+%wheel ALL=(ALL) ALL
+```
+Install GRUB
+With UEFI
+```
+# mkdir /boot/EFI
+# mount /dev/vda1 /boot/EFI
+# grub-install --target=x86_64-efi --bootloader-id=grub_uefi --recheck
+```
+With BIOS
+```
+# grub-install --target=i386-pc --recheck /dev/vda
+```
+Set the locale for GRUB
+```
+# mkdir /boot/grub/locale
+# cp /usr/share/locale/en\@quot/LC_MESSAGES/grub.mo /boot/grub/locale/en.mo
+```
+Enable encryption for GRUB by uncommenting `GRUB_ENABLE_CRYPTODISK=y` and adding `cryptdevice=UUID=<uuid-of-/dev/vda3>:volgr0:allow-discards` to the kernel parameters
+Get partition UUID:
+```
+# blkid /dev/vda3
+```
+```
+/etc/default/grub
+
+GRUB_CMDLINE_LINUX="cryptdevice=UUID=<uuid>:cryptlvm root=/dev/volgr0/lv_root"
+GRUB_ENABLE_CRYPTODISK=y
+```
+Save the config
+```
+# grub-mkconfig -o /boot/grub/grub.cfg
+```
+Now you can finally reboot!
+
+## 8. Post installation
+- Display manager: `lightdm`
+- xorg: `pacman -S xorg xorg-server`
+- Notification system: `dunst`
+- Nice looking disk encryption password prompt: `plymouth`