Go to file
2021-09-28 16:34:52 +00:00
README.md Update 'README.md' 2021-09-28 16:34:52 +00:00

Artix Linux with Full Disk Encryption installation guide

This is a cheatsheet I made for myself to use it everytime I want to install Arch/Artix, or maybe even other distros like Gentoo or Slackware, the steps are very similar. You can PR suggestions or fixes if you want!

0. Backup your data

Every time you are going to mess around with partitions and hard drives, SSD's, etc. Always make sure to make a backup and test that backup to make sure that you are not losing your important data.

1. Make sure that you have an internet connection

If you want to avoid issues just plug in an ethernet cable and 99% times Internet will just work. If for some reason you need to use Wi-fi, for Arch, you can type this command to connect to your wifi:

# wifi-menu

but for Artix it's a little bit more tricky. You have to:

# connmanctl enable wifi 
# connmanctl scan wifi 
# connmanctl services 
# connmanctl connect [enter the code starting in "wifi_" that is assigned to the desired ssid here]

And then you can ping a website to make sure that you have an Internet connection.

# ping francoacg.com

2. Switch to the root user

If you are not root already, switch to the root user:

$ su -

On Artix, it will prompt for a password, which is artix

3. Check wether you are using UEFI or not

This will change just a couple of steps later

# ls /sys/firmware/efi/efivars

If you see a bunch of stuff comming out, you are using UEFI. If you see something like "No such file or directory", you are using BIOS. Keep that in mind for the next steps.

4. Identify your drive

Run

# fdisk -l

to list your devices. The one with the most capacity is likely the one where you want to install your OS. If you have a SATA drive, it will probably be /dev/sda or /dev/sdb. If you have an nVME drive, it will probably be /dev/nvme0n1. Be careful with this to make sure that you are going to use the right drive.

5. Drive format and partitioning

WARNING: If you want to dualboot (probably with Windows), you have to skip this step and do other steps instead, but we will not cover that in this guide for now. Again, make sure to chose the right drive. In my case, I will be using /dev/vda because I'm testing this on a virtual machine, but in your case it will probably be /dev/sda or /dev/nvme0n1. NOTE: If you don't have UEFI, just skip the EFI partitions steps

Start formatting the drive

# fdisk /dev/vda

Create a GPT partition. This is required if you have UEFI. On BIOS it doesn't really matter

Command (m for help): g

512M EFI partition

Command (m for help): n
Partition number (1-128, default 1):
First sector (...):
Last sector (...): +512M
Command (...): t
Partition type or alias (type L to list all): 1

512M BOOT partition

Command (m for help): n
Partition number (2-128, default 2):
First sector (...):
Last sector (...): +512M

LVM partition

Command (m for help): n
Partition number (3-128, default 3):
First sector (...):
Last sector (...):
Command (...): t
Partition number (1-3, default 3):
Partition type or alias (type L to list all): 30

Write changes

Command (...): w

Format the EFI partition

# mkfs.fat -F32 /dev/vda1

Format the BOOT partition

# mkfs.ext4 /dev/vda2

6. Setup encryption

Create the encrypted partition with a passphrase, then the LVM volume and partitions

# cryptsetup luksFormat /dev/vda3
# cryptsetup open --type luks /dev/vda3 lvm
# pvcreate --dataalignment 1m /dev/mapper/lvm
# vgcreate volgr0 /dev/mapper/lvm
# lvcreate -l 100%free volgr0 -n lv_root
# modprobe dm_mod
# vgscan
# vgchange -ay
# mkfs.ext4 /dev/volgr0/lv_root
# mount /dev/volgr0/lv_root /mnt
# mkdir /mnt/boot
# mount /dev/vda2 /mnt/boot

Generate the fstab with UUID Note: in Artix its fstabgen and in Arch its genfstab

# mkdir /mnt/etc
# fstabgen -U -p /mnt >> /mnt/etc/fstab

7. Actually installing the system

Note: pacstrap for Arch and basestrap for Artix Note: Replace <init> by your init system of choice or don't put any if you are on Arch (Systemd) Note: Don't put linux-firmware if you don't want proprietary drivers We can install all we need at once:

basestrap /mnt base base-devel linux linux-firmware <init> elogind-<init> cryptsetup networkmanager networkmanager-<init> wpa_supplicant wireless_tools lvm2 sudo grub efibootmgr dosfstools os-prober mtools vim 

Chroot to the installation. arch-chroot for Arch and artix-chroot for Artix

# artix-chroot /mnt

Enable networkmanager OpenRC:

# rc-update add NetworkManager

Runit:

# ln -s /etc/runit/sv/NetworkManager /etc/runit/runsvdir/default

Enable disk decryption at startup

/etc/mkinitcpio.conf

HOOKS=(base udev ... block encrypt lvm2 ...)

Apply changes

# mkinitcpo -P

Setup your server of preference. Just copy it at top like so

vim /etc/pacman.d/mirrorlist

Server = https://us-mirror.artixlinux.org/$repo/os/$arch

Setup the timezone

ln -sf /usr/share/zoneinfo/Your/Timezone /etc/localtime

Sync your hardware clock

hwclock --systohc

Configure your locale by uncommenting the lines that you want

/etc/locale.gen

en_US.UTF-8 UTF-8
en_US.ISO-8859-1

Generate the locale

# locale-gen

Put your locale at this file like so

/etc/locale.conf

LANG=en_US.UTF-8

Setup hostname

/etc/hostname

your-hostname

Setup hosts

/etc/hosts

127.0.0.1        localhost
::1              localhost
127.0.1.1        your-hostname.localdomain    your-hostname

Set the root password

# passwd

Create your user

# useradd -m -g users -G wheel <your-user>

Set the password for the created user

# passwd <your-user>

Give sudo privileges to the user by spawning visudo and uncomment the line

# EDITOR=vim visudo

%wheel ALL=(ALL) ALL

Install GRUB With UEFI

# mkdir /boot/EFI
# mount /dev/vda1 /boot/EFI
# grub-install --target=x86_64-efi --bootloader-id=grub_uefi --recheck

With BIOS

# grub-install --target=i386-pc --recheck /dev/vda

Set the locale for GRUB

# mkdir /boot/grub/locale
# cp /usr/share/locale/en\@quot/LC_MESSAGES/grub.mo /boot/grub/locale/en.mo

Enable encryption for GRUB by uncommenting GRUB_ENABLE_CRYPTODISK=y and adding cryptdevice=UUID=<uuid-of-/dev/vda3>:volgr0:allow-discards to the kernel parameters Get partition UUID:

# blkid /dev/vda3
/etc/default/grub

GRUB_CMDLINE_LINUX="cryptdevice=UUID=<uuid>:cryptlvm root=/dev/volgr0/lv_root"
GRUB_ENABLE_CRYPTODISK=y

Save the config

# grub-mkconfig -o /boot/grub/grub.cfg

Now you can finally reboot!

8. Post installation

Update the system

# pacman -Syu

Make a swapfile

# dd if=/dev/zero of=/swapfile bs=1M count=4096 status=progress
# chmod 600 /swapfile
# mkswap /swapfile
# swapon /swapfile
# cp /etc/fstab /etc/fstab.bak
# echo '/swapfile none swap sw 0 0' >> /etc/fstab

Install Paru

$ sudo pacman -S git
$ git clone https://aur.archlinux.org/paru.git
$ cd paru
$ makepkg -si
$ cd ..
$ rm -rf paru/

Install xorg

$ sudo pacman -S xorg xf86-video-intel vulkan-intel mesa libva-intel-driver

Install a display manager

$ sudo pacman -S lightdm lightdm-<init-system> lightdm-gtk-greeter
$ sudo rc-update add lightdm //OpenRC

GTK Themes

You can install the lxappearance-gtk3 package, open the lxappearance program and then install a theme like arc-gtk-theme

Intel backlight

Probably you won't need this if you use xbacklight (install the xorg-xbacklight package), but if for some reason xbacklight doesn't work, you can use intel_baclkight: Allow the video group

/etc/udev/rules.d/backlight.rules

ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", GROUP="video", MODE="0664"
RUN+="/bin/chgrp video /sys/class/backlight/intel_backlight/brightness"
RUN+="/bin/chmod g+w /sys/class/backlight/intel_backlight/brightness"

English international keyboard

Run

# setxkbmap -rules evdev -model evdev -layout us -variant altgr-intl

Or persist it on the xorg settings

/etc/X11/xorg.conf.d/00-keyboard.conf

Section "InputClass"
    Identifier "Keyboard Defaults"
    MatchIsKeyboard "yes"
    Option  "XkbLayout" "us"
    Option  "XkbVariant" "altgr-intl"
EndSection

Touchpad

Install

$ sudo pacman -S libinput xf86-input-libinput xorg-xinput

Enable natural scrolling and tab click

/etc/X11/xorg.conf.id/30-touchpad.conf

Section "InputClass"
    Identifier "touchpad"
    Driver "libinput"
    MatchIsTouchpad "on"
    Option "Tapping" "on"
    Option "NaturalScrolling" "true"
EndSection

Install dmenu

$ sudo pacman -S git
$ git clone https://git.suckless.org/dmenu
$ cd dmenu
$ make && sudo make clean install

Enable more repositories!

Install Arch linux mirrorlist and keyring

sudo pacman -S archlinux-mirrorlist archlinux-keyring
/etc/pacman.conf

[universe]
Server = https://universe.artixlinux.org/$arch

# ARCH
[extra]
Include = /etc/pacman.d/mirrorlist-arch

[community]
Include = /etc/pacman.d/mirrorlist-arch

[multilib]
Include = /etc/pacman.d/mirrorlist-arch

Optimus-manager for hybrid-GPU laptops

You will need the Universe repository for this

$ sudo pacman -S optimus-manager-<init> <DM>-optimus-<init> optimus-manager-git

And then enable the optimus-manager service. Example with OpenRC

$ sudo pacman -S optimus-manager-openrc lightdm-optimus-openrc optimus-manager-git
$ sudo rc-update add optimus-manager

Preserve arandr settings

~/.xinitrc

#!/bin/sh
/home/$USER/.screenlayout/layout.sh

Useful programs

  • Xorg and dependencies for DWM or Dmenu: pacman -S xorg xorg-server libxinerama
  • Pipewire audio backend: pacman -S pipewire pipewire-docs pipewire-alsa pipewire-pulse pipewire-jack alsa-utils
  • Polkit (ask for permissions): pacman -S polkit <whatever polkit frontent u want>
  • OpenSSH: pacman -S openssh
  • Tiling window manager written in Rust: leftwm
  • Notification system: dunst
  • Disk usage utility: ncdu
  • Nice looking disk encryption password prompt: plymouth
  • Graphical xrandr for screen configuration: arandr
  • GUI file manager: pacman -S pcmanfm file-roller