Changed to an actual readme.
This commit is contained in:
parent
4e746d37bd
commit
023394f95c
221
README.md
221
README.md
|
@ -1,218 +1,9 @@
|
|||
# Simple, modern and secure installation of Arch Linux with KDE Plasma.
|
||||
|
||||
This is my personal installation routine, which I continously expand and redefine. It aims for a simple (read minimal) Arch Linux installation, which is modern in the way that it uses UEFI and systemd-boot, secure in the way that it uses full-disk encryption using LUKS as well as flexibility by using LVM volumes for the root and home partition.
|
||||
|
||||
https://gitlab.com/dataprolet/simple-modern-and-secure-arch-linux-install/-/blob/master/install.md
|
||||
|
||||
This installation process also aims for booting into the GUI as $user after the first reboot from the installation medium.
|
||||
|
||||
_If you won't run into any issues, this should take you under an hour from nothing to a graphical interface. Good luck!_
|
||||
|
||||
**Load the preferred keyboard. In my case it's "de" for Germany.**
|
||||
$ loadkeys de
|
||||
|
||||
**List devices to make sure you partition the right device.**
|
||||
$ lsblk
|
||||
|
||||
**Partition the device using gdisk (assuming /dev/sda).**
|
||||
$ gdisk /dev/sda
|
||||
|
||||
**Create GPT and EFI-partion.**
|
||||
_Creates new GPT-partition table._
|
||||
$ o
|
||||
_Accept._
|
||||
$ y
|
||||
_Create a new partition, accept default partition number 1 and first sector._
|
||||
$ n
|
||||
$ y
|
||||
$ y
|
||||
_Enter partition size (second sector), 512 MB should be plenty for /boot and accept._
|
||||
$ +512M
|
||||
_Mark as EFI._
|
||||
$ ef00
|
||||
_New main partition, accept all the following using "y"._
|
||||
$ n
|
||||
|
||||
**Print and check your partitions. There should be a 512 MiB EFI system partition and a Linux filesystem filling up the rest of the space**
|
||||
$ p
|
||||
|
||||
**Write partitions to device.**
|
||||
$ w
|
||||
_Accept._
|
||||
$ y
|
||||
|
||||
**Encrypt primary partition.**
|
||||
$ cryptsetup -c aes-xts-plain -y -s 512 luksFormat /dev/sda2
|
||||
|
||||
**Confirm by tryping "YES".**
|
||||
$ YES
|
||||
|
||||
**Open encrypted partition and mount to container "lvm".**
|
||||
$ cryptsetup luksOpen /dev/sda2 lvm
|
||||
|
||||
**Create LVM physical volume.**
|
||||
$ pvcreate /dev/mapper/lvm
|
||||
|
||||
**Create LVM volume group called "main".**
|
||||
$ vgcreate main /dev/mapper/lvm
|
||||
|
||||
**Create LVM logical volumes for /root and /home.
|
||||
Your root volume should be 25-50 GB big, your home volume takes up the remaining space.**
|
||||
$ lvcreate -L 25G -n root main
|
||||
$ lvcreate -l 100%FREE -n home main
|
||||
|
||||
**Create the filesystems and mount your volumes.**
|
||||
$ mkfs.fat -F 32 -n UEFI /dev/sda1
|
||||
_-F specifies the type of file allocation tables used (12, 16 or 32 bit).
|
||||
-n sets the volume name (label) of the filesystem to "UEFI"._
|
||||
|
||||
|
||||
**Create ext4 filesystem on root and home volumes.**
|
||||
$ mkfs.ext4 -L root /dev/mapper/main-root
|
||||
$ mkfs.ext4 -L home /dev/mapper/main-home
|
||||
|
||||
**Create mountpoints and mount partitions.**
|
||||
$ mount /dev/mapper/main-root /mnt
|
||||
$ mkdir /mnt/boot
|
||||
$ mkdir /mnt/home
|
||||
$ mount /dev/sda1 /mnt/boot
|
||||
$ mount /dev/mapper/main-home /mnt/home
|
||||
|
||||
**Optionally update mirrorlist using reflector.**
|
||||
_In this case use the latest 10 mirrors from Germany, that have been synchronized within the last 24 hours and sort the by download-rate and write them to the pacman mirrorlist._
|
||||
$ reflector --verbose --latest 10 --country Germany --age 24 --protocol https --sort rate --save /etc/pacman.d/mirrorlist
|
||||
|
||||
**Install base system and basic packages (network, editor, sudo).**
|
||||
**The package base-devel is not necessary but recommended.**
|
||||
$ pacstrap /mnt base base-devel linux linux-firmware networkmanager nano sudo lvm2
|
||||
|
||||
**Optional: install all basic packages for KDE Plasma:**
|
||||
$ pacstrap /mnt base base-devel linux linux-zen linux-firmware networkmanager nano sudo lvm2 sddm sddm-kcm plasma-desktop konsole firefox
|
||||
|
||||
**Generate fstab.**
|
||||
$ genfstab -Up /mnt > /mnt/etc/fstab
|
||||
_-U = Use UUID for source identifiers (shortcut for -t LABEL).
|
||||
-p = Exclude pseudofs mounts (default behavior)._
|
||||
|
||||
**Chroot into your installation.**
|
||||
$ arch-chroot /mnt
|
||||
|
||||
**Set your hostname.**
|
||||
$ echo $host > /etc/hostname
|
||||
|
||||
**Generate locale.gen for your preferred language (and preferribly english).**
|
||||
$ nano /etc/locale.gen
|
||||
_Uncomment your language, e.g. de_DE.UTF-8 UTF-8 (and en_US.UTF-8)._
|
||||
|
||||
**Generate the locale.**
|
||||
$ locale-gen
|
||||
_The uncommented languages should appear followed by "done"._
|
||||
|
||||
echo KEYMAP=de-latin1 > /etc/vconsole.conf
|
||||
|
||||
**Add necessary HOOKS and MODULES.**
|
||||
$ nano /etc/mkinitcpio.conf
|
||||
|
||||
```
|
||||
MODULES=(ext4)
|
||||
HOOKS=(base udev autodetect modconf block keyboard keymap encrypt lvm2 filesystems fsck shutdown)
|
||||
```
|
||||
|
||||
**Create mkinitcpio.**
|
||||
$ mkinitcpio -p linux-zen
|
||||
|
||||
**Enable NetworkManager and SDDM to start on next boot.**
|
||||
$ systemctl enable NetworkManager sddm
|
||||
|
||||
**Set a root-password.**
|
||||
$ passwd
|
||||
|
||||
**Install systemd-boot bootloader.**
|
||||
$ bootctl install
|
||||
|
||||
**Create the bootloader config.**
|
||||
$ nano /bootloader/entries/arch.conf
|
||||
|
||||
**Add the following:**
|
||||
```
|
||||
title Arch Linux
|
||||
linux /vmlinuz-linux-zen
|
||||
initrd /initramfs-linux-zen.img
|
||||
options cryptdevice=/dev/sda2:main root=/dev/mapper/main-root rw lang=de init=/usr/lib/systemd/systemd locale=de_DE.UTF-8
|
||||
```
|
||||
|
||||
**Create a fallback config.**
|
||||
$ cp /boot/loader/entries/arch.conf /boot/loader/entries/arch-fallback.conf
|
||||
|
||||
**Edit the fallback config.**
|
||||
$ nano /boot/loader/entries/arch-fallback.conf
|
||||
|
||||
**Change it to the following:**
|
||||
```
|
||||
title Arch Linux Fallback
|
||||
linux /vmlinuz-linux
|
||||
initrd /initramfs-linux.img
|
||||
initrd /initramfs-linux-fallback.img
|
||||
```
|
||||
|
||||
**Edit loader config.**
|
||||
$ nano /boot/loader/loader.conf
|
||||
|
||||
**Change it to the following:**
|
||||
```
|
||||
timeout 1
|
||||
default arch.conf
|
||||
```
|
||||
|
||||
**Set your keyboard to your language.**
|
||||
$ localectl --no-convert set-keymap de-latin1-nodeadkeys
|
||||
|
||||
**Create a user with a /home-directory.**
|
||||
$ useradd -m $myusername
|
||||
|
||||
**Set password for your user.**
|
||||
$ passwd $myusername
|
||||
|
||||
**Add $myusername to group wheel for sudo access.**
|
||||
$ gpasswd -a $myusername wheel
|
||||
|
||||
**Edit sudoers-file for sudo access.**
|
||||
$ nano /etc/sudoers
|
||||
|
||||
**Uncomment „%wheel ALL=(ALL) ALL“.**
|
||||
**Don't forget to also delete the space between the # and %wheel.**
|
||||
|
||||
**Exit and reboot.**
|
||||
$ exit
|
||||
$ umount /mnt/boot
|
||||
$ umount /mnt/home
|
||||
$ reboot
|
||||
|
||||
**Now you are logged in to your Plasma desktop environment and ready to configure and use your Arch Linux.**
|
||||
|
||||
**Suggested packages to install.**
|
||||
|
||||
- microcode (https://wiki.archlinux.org/index.php/Microcode)
|
||||
- kde-gtk-config (Adds graphical settings for GTK apps.)
|
||||
- kdeplasma-addons („All kind of addons to improve your Plasma experience.“)
|
||||
- kscreen (Adds screen section to graphical settings.)
|
||||
- ksystemlog (Graphical system log viewer)
|
||||
- partitionmanager (Graphical partition manager)
|
||||
- plasma-nm (Network manager applet)
|
||||
- plasma-pa (Audio manager applet)
|
||||
- powerdevil (Adds energy manager to graphical settings.)
|
||||
- spectacle (Graphical screenshot tool.)
|
||||
- zram-generator (https://wiki.archlinux.org/title/Swap#zram-generator)
|
||||
- reflector (https://wiki.archlinux.org/title/Reflector)
|
||||
|
||||
## Work in progress:
|
||||
|
||||
- KDE Connect
|
||||
- UFW
|
||||
- BackInTime and/or Timeshift
|
||||
- breeze-gtk?
|
||||
- Dolphin and/or Krusader
|
||||
- Linux-Zen
|
||||
- Pipewire
|
||||
- rmtrash
|
||||
- spectacle
|
||||
- unrar, rar, zip
|
||||
- yakuake
|
||||
|
||||
## Post installation configuration (WIP) :
|
||||
- Reflector hook
|
||||
- Installing yay
|
||||
|
|
Loading…
Reference in New Issue