Contents
Wed, Jul 24, 2019
ARCH INSTALLATION / ENCRYPTED SETUP / systemd-boot
This is LVM on LUKS setup based on Arch’s wiki documentation.
Keyboard
$ loadkeys usPartition
$ lsblk # List block devices
$ gdisk /dev/nvme0n1 # To partition /dev/nvme0n1
$ o # Either new or start over
$ y # Accept
$ n # Create new partition
$ Enter # Accept default partition number
$ Enter # Accept default first sector
$ +512M # Allocated 512MB for boot partition
$ EF00 # Set type of partition or L to list
$ n # Create new partition
$ Enter # Accept default partition number
$ Enter # Accept default first sector
$ Enter # Accept default last sector
$ 8300 # Set partition type to LVM
$ w # Write change
$ y # Accept
$ cryptsetup luksFormat --type luks2 /dev/nvme0n1p2 # Create encrypted container
$ cryptsetup open /dev/nvme0n1p2 cryptolvm # Open container
$ pvcreate /dev/mapper/cryptolvm # Create physical volume
$ vgcreate MyVol /dev/mapper/cryptolvm # Create MyVol volume group
$ lvcreate -L 2G MyVol -n swap # Allocated 2GB for swap
$ lvcreate -l 100%FREE MyVol -n root # Allocated remaining for root
$ mkswap /dev/mapper/MyVol-swap # Format swap
$ mkfs.ext4 /dev/mapper/MyVol-root # Format root
$ swapon /dev/mapper/MyVol-swap # Mount swap
$ mount /dev/mapper/MyVol-root /mnt # Mount root
$ mkfs.vfat -F32 /dev/nvme0n1p1 # Format boot
$ mkdir /mnt/boot # Create boot directory
$ mount /dev/nvme0n1p1 /mnt/boot # Mount bootWireless
$ wifi-menuInstall Base System
$ pacstrap /mnt base base-develConfigure System
$ genfstab -pU /mnt >> /mnt/etc/fstab # Generate fstabEdit /mnt/etc/fstab and change relatime to noatime for non-boot partitions.
$ arch-chroot /mnt # chrootAdd hostname to /etc/hostname and /etc/hosts
/etc/hosts
127.0.0.1 localhost
127.0.0.1 hostname.subdomain.domain hostnameSet time zone:
$ ln -s /usr/share/zoneinfo/Pacific/Auckland /etc/localtimeUncomment the locale in /etc/locale.gen
$ locale-gen # Generate locale Set locale preference by adding LANG=”en_NZ.UTF-8” to /etc/locale.conf
Configure mkinitcpio
Add ext4 to MODULES
Add encrypt lvm2 resume hooks to /etc/mkinitcpio.conf before filesystems and after udev
HOOKS=(base udev autodetect modconf block encrypt lvm2 resume filesystems keyboard fsck)mkinitcpio and set root password:
$ mkinitcpio -p linux
$ passwdInstall Boot Loader
$ bootctl --path=/boot installEdit /boot/loader/loader.conf
default arch
timeout 5
editor 0Edit /boot/loader/entries/arch.conf
Use blkid to find the UUID for /dev/nvme0n1p2 and replace the <UUID> below
without the bracket.
title Arch Linux
linux /vmlinuz-linux
initrd /initramfs-linux.img
options cryptdevice=UUID=<UUID>:MyVol root=/dev/mapper/MyVol-root resume=/dev/mapper/MyVol-swap rwWireless
$ pacman -S dialog wpa_supplicantUmount and Reboot
$ exit # Exit from chroot environment
$ umount -R /mnt
$ rebootCreate New User
$ useradd -m -G wheel -s /bin/bash daniel
$ passwd daniel
$ usermod -a -G audio,network,power,scanner,storage,systemd-journal,video danielThe above creates a new user with home directory, change password and add user to additional groups.
Wireless
$ wifi-menu
$ ls /etc/netctl/ # Find the wifi profile
$ netctl enable profile-name # profile-name as obtained aboveAlternatively, a better approach is as follows rather than enabling profile:
$ sudo pacman -S ifplugd # Wired
$ sudo systemctl enable netctl-ifplugd@interface.service # substitute interface with the value obtained from ip a
$ sudo systemctl enable netctl-auto@interface.service # substitute interface with the value obtained from ip aReferences:
netctl: Enabling a profile
netctl: Special systemd units: wired / wireless
Sudo
$ pacman -S sudoRun visudo, edit it to restrict sudo to specific group or user.
Additional Install
Install yay from AUR.
Audio
$ sudo pacman -S alsa-utils
$ amixer sset Master unmute # ALSA comes muted by default.Restore
Restore home from backup.
$ sudo pacman -S - < pkglist.txt # Install all packages from backup listDo the same for AUR with yay.
Extra Configuration
Bluetooth
Edit /etc/bluetooth/main.conf and add the following line.
AutoEnable=true$ sudo systemctl enable bluetooth.serviceEnable bluetooth service then pair devices.
PulseAudio
Edit /etc/pulse/system.pa and add the following lines.
load-module module-bluetooth-policy
load-module module-bluetooth-discoverEdit /etc/pulse/default.pa and add the following line.
load-module module-switch-on-connectRun sudo usermod -a -G lp daniel to add to lp group.
If cookie not found then cp ~/.pulse-cookie ~/.config/pulse/cookie
CUPS
Install, enable and start CUPS
$ sudo pacman -S cups
$ sudo systemctl enable org.cups.cupsd.service
$ sudo systemctl start org.cups.cupsd.serviceRun sudo usermod -a -G cups daniel to add to cups group.
Append wheel to SystemGroup sys root in /etc/cups/cups-files.conf
At this point, re-logon for the permission to be effective.
$ yay -S brother-mfc-l2713dw
$ yay -S brscan4Install printer and scanner drivers.
Browse to http://localhost:631, go to Administration -> Add Printer
Select LPD/LPR Host or Printer
Enter lpd://(Your printer’s IP address)/binary_p1
Select Brother
Select the printer driver, which should already be automatically selected. It’s
the CUPS version.
Name the printer.
Then go to Printers, select the printer, drop down Administration and select Set Default Options, set A4, Plain Paper, 600dpi, Tray1, DuplexNoTumble, Toner Save to Off. And again drop down Administration and select Set As Server Default.
For scanning:
$ brsaneconfig4 -a name=(name your device) model=(model name) ip=xx.xx.xx.xxUse gscan2pdf:
Untick OCR scanned pages
Select All pages
Leave Mode as default
Change Geometry from Manual to A4
gscan2pdf will need yay -S pdftk-bin
Even though org.cups.cupsd.service has been enabled, it won’t auto start on
boot.
Just do a test print, that will activate the auto start on boot.
iOS
$ usbmuxd -f -v
$ idevice_id -l
$ ideviceinfo
$ ideviceinstaller -l
$ ifuse ~/iPhone
$ umount ~/iPhoneNTP
$ sudo systemctl enable ntpd.serviceAdditional Install / Configuration for MacBook / Laptop Only
$ yay -S powertop thermald cpupower mbpfan-git tlp
$ powertop --calibrate
$ sudo systemctl enable powertop.service
$ sudo systemctl enable thermald.service
$ sudo systemctl enable cpupower.service
$ sudo systemctl enable mbpfan.service
$ sudo systemctl enable tlp.service
$ sudo systemctl enable tlp-sleep.serviceFor BCM4360 wireless network adapter, install broadcom-wl-dkms and linux-headers. Then reboot before trying wifi-menu.
Suspend works out of the box.
References:
Broadcom wireless
WiFi
Suspend
Mid 2013
Addendum
2021-03-22
[1] Partition
For dual boot, in my case, tested working with Macbook Air.
sda1 EFI /boot # This is Mac's EFI, sharing it with Linux)
sad2 MAC
sda3 EFI # Left blank
sda4 LUKS
|-MyVol
|- MyVol-swap [SWAP]
|- MyVol-root /[2] Wireless
netctl is no longer included by default. Use ethernet or install netctl package.
$ pacman -S netctl[3] Install Base System
$ pacstrap /mnt base base-devel linux linux-firmware mkinitcpio lvm2 netctllinux, linux-firmware, mkinitcpio lvm2 and netctl are no longer included by default so have to install them explicitly.
[4] Additional Install / Configuration for MacBook / Laptop Only
$ yay -S powertop laptop-mode-tools cpupower thermald mbpfan-git
$ sudo pacman -S acpi acpid
$ powertop --calibrate
$ sudo vim /etc/systemd/system/powertop.service
[Unit]
Description=Powertop tunings
[Service]
Type=oneshot
ExecStart=/usr/bin/powertop --auto-tune
[Install]
WantedBy=multi-user.target
$ sudo systemctl enable powertop.service
$ sudo vim /etc/laptop-mode/laptop-mode.conf
ENABLE_LAPTOP_MODE_ON_AC=1
ENABLE_LAPTOP_MODE_WHEN_LID_CLOSED=1
$ sudo vim /etc/laptop-mode/conf.d/cpufreq.conf
CONTROL_CPU_FREQUENCY=0
$ sudo vim /etc/laptop-mode/conf.d/intel_pstate.conf
CONTROL_INTEL_PSTATE=0
$ sudo systemctl enable laptop-mode.service
$ sudo systemctl enable acpid.service
$ sudo vim /etc/default/cpupower
governor='powersave'
max_freq="1.3GHz"
$ sudo systemctl enable cpupower.service
$ sudo systemctl enable thermald.service
$ sudo vim /usr/lib/systemd/system/mbpfan.service
ExecStart=/usr/sbin/mbpfan -f
$ sudo systemctl enable mbpfan.service
$ sudo pacman -S broadcom-wl-dkms linux-headers # linux-headers package is not required but installed it anyway
$ sudo rmmod b43 ssb bcma wl # Either this or reboot
$ sudo modprobe wl