Installing Arch Linux with luks on lvm, with deepin and nvidia drivers
This assumes that you are installing to a machine with UEFI support, and want it to have encryption AND nvidia drivers.
Note: Originally I created this for myself, so I don’t have to look it up all the time.
Sources: https://gist.github.com/mattiaslundberg/8620837 & https://wiki.archlinux.org/index.php/Installation_Guide (Official Installation Guide)
We are going to start by choosing keyboard layout.
loadkeys fi
Then we are going to start partitioning the system drive.
Please change /dev/sdX to correct one’s in your system.
cgdisk /dev/sdX
1 100MB EFI partition # Hex code ef00
2 250MB Boot partition # Hex code 8300
3 100% size partiton # (to be encrypted) Hex code 8300
mkfs.vfat -F32 /dev/sdX1
mkfs.ext2 /dev/sdX2
Setup the encryption
cryptsetup -c aes-xts-plain64 -y --use-random luksFormat /dev/sdX3
cryptsetup luksOpen /dev/sdX3 luks
Create the encrypted partitions
This creates one partition for root, modify if /home or other partitions should be separate.
pvcreate /dev/mapper/luks
vgcreate vg0 /dev/mapper/luks
lvcreate --size 16G vg0 --name swap # Size being the RAM amount installed, I have 16.
lvcreate -l +100%FREE vg0 --name root
Create the filesystems on encrypted partitions
mkfs.ext4 /dev/mapper/vg0-root
mkswap /dev/mapper/vg0-swap
Mount the new systemd
mount /dev/mapper/vg0-root /mnt # /mnt is the installed system
swapon /dev/mapper/vg0-swap # Not needed but a good thing to test
mkdir /mnt/boot
mount /dev/sdX2 /mnt/boot
mkdir /mnt/boot/efi
mount /dev/sdX1 /mnt/boot/efi
Install the system, does not include Wi-Fi related things.
Unless you want deepin, nvidia, fish or lightdm these can be taken off the command:
pacstrap /mnt base base-devel grub-efi-x86_64 fish git efibootmgr deepin deepin-terminal lightdm xorg nvidia
Generate fstab for the newly installed systemd and edit it
genfstab -pU /mnt >> /mnt/etc/genfstab
# Make /tmp a ramdisk (add the following line to /mnt/etc/fstab)
tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0
# Change relatime on all non-boot partitions to noatime (reduces wear if using an SSD)
Enter the new system, I’m using fish shell.
arch-chroot /mnt /bin/fish
Configure lightdm
nano /etc/lightdm/lightdm.conf
[Seat:*]
greeter-session=lightdm-deepin-greeter
session-wrapper=/etc/lightdm/Xsession
Setup system clock.
rm /etc/localtime # might be needed
ln -s /usr/share/zoneinfo/Europe/Helsinki /etc/localtime
hwclock --systohc --utc
Set the system hostname.
echo MYHOSTNAME > /etc/hostname
Update locale and set locale.gen.
echo LANG=en_US.UTF-8 >> /etc/locale.conf
echo LANGUAGE=en_US >> /etc/locale.conf
echo LC_ALL=C >> /etc/locale.conf
# Uncomment the corresponding entries in /etc/locale.gen and run locale-gen after.
Set password for root.
passwd
Add a real user to the system.
Remove the -s flag if you don’t wish to use fish.
useradd -m -g users -G wheel -s /usr/bin/fish MYUSERNAME
passwd MYUSERNAME
Setup sudo access
visudo
# Remember to uncomment it.
## Uncomment to allow members of group wheel to execute any command
%wheel ALL=(ALL) ALL
Configure mkinitcpio with modules needed for the initrd image
nano /etc/mkinitcpio.conf
# Add 'ext4' to MODULES
# Add 'encrypt', 'lvm2' and 'keymap' to HOOKS before filesystems
Regenerate the initrd image.
mkinitcpio -p linux
Setup grub
grub-install
# In /etc/default/grub edit the line GRUB_CMDLINE_LINUX to GRUB_CMDLINE_LINUX="cryptdevice=/dev/sdX3:luks:allow-discards" and uncomment GRUB_ENABLE_CRYPTODISK=y then run:
grub-mkconfig -o /boot/grub/grub.cfg
Enable services
systemctl enable NetworkManager
systemctl enable lightdm
Exit the chroot, unmount partitions and reboot.
exit
umount -R /mnt
swapoff -a
# Reboot don't forget to remove the installation media used.
reboot
End result with inxi -Fx:
System: Host: Ryzen-Gaming-Arch Kernel: 5.0.5-arch1-1-ARCH x86_64 bits: 64 compiler: gcc v: 8.2.1
Desktop: Deepin 15.9.3 Distro: Arch Linux
Machine: Type: Desktop Mobo: ASUSTeK model: PRIME B350-PLUS v: Rev X.0x serial: <root required>
UEFI: American Megatrends v: 4023 date: 08/20/2018
CPU: Topology: 6-Core model: AMD Ryzen 5 1600 bits: 64 type: MT MCP arch: Zen rev: 1 L2 cache: 3072 KiB
flags: lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm bogomips: 76671
Speed: 1471 MHz min/max: 1550/3200 MHz Core speeds (MHz): 1: 1356 2: 1443 3: 2717 4: 2728 5: 1747 6: 1390
7: 3217 8: 2966 9: 1355 10: 1353 11: 1355 12: 1355
Graphics: Device-1: NVIDIA GP106 [GeForce GTX 1060 6GB] vendor: ASUSTeK driver: nvidia v: 418.56 bus ID: 08:00.0
Display: x11 server: X.Org 1.20.4 driver: nvidia unloaded: modesetting,vesa
resolution: 1920x1080~60Hz, 1920x1080~60Hz
Message: Unable to show advanced data. Required tool glxinfo missing.
Audio: Device-1: NVIDIA GP106 High Definition Audio vendor: ASUSTeK driver: snd_hda_intel v: kernel
bus ID: 08:00.1
Device-2: Advanced Micro Devices [AMD] Family 17h HD Audio vendor: ASUSTeK driver: snd_hda_intel
v: kernel bus ID: 0a:00.3
Sound Server: ALSA v: k5.0.5-arch1-1-ARCH
Network: Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet vendor: ASUSTeK driver: r8169 v: kernel
port: f000 bus ID: 04:00.0
IF: enp4s0 state: up speed: 1000 Mbps duplex: full mac: <not-needed-for-this>
Drives: Local Storage: total: 1.68 TiB used: 8.89 GiB (0.5%)
ID-1: /dev/nvme0n1 vendor: Samsung model: SSD 970 EVO 250GB size: 232.89 GiB
ID-2: /dev/sda vendor: Seagate model: ST1000DM010-2EP102 size: 931.51 GiB
ID-3: /dev/sdb vendor: Crucial model: CT275MX300SSD1 size: 256.17 GiB
ID-4: /dev/sdc vendor: Samsung model: HD322HJ size: 298.09 GiB
Partition: ID-1: / size: 899.79 GiB used: 8.81 GiB (1.0%) fs: ext4 dev: /dev/dm-2
ID-2: /boot size: 242.1 MiB used: 78.7 MiB (32.5%) fs: ext2 dev: /dev/sda2
ID-3: swap-1 size: 16.00 GiB used: 0 KiB (0.0%) fs: swap dev: /dev/dm-1
Sensors: System Temperatures: cpu: 39.5 C mobo: N/A
Fan Speeds (RPM): cpu: 0
Info: Processes: 312 Uptime: 1h 02m Memory: 15.66 GiB used: 3.51 GiB (22.4%) Init: systemd Compilers:
gcc: 8.2.1 Shell: fish v: 3.0.2 inxi: 3.0.32