# Arch Linux Installation*LVM on LUKS Arch installation with systemd-boot*##

1. # Arch Linux Installation
2.  
3. *LVM on LUKS Arch installation with systemd-boot*
4.  
5. ## USB
6.  
7. Download Arch Linux
8.  
9. Find out the name of your USB drive with lsblk. Make sure that it is not mounted.
10.  
11. To mount the Arch ISO run the following command, replacing /dev/sdx with your drive, e.g. /dev/sdb. (do not append a partition number, so do not use something like /dev/sdb1):
12.  
13. ```shell
14. dd bs=4M if=/path/to/archlinux.iso of=/dev/sdx status=progress && sync
15. ```
16.  
17. ## Preparation
18.  
19. Boot from USB disk
20.  
21. Change default font:
22.  
23. ```shell
24. setfont sun12x22
25. ```
26.  
27. Check if running in UEFI mode:
28.  
29. ```shell
30. ls /sys/firmware/efi
31. ```
32.  
33. If there is any content in this folder then you are in UEFI mode.
34.  
35. Check that there is a connection:
36.  
37. ```shell
38. ping archlinux.org
39. ```
40.  
41. Update the system clock:
42.  
43. ```shell
44. timedatectl set-ntp true
45. ```
46.  
47. Lastly to enable mirrors, edit `/etc/pacman.d/mirrorlist` and locate your geographic region. Uncomment mirrors you would like to use.
48.  
49. ### Partitioning
50.  
51. Get the name of the disk to format/partition:
52.  
53. ```shell
54. lsblk
55. ```
56.  
57. The name should be something like `/dev/sda`
58.  
59. First shred the disk using the shred tool:
60.  
61.  
62. ```shell
63. shred -v -n1 /dev/sdX
64. ```
65.  
66. Now partition the disk using `gdisk`:
67.  
68. ```shell
69. gdisk /dev/sda
70. ```
71.  
72. Partition 1 should be an EFI boot partition (code: ef00) of 512MB. Partition 2 should be a Linux LVM partition (8e00). The 2nd partition can take up the full disk or only a part of it. Remember to write the partition table changes to the disk on configuration completion.
73.  
74. Once partitioned you can format the boot partition (the LVM partition needs to be encrypted before it gets formatted)
75.  
76. ```shell
77. mkfs.fat -F32 /dev/sda1
78. ```
79.  
80. ### Encryption
81.  
82. First modprobe for `dm-crypt`
83.  
84. ```shell
85. modprobe dm-crypt
86. ```
87.  
88. Now, encrypt the disk:
89.  
90. ```shell
91. cryptsetup luksFormat /dev/sda2
92. ```
93.  
94. Open the disk with the password set above:
95.  
96. ```shell
97. cryptsetup open --type luks /dev/sda2 lvm
98. ```
99.  
100. Check the lvm disk exists:
101.  
102. ```shell
103. ls /dev/mapper/lvm
104. ```
105.  
106. Create a physical volume:
107.  
108. ```shell
109. pvcreate /dev/mapper/lvm
110. ```
111.  
112. Create a volume group:
113.  
114. ```shell
115. vgcreate volume /dev/mapper/lvm
116. ```
117.  
118. Create logical partitions:
119.  
120. ```shell
121. lvcreate -L20G volume -n swap
122. lvcreate -L40G volume -n root
123. lvcreate -l 100%FREE volume -n home
124. ```
125.  
126. Format file system on logical partitions:
127.  
128. ```shell
129. mkfs.ext4 /dev/mapper/volume-root
130. mkfs.ext4 /dev/mapper/volume-home
131. mkswap /dev/mapper/volume-swap
132. ```
133.  
134. Mount the volumes and file systems:
135.  
136. ```shell
137. mount /dev/mapper/volume-root /mnt
138. mkdir /mnt/home
139. mount /mnt/boot
140. mount /dev/mapper/volume-home /mnt/home
141. mount /dev/sda1 /mnt/boot
142. swapon /dev/mapper/volume-swap
143. ```
144.  
145. ## Installation
146.  
147. Bootstrap base system onto disk using pacstrap:
148.  
149. ```shell
150. pacstrap /mnt base base-devel vim
151. ```
152.  
153. Generate `fstab`:
154.  
155. ```shell
156. genfstab -p /mnt >> /mnt/etc/fstab
157. ```
158.  
159. `chroot` into system:
160.  
161. ```shell
162. arch-chroot /mnt
163. ```
164.  
165. Set time locale:
166.  
167. ```shell
168. ln -sf /usr/share/zoneinfo/Africa/Johannesburg /etc/localtime
169. ```
170.  
171. Set clock:
172.  
173. ```shell
174. hwclock --systohc
175. ```
176.  
177. Uncomment `en_US.UTF-8 UTF-8` `en_US ISO-8859-1` and other needed localizations in `/etc/locale.gen`. Now run:
178.  
179. ```shell
180. locale-gen
181. ```
182.  
183. Create locale config file:
184.  
185. ```shell
186. locale > /etc/locale.conf
187. ```
188.  
189. Add an hostname:
190.  
191. ```shell
192. vim /etc/hostname
193. ```
194.  
195. Update `/etc/hosts` to contain::
196.  
197. ```text
198. 127.0.1.1 myhostname.localdomain myhostname
199. ```
200.  
201. Because we are using disk encryption we have to change the initramfs.
202.  
203. Edit the `/etc/mkinitcpio.conf`. Look for the HOOKS variable and move `keyboard` to before the `filesystems` and add `encrypt` and `lvm2` after `keyboard`. Like:
204.  
205. ```text
206. HOOKS="base udev autodetect modconf block keyboard encrypt lvm2 filesystems fsck"
207. ```
208.  
209. Regenerate the initramfs:
210.  
211. ```shell
212. mkinitcpio -p linux
213. ```
214.  
215. Install a bootloader:
216.  
217. ```shell
218. bootctl --path=/boot/ install
219. ```
220.  
221. Create bootloader. Edit `/boot/loader/loader.conf`. Replace the file's contents with:
222.  
223. ```text
224. default arch
225. timeout 3
226. editor 0
227. ```
228.  
229. The `editor 0` ensures the configuration can't be changed on boot.
230.  
231. Next create a bootloader entry in `/boot/loader/entries/arch.conf`
232.  
233. ```text
234. title Arch Linux
235. linux /vmlinuz-linux
236. initrd /initramfs-linux.img
237. options cryptdevice=UUID={UUID}:volume root=/dev/mapper/volume-root quiet rw
238. ```
239.  
240. In order to get the UUID run the following command in vim:
241.  
242. ```shell
243. :read ! blkid /dev/sda2
244. ```
245.  
246. ## Complete
247.  
248. exit `chroot`:
249.  
250. ```shell
251. exit
252. ```
253.  
254. unmount everything:
255.  
256. ```shell
257. umount -R /mnt
258. ```
259.  
260. and reboot
261.  
262. ```shell
263. reboot
264. ```