Arch Install Guide (BTRFS/LUKS) on Macbook Pro

There are a lot of macbook pro install guides out there... but they're either too rigid (process doesn't allow for using other bootloaders, etc.) or add unecessary steps (like using Refind/Refit). NOTE: I have not tested these steps with filevault enabled in OSX. I suggest you disable it to start out.

1. Download ArchIso. You want the latest one.

2. In the meantime, resize your OSX partition using diskutility. Don't create a partition where you'll install Arch. Instead, just leave free space. Also, plug in a thumb drive. Erase it with the diskutility and format it with a GUID Partition table (GPT) and whatever kind of filesystem (OSX Journaled is fine... we'll delete this anyways).

3. Open up your terminal (still in OSX). type:
> diskutil list
This will show you the attached devices. Look for the entry that corresponds to your thumbdrive (the size will be a dead giveaway). Take note of its path. For instance, my thumb drive looks like /dev/disk2.

4. Now, you want to unmount it (so that we can interact with the thumb drive on a raw level (OSX won't be able to read the filesystem you'll install to it)). To do this, type:
sudo diskutil unmountDisk /dev/<disknumber>
where <disknumber> might be disk2 or disk3, etc (the thing you noted in step 3).

5. Now, we're going to copy the Arch install medium to the USB disk. First, change the directory to where you downloaded the installation iso. So, if you downloaded to /home/users/<username>/Downloads, the command to do this will look like:
cd ~/Downloads

6. Now, for the copying. Remember that disk number from step 3? Just in case, run "diskutil list" and verify the disk number (disk1, disk2, etc.) that corresponds to your thumb drive. DO NOT GET THIS WRONG.
sudo dd if='<filename of arch iso image>' of='/dev/r<disknumber>' bs=1m
if you start typing the filename and hit 'tab', it will autocomplete. Make sure it's enclosed in quotes. Similarly, make sure you're using rdisk1/rdisk2/etc. rather than disk1/disk2/etc. This can take a minute or two (sometimes more).

7. You should now have a thumb drive with the arch install medium on it. Before doing anything else, find another thumb drive and install a bootable OSX installation disk to it (instructions are online). Back up all your stuff. I'm not fucking around, stuff happens and you'll be sorry later. In fact, it's pretty easy to botch an arch install.

8. Find an ethernet cable and plug your macbook pro into your router directly. If you have a spare USB wifi adapter, that *might* work but no guarantees.

9. Reboot your computer. Hold the option key during boot up and if you did everything right then you should see a boot option that says "EFI boot" or something similar. Select it (with the arrow keys) and hit enter. Now, select the Arch option (the other ones will be an EFI shell and something else, you don't want that). Arch will now boot and take you to a root shell.

10. Here, the first thing you want to do is partition your disk. To get the device path, type 'lsblk' (stands for 'list block devices'. In Linux, each physical disk is given a letter and each partition a number. So, partition 1 on disk A would be /dev/sda1. Partition 2 on disk A would be /dev/sda2. Partition 1 on disk B would be /dev/sdb1. Disk A as a whole is /dev/sda. You want to find the path to the main hard drive on your macbook pro. Generally, it will be /dev/sda but just make sure that's the case.

11. Now, we'll partition that drive. Type 'gparted /dev/<diskpath>'. For me, this was 'gparted /dev/sda'.

12. You're now in GNU Parted (gparted). This program allows you to partition your drive and write the partition table to the disk. It does NOT format the partitions. What we want to do here is to work *only* with the free space. That is, DO NOT TOUCH THE OSX PARTITIONS. Generally, there will be 2 or 3 OSX partitions already on the disk (even if you only see one in OSX's disk utility). The first one is called the ESP partition. This is where the bootloaders are installed. The second one is usually your main OSX partition. The third is usually the OSX recovery partition. The order will vary.

	Create the following partitions:
	1. SWAP Size: roughly twice the size of ram in your computer (for instance, 16G (note the lack of a B, this means gigibyte which is measured in powers of 2 rather than powers of 10 like gigabytes) for a computer with 4GB of ram). Note that you'll want to use code 8200 for the swap.
	2. ARCHVOL Size: (whatever's left)
When you're creating these partitions, type +128M when it asks you for the start of the first sector. This leaves 128 Mebibytes of free space between partitions. For some reason, OSX likes this (you're not required to leave these spaces but for some people this fixes a variety of issues). This will be code 8300 (linux partition).

13. Now that you've written the partition table to the disk, we'll want to create a LUKS volume on the disk. Here's the 'big picture' setup. Let's say /dev/sda4 is your ARCHVOL partition. We'll create a LUKS device on it. Once you mount this LUKS device, we'll create a btrfs volume on the LUKS device. That btrfs volume will have two subvolumes: homevol and rootvol. The great thing about this setup is that you don't have to decide ahead of time how big root and home need to be. This gives you a ton of flexibility and prevents headaches in the future.

So... to create a luks device we use a tool called cryptsetup (part of Dm-crypt). We'll want to use some settings that are better than the defaults. Let me explain what those are.

Cipher: I suggest using AES-XTS with a 512bit key. It's MUCH faster than the alternatives and secure enough to approved for use on top secret/secret government documents. Only slightly slower (read: not noticeable).

Hash: Until SHA3 (Keccak) is supported by the kernel, SHA512 (aka 512bit SHA2) is pretty much the only real choice.

Random generation: For the key, you might as well use /dev/random (better quality pseudorandom-number-generation (PNG) than /dev/urandom). For cleaning the partition, you'll want to use /dev/urandom because /dev/random will quickly run out of random data (the entropy pool) and it's slow to refill. urandom boostraps already used random numbers and hashes them to create entropy.

So... to create our LUKS device on /dev/sda4 with these settings:

14. Write random numbers to the partition:
dd if='/dev/urandom' of='/dev/sda4' bs=1M

15. Create the LUKS device:
cryptsetup  --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 --use-random --verify-passphrase luksFormat /dev/sda4
(type in your password twice to verify).

16. Mount the created LUKS device (using sda4 as an example and ARCHCRYPT as the name I give it):
cryptsetup open /dev/sda4 ARCHCRYPT

17. Now, you can access the LUKS device on /dev/mapper/ARCHCRYPT (or whatever you called it). It's just like a disk (though not formatted yet).

18. Now, we format it (very important, use the path to the mounted LUKS device, NOT the path to the partition it's on):
mkfs.btrfs /dev/mapper/ARCHCRYPT (or whatever you called it)

19. Now, we want to mount it so we can create subvolumes:
mount /dev/mapper/ARCHCRYPT /mnt
cd /mnt
btrfs subvolume create rootvol
btrfs subvolume create homevol
cd ~
umount /mnt

20. The cool thing about btrfs is that if you mount the first subvolume, it will pull in the other ones (or at least it should). So let's mount rootvol and use it as our root for the installation.
mount -o subvol=rootvol /dev/mapper/ARCHROOT /mnt

21. Let's get the swap disk ready so that Arch will recognize it. In my case, it was /dev/sda5 I think. Just type 'lsblk' and check to make sure. I use /dev/sda5 here as an example.
mkswap /dev/sda5
swapon /dev/sda5

22. Let's mount the ESP (EFI System Partition) (usually /dev/sda1) to /mnt/boot. We want to share one with OSX so we can use the macbook pro's boot screen.
mkdir /mnt/boot
mount /dev/sda1 /mnt/boot

23. Now, let's get the internet sorted out. If you're connected via ethernet you should already be online. To test:
ping -c 5 www.google.com

You should get replies. If you get errors then you're not online. Try unplugging and plugging your ethernet cable in again.
If this still doesn't work, follow the instructions no the Arch beginner's guide for setting up a wireless network with a static IP.

If you're using wifi (THE BUILT IN WIFI WILL NOT WORK YET) via a USB key see if it's recognized by typing 'wifi-menu'. It will bring up a screen hopefully allowing you to connect to a network. It will ask you for a profile name. This name CANNOT contain spaces or special characters.

24. Install the arch base and base-devel packages:
pacstrap /mnt base base-devel

25. Let's generate an fstab (filesystem table) that will tell arch what the disks are and where to find them.
genfstab -U -p /mnt >> /mnt/etc/fstab

Take a look at the generated fstab. You can use vi (vim isn't installed at this point) or nano. If you're a total beginner, use nano.
Using nano:
nano /mnt/etc/fstab
Using vi:
vi /mnt/etc/fstab

You want to make sure that there's an entry for the LUKS device (it'll say /dev/mapper/archcrypt (or whatever you called it)). It should have something saying subvol=rootvol. If not, restart, remount the disks and generate the fstab again. There should be two numbers. They should be 0 0 for the LUKS entry.

There should also be an entry for the ESP. It'll probably say LABEL=EFI and have /dev/sda1 somewhere. The two numbers for this should read 0 2.

Finally, there should be an entry for the swap disk. The two numbers for this should be 0 0.

26. Ok now we're going to chroot into the installed system:
arch-chroot /mnt /bin/bash

27. Ok now some easier stuff. Install components so you still have wifi when you reboot (note: you still won't be able to use the built in wifi until later but you should still install these things):
pacman -S dialog iw wpa_supplicant

28. Install the text editor of your choice and go ahead and install firefox:
pacman -S firefox vim emacs

29. Install some other useful tools:
pacman -S git wget curl libzip

30. Now, we're going to set the locale options. Again, use vim or nano or emacs or whatever. Uncomment the lines corresponding to the languages you need. For US users it'll be:
en_US.UTF-8 UTF-8

31. Generate the locales:
locale-gen

32. Add the languages you choose to your locale.conf (example using en_US.UTF-8):
echo LANG=en_US.UTF-8 > /etc/locale.conf
export LANG=en_US.UTF-8

33. Add whatever keymaps you need for foreign languages. Refer to the arch beginner's guide for more info.

34. Set your timezone. Look at the available zones:
ls /usr/share/zoneinfo

Each zone will have subzones (like .../America/New_York)

Create a symlink to the zone of your choice (Using New_York as an example):
ln -s /usr/share/zoneinfo/America/New_York /etc/localtime

35. Give your computer a name. Using 'karma' as an example:
echo karma > /etc/hostname

36. Determine whether you need intel or NVIDIA drivers:
lspci | grep VGA

If it returns something containing 'intel' you need to install the intel graphics driver:
pacman -S xf86-video-intel

If it returns NVIDIA then install the nvidia driver (go ahead and use the beta driver):
pacman -S nvidia-beta

37. Install other drivers so you can actually use your macbook:
pacman -S xf86-input-synaptics alsa-utils hfsprogs

38. Set a root password:
passwd

39. Add a user (using fx101 as an example and kittycat as the password):
useradd -m -g users -G wheel -s /bin/bash fx101 && passwd kittycat

40. Install sudo (so users in the wheel group can run commands as root):
pacman -S sudo

41. Give the users in the wheel group sudo priveleges. You'll need to use the visudo editor for this (I've provided what to type in case you're not familiar with vi... but if you fuck up, type ESC q! ENTER to quit without saving changes and then try again).

visudo
(once inside visudo type this:)
/#\ %wheel ALL   <--this selects the line you need
x   <--this deletes the comment character
:wq <--saves and closes the file

42. Ok now it's time for the hard part. We need to create an initial ramdisk environment for linux to boot from. The configuration file is located at /etc/mkinitcpio.conf

Open that file with the text editor of your choice (remember, nano if you're a beginner).

You should see the line MODULES=
Make it MODULES="crc32-intel" (this enables special CPU accelerations for CRC hashes used with btrfs)

Ok, now go to the line that says HOOKS="base udev ..." (will have a bunch of stuff).

Move 'keyboard' to right after autodetect. Add encrypt right after block but before filesystems. My line looks like:
HOOKS="base udev autodetect keyboard modconf block encrypt filesystems fsck"

43. Ok now let's generate the ramdisk environment:
mkinitcpio -p linux
It will probably complain about fcsk.btrfs not existing or whatever and hence the image potentially being incomplete. This is fine, it will work perfectly.

44. Install the partitioning utilities (in case you fuck up big time and need to run cgdisk):
pacman -S gptfdisk btrfs-progs

Now it's the part that's a real pain in the ass. Installing the bootloader. Your macbook pro boots EFI kernels so you want a very lightweight bootloader like gummiboot (what I *highly* recommend). With this setup you shouldn't need refind or refit.

45. Install gummiboot:
mount -t efivarfs efivarfs /sys/firmware/efi/efivars  (this might give you an error that they're already mounted... ignore it)
pacman -S gummiboot
gummiboot install

46. Add an entry for Arch. Again, use the text editor of your choice. The file needs to be:
/boot/loader/entries/arch.conf

The first 3 lines should be:
title    Arch Linux
linux    /vmlinuz-linux
initrd   /initramfs-linux.img

In the next line, I use archcrypt to refer to the LUKS device we created earlier and rootvol to refer to the root subvolume of the btrfs filesystem on that LUKS device. Substitute the names you used. Also, substitute the physical partition where the luks device is located. For me, it was /dev/sda4

options   cryptdevice=/dev/sda4:archcrypt root=/dev/mapper/archcrypt rootfstype=btrfs rootflags=subvol=rootvol rw

Save and close the file.

47. Type 'exit' to exit the chroot environment.
48. Unmount all disks:
umount -R /mnt
49. Type 'reboot' to reboot. Make sure to unplug the USB drive as soon as it shuts down. Also, hold the option key as soon as it boots up.
50. Ideally, you should now have an entry that says EFI boot. Highlight it and you should now boot into arch. It should ask you for the encryption passphrase after a second or two.

Now, we're going to install the desktop manager. I really like how gnome works on macbooks so I'll provide those instructions.

51. Install the X Window System:
pacman -S xorg-server xorg-server-utils xorg-xinit mesa

52. Install some fonts:
pacman -S ttf-dejavu

53. Install SSH support (for logging into remote machines/servers).
pacman -S openssh

53. Install gnome. I recommend just going ahead and installing gnome-extra as well. You can remove the games you don't need later.

pacman -S gnome gnome-extra networkmanager networkmanager-openconnect network-manager-openvpn networkmanager-pptp networkmanager-vpnc

This will take a while.

54. Enable the gnome desktop manager (so you have a nice login window that will load a gnome session for you):
systemctl enable gdm

55. Restart your computer and boot into arch. Now you should be able to log into gnome and you'll be in your desktop!

56. Now, let's install an AUR package manager so you can install the broadcom wireless drivers. I really like aura. First, we need to install the dependencies:
sudo pacman -S ghc haskell-regex-base haskell-parsec haskell-syb haskell-transformers haskell-mtl haskell-json haskell-temporary

57. Add the haskell-core repository to pacman. To do this, edit /etc/pacman.conf (make sure to use sudo so you have write priveleges). You'll need to add these two lines:

[haskell-core]
Server = http://xsounds.org/~haskell/core/$arch

Make sure to put it above [extra].

58. You'll need to sign the keys for the repo:
sudo pacman-key -r 4209170B
sudo pacman-key --lsign-key 4209170B

59. Now, update pacman's list and upgrade all the installed packages:
sudo pacman -Syy && sudo pacman -Syu

60. Install two more dependencies:
sudo pacman -S haskell-curl haskell-regex-pcre

61. Clone the aura repo into your downloads folder:
cd ~/Downloads
git clone https://github.com/fosskers/aura.git

62. Move into the folder it created.
63. Build the package (DO NOT RUN THIS COMMAND AS SUDO/ROOT unless it asks you to):
makepkg -s
64. This will create a .tar.xz file. Install it using pacman:
sudo pacman -U <filename>.tar.xz

65. Now you have aura installed. Let's get some wireless drivers working. First, we want to check if the proprietary drivers will do the job. To do this, install the broadcom-wl-dkms package:
aura -A -x broadcom-wl-dkms
66. Restart your computer (unplug ethernet and USB wifi).
67. Once you're logged in, see if wifi is working. If it's not, it's possible that the module wasn't registered correctly. Try doing:
dmks add -m broadcom-wl -v 6.30.223.141 (grab the version number from https://aur.archlinux.org/packages/broadcom-wl-dkms/ but ignore the -2 or whatever at the end)
systemctl restart dkms.service
68. If wifi works, you're done!
69. If not, uninstall the package:
aura -R broadcom-wl-dkms
And follow the instructions on the arch wiki for getting the b43 driver with b43fwcutter

That's it! Stuff should work for you now.