From a linux system:
dd bs=4M if=/path/to/archlinux.iso of=/dev/sdx status=progress && syncFrom a windows box, use Rufus and select the dd option when prompted before the recording process.
note that $keymap means a variable named "keymap". Substitute it for value suitable for you.
loadkeys $keymap
timedatectl set-ntp trueiwctl station wlan0 get-networks
iwctl station wlan0 connect $essidCheck available block devices names
cat /sys/class/block/sd{a,b,c}/device/modelAs an example, we will create 2 partitions, one for (EFI) boot and one for a LUKS encrypted filesystem.
gdisk /dev/sdaGPT fdisk (gdisk) version 1.0.1
Partition table scan:
MBR: protective
BSD: not present
APM: not present
GPT: present
Found valid GPT with protective MBR; using GPT.
Command (? for help): o
This option deletes all partitions and creates a new protective MBR.
Proceed? (Y/N): Y
Command (? for help): n
Partition number (1-128, default 1):
First sector (34-242187466, default = 2048) or {+-}size{KMGTP}:
Last sector (2048-242187466, default = 242187466) or {+-}size{KMGTP}: +512M
Current type is 'Linux filesystem'
Hex code or GUID (L to show codes, Enter = 8300): EF00
Changed type of partition to 'EFI System'
Command (? for help): n
Partition number (2-128, default 2):
First sector (34-242187466, default = 1050624) or {+-}size{KMGTP}:
Last sector (1050624-242187466, default = 242187466) or {+-}size{KMGTP}:
Current type is 'Linux filesystem'
Hex code or GUID (L to show codes, Enter = 8300): 8309
Changed type of partition to 'Linux LUKS'
Command (? for help): p
Disk /dev/sda: 242187500 sectors, 115.5 GiB
Logical sector size: 512 bytes
Disk identifier (GUID): 9FB9AC2C-8F29-41AE-8D61-21EA9E0B4C2A
Partition table holds up to 128 entries
First usable sector is 34, last usable sector is 242187466
Partitions will be aligned on 2048-sector boundaries
Total free space is 2014 sectors (1007.0 KiB)
Number Start (sector) End (sector) Size Code Name
1 2048 1050623 512.0 MiB EF00 EFI System
2 1050624 242187466 115.0 GiB 8309 Linux LUKS
Command (? for help): w
As an example, we will format:
- a boot partition (
/dev/sda1); - swap and a root partitions mapped by LVM on LUKS (
/dev/mapper/vg0-swapand/dev/mapper/vg0-rooton encrypted/dev/sda2).
But here you should format amd mount your boot, root, home, var and other partitions as you need.
mkfs.vfat -F32 /dev/sda1
cryptsetup -v luksFormat /dev/sda2
cryptsetup luksOpen /dev/sda2 luks
pvcreate /dev/mapper/luks
vgcreate vg0 /dev/mapper/luks
lvcreate -L 4G vg0 -n swap
lvcreate -l +100%FREE vg0 -n root
mkfs.ext4 /dev/mapper/vg0-root
mkswap /dev/mapper/vg0-swap
mount /dev/mapper/vg0-root /mnt
swapon /dev/mapper/vg0-swap
mkdir /mnt/boot
mount /dev/sda1 /mnt/bootAppend and substitute any pacman packages you think it's basic for your need.
pacstrap /mnt base base-devel man-pages iwd vim openssh linux linux-firmware lvm2If needed, check partitions UUID and label with blkid.
genfstab -pU /mnt >> /mnt/etc/fstab
cat /mnt/etc/fstab
#
# /etc/fstab: static file system information
#
# <file system> <dir> <type> <options> <dump> <pass>
# /dev/mapper/vg0-root
UUID=44bc2285-0443-44d6-8208-e914638ee1b1 / ext4 rw,noatime,data=ordered 0 1
# /dev/sda1
UUID=AEF3-11A1 /boot vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro 0 2
# /dev/mapper/vg0-swap
UUID=708a05f7-633c-4f0f-a16b-3abce7def965 none swap defaults 0 0
If you have SSD change relatime on all non-boot partitions to noatime.
Filesystems to be mounted after bootstrap (if you're encrypting /, it shouldn't be listed here, since it's dealt by initramfs int the bootloader entry configuration below. The following example asks for password to decrypt /dev/md/idata and create a new mapped device under /dev/mapper/idatadev.
echo "idatadev /dev/md/idata" >> /mnt/etc/crypttabUse amd-ucode or intel-ucode depending on your CPU. The microcodes are updated patches to deal with any issue the processor might have.
arch-chroot /mnt
ln -s /usr/share/zoneinfo/Europe/Helsinki /etc/localtime
hwclock --systohc
echo $hostname > /etc/hostname
pacman -S amd-ucode
pacman -S dialog wpa_supplicant
passwd
visudo #uncomment line "%wheel ALL=(ALL) NOPASSWD: ALL"
useradd -m -G wheel $username
passwd $username
Uncomment en_US.UTF-8 UTF-8 and other needed localizations in /etc/locale.gen. Don't forget to substitute the variables below.
echo LANG=en_US.UTF-8 > /etc/locale.conf
echo KEYMAP=$keymap > /etc/vconsole.conf
locale-genFor an example, we're creating /etc/systemd/network/20-enp0s3.network to configure DHCP on a wired interface.
[Match]
Name=enp0s3
[Network]
DHCP=yes
systemctl enable systemd-networkd.service
systemctl enable systemd-resolvedWe'll install the EFI systemd bootloader basic files:
bootctl --path=/boot installEdit /etc/mkinitcpio.conf:
MODULES="ext4"
.
.
.
HOOKS="base udev autodetect modconf block keymap encrypt lvm2 resume filesystems keyboard fsck"
Create /boot/loader/entries/arch.conf (using amd-ucode.img for AMD CPU or intel-ucode.img for INTEL CPU).
For an example, we'll configure a system where the root filesystem is encrypted.
note: The partition PARTUUID refered in
optionsline is the encrypted block device. Not the mapped root PARTUUID mentioned by/etc/fstab. Check it out fromblkidorlsblk -o PATH,PARTUUID.
title Arch Linux
linux /vmlinuz-linux
initrd /amd-ucode.img
initrd /initramfs-linux.img
options cryptdevice=PARTUUID=<YOUR-PARTITION-UUID>:lvm:allow-discards resume=/dev/mapper/vg0-swap root=/dev/mapper/vg0-root rw quiet
Edit /boot/loader/loader.conf
timeout 0
default arch
editor 0
mkinitcpio -p linux
exit
umount -R /mnt
reboot