This compact installation guide is meant as an overview article to skim through and remind myself of what's missing in an installation process. For any step, the Arch Wiki is much more comprehensible and has a lot of information on how to deal with error cases.
Familiarity with the
cryptsetup
tool and
systemd-boot
is required for this guide.
Boot Live ISO
1.1 USB flash drive
Download the image from the Arch Linux download page , flash it to the USB flash drive and then boot it on the target machine.
# replace /dev/sdX with the usb drive's identifier sudo dd bs=4M conv=fsync oflag=direct status=progress if=/path/to/archlinux*.iso of=/dev/sdX;
1.2 Boot Live ISO
After bootup, set the timezones and the datetime correctly.
All timezones are available in the
/usr/share/zoneinfo
folder, in case you can't find yours.
# list available timezones # timedatectl list-timezones; timedatectl set-ntp true; timedatectl set-timezone Europe/Berlin; timedatectl status;
Partition the Hard Drive
UEFI uses a
GPT
partition table, where you also have to have at least two partitions.
Due to bugs and quirks of old BIOS versions, 512MB EFI partition size (which hosts both
your kernel images and the EFI bootloader) is recommended, the second partition can be
your
/
root partition.
I'll spare the whole bullshit about swapping partitions, the dangers of them and what kind of RAM your system has to have. You decide whether you wanna have swap space on your hard drive on your own. In my case all my systems have far beyond 16GB of RAM, so swapping pretty much never occurs and my operating modes never are rare on system memory.
2.1 Partition Table
fdisk /dev/sda; # press g to create GPT partition table # press n to add new partition (use `+512M` as size when asked) # press t to change partition type to ESP/EFI and type `uefi` when asked # press n to add new partition (use suggested size when asked) # press t to change partition type to Linux and type `143` when asked # press w to write to disk and exit
2.2 Format ESP/EFI Boot Partition
mkfs.fat -F 32 /dev/sda1;
2.3 Format LUKS Encrypted Partition
cryptsetup luksFormat /dev/sda2; # Enter your password when asked cryptsetup open /dev/sda2 root; mkfs.ext4 /dev/mapper/root;
2.4 Mount Partitions
# Already did this earlier # cryptsetup open /dev/sda2 root; mount /dev/mapper/root /mnt; mkdir -p /mnt/boot; mount /dev/sda1 /mnt/boot;
2.5 Bootstrap Arch Linux
pacstrap /mnt base base-devel linux linux-firmware vim sudo; genfstab -U /mnt > /mnt/etc/fstab; arch-chroot /mnt;
Configure Arch Linux
IMPORTANT
:
Everything from here on out is executed inside the
arch-chroot
environment!
3.1 Configure Users
# Edit the /etc/sudoers file and uncomment the line `%wheel ALL=(ALL) ALL`. vim /etc/sudoers;
3.2 Configure Locale
# Uncomment en_US.UTF-8 vim /etc/locale.gen; echo "LANG=en_US.UTF-8" > /etc/locale.conf; locale-gen;
3.3 Configure Timezone
ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime; hwclock --systohc;
3.4 Configure Hostname
echo "myhostname" > /etc/hostname; echo "127.0.0.1 localhost" > /etc/hosts; echo "::1 localhost" >> /etc/hosts; echo "127.0.1.1 myhostname" >> /etc/hosts; echo "ff02::1 ip6-allnodes" >> /etc/hosts; echo "ff02::2 ip6-allrouters" >> /etc/hosts;
3.5 Configure Nameservers
Add DNS nameservers to the
/etc/resolv.conf
file
:
echo "nameserver 1.0.0.1" > /etc/resolv.conf; echo "nameserver 1.1.1.1" >> /etc/resolv.conf;
3.6 Configure Admin User
# optionally give root user a password passwd root; useradd -m myusername; usermod -aG users,wheel myusername; passwd myusername;
Install Bootloader and Kernel Image
systemd-boot
requires EFI and therefore can only be used if you chose the GPT/EFI
Boot Partition option earlier.
4.1 Encrypt Hook
Add the
encrypt
hook to the
HOOKS
the right place
before
the
filesystems
hook into the
/etc/mkinitcpio.conf
file
:
HOOKS=(base udev autodetect modconf kms block encrypt filesystems keyboard fsck)
4.2 Configure SystemD Bootloader
echo "default arch.conf" > /boot/loader/loader.conf; echo "timeout 3" >> /boot/loader/loader.conf; echo "editor no" >> /boot/loader/loader.conf;
Find out the
UUID
of the
LUKS
partition and replace the
UUID
variable later.
The UUID of the
sda2
partition is not the same as the one from the mounted
ext4
partition, so be careful to not use the wrong one.
lsblk -f; # example output NAME FSTYPE FSVER LABEL UUID FSAVAIL FSUSE% MOUNTPOINTS sda ├─sda1 vfat FAT32 CAB5-B580 366.3M 28% /boot └─sda2 crypto_LUKS 2 4e31973f-1e77-4061-aadf-d77a057832b2 └─root ext4 1.0 ce9d9c8c-90d4-4aea-bbf3-c345e21c2f8a 12G 90% /
Configure the Bootloader Entry for
Arch Linux
:
# You need to change this (see above): export UUID="4e31973f-1e77-4061-aadf-d77a057832b2"; echo "title Arch Linux" > /boot/loader/entries/arch.conf; echo "linux /vmlinuz-linux" >> /boot/loader/entries/arch.conf; echo "initrd /initramfs-linux" >> /boot/loader/entries/arch.conf; echo "options cryptdevice=UUID=$UUID:root root=/dev/mapper/root rw" >> /boot/loader/entries/arch.conf;
4.3 Regenerate Image and Install Bootloader
Regenerate the Linux Images and install the SystemD Bootloader :
mkinitcpio -P; bootctl --esp-path=/boot --boot-path=/boot install;
Configure for Server Usage
5.1 Configure Network Interfaces
Arch Linux comes with SystemD, so it makes sense to reuse
systemd-networkd
.
When you're running a server, you're probably using a LAN/ethernet cable.
In case you don't know your network interface's name, you can see that with
ip addr
.
Usually they are similar to
enp0s25
,
enp0s3
or
eno1
, depending on your mainboard
and its provided EFI settings (the name is derived from UEFI variables).
Change it accordingly in the config files below :
systemctl enable systemd-networkd;
5.2a DHCP Configuration
Edit the
/etc/systemd/network/20-wired.network
file
:
[Match] Name=enp0s25 [Network] DHCP=yes
5.2b Static Configuration
Edit the
/etc/systemd/network/20-wired.network
file
:
[Match] Name=enp0s25 [Network] Address=192.168.0.123/24 Gateway=192.168.0.1 DNS=192.168.0.1
5.3 Configure OpenSSH
Servers usually don't have a keyboard installed, so it makes sense to install OpenSSH now :
pacman -S openssh; systemctl enable sshd.service;
Update and Reboot
6.1 Update Keyring
Sometimes the ISO can be outdated and keyrings will break later, and that's kind of annoying to debug. Make sure to update them before you reboot :
pacman -Sy archlinux-keyring;
6.2 Reboot
Exit the
arch-chroot
environment and go back to the USB live system shell, then
restart the machine
:
exit; reboot;