Last active
July 23, 2025 19:37
-
-
Save ansulev/7cdf38a3d387599adf9addd248b09db8 to your computer and use it in GitHub Desktop.
Revisions
-
ansulev revised this gist
Oct 11, 2021 . 1 changed file with 18 additions and 14 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -13,8 +13,20 @@ dd bs=4M if=archlinux.iso of=/dev/sdx status=progress oflag=sync # on linux # Set your keymap loadkeys es # Connect to Internet: # Ethernet - plug in the cable # WLAN - use iwctl utility # WWAN - use mmcli utility # Connect to WLAN using wlan0: iwctl [iwd]# station wlan0 connect SSID # enter the passphras # or directly connect from zsh: iwctl --passphrase passphrase station wlan0 connect SSID # Check connection: ping archilinux.org # Create a primary partition - entire disk parted -s /dev/sda mklabel msdos @@ -26,7 +38,7 @@ cryptsetup --type luks1 --cipher aes-xts-plain64 --hash sha512 \ # Create btrfs filesystem cryptsetup open /dev/sda1 archlinux mkfs.btrfs --force --label archlinux -n 32k /dev/mapper/archlinux # ... and subvolumes mount -t btrfs -o compress=lzo /dev/mapper/archlinux /mnt @@ -39,7 +51,7 @@ umount /mnt # Mount options o=defaults,x-mount.mkdir o_btrfs=$o,compress=zstd,ssd,noatime,nodiratime,space_cache # Remount the partitions mount -o compress=lzo,subvol=@,$o_btrfs /dev/mapper/archlinux /mnt @@ -54,14 +66,6 @@ pacstrap /mnt base base-devel btrfs-progs snapper zsh mlocate htop \ # Generate fstab genfstab -L -p /mnt >> /mnt/etc/fstab # Enter the new system arch-chroot /mnt /bin/bash @@ -95,7 +99,7 @@ passwd angel vim /etc/mkinitcpio.conf # Early modules load MODULES=(atkbd intel_agp i915) # Embed btrfs to initramfs BINARIES=(/usr/sbin/btrfs) # Add 'encrypt' to HOOKS before filesystems @@ -124,7 +128,7 @@ quiet loglevel=3 rd.systemd.show_status=auto rd.udev.log_priority=3 # My actual CMDLINE for ThinkPad T480s BOOT_IMAGE=/vmlinuz-linux-zen root=/dev/mapper/archlinux rw rootflags=subvol=root \ cryptdevice=/dev/nvme0n1p4:archlinux:allow-discards rd.luks.options=discards rw \ acpi_osi=! "acpi_osi=Windows 2018" acpi=force acpi_enforce_resources=lax drm.vblankoffdelay=1 acpi_backlight=native \ i915.modeset=1 i915.fastboot=1 i915.enable_psr=1 i915.enable_guc=3 i915.enable_fbc=1 \ net.ifnames=0 spectre_v2=off nopti nowatchdog vsyscall=emulate audit=1 audit_backlog_limit=8192 \ fan_control=1 psmouse.elantech_smbus=0 ec_sys.write_support=1 \ -
May 4, 2019 . 1 changed file with 14 additions and 14 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -108,7 +108,7 @@ mkinitcpio -p linux # Edit /etc/default/grub, add GRUB_ENABLE_CRYPTODISK=y and GRUB_DISABLE_SUBMENU=y GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda1:archlinux:allow-discards" # Extra kernel options to add to GRUB_CMDLINE_LINUX (for old laptop 2011-2012) # https://forum.manjaro.org/t/howto-power-savings-setup-20180906/1445 # ACPI acpi_osi=Linux acpi_osi='!Windows 2012' acpi=force acpi_enforce_resources=lax @@ -121,6 +121,15 @@ audit=1 audit_backlog_limit=8192 # Quite boot quiet loglevel=3 rd.systemd.show_status=auto rd.udev.log_priority=3 # My actual CMDLINE for ThinkPad T480s BOOT_IMAGE=/vmlinuz-linux-zen root=/dev/mapper/archlinux rw rootflags=subvol=root \ cryptdevice=/dev/nvme0n1p4:archlinux:allow-discards rd.luks.options=discards rw \ acpi_osi=! "acpi_osi=Windows 2015" acpi=force acpi_enforce_resources=lax drm.vblankoffdelay=1 acpi_backlight=native \ i915.modeset=1 i915.fastboot=1 i915.enable_psr=1 i915.enable_guc=3 i915.enable_fbc=1 \ net.ifnames=0 spectre_v2=off nopti nowatchdog vsyscall=emulate audit=1 audit_backlog_limit=8192 \ fan_control=1 psmouse.elantech_smbus=0 ec_sys.write_support=1 \ quiet loglevel=3 rd.systemd.show_status=auto rd.udev.log_priority=3 # Install grub and create configuration grub-install --target=i386-pc /dev/sda grub-mkconfig -o /boot/grub/grub.cfg @@ -148,7 +157,7 @@ reboot chmod 000 /crypto_keyfile.bin # actually, even root doesn't need to access this chmod -R g-rwx,o-rwx /boot # just to be safe # Optional: Install Aur helper, X, WM, Software and Configure the System # Install AUR helper - yaourt wget https://aur.archlinux.org/cgit/aur.git/snapshot/package-query.tar.gz @@ -211,15 +220,6 @@ pacman -S nginx-mainline php php-apcu php-fpm php-gd php-mcrypt php-snmp \ # Security pacman -S rkhunter clamav gufw yaourt -S ananicy-git cdw csslint dbeaver freeplane freshplayerplugin gtk-theme-numix-sx icecat-bin \ lostfiles nodejs-jshint pepper-flash playerctl profile-cleaner purple-facebook purple-hangouts-hg \ virtualbox-ext-oracle clipit spacefm-git scite sublime-text-dev megasync thermald genymotion -
Apr 22, 2019 . 1 changed file with 6 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -37,9 +37,11 @@ btrfs subvolume create /mnt/@snapshots # Unmount and remount with the corect partitions umount /mnt # Mount options o=defaults,x-mount.mkdir o_btrfs=$o,compress=lzo,ssd,noatime # Remount the partitions mount -o compress=lzo,subvol=@,$o_btrfs /dev/mapper/archlinux /mnt mount -o compress=lzo,subvol=@home,$o_btrfs /dev/mapper/archlinux /mnt/home mount -o compress=lzo,subvol=@snapshots,$o_btrfs /dev/mapper/archlinux /mnt/.snapshots @@ -72,7 +74,7 @@ echo arch > /etc/hostname # Generate and set default locale vim /etc/locale.gen # Uncomment en_US.UTF-8 locale-gen echo LANG=en_US.utf8 >> /etc/locale.conf echo LANGUAGE=en_US >> /etc/locale.conf @@ -103,7 +105,7 @@ HOOKS="base udev autodetect modconf block encrypt filesystems keyboard fsck" mkinitcpio -p linux # Setup grub # Edit /etc/default/grub, add GRUB_ENABLE_CRYPTODISK=y and GRUB_DISABLE_SUBMENU=y GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda1:archlinux:allow-discards" # Extra kernel options to add to GRUB_CMDLINE_LINUX (form my laptop 2011) @@ -137,7 +139,7 @@ dd bs=512 count=4 if=/dev/urandom of=/crypto_keyfile.bin cryptsetup luksAddKey /dev/sda1 /crypto_keyfile.bin and add to /etc/mkinitcpio.conf FILES=(/crypto_keyfile.bin) # run: mkinitcpio -p linux # Reboot again, you’ll only need to enter your password once. reboot @@ -146,7 +148,7 @@ reboot chmod 000 /crypto_keyfile.bin # actually, even root doesn't need to access this chmod -R g-rwx,o-rwx /boot # just to be safe # Optional: Install X, WM, Software, Configure the System # Install AUR helper - yaourt wget https://aur.archlinux.org/cgit/aur.git/snapshot/package-query.tar.gz -
Apr 22, 2019 . 1 changed file with 11 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -104,13 +104,20 @@ mkinitcpio -p linux # Setup grub In /etc/default/grub add GRUB_ENABLE_CRYPTODISK=y and GRUB_DISABLE_SUBMENU=y GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda1:archlinux:allow-discards" # Extra kernel options to add to GRUB_CMDLINE_LINUX (form my laptop 2011) # https://forum.manjaro.org/t/howto-power-savings-setup-20180906/1445 # ACPI acpi_osi=Linux acpi_osi='!Windows 2012' acpi=force acpi_enforce_resources=lax # i915 i915.modeset=1 i915.fastboot=1 i915.enable_rc6=1 i915.enable_fbc=1 i915.lvds_downclock=1 i915.semaphores=1 # Varios power saving and performance settings net.ifnames=0 spectre_v2=off nopti nowatchdog vsyscall=emulate ath9k.ps_enable=1 pcie_aspm=force ipv6.disable=1 # Audit audit=1 audit_backlog_limit=8192 # Quite boot quiet loglevel=3 rd.systemd.show_status=auto rd.udev.log_priority=3 # Install grub and create configuration grub-install --target=i386-pc /dev/sda -
Apr 22, 2019 . 1 changed file with 56 additions and 45 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,59 +1,64 @@ # Install Arch Linux with full encrypted btrfs subvolume inside luks # Hardware: BIOS system, Intel GPU, Nvidia Optimus, Toshiba SSD, Wifi # Please adjust for your needs. # filename: install-arch-linux-on-btrfs-subvolume-inside-luks.txt # The official guide: https://wiki.archlinux.org/index.php/Installation_Guide # Download the archiso image from https://www.archlinux.org/download/ # Copy to a usb-drive dd bs=4M if=archlinux.iso of=/dev/sdx status=progress oflag=sync # on linux # Boot from the usb. # Set your keymap loadkeys es # Connect to wifi network ... wifi-menu # Create a primary partition - entire disk parted -s /dev/sda mklabel msdos parted -s /dev/sda mkpart primary 2048s 100% # Create luks container (luks1 for compatibility with grub) cryptsetup --type luks1 --cipher aes-xts-plain64 --hash sha512 \ --use-random --verify-passphrase luksFormat /dev/sda1 # Create btrfs filesystem cryptsetup open /dev/sda1 archlinux mkfs -t btrfs --force -L archlinux /dev/mapper/archlinux # ... and subvolumes mount -t btrfs -o compress=lzo /dev/mapper/archlinux /mnt btrfs subvolume create /mnt/@ btrfs subvolume create /mnt/@home btrfs subvolume create /mnt/@snapshots # Unmount and remount with the corect partitions umount /mnt o=defaults,x-mount.mkdir o_btrfs=$o,compress=lzo,ssd,noatime mount -o compress=lzo,subvol=@,$o_btrfs /dev/mapper/archlinux /mnt mount -o compress=lzo,subvol=@home,$o_btrfs /dev/mapper/archlinux /mnt/home mount -o compress=lzo,subvol=@snapshots,$o_btrfs /dev/mapper/archlinux /mnt/.snapshots # Install the system, wifi and some tools pacstrap /mnt base base-devel btrfs-progs snapper zsh mlocate htop \ net-tools wireless_tools wpa_supplicant dialog vim \ intel-ucode grub aria2 hping elinks bash-completion # Generate fstab genfstab -L -p /mnt >> /mnt/etc/fstab # Review the /mnt/etc/fstab LABEL=archlinux / btrfs rw,noatime,compress=lzo,ssd,commit=120,subvol=@ 0 0 LABEL=archlinux /home btrfs rw,noatime,compress=lzo,ssd,commit=120,subvol=@home 0 0 LABEL=archlinux /.snapshots btrfs rw,noatime,compress=lzo,ssd,commit=120,subvol=@snapshots 0 0 # Swap in zram (adjust for your needs) # /dev/zram0 none swap defaults 0 0 # /dev/zram1 none swap defaults 0 0 # Enter the new system arch-chroot /mnt /bin/bash @@ -67,7 +72,7 @@ echo arch > /etc/hostname # Generate and set default locale vim /etc/locale.gen # Uncomment en_US.UTF-8, or yours locale-gen echo LANG=en_US.utf8 >> /etc/locale.conf echo LANGUAGE=en_US >> /etc/locale.conf @@ -88,9 +93,9 @@ passwd angel vim /etc/mkinitcpio.conf # Early modules load MODULES=(i915) # Embed btrfs to initramfs BINARIES=(/usr/sbin/btrfs) # Add 'encrypt' to HOOKS before filesystems HOOKS="base udev autodetect modconf block encrypt filesystems keyboard fsck" @@ -99,31 +104,32 @@ mkinitcpio -p linux # Setup grub In /etc/default/grub add GRUB_ENABLE_CRYPTODISK=y and GRUB_DISABLE_SUBMENU=y GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda1:archlinux" # Extra kernel options to add to GRUB_CMDLINE_LINUX (form my laptop 2011) # https://forum.manjaro.org/t/howto-power-savings-setup-20180906/1445 acpi_osi='!Windows 2012' acpi=force acpi_enforce_resources=lax ath9k.ps_enable=1 pcie_aspm=force i915.enable_rc6=1 i915.enable_fbc=1 i915.lvds_downclock=1 i915.semaphores=1 # Install grub and create configuration grub-install --target=i386-pc /dev/sda grub-mkconfig -o /boot/grub/grub.cfg # Exit new system and go into the cd shell exit # Unmount all partitions umount -R /mnt # Reboot into the new system, don't forget to remove the usb reboot # Create keyfile for paswordless login dd bs=512 count=4 if=/dev/urandom of=/crypto_keyfile.bin cryptsetup luksAddKey /dev/sda1 /crypto_keyfile.bin and add to /etc/mkinitcpio.conf FILES=(/crypto_keyfile.bin) run: mkinitcpio -p linux # Reboot again, you’ll only need to enter your password once. @@ -133,22 +139,27 @@ reboot chmod 000 /crypto_keyfile.bin # actually, even root doesn't need to access this chmod -R g-rwx,o-rwx /boot # just to be safe # Optional: Install Light Desktop, Configure the system # Install AUR helper - yaourt wget https://aur.archlinux.org/cgit/aur.git/snapshot/package-query.tar.gz wget https://aur.archlinux.org/cgit/aur.git/snapshot/yaourt.tar.gz # Install as regular user (extract, run makepkg, pacman -U) ::TODO:: Update the installed packages. Finish configuration. # Install Zen Kernel , X, DE, some basic tools pacman -S linux-zen linux-zen-headers irqbalance cpupower x86_energy_perf_policy \ pacman -S xorg-server xf86-video-intel xf86-video-nouveau xf86-input-synaptics \ xorg-xbacklight xorg-xinit xterm rxvt-unicode compton openbox tint2 \ conky dmenu volumeicon slock feh nitrogen scrot xarchiver p7zip \ unzip unrar rfkill ttf-liberation ttf-droid ttf-hack terminus-font \ powertop wget whois ethtool archey3 gvim # Look and feel pacman -S gtk-engine-murrine numix-themes faenza-icon-theme # Office programs # Some graphics applications pacman -S gimp inkscape dia mtpaint gpicview graphicsmagick cups-pdf simple-scan @@ -176,7 +187,7 @@ pacman -S pidgin pidgin-otr purple-skypeweb linphone xchat transmission-gtk \ xl2tpd torsocks # Virtualisation pacman -S virtualbox virtualbox-host-dkms wine winetricks # Nvidia Optimus pacman -S --needed bumblebee primus bbswitch-dkms libva-intel-driver \ @@ -202,4 +213,4 @@ yaourt -S ananicy-git cdw csslint dbeaver evince2-light freeplane \ virtualbox-ext-oracle arch32-light megasync \ numix-themes-archblue-git numix-themes-archblue-git yaourt -S clipit spacefm scite -
Mar 22, 2019 . 1 changed file with 0 additions and 35 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -202,39 +202,4 @@ yaourt -S ananicy-git cdw csslint dbeaver evince2-light freeplane \ virtualbox-ext-oracle arch32-light megasync \ numix-themes-archblue-git numix-themes-archblue-git # TODO: Finish Configuration, Update -
Jan 18, 2019 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -4,7 +4,7 @@ # Download the archiso image from https://www.archlinux.org/download/ # Copy to a usb-drive dd bs=16M if=archlinux.iso of=/dev/sdx status=progress oflag=sync # on linux # Boot from the usb. # Set spanish keymap -
Oct 22, 2016 . 1 changed file with 40 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -133,14 +133,16 @@ reboot chmod 000 /crypto_keyfile.bin # actually, even root doesn't need to access this chmod -R g-rwx,o-rwx /boot # just to be safe # Optional: Install Light Desktop, Replace SystemD with OpenRC # Install Zen Kernel , X, DE, some basic tools pacman -S linux-zen linux-zen-headers irqbalance cpupower x86_energy_perf_policy \ pacman -S xorg-server xf86-video-intel xf86-video-nouveau xf86-input-synaptics \ xorg-utils xorg-xbacklight xorg-xinit xterm rxvt-unicode compton \ openbox tint2 spacefm conky scite dmenu clipit volumeicon slock \ nitrogen scrot xarchiver unzip unrar zip p7zip bash-completion \ rfkill ttf-liberation ttf-droid ttf-hack terminus-font powertop \ wget whois ethtool archey3 gvim tlc tk lzop udevil # Look and feel pacman -S gtk-engine-murrine numix-themes faenza-icon-theme @@ -199,3 +201,40 @@ yaourt -S ananicy-git cdw csslint dbeaver evince2-light freeplane \ spacefm-gtk2 sublime-text-dev thermald vibrancy-colors \ virtualbox-ext-oracle arch32-light megasync \ numix-themes-archblue-git numix-themes-archblue-git #################### Get rid of SystemD and Install OpenRC #################### # Add openrc-eudev repo to pacman.conf ... [openrc-eudev] SigLevel=PackageOptional Server=http://downloads.sourceforge.net/project/archopenrc/$repo/$arch ... # Sync OpenRC repo pacman -Syl openrc-eudev # Download packages pacman -Sw sysvinit openrc eudev udev-openrc eudev-systemd libeudev \ libeudev-systemd dbus-openrc procps-ng-nosystemd \ syslog-ng-nosystemd # Remove SystemD pacman -Rdd systemd libsystemd # Install OpenRC packages pacman -S --needed sysvinit openrc eudev udev-openrc eudev-systemd libeudev \ libeudev-systemd dbus-openrc procps-ng-nosystemd upower-pm-utils # Install basic system packages pacman -S --needed acpid-openrc alsa-utils-openrc autofs-openrc consolekit \ consolekit-openrc cgmanager-openrc cronie-openrc cups-openrc \ dbus-openrc dnsmasq fuse-openrc gnome-polkit haveged-openrc \ hdparm-openrc samba-openrc syslog-ng-openrc udisks2-nosystemd \ privoxy-openrc tor-openrc samba-openrc device-mapper-openrc lvm2-openrc # Some openrc start scripts and services pacman -S avahi-openrc apache-openrc thermald-openrc ntp-openrc tlp-pmu \ cpupower-openrc # TODO: Finish Configuration, Update -
Oct 22, 2016 . 1 changed file with 6 additions and 7 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -192,11 +192,10 @@ pacman -S rkhunter clamav gufw # Install complementary software from AUR pacman -U package-query yaourt yaourt -S ananicy-git cdw csslint dbeaver evince2-light freeplane \ freshplayerplugin genymotion gtk-theme-numix-sx icecat-bin \ inox-bin lostfiles netcfg-git nodejs-jshint pepper-flash \ playerctl profile-cleaner purple-facebook purple-hangouts-hg \ spacefm-gtk2 sublime-text-dev thermald vibrancy-colors \ virtualbox-ext-oracle arch32-light megasync \ numix-themes-archblue-git numix-themes-archblue-git -
Oct 22, 2016 . 1 changed file with 28 additions and 14 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -98,8 +98,15 @@ HOOKS="base udev autodetect modconf block encrypt filesystems keyboard fsck" mkinitcpio -p linux # Setup grub In /etc/default/grub add GRUB_ENABLE_CRYPTODISK=y and GRUB_DISABLE_SUBMENU=y # GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda1:cryptroot root=/dev/mapper/cryptroot rootflags=subvol=@" GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda1:cryptroot" # Extra kernel options to add to GRUB_CMDLINE_LINUX acpi_osi=Linux acpi=force acpi_enforce_resources=lax ath9k.ps_enable=1 pcie_aspm=force i915.enable_rc6=1 i915.enable_fbc=1 i915.lvds_downclock=1 i915.semaphores=1 run: grub-mkconfig -o /boot/grub/grub.cfg grub-install /dev/sda @@ -127,13 +134,16 @@ chmod 000 /crypto_keyfile.bin # actually, even root doesn't need to access this chmod -R g-rwx,o-rwx /boot # just to be safe # Install Zen Kernel , X, DE, some basic tools pacman -S linux-zen linux-zen-headers irqbalance cpupower x86_energy_perf_policy \ pacman -S xorg-server xf86-video-intel xf86-video-nouveau xf86-input-synaptics \ xorg-utils xorg-xbacklight xorg-xinit xterm rxvt-unicode compton \ openbox tint2 spacefm conky scite dmenu clipit volumeicon slock \ nitrogen scrot xarchiver unzip unrar zip p7zip bash-completion \ rfkill ttf-liberation ttf-droid ttf-hack terminus-font powertop \ wget whois ethtool qt5-tools archey3 gvim tlc tk lzop udevil # Look and feel pacman -S gtk-engine-murrine numix-themes faenza-icon-theme # Office programs pacman -S scribus homebank libreoffice-fresh fbreader epdfview @@ -149,18 +159,19 @@ pacman -S stardict-lite aspell-en aspell-es hunspell-en hunspell-es \ # System tools pacman -S bleachbit nethogs gparted dosfstools ntfs-3g grsync gsmartcontrol \ lxterminal lxappearance lxtask obconf geany scite sshfs gpart \ nmap macchanger ghex yajl pssh wpa_actiond ifplugd gvfs dnsutils\ ifplugd gvfs dnsutils grsync xdotool alsa-plugins alsa-utils lsof # Multimedia pacman -S avidemux-gtk audacity guvcview gtk-recordmydesktop pragha winff \ handbrake mpv easytag smplayer deadbeef gst-plugins-bad \ gst-plugins-ugly gst-libav openshot libquicktime \ frei0r-plugins flashplayer youtube-dl rtmpdump atomicparsley # Network pacman -S pidgin pidgin-otr purple-skypeweb linphone xchat transmission-gtk \ uget filezilla claws-mail opera wireshark-gtk openvpn pptpclient \ xl2tpd torsocks # Virtualisation pacman -S virtualbox virtualbox-host-dkms wine-staging @@ -172,10 +183,13 @@ pacman -S --needed bumblebee primus bbswitch-dkms libva-intel-driver \ # Development pacman -S nginx-mainline php php-apcu php-fpm php-gd php-mcrypt php-snmp \ php-tidy composer apache nghttp2 lighttpd openvpn \ mariadb xdebug nodejs ruby npm colordiff git jdk8-openjdk # Security pacman -S rkhunter clamav gufw # Install complementary software from AUR pacman -U package-query yaourt yaourt -S thermald icecat-bin inox-bin chromium-pepper-flash-standalone jdk8 \ -
Oct 22, 2016 . 1 changed file with 4 additions and 5 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -39,9 +39,9 @@ mkdir -p /mnt/.snapshots mount -o compress=lzo,subvol=@snapshots /dev/mapper/cryptroot /mnt/.snapshots # Install the system, wifi and some tools pacstrap /mnt base base-devel btrfs-progs snapper zsh mlocate htop \ net-tools wireless_tools wpa_supplicant arch-wiki-lite \ intel-ucode grub vim aria2 hping elinks dialog # Generate fstab genfstab -L -p /mnt >> /mnt/etc/fstab @@ -52,9 +52,8 @@ LABEL=linuxroot /home btrfs rw,noatime,compress=lzo,space_cache,au LABEL=linuxroot /.snapshots btrfs rw,noatime,compress=lzo,space_cache,autodefrag,commit=60,subvol=@snapshots 0 0 # swap in zram # /dev/zram0 none swap defaults 0 0 # mount /tmp on tmpfs # tmpfs /tmp tmpfs rw,nodev,nosuid 0 0 # Enter the new system arch-chroot /mnt /bin/bash -
Oct 7, 2016 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,189 @@ # Install Arch Linux with full encrypted btrfs subvolume inside luks # filename: install-arch-linux-on-btrfs-subvolume-inside-luks.txt # The official guide: https://wiki.archlinux.org/index.php/Installation_Guide # Download the archiso image from https://www.archlinux.org/download/ # Copy to a usb-drive dd bs=16M if=archlinux.img of=/dev/sdX status=progress && sync # on linux # Boot from the usb. # Set spanish keymap loadkeys es # This assumes a wifi only system... wifi-menu # Create a primary partition - entire disk parted -s /dev/sda mklabel msdos parted -s /dev/sda mkpart primary 2048s 100% # Create luks container and btrfs filesystem cryptsetup --cipher aes-xts-plain64 --hash sha512 --use-random \ --verify-passphrase luksFormat /dev/sda1 #cryptsetup -y -v luksFormat /dev/sda1 cryptsetup open /dev/sda1 cryptroot mkfs -t btrfs -L linuxroot /dev/mapper/cryptroot # Create btrfs subvolumes mount -t btrfs -o compress=lzo /dev/mapper/cryptroot /mnt btrfs subvolume create /mnt/@ btrfs subvolume create /mnt/@home btrfs subvolume create /mnt/@snapshots # Unmount and remount with the corect partitions umount /mnt mount -o compress=lzo,subvol=@ /dev/mapper/cryptroot /mnt mkdir -p /mnt/home mount -o compress=lzo,subvol=@home /dev/mapper/cryptroot /mnt/home mkdir -p /mnt/.snapshots mount -o compress=lzo,subvol=@snapshots /dev/mapper/cryptroot /mnt/.snapshots # Install the system, wifi and some tools pacstrap /mnt base base-devel btrfs-progs \ net-tools wireless_tools dialog wpa_supplicant \ intel-ucode grub vim zsh mlocate htop aria2 # Generate fstab genfstab -L -p /mnt >> /mnt/etc/fstab # Edit /mnt/etc/fstab and add the following options: LABEL=linuxroot / btrfs rw,noatime,compress=lzo,space_cache,autodefrag,commit=60,subvol=@ 0 0 LABEL=linuxroot /home btrfs rw,noatime,compress=lzo,space_cache,autodefrag,commit=60,subvol=@home 0 0 LABEL=linuxroot /.snapshots btrfs rw,noatime,compress=lzo,space_cache,autodefrag,commit=60,subvol=@snapshots 0 0 # swap in zram # /dev/zram0 none swap defaults 0 0 # mount /tmp on tmpfs (auto if systemd) # tmpfs /tmp tmpfs rw,nodev,nosuid 0 0 # tmpfs /dev/shm tmpfs rw,nodev,nosuid,noexec 0 0 # Enter the new system arch-chroot /mnt /bin/bash # Setup system clock ln -s /usr/share/zoneinfo/Europe/Madrid /etc/localtime hwclock --systohc --utc # Set the hostname echo arch > /etc/hostname # Generate and set default locale vim /etc/locale.gen # Uncomment en_US.UTF-8, es_ES.UTF-8, bg_BG.UTF-8 locale-gen echo LANG=en_US.utf8 >> /etc/locale.conf echo LANGUAGE=en_US >> /etc/locale.conf echo LC_ALL=C >> /etc/locale.conf # Set virtul console lang and font echo KEYMAP=es > /etc/vconsole.conf echo FONT=Lat2-Terminus16 >> /etc/vconsole.conf # Set password for root passwd # Create user useradd -m -G wheel angel passwd angel # Configure mkinitcpio vim /etc/mkinitcpio.conf # Early modules load MODULES="i915" # Embed btrfs to initramfs BINARIES="/usr/sbin/btrfs" # Add 'encrypt' to HOOKS before filesystems HOOKS="base udev autodetect modconf block encrypt filesystems keyboard fsck" # Regenerate initrd image mkinitcpio -p linux # Setup grub In /etc/default/grub add GRUB_ENABLE_CRYPTODISK=y and GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda1:cryptroot root=/dev/mapper/cryptroot rootflags=subvol=@" run: grub-mkconfig -o /boot/grub/grub.cfg grub-install /dev/sda # Exit new system and go into the cd shell exit # Unmount all partitions umount -R /mnt # Reboot into the new system, don't forget to remove the cd/usb reboot # Create keyfile for paswordless login dd bs=512 count=4 if=/dev/urandom of=/crypto_keyfile.bin cryptsetup luksAddKey /dev/sda1 /crypto_keyfile.bin and add to /etc/mkinitcpio.conf FILES=/crypto_keyfile.bin run: mkinitcpio -p linux # Reboot again, you’ll only need to enter your password once. reboot # Secure keyfile and /boot chmod 000 /crypto_keyfile.bin # actually, even root doesn't need to access this chmod -R g-rwx,o-rwx /boot # just to be safe # Install Zen Kernel , X, DE, some basic tools pacman -S linux-zen linux-zen-headers irqbalance cpupower x86_energy_perf_policy pacman -S xorg-server xf86-video-intel xf86-video-nouveau xf86-input-synaptics \ xorg-utils xorg-xbacklight xorg-xinit xterm rxvt-unicode compton \ openbox tint2 spacefm conky scite dmenu clipit volumeicon slock \ nitrogen scrot xarchiver unzip unrar ark zip p7zip bash-completion \ rfkill ttf-liberation ttf-droid ttf-hack terminus-font powertop \ elinks wget whois ethtool qt5-tools archey3 gvim tlc tk lzop # Office programs pacman -S scribus homebank libreoffice-fresh fbreader epdfview # Some graphics applications pacman -S gimp inkscape dia mtpaint gpicview graphicsmagick cups-pdf simple-scan # Utilities pacman -S stardict-lite aspell-en aspell-es hunspell-en hunspell-es \ mythes-en mythes-es hyphen-en hyphen-es perl-file-mimeinfo \ keepassx cherrytree zim gprename galculator gsimplecal # System tools pacman -S bleachbit nethogs gparted dosfstools ntfs-3g grsync gsmartcontrol \ lxterminal lxappearance lxtask obconf geany scite sshfs gpart \ arch-wiki-lite hping nmap macchanger ghex yajl pssh wpa_actiond \ ifplugd gvfs dnsutils grsync xdotool alsa-plugins alsa-utils lsof # Multimedia pacman -S avidemux-gtk audacity guvcview gtk-recordmydesktop pragha winff \ handbrake mpv youtube-dl rtmpdump atomicparsley smplayer deadbeef \ gst-plugins-bad gst-plugins-ugly gst-libav openshot libquicktime \ frei0r-plugins flashplayer # Network pacman -S --needed pidgin pidgin-otr purple-skypeweb linphone xchat \ uget transmission-gtk filezilla claws-mail opera wireshark-gtk # Virtualisation pacman -S virtualbox virtualbox-host-dkms wine-staging # Nvidia Optimus pacman -S --needed bumblebee primus bbswitch-dkms libva-intel-driver \ libva-mesa-driver libva-vdpau-driver mesa-vdpau nvidia-dkms \ nvidia-utils nvidia-settings mesa-demos # Development pacman -S nginx-mainline php php-apcu php-fpm php-gd php-mcrypt php-snmp \ php-tidy composer apache-openrc nghttp2 lighttpd-openrc openvpn \ mariadb xdebug nodejs npm colordiff # Install from AUR pacman -U package-query yaourt yaourt -S thermald icecat-bin inox-bin chromium-pepper-flash-standalone jdk8 \ sublime-text-dev qpdfview megasync dbeaver virtualbox-ext-oracle \ cdw genymotion arch32-light netcfg-git profile-cleaner playerctl \ freeplane ananicy-git vibrancy-colors xfce-theme-blackbird \ xfce-theme-greybird spacefm-gtk2 ruby-sass purple-facebook \ purple-hangouts-hg nodejs-jshint megasync-qt5 gtk-theme-numix-sx numix-themes-archblue-git numix-themes-archblue-git gtk-engine-unico csslint nodejs-jshint