From 116ca0f6365c41119e1dd06a5c7aa325fa04400f Mon Sep 17 00:00:00 2001 From: Filippo Ferrari Date: Sat, 10 Feb 2024 17:46:30 +0100 Subject: [PATCH] docs: parabola-installation-guide.md --- content/posts/parabola-install-guide.md | 210 +++++++++++++++++++++++- 1 file changed, 209 insertions(+), 1 deletion(-) diff --git a/content/posts/parabola-install-guide.md b/content/posts/parabola-install-guide.md index 9772308..3410bf2 100644 --- a/content/posts/parabola-install-guide.md +++ b/content/posts/parabola-install-guide.md @@ -70,7 +70,7 @@ It might ask you to remote an already present signature, in that case just remot # Filesystem of boot partition -We are now gonna put a filesystem on the first parition, I use FAT partitioning beacuse it is versatile since it's compatibile with both legacy boot and UEFI. +We are now gonna put a filesystem on the first partition, I use FAT partitioning beacuse it is versatile since it's compatibile with both legacy boot and UEFI. ``` mkfs.fat -F32 /dev/sdX1 ``` @@ -122,7 +122,215 @@ nvme0n1 259:0 0 476.9G 0 disk └─nvme0n1p2 259:2 0 475.9G 0 part └─partition-name 254:0 0 475.9G 0 crypt /mnt ``` +# (optional) Change mirrors +You might want to change the mirrors order to make installation of packages faster by going into this file (use your favorite text editor): +``` +/etc/pacman.d/mirrorlist +``` +From the list, move the servers that are closer to you to the top so that they will be the first ones to be chosen. + +# Install packages into the system +Install the needed packages into the ```/mnt``` partition, add what you know you will need: +``` +pacstrap /mnt base base-devel linux-libre linux-libre-firmware btrfs-progs grub networkmanager cryptsetup lvm2 vim neovim +``` +If youre in UEFI then add the following package: ```efibootmgr``` + +- base and base-devel:\ +base is the basic system and all the tools related to it, base-devel is necessary to compile packages and other stuff +- linux-libre:\ +the libre version of the linux kernel, with no binary blobs, obfuscated code, or code released under proprietary licenses +- linux-libre-firmware:\ +Some hardware devices such as the popular NetGear WNA1100 (aka: Wireless-N 150, aka: Atheros AR9271) require firmware (eg: ath9k_htc) from the linux-libre-firmware package +- grub:\ +the boot loader +- networkmanager:\ +internet 'n stuff +- cryptsetup and lvm2:\ +packages needed for encrypting and decrypting the drive +- vim and neovim:\ +i mean you know why + +# Chroot into your system +``` +arch-chroot /mnt bash +``` + +# Set the timezone and set the hardware clock +just run: +``` +ln -s /usr/share/zoneinfo/Europe/Rome /etc/localtime +``` + +Change country adn city based on your correct timezone +Then synch the hardware clock with the system clock: +``` +hwclock --systhoc +``` + +# Setup keyboard layout and language +Edit the locale.gen file: +``` +nvim /etc/locale.gen +``` +Uncomment the your langage and layout of choice + +Edit the file locale.conf: +``` +nvim /etc/locale.conf +``` +I will add the setup for the US keyboard but you might want a different layout: +``` +export LANG="en_US.UTF-8" +export LC_COLLATE="C" +``` +Run the locale-gen command: +``` +locale-gen +``` +# Name your computer +Run: +``` +echo "myhostname" > /etc/hostname +``` + +change **myhostname** with your desired name, then edit the following file: +``` +nvim /etc/hosts +``` +and add the follwing lines: +``` +127.0.0.1 localhost +::1 localhost +127.0.1.1 myhostname.localdomain myhostname +``` + +# Enable NetworkManager service +run: +``` +systemctl enable NetworkManager.service +``` + +# Add a user and set his groups and password +First add a password to your root with: +``` +passwd +``` +Then create a new user: +``` +useradd -G wheel -m user +``` +this way a user by the name of **user** has been created, added to the wheel group and a home directory has been created for him +Set the user user password: +``` +passwd user +``` + +# Edit the mkinitcpio configuration +Edit the **mkinitcpio.conf** file: +``` +nvim /etc/mkinitcpio.conf +``` +look for the line in which hooks are declared, it is going be like this: +``` +HOOKS=(base udev autodetect modconf kms keyboard keymap consolefont block filesystem fsck) +``` +add to the hooks **encrypt** and **lvm2**: +``` +HOOKS=(base udev autodetect modconf kms keyboard keymap consolefont block encrypt lvm2 filesystem fsck) +``` +**Optionally** you can add the following modules to same mkinitcpio.conf file: +``` +hid usbhid hid_generic ohci_pci +``` +If, at the end of the installation, the keyboard is not working during the decryption of the partition\ + +Update the conf by typing: +``` +mkinitcpio -p linux-libre +``` + +# Make the system able to decrypt the partition +Start by exiting the partition: +``` +exit +``` +Create an fstab and output it in the correct place: +``` +# genfstab -p /mnt >> /mnt/etc/fstab +``` +use **-U** or **-L** to define by UUID or labels, respectively + +Take the output of **lsblk -f** in put it in the following file: +``` +lsblk -f >> /mnt/etc/default/grub +``` +Go back into your system: +``` +arch-chroot /mnt bash +``` + +# Edit GRUB to make the system able to encrypt and decrypt the partition +Enter the following file: +``` +nvim /etc/default/grub +``` +At the end of the file you will find the output of our **lsblk -f** command, it will be something similar to this: +``` +NAME FSTYPE FSVER LABEL UUID FSAVAIL FSUSE% MOUNTPOINTS +sdb +nvme0n1 +├─nvme0n1p1 [UUID_0] 862.4M 16% /boot +└─nvme0n1p2 [UUID_1] + └─cryptlvm [UUID_2] 431.2G 9% / +``` +You will only need the two UUIDs: **[UUID_1]** and **[UUID_2]** +And at the top of this file there will be a line that looks like this: +``` +GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet" +``` +Now, take the UUID of the encrypted partition (in this case the **UUID_1**) and add the following to the GRUB_CMDLINE_LINUX_DEFAULT: +``` +cryptdevice=UUID=[UUID_1]:cryptlvm +``` +It will look something like this: +``` +cryptdevice=UUID=33dd1b52-a543-4143-8bf8-004390e411e0:cryptlvm +``` +Take the UUID of the decrypted partition (in this case the **UUID_2**) and add the following to the GRUB_CMDLINE_LINUX_DEFAULT: +``` +root=UUID=[UUID_2] +``` +It will look something like this: +``` +root=UUID=b720a64e-fdf2-462e-9231-d1a35ae2654e +``` +the **GRUB_CMDLINE_LINUX_DEFAULT** should look like this: +``` +GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet cryptdevice=UUID=33dd1b52-a543-4143-8bf8-004390e411e0:cryptlvm root=UUID=b720a64e-fdf2-462e-9231-d1a35ae2654e" +``` +# Install Grub bootloader +Install GRUB for UEFI devices: +**esp** denotes the mountpoint of the EFI system partition +``` +grub-install --target=x86_64-efi --efi-directory=[esp] --bootloader-id=grub +``` + +Install GRUB for legacy BIOS devices +``` +grub-install /dev/sdX +``` +Then create the grub configuration: +``` +grub-mkconfig -o /boot/grub/grub.cfg +``` + +Now you can unmount your partitions, remove your bootable device and reboot the system. +You now a have a fully libre system, you chad. + +# Migrate to Open-RC +For maximum chad-status you have to remote systemD in favour of Open-RC, the Parabola wiki has a section on how to do so [HERE](https://wiki.parabola.nu/OpenRC)