Differences

This shows you the differences between two versions of the page.

--- os:archlinux:30l3-2021 [2021/12/29 19:56] – ↷ Page moved from archlinux:30l3-2021 to os:archlinux:30l3-2021 warnaud
+++ os:archlinux:30l3-2021 [2023/01/06 14:50] (current) – [Battery] warnaud
@@ Line 1: / Line 1: @@
+====== Archlinux With BTRFS + systemd-boot  + LARBS + Blackarch repos ======
+Experience the thrill !  systemd-boot looks less bloated than grub while graphically horrible :-)\\
+Machine has 2 hard drives:
+  * sdb 256GB msata
+  * sda 1T SSD
+The concept will be to put all system on sda and and data/VMs on sdb
+Dowload [[https://archlinux.org/download/|ISO ]]
+====== Enable SSH ======
+On the live system,
+===== Start SSHD =====
+<code bash>systemctl start sshd.service</code>
+===== Set a password for root =====
+<code bash>passwd</code>
+===== Look up the IP address of the live system =====
+<code bash>ip a</code>
+====== Remote PC ======
+On a second PC, connect to the live system via SSH:
+<code bash>ssh root@<IP-OF-THE-LIVE-SYSTEM></code>
+===== Partition disk =====
+A very simple setup:
+  * sdb1 fat32 EFI crap (from Windows)550MB
+  * sdb2 swap 10G
+  * sdb3 btrfs with tons of subvolumes
+Adapt if you have only one drive with full Linux install like:
+  * sda1 (home) btrfs all drive
+<code bash>gdisk /dev/sda
+# tout sda en linux
+o [enter]
+n[enter]
+[enter x 4]
+w [enter]
+</code>
+<code bash>gdisk /dev/sdb</code>
+==== Create new partition table ====
+<code>
+Command (? for help): o</code>
+==== Create an EFI partition (optional if you already have Windows installed)====
+<code>Command (? for help): n [enter]
+Partition number (1-128, default 1):[enter]
+First sector (34-500118158, default = 2048) or {+-}size{KMGTP}:[enter]
+Last sector (2048-500118158, default = 500118158) or {+-}size{KMGTP}: +550M
+Hex code or GUID (L to show codes, Enter = 8300): EF00
+</code>
+ (choose size 550M and __hex code EF00__):
+==== SWAP ====
+<code> Command (? for help): n
+Partition number (2-128, default 2): [enter]
+First sector (34-500118158, default = 1128448) or {+-}size{KMGTP}:[enter]
+Last sector (1128448-500118158, default = 500118158) or {+-}size{KMGTP}: +10G[enter]
+Hex code or GUID (L to show codes, Enter = 8300): 8200 [enter]
+</code>
+==== Create a root partition ====
+Select default values
+<code>Command (? for help): n [enter]
+Partition number (3-128, default 3): [enter]
+First sector (34-500118158, default = 22099968) or {+-}size{KMGTP}: [enter]
+Last sector (22099968-500118158, default = 500118158) or {+-}size{KMGTP}: [enter]
+Hex code or GUID (L to show codes, Enter = 8300): [enter]
+</code>
+==== Write the new partitions to disk ====
+<code>Command (? for help): w</code>
+===== Format partitions =====
+<code>
+mkfs.vfat -F32 -n EFI /dev/sdb1 ## if not already existing
+mkswap -L SWAP /dev/sdb2 # Adapt if necessary
+mkfs.btrfs -L ROOT /dev/sdb3 # Adapt if necessary
+mkfs.btrfs -L HOME /dev/sda1</code>
+===== Subvolumes creation =====
+<code bash>
+# Adapt if necessary
+mount /dev/sdb3 /mnt
+btrfs sub create /mnt/@
+btrfs sub create /mnt/@pkg
+btrfs sub create /mnt/@snapshots
+btrfs sub create /mnt/@btrfs
+umount /mnt
+mount /dev/sda1 /mnt
+btrfs sub create /mnt/@home
+umount /mnt
+</code>
+===== Mount the subvolumes =====
+<code bash>
+mount -o noatime,nodiratime,compress=zstd,space_cache,ssd,subvol=@ /dev/disk/by-label/ROOT /mnt
+mkdir -p /mnt/{boot,home,var/cache/pacman/pkg,.snapshots,btrfs}
+#mount -o noatime,nodiratime,compress=zstd,space_cache,ssd,subvol=@home /dev/disk/by-label/ROOT /mnt/home
+mount -o noatime,nodiratime,compress=zstd,space_cache,ssd,subvol=@home /dev/disk/by-label/HOME /mnt/home
+mount -o noatime,nodiratime,compress=zstd,space_cache,ssd,subvol=@pkg /dev/disk/by-label/ROOT /mnt/var/cache/pacman/pkg
+mount -o noatime,nodiratime,compress=zstd,space_cache,ssd,subvol=@snapshots /dev/disk/by-label/ROOT /mnt/.snapshots
+mount -o noatime,nodiratime,compress=zstd,space_cache,ssd,subvolid=5 /dev/disk/by-label/ROOT /mnt/btrfs
+</code>
+<code bash>
+mount /dev/sdb1 /mnt/boot # Adapt if necessary
+swapon /dev/sdb2 # Adapt if necessary
+</code>
+===== Base System =====
+Install Arch Linux with (adjust this list to your needs):
+<code bash>pacstrap /mnt linux base base-devel btrfs-progs intel-ucode vim linux-firmware dhcpcd networkmanager</code>
+Optional, for über security :!: If Multibooting... Microsoft creates a 100MB EFI partition so you cannot have 20 linux kernel...)
+Second warning :!: some modules need recompiling (acpi_call/tpacpi-bat):
+<code bash>pacstrap /mnt linux-hardened base base-devel btrfs-progs intel-ucode vim linux-firmware dhcpcd networkmanager</code>
+===== Generate /etc/fstab =====
+<code bash>genfstab -U /mnt >> /mnt/etc/fstab</code>
+====== System Configuration ======
+===== chroot into the new system =====
+<code bash>arch-chroot /mnt/</code>
+===== Set host name =====
+<code bash>echo <YOUR-HOSTNAME> > /etc/hostname</code>
+===== Set locale =====
+<code bash>echo LANG=en_US.UTF-8 > /etc/locale.conf</code>
+Uncomment the following appropriates locales in /etc/locale.gen
+<code>
+en_US.UTF-8
+</code>
+===== Generate locale =====
+<code bash>locale-gen</code>
+===== Set keyboard layout and font =====
+<code bash>echo KEYMAP=us-acentos > /etc/vconsole.conf
+echo FONT=lat9w-16 >> /etc/vconsole.conf</code>
+===== Set time zone =====
+<code bash>ln -sf /usr/share/zoneinfo/Europe/Zurich /etc/localtime</code>
+===== /etc/hosts =====
+<code perl>
+#<ip-address>	<hostname.domain.org>	<hostname>
+.0.0.1	<YOUR-HOSTNAME>.localdomain	<YOUR-HOSTNAME>
+</code>
+====== Initramfs ======
+Configure the creation of initramfs by editing /etc/mkinitcpio.conf.\\
+Change the line HOOKS=... to:
+<code bash>HOOKS=(base keyboard udev autodetect modconf block keymap btrfs filesystems)</code>
+===== Recreate initramfs =====
+<code bash>mkinitcpio -p linux</code>
+====== Boot Manager ======
+===== Install systemd-boot =====
+<code bash> bootctl --path=/boot install</code>
+===== Arch entry =====
+Create file **/boot/loader/entries/arch.conf** and fill it with:
+<code perl>
+title Arch Linux
+linux /vmlinuz-linux
+initrd /intel-ucode.img
+initrd /initramfs-linux.img
+options root="LABEL=ROOT" rootflags=subvol=@ rw
+</code>
+Edit file **/boot/loader/loader.conf** and fill it with:
+<code perl>
+default  arch.conf
+timeout  4
+console-mode max
+#editor   no
+</code>
+====== Final Steps ======
+Exit chroot, unmount partitions and reboot:
+<code bash>
+passwd
+exit
+umount -R /mnt
+reboot</code>
+====== Troubleshoot ======
+===== Network =====
+If you forgot dhcpcd... like I did first time:
+<code bash>ip addr add 192.168.1.116/24 dev enp0s25
+ip link set enp0s25 up
+ip route add 192.168.1.0/24 via 192.168.1.1 dev ens0p25
+echo "nameserver 192.168.1.1">> /etc/resolv.conf
+</code>
+====== Post install ======
+===== Wifi =====
+<code bash>pacman -S linux-firmware</code>
+To know the module:
+<code bash>lspci -k</code>
+Set the interface up
+<code bash> ip link set wlp3s0 up</code>
+===== Enp0s25 =====
+Isn't that a beautiful name? so romantic and of course more simple than eth0.... Thank you Lenard
+<code bash>
+systemctl enable --now NetworkManager
+</code>
+If you don't want NetworkManager
+<code bash>systemctl enable dhcpcd@enp0s25 </code>
+===== Tools =====
+Start building and installing nice stuff
+<code bash>pacman -Sy yay git zsh htop openssh man-pages</code>
+===== Configure pacman =====
+<code bash>vi /etc/pacman.conf</code>
+See: [[https://man.archlinux.org/man/pacman.conf.5| man 5 pacman.conf]
+=== Color ===
+Remove the "#" in front of the line <code perl>#Color</code>
+===== LARBS =====
+<code>curl -LO larbs.xyz/larbs.sh
+sh larbs.sh</code>
+FAILOVER method:
+<code> git clone https://github.com/LukeSmithxyz/LARBS.git
+cd LARBS
+sh larbs.sh
+</code>
+===== Battery =====
+==== tp-battery-mode ====
+  * https://wiki.archlinux.org/index.php/Tp-battery-mode
+<code bash>yay -S tp-battery-mode</code>
+Config
+<code bash>vi /etc/tp-battery-mode.conf</code>
+<code perl>
+START_THRESHOLD=85
+STOP_THRESHOLD=100
+</code>
+Enable
+<code bash>systemctl enable tp-battery-mode
+systemctl start tp-battery-mode</code>
+==== Battery Modes ====
+  * https://wiki.archlinux.org/index.php/Laptop#Power_management
+  * https://wiki.archlinux.org/index.php/Laptop_Mode_Tools
+  * https://wiki.archlinux.org/index.php/Power_management#Laptop_Mode
+<code bash>pacman -S acpi acpid tpacpi-bat
+systemctl enable --now acpid
+</code>
+Then add
+<code perl>vm.laptop_mode = 5</code>
+in **/etc/sysctl.d/laptop.conf**
+=== Laptop Mode Tools ===
+From aur
+<code> yay laptop-mode-tools
+systemctl enable --now laptop-mode
+</code>
+=== CPU frequenct Squaling ===
+<code bash>pacman -Sy i7z thermald cpupower
+systemctl enable --now thermald
+systemctl enable --now cpupower
+acpi -i -b</code>
+<code bash>vi /etc/default/cpupower</code>
+:!: Uncomment #ondemand
+===== Backlight =====
+Fn+F8/F9 works when adding
+<code perl>acpi_backlight=vendor</code>
+to **/boot/loader/entries/arch.conf**
+===== Firewall =====
+  * https://wiki.archlinux.org/index.php/Firewalld
+<code bash>pacman -S firewalld
+systemctl enable --now firewalld</code>
+===== SUSPEND to disk =====
+This requires a SWAP partition/file\\
+  * https://wiki.archlinux.org/index.php/Mkinitcpio (resume HOOK)
+  * https://wiki.archlinux.org/index.php/Hibernation
+<code perl>resume="PARTLABEL=SWAP"</code> FIXME DOESN'T WORK\\
+<code perl>resume=UUID=8e3dfb9c-a8df-4312-9a7f-bf82120fb0ab</code>
+in **/boot/loader/entries/arch.conf**
+<code perl>HOOKS=(base udev autodetect modconf block keymap btrfs resume filesystems)</code> in **/etc/mkinitcpio.conf**
+then
+</code bash>mkinitcpio -P</code>
+===== TROUBLESHOOTING =====
+<code bash> journalctl -p 3 -xb</code>
+===== BLUETOOTH =====
+  * https://wiki.archlinux.org/index.php/Bluetooth
+<code bash>
+ pacman -S bluez bluez-utils
+modprobe btusb
+systemctl enable --now bluetooth
+yay bcm20702a
+bluetoothctl</code>
+==== NTP ====
+  * https://wiki.archlinux.org/index.php/Chrony
+<code bash>systemctl disable systemd-timesyncd
+pacman -S chrony</code>
+  * /etc/chrony.conf
+Uncomment / change iburst to offline
+<code perl>
+server 0.arch.pool.ntp.org offline
+server 1.arch.pool.ntp.org offline
+server 3.arch.pool.ntp.org offline
+</code>
+  * Run
+<code bash>
+systemctl enable --now chronyd
+chronyc
+chronyc> online
+OK
+chronyc> exit
+</code>
+==== Blackarch ====
+<code bash>curl -O https://blackarch.org/strap.sh
+chmod +x strap.sh
+sudo ./strap.sh
+</code>
+==== print ====
+  * https://wiki.archlinux.org/index.php/CUPS
+<code bash>pacman -S cups cups-pdf
+systemctl enable --now cups</code>
+====== TODO ======
+===== AUDIO =====
+  * https://wiki.archlinux.org/index.php/Advanced_Linux_Sound_Architecture#Unmuting_the_channels
+<code bash>pacman -S alsa-utils alsa-plugins
+alsamixer
+speaker-test -c 2
+</code>
+===== TIMESHIFT =====
+  * https://github.com/teejee2008/timeshift
+===== Suspend to disk/ram =====
+check if suspend works on hardened linux + if reboot works after no more batteries
+-> 5% -> hibernate rule etc,,,
+===== Mutt-Wizzard =====
+===== Cybersecurity tools =====
+==== Hardened linux ====
+=== Sound ===
+===== Optional utilities =====
+ccze libreoffice discord irssi newsflash kitty zsh-* starship
+===== Starship prompt =====
+  * https://starship.rs/
+===== Battery =====
+cpufreq ?
+MISSING: backlight on battery
+===== US International layout =====
+if using larbs:
+<code bash>
+vi ~/.local/bin/remaps
+</code>
+add
+<code perl>
+setxkbmap -layout us -variant intl</code>
+====== Référence ======
+  * https://nerdstuff.org/posts/2020/2020-004_arch_linux_luks_btrfs_systemd-boot/
+  * https://wiki.archlinux.org/index.php/Pacman#Configuration
+  * https://lukesmith.xyz | https://larbs.xyz ( https://github.com/lukesmithxyz/larbs ) | https://github.com/lukesmithxyz/voidrice (dotfiles)