Installation - marco1475/linux-htpc GitHub Wiki

Getting to the Virtual Console

Ensure that USB devices have a higher boot priority than the internal hard drive.
- When you see the ASRock boot screen, hit F2 to enter the UEFI Setup.
- On the Boot tab ensure the following Boot Option Priorities:
  1. USB: <name of flash drive>
  2. UEFI: <name of flash drive>
  3. Linux Boot Manager (if available)
  4. AHCI P0: <name of internal disk>
- Note that putting UEFI: before USB: will spare you having to select the UEFI boot method from the Easy2Boot CSM Menu, but it will also prevent you from swapping bootable images (i.e. going back to the Easy2Boot Main Menu).
Plug in the bootable flash drive and restart the machine.
In the Easy2Boot Main Menu select the Arch Linux image, hit Enter and confirm overwriting the MBR.
In the Easy2Boot CSM Menu select entry 4 Clover 64-bit UEFI Boot Menu (USB 2.0 ports only) and hit Enter.
- If your bootable flash drive is plugged into a non-USB 2.0 port you will have to:
  1. Reboot the machine.
  2. When you see the ASRock screen, hit F11 to enter the Boot Menu.
  3. Select UEFI: <name of flash drive> as the boot option.
- Trying to boot the Arch UEFI boot image in MBR mode will result in the following Syslinux error message:
  
  Unknown keyword in configuration file: PATH
  boot/syslinux/whichsys.c32: not a COM32R image
In the Clover 64-bit UEFI Boot Menu select Boot UEFI external from EASY2BOOT.
In the Arch Linux Boot Menu select Arch Linux archiso x86_64 UEFI USB.
- If you have a 4K screen the default Linux kernel mode setting might not be able to set the correct resolution, resulting in a blank monitor screen ("There is no signal coming from your computer.").
- To override Linux kernel mode setting:
  1. With Arch Linux archiso x86_64 UEFI USB selected hit e.
  2. Add nomodesetting to the end of the command-line setting that appeared on the screen and hit Enter.
You are now logged in as root in the virtual console of the Arch Linux installation.

Installation Preparation

Verify the boot mode:
- If the following command lists entries in the directory you have correctly booted using UEFI.
```
  ls /sys/firmware/efi/efivars
```
Verify the internet connection:
- Ping archlinux.org where you'll be downloading packages from; if you get no timeouts you are connected to the internet.
```
  ping -c 3 archlinux.org
```
Update the system clock:
- Synchronize the CPU's clock over the internet via NTP.
```
  timedatectl set-ntp true
```
- After a while ensure the NTP synchronization was successful by running timedatectl status and look for NTP synchronized: yes in the output.

Partitioning the System Disk

Note that partitions should start on a clean 1 MiB boundary so that block size of the file system aligns with the block size of the SSD.

Start the gdisk partitioning utility:
```
 gdisk /dev/sda
```
- If there are any partitions present remove them by creating a new, empty GUID partition table (o).
Create a new EFI system partition.
1. Press n and hit Enter to create a new partition.
2. Press Enter to accept the default partition number (in this case 1).
3. Press Enter again to accept the default first sector (in this case 2048). TODO: Different disks have different-sized sectors. What is this in MiB?
4. Enter +1G to set the last sector to be 1 GiB past the first sector.
5. Enter ef00 to set the partition type to EFI System.
Create the root partition.
1. Press n and hit Enter to create a new partition.
2. Press Enter to accept the default partition number (in this case 2).
3. Press Enter again to accept the default first sector (in this case 2099200). TODO: Different disks have different-sized sectors. What is this in MiB?
4. Enter +60G to set the last sector to be 60 GiB past the first sector.
5. Press Enter to accept the default file system to be Linux filesystem.

Press p to print out the partition table:

 Number Start (sector) End (sector)       Size Code Name
      1           2048      2099199 1024.0 MiB EF00 EFI System
      2        2099200    127928319   60.0 GiB 8300 Linux filesystem

Press w to write the partition table to disk.

Formatting the System Disk

The EFI System Partition must be formatted as FAT32:
```
 mkfs.fat -F32 -L "babylon5:esp" /dev/sda1
```
The root partition will be formatted as ext4:
```
 mkfs.ext4 -L "babylon5:root" /dev/sda2
```
Write down the UUIDs of the newly-formatted partitions:
```
 lsblk -no name,uuid
```

Encrypting the System Disk

Encrypt the root partition using dm-crypt:
```
 cryptsetup -s 512 luksFormat /dev/sda2
```
1. Type YES when prompted for confirmation that all data on /dev/sda2 will be overwritten.
2. Enter the passphrase that will unlock the partition (hint: full+server+partition) and verify it.
Open the encrypted partition:
```
 cryptsetup open --type luks /dev/sda2 cryptroot
```
- The encrypted partition can now be accessed through /dev/mapper/cryptroot.
Format the encrypted partition:
```
 mkfs.ext4 /dev/mapper/cryptroot
```
Write down the UUIDs of the newly-encrypted and formatted partitions.
```
 lsblk -no name,uuid
```
- Note that the encrypted partition has a different UUID locked vs. unlocked.
Close the partition:
```
 cryptsetup close cryptroot
```

Mounting the System Disk

Open the encrypted partition:

 cryptsetup open --type luks /dev/sda2 cryptroot

Mount the root partition:
```
 mount /dev/mapper/cryptroot /mnt
```
Make a new directory for the EFI System Partition and mount it:
```
 mkdir /mnt/esp
 mount /dev/sda1 /mnt/esp
```
Create the EFI directory structure and bind-mount boot to it:
```
 mkdir /mnt/boot
 mkdir -p /mnt/esp/EFI/arch
 mount --bind /mnt/esp/EFI/arch /mnt/boot
```
- genfstab will use this structure to generate /etc/fstab for us.

Install the System

Before installing the system sort the mirrorlist according to each server's latency:
1. Backup the existing mirrorlist file:
```
 cp /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.backup
```
2. Rank the mirrors and keep the six fastest in the mirrorlist:
```
 rankmirrors -n 6 /etc/pacman.d/mirrorlist.backup > /etc/pacman.d/mirrorlist
```

Install the system using pacstrap:

 pacstrap /mnt base base-devel efibootmgr vim

Configure the System

Generate an fstab file from the mounted partitions using UUIDs:
```
 genfstab -U /mnt >> /mnt/etc/fstab
```
Fix-up the fstab file:
1. Change relatime on all non-boot partitions to noatime to reduce wear on the SSD.
2. Change the bind-mount target from /mnt/esp/EFI/arch to /esp/EFI/arch.
3. Change the UUID of /dev/mapper/cryptroot to /dev/mapper/cryptroot.
  - Since /dev/mapper/cryptroot already is the result of a unique partition mapping, there is no need to specify an UUID for it.
4. Make /tmp a ramdisk:
```
 tmpfs    /tmp    tmpfs    defaults,noatime,mode=1777    0    0
```
- TODO: Copy /etc/fstab to Backup.
Change root into the new system:
```
 arch-chroot /mnt
```

Setup the system clock:

 ln -s /usr/share/zoneinfo/US/Eastern /etc/localtime
 hwclock --systohc --utc

Uncomment en_US.UTF-8 UTF-8 in /etc/locale.gen and generate locales with:
```
 locale-gen
```
Set the LANG variable accordingly in /etc/locale.conf:
```
 LANG=en_US.UTF-8
```
TODO: Copy /etc/locale.conf to Backup.
Set the host name
1. Create the /etc/hostname file and add:
```
 babylon5
```
2. Edit the /etc/hosts file and add:
```
 127.0.0.1    babylon5.localdomain    babylon5
```
  - Make sure to keep the existing localhost entries.
- TODO: Copy the files to Backup.
Set the root password:
```
 passwd
```
Configure swapping:
1. Create a swap file:
```
 fallocate -l 4G /swapfile
```
2. Set the right permissions:
```
 chmod 600 /swapfile
```
3. Format the file to swap:
```
 mkswap /swapfile
```
4. Activate the swap file:
```
 swapon /swapfile
```
5. Edit /etc/fstab to include the swap file:
```
 /swapfile    none    swap    defaults    0    0
```

Configure the network:

Get the list of current device names:
```
 ls /sys/class/net
```
Change the device name from enp2s0 to net0:
1. Get the MAC address of the network card:
```
 cat /sys/class/net/enp2s0/address
```
2. Add the MAC address to a udev rule in /etc/udev/rules.d/10-network.rules:
```
 SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="bc:5f:f4:bd:cb:dd", NAME="net0"
```

Ensure that systemd-networkd will be started on boot:

 systemctl enable systemd-networkd.service
 systemctl enable systemd-resolved.service

Add the /etc/systemd/network/wired.network configuration file:

 [Match]
 Name=net0
 
 [Network]
 Address=192.168.1.2/24
 Gateway=192.168.1.1

Add DNS to the /etc/resolv.conf file:

 # OpenNIC
 nameserver 45.32.215.96
 nameserver 96.90.175.167
 
 # OpenDNS
 nameserver 208.67.222.222
 nameserver 208.67.220.220
 
 # Google DNS
 nameserver 8.8.8.8
 nameserver 8.8.4.4

Install Intel micro-codes:
```
pacman -S intel-ucode
```
Install the Intel GPU driver:
```
pacman -S xf86-video-intel
```

Generate the initial ramdisk:

Edit the /etc/mkinitcpio.conf file:

 MODULES="vfat ext4 i915"
 HOOKS="base udev keyboard autodetect modconf block encrypt filesystems fsck"

TODO: Copy the file to Backup.

Generate the initrd image:
```
 mkinitcpio -p linux
```

Configure the Bootloader

Install systemd-boot to provide a boot menu at startup:
```
 bootctl --path=/esp install
```

Create a boot configuration file /esp/loader/entries/arch.conf:

 title    Arch Linux
 linux    /EFI/arch/vmlinuz-linux
 initrd   /EFI/arch/intel-ucode.img
 initrd   /EFI/arch/initramfs-linux.img
 options cryptdevice=PARTUUID=5f95d9a8-1f7e-4459-b849-b7a702d155a4:cryptroot root=/dev/mapper/cryptroot rw nomodesetting

Get the PARTUUID by executing ls -l /dev/disk/by-partuuid/.
Note that the intel-ucode.img must be the first initrd entry.
nomodesetting is only necessary with UHD+ displays.

Edit /esp/loader/loader.conf the loader configuration file to point to the boot configuration file:
```
 default arch
 timeout 15
 editor  0
```

Reboot into the New System

Exit the chrooted system:
```
 exit
```
Unmount all partitions:
```
 umount -R /mnt
```
Close the encrypted partition:
```
 cryptsetup close cryptroot
```
Restart the machine:
```
 reboot
```
- Don't forget to remove the bootable USB drive.