Marco Cetica
Home / About / Contact / RSS

INSTALL ARCH LINUX W/ LVM + LUKS + SYSTEMD-BOOT

2021-07-10
tutorial cover In this guide we will see how to install Arch Linux on UEFI AMD64 system with LVM and LUKS. Please, do not use it as a replacement of the arch wiki, instructions here get outdated pretty fast and while they were correct at the time of writing, I cannot guarantee that they will stay correct in a year or two.

Download ISO Image

First, we need to download the live ISO of archlinux from official website, then flash to a USB drive with: 
                
sudo dd if=/path/to/liveimage.iso of=/dev/sdX status=progress

Networking

Let's assume we are on a wired connection, thus we just need to obtain an IP address using 
                
dhcpcd
To see if network is fully working, try to ping google: 
                
ping google.com
Finally, sync system clock 
                
timedatectl set-ntp true

Partitioning

Now we need to create some partitions. We will create two physical partitions of the following size:
Partition Size
EFI 500 MiB
LVM 465,3 GiB
To create the boot partition, type 
                
mkfs.vfat -F32 /dev/nvme0n1p1
After that, we need to encrypt the disk using LUKS: 
                
cryptsetup luksFormat /dev/nvme0n1p2
You will be asked to provide an encryption password. Be sure to memorize this password since there's no way to decrypt the hard drive if you lose it.

After that, let us decrypt the disk: 
                
cryptsetup luksOpen /dev/nvme0n1p2 luks

LVM Configuration

Now it's time to create the physical volume: 
                
pvcreate /dev/mapper/luks
and the volume group 
                
vgcreate vg0 /dev/mapper/luks
Now we can create the virtual volumes! 
                
lvcreate -L 16G vg0 -n swap
lvcreate -L 128G vg0 -n home
lvcreate -l 100%FREE vg0 -n root
Finally, we need to format these partitions: 
                
mkswap /dev/mapper/vg0-swap
mkfs.ext4 -L "Arch Home" /dev/mapper/vg0-home
mkfs.ext4 -L "Arch Root" /dev/mapper/vg0-root
At the end you should have the following partitions:
Partition Size Role
/dev/nvme0n1p1 500 MiB EFI boot
/dev/nvme0n1p2 465,3 GiB LVM Group
-> vg0-swap 16 GiB Swap
-> vg0-home 128 GiB Home
-> vg0-root 321 GiB Root

Bootstrapping

Now we are ready to install Arch Linux base system using pacstrap(8) command. let's mount partitions with 
                
mount /dev/mapper/vg0-root /mnt
mkdir -p /mnt/{boot,home}
mount /dev/mapper/vg0-home /mnt/home
mount /dev/nvme0n1p1 /mnt/boot
swapon /dev/mapper/vg0-swap
then 
                
pacstrap /mnt base base-devel vim lvm2 linux-lts linux-firmware net-tools texinfo man-db man-pages sudo

System configuration

Now it's time to configure installed system. let's start by generating a fstab file with 
                
genfstab -U /mnt >> /mnt/etc/fstab
Now let's change the root path to the new system 
                
arch-chroot /mnt

Enable network

To enable network at boot time, type 
                
systemctl enable dhcpcd

Timezone

Set your local timezone with 
                
ln -sf /usr/share/zoneinfo/Europe/Rome /etc/localtime

Locale

Edit /etc/locale.gen and uncomment your locale, for instance: 
                
it_IT.UTF-8 UTF-8
it_IT ISO-8859-1
then run 
                
locale-gen
Configure /etc/locale.conf with 
                
locale > /etc/locale.conf
And edit it according to your needs.

Hostname

                
echo "archbox" > /etc/hostname

Initramfs

Now we need to configure the initram file system to load LVM and LUKS modules before loading the kernel. 
                
vim /etc/mkinitcpio.conf
HOOKS="base udev autodetect modconf block keyboard encrypt lvm2 filesystems fsck"
Edit the HOOKS variable and add encrypt lvm2 after keyboard.

To enable support for NVMe drives at boot time, add the following entry to the MODULES variable: 
                
MODULES=(vmd)
Finally, regenerate all initram file systems with 
                
mkinitcpio -P

User

First, let's set a password for the root account with 
                
passwd
And then add a user account with 
                
useradd -m -G wheel,video,audio,disk,network,system,users -s /bin/bash <your_name>
To add an unrecognized user group, type 
                
groupadd <group_name>
Finally, give your user superuser access through sudo by editing sudoers file(visudo) and by adding 
                
$wheel ALL=(ALL) ALL

Bootloader

The last step of the installation process is to install the bootloader. In this guide, we will systemd-boot. 
                
bootctl --path=/boot install
Now we need to edit /boot/loader/loader.conf and add the following content 
                
default arch-lts
timeout 3
editor 0
Then, let's add a new entries called /boot/loader/entries/arch-lts.conf with the following content: 
                
title Arch Linux(LTS)
linux /vmlinuz-linux-lts
initrd /initramfs-linux-lts.img
options cryptdevice=UUID=<uuid_of_nvme0n1p2>:luks root=/dev/mapper/vg0-root rw
To retrieve the UUID of your partition, type 
                
blkid --match-tag UUID -o value /dev/nvme0n1p2

Reboot

The installation is done. Type the following commands to exit from chroot, unmount partitions and reboot 
                
exit
umount -R /mnt
reboot