Marco Cetica
Home / About / Contact

INSTALL ARCH LINUX W/ LVM + LUKS + SYSTEMD-BOOT

2021-07-10
tutorial cover In this guide we will see how to install Arch Linux on UEFI AMD64 system with LVM and LUKS. Please, do not use it as a replacement of the arch wiki, instructions here get outdated pretty fast and while they were correct at the time of writing, I cannot guarantee that they will stay correct in a year or two.

Download ISO Image §

First, we need to download the live ISO of archlinux from official website, then flash to a USB drive with: 

sudo dd if=/path/to/liveimage.iso of=/dev/sdX status=progress

Networking §

Let's assume we are on a wired connection, thus we just need to obtain an IP address using 

dhcpcd
To see if network is fully working, try to ping google: 

ping google.com
Finally, sync system clock 

timedatectl set-ntp true

Partitioning §

Now we need to create some partitions. We will create two physical partitions of the following size:
Partition Size
EFI 500 MiB
LVM 465 GiB
To create the boot partition, type 

mkfs.vfat -F32 /dev/nvme0n1p1
After that, we need to encrypt the disk using LUKS: 

cryptsetup luksFormat /dev/nvme0n1p2
You will be asked to provide an encryption password. Be sure to memorize this password since there's no way to decrypt the hard drive if you lose it.

After that, let us decrypt the disk: 

cryptsetup luksOpen /dev/nvme0n1p2 luks

LVM Configuration §

Now it's time to create the physical volume: 

pvcreate /dev/mapper/luks
and the volume group 

vgcreate vg0 /dev/mapper/luks
Now we can create the virtual volumes! 

lvcreate -L 16G vg0 -n swap
lvcreate -L 128G vg0 -n home
lvcreate -l 100%FREE vg0 -n root
Finally, we need to format these partitions: 

mkswap /dev/mapper/vg0-swap
mkfs.ext4 -L "Arch Home" /dev/mapper/vg0-home
mkfs.ext4 -L "Arch Root" /dev/mapper/vg0-root
At the end you should have the following partitions:
Partition Size
EFI 500 MiB
LVM 465 GiB

Bootstrapping §

Now we are ready to install Arch Linux base system using pacstrap(8) command. let's mount partitions with 

mount /dev/mapper/vg0-root /mnt
mkdir -p /mnt/{boot,home}
mount /dev/mapper/vg0-home /mnt/home
mount /dev/nvme0n1p1 /mnt/boot
swapon /dev/mapper/vg0-swap
then 

pacstrap /mnt base base-devel vim lvm2 linux-lts linux-firmware net-tools texinfo man-db man-pages sudo

System configuration §

Now it's time to configure installed system. let's start by generating a fstab file with 

genfstab -U /mnt >> /mnt/etc/fstab
Now let's change the root path to the new system 

arch-chroot /mnt

Enable network §

To enable network at boot time, type 

systemctl enable dhcpcd

Timezone §

Set your local timezone with 

ln -sf /usr/share/zoneinfo/Europe/Rome /etc/localtime

Locale §

Edit /etc/locale.gen and and uncomment your locale, for instance: 

it_IT.UTF-8 UTF-8
it_IT ISO-8859-1
then run 

locale-gen
Configure /etc/locale.conf with 

locale > /etc/locale.conf
And edit it according to your needs.

Hostname §


echo "archbox" > /etc/hostname

Initramfs §

Now we need to configure the initram file system to load LVM and LUKS modules before loading the kernel. 

vim /etc/mkinitcpio.conf
HOOKS="base udev autodetect modconf block keyboard encrypt lvm2 filesystems fsck"
Edit the HOOKS variable and add encrypt lvm2 after keyboard.

To enable support for NVMe drives at boot time, add the following entry to the MODULES variable: 

MODULES=(vmd)
Finally, regenerate all initram file systems with 

mkinitcpio -P

User §

First, let's set a password for the root account with 

passwd
And then add a user account with 

useradd -m -G wheel,video,audio,disk,network,system,users -s /bin/bash <your_name>
To add an unrecognized user group, type 

groupadd <group_name>
Finally, give your user superuser access through sudo by editing sudoers file(visudo) and by adding 

$wheel ALL=(ALL) ALL

Bootloader §

The last step of the installation process is to install the bootloader. In this guide, we will systemd-boot. 

bootctl --path=/boot install
Now we need to edit /boot/loader/loader.conf and add the following content 

default arch-lts
timeout 3
editor 0
Then, let's add a new entries called /boot/loader/entries/arch-lts.conf with the following content: 

title Arch Linux(LTS)
linux /vmlinuz-linux-lts
initrd /initramfs-linux-lts.img
options cryptdevice=UUID=<uuid_of_nvme0n1p2>:luks root=/dev/mapper/vg0-root rw
To retrieve the UUID of your partition, type 

blkid --match-tag UUID -o value /dev/nvme0n1p2

Reboot §

The installation is done. Type the following commands to exit from chroot, unmount partitions and reboot 

exit
umount -R /mnt
reboot