Arch Linux installation with GPT, LUKS, LVM and i3

This post describes an installation of Arch Linux with GPT (GUID partition table), LUKS (Linux Unified Key Setup) and LVM (Logical Volume Manager) with the basic graphical window manager i3. LVM is set up on top of LUKS. Systemd-boot is used as an EFI compatible boot manager. I wrote this post, so next time I don’t have to search all the information in the Arch Linux Wiki. For more details, consult the links in the reference section.

Important: This is not a beginners guide for an Arch Linux installation, so you should have basic understanding of Arch Linux, LUKS and LVM. You should understand all options so you can adjust them to your needs.

Preparations

Set keyboard layout:

# loadkeys de_CH-latin1

Activate vi mode for more convinience

# set -o vi

Connect to WiFi:

# wifi-menu

Set system time using NTP:

# timedatectl set-ntp true
# timedatectl status

Disk setup

Setup GUID partition Table (GPT):

# gdisk /dev/sda

o # Create a new empty GUID partition table (GPT)
y # Confirm

# EFI System Partition (ESP)
n # Add a new partition
1 # Partition number
[Return] # First sector
+512M # Last sector = size
ef00 # Partition type = EFI System

# LUKS container
n # Add a new partition
2 # Partition number
[Return] # First sector
[Return] # Last sector = Use remaining space
8e00 # Partition type = Linux LVM

p # Check partitions

w # Write changes to disk and exit
y # Confirm

Format EFI System Partition (ESP):

# mkfs.fat -F32 /dev/sda1

Encrypt the other partition with LUKS (512 Bit AES-XTS and SHA512 for passphrase):

# cryptsetup luksFormat -v -s 512 -h sha512 /dev/sda2
# cryptsetup luksOpen /dev/sda2 luks

Setup Logical Volume Manager:

# pvcreate /dev/mapper/luks
# vgcreate rootvg /dev/mapper/luks

Create Logical Volumes:

# lvcreate -n swap -L 4G -C y rootvg # -C = continuous data blocks)
# lvcreate -n root -L 25G rootvg
# lvcreate -n var -L 15G rootvg
# lvcreate -n home -l 100%FREE rootvg

Check LVM Setup:

# pvs
# vgs
# lvs

Create filesystems for LVs:

# mkfs.ext4 /dev/mapper/rootvg-home
# mkfs.ext4 /dev/mapper/rootvg-root
# mkfs.ext4 /dev/mapper/rootvg-var
# mkswap /dev/mapper/rootvg-swap
# swapon /dev/mapper/rootvg-swap

Install base system

Mount LVs and ESP for installation:

# mount /dev/mapper/rootvg-root /mnt
# mkdir /mnt/{var,home,boot}
# mount /dev/mapper/rootvg-home /mnt/home
# mount /dev/mapper/rootvg-var /mnt/var
# mount /dev/sda1 /mnt/boot

Select mirrors:

# vi /etc/pacman.d/mirrorlist

Synchronize repositories:

# pacman -Sy

Install base packages:

# pacstrap /mnt base linux linux-firmware

Generate fstab file:

# genfstab -p /mnt > /mnt/etc/fstab

Chroot into the new system:

# arch-chroot /mnt

Basic configuration

Configure hostname:

# echo chaos > /etc/hostname

Configure timezone:

# $ timedatectl list-timezones | grep Zurich
Europe/Zurich
# timedatectl set-timezone Europe/Zurich

Configure locale:

# vi /etc/locale.gen # uncomment the following locales
en_US.UTF-8 UTF-8
en_US ISO-8859-1

Update locales:

# locale-gen

Set language:

# echo "LANG=en_US.UTF-8" > /etc/locale.conf

Configure virtual console:

# echo "KEYMAP=de_CH-latin1" > /etc/vconsole.conf
# echo "FONT=Lat2-Terminus16">> /etc/vconsole.conf

Configure pacman:

# vi /etc/pacman.conf
# Add to [options] section:
Color
ILoveCandy
# Enable Multilib
[multilib]
Include = /etc/pacman.d/mirrorlist

Synchronize repositories:

# pacman -Sy

Install basic software

Install basic packages:

# pacman -S base lvm2 e2fsprogs vim net-tools dhcpcd man-db man-pages bash-completion

Install packages for WiFi:

# pacman -S dialog wpa_supplicant wpa_actiond wireless_tools rfkill
# systemctl enable netctl-auto@wlp4s0

Activate IPv6 Privacy extension:

# vi /etc/sysctl.d/ipv6_tempaddr.conf
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2

Install and configure sudo:

# pacman -S sudo vim
# visudo
%wheel ALL=(ALL) ALL

Activate NTP Client:

# systemctl enable systemd-timesyncd

Install and activate OpenSSH:

# pacman -S openssh rxvt-unicode-terminfo
# systemctl enable sshd # If you want an SSH server running

Configure users

Set root password:

# passwd

Add new user:

# useradd -m -G wheel emanuel
# passwd emanuel

Configure boot environment

Configure hooks for initramfs:

# vi /etc/mkinitcpio.conf
HOOKS=( ... keyboard keymap encrypt lvm2 ... filesystems ...)

Create initramfs:

# mkinitcpio -p linux

Install bootloader

# bootctl install

Create bootloader entry:

# blkid | grep sda2 | cut -f2 -d\" > /boot/loader/entries/arch.conf # Write long UUID to file for later use
# vi /boot/loader/entries/arch.conf
title Arch Linux
linux /vmlinuz-linux
initrd /initramfs-linux.img
options cryptdevice=UUID=da360677-31d9-41da-b738-7c53c9932914:luks root=/dev/mapper/rootvg-root rw

Create default entry:

# vi /boot/loader/loader.conf
timeout 2
default arch

Install basic desktop environment (X11 and i3 window manager)

Install video driver:

# pacman -S xf86-video-intel

Install Xorg

# pacman -S xorg xterm xorg-xrandr
# localectl --no-convert set-x11-keymap ch

Install i3 window manager and desktop environment:

# pacman -S i3-wm i3blocks i3lock i3status dmenu rxvt-unicode xterm xbindkeys zenity xclip figlet

Install login manager

# pacman -S lightdm lightdm-gtk-greeter
# systemctl enable lightdm.service

Install basic desktop applications:

# pacman -S acpi feh mpv gnome-terminal nautilus evince eog file-roller gvfs gvfs-gphoto2 gvfs-mtp gvfs-nfs gvfs-smb firefox smbclient

Install some basic terminal applications:

# pacman -S mlocate scrot bind-tools ed jq bc git mosh nmap p7zip zip unzip unrar qrencode the_silver_searcher tmux wget

Install alsa-utils for sound:

# pacman -S alsa-utils pulseaudio-alsa

Themes:

# pacman -S gnome-themes-extra gtk-engine-murrine arc-gtk-theme arc-solid-gtk-theme arc-icon-theme lxappearance-gtk

Finish installation

Reboot into new system:

# exit
# umount -R /mnt
# reboot # Yay!

References

24 thoughts on “Arch Linux installation with GPT, LUKS, LVM and i3”

  1. You forgot to add pacman -Syu to synchronize repo databases. It’ll give you an error if you try installing a package after adding multilib.

    Reply
  2. Great article !
    Thank you

    # mount /dev/mapper/rootvg-root /mnt
    # mkdir /mnt/{var,home,boot}
    # mount /dev/mapper/rootvg-home /mnt/home
    # mount /dev/mapper/rootvg-var /mnt/var
    # mount /dev/sda1 /mnt/boot
    —————–+————————
    # swapon /dev/mapper/luks

    Reply
    • Thx. I added it directly after creating the filesystems:

      Create filesystems for LVs:

      # mkfs.ext4 /dev/mapper/rootvg-home
      # mkfs.ext4 /dev/mapper/rootvg-root
      # mkfs.ext4 /dev/mapper/rootvg-var
      # mkswap /dev/mapper/rootvg-swap
      # swapon /dev/mapper/rootvg-swap
      Reply
  3. Thanks Emanuel
    It’s a great article. I will follow all of it, but I need another help as I have an ssd ( Samsung 850 EVO)
    I will be much obliged if you kindly let me know what extra settings should I add to get the most out from my ssd. As I am willing to encryptt the whole disk what extra steps should I take to work trim service perfectly and to improve the performance of my ssd.

    Reply
  4. is this line correct

    # lvcreate -n swap -L 4G -C y rootvg # -C = continuous data blocks)

    I’ve searched high and low for a command like this and could not justify it.

    Reply
    • Hi

      This line creates a new LV for paging/swapping with the name “swap” in the VG “rootvg” and the size of 4 GB. The “-C y” option defines that all blocks have to be continuous on the disk. This is done due to performance reasons.

      Regards,
      Emanuel

      Reply
  5. I have problems understanding the hooks order.
    Would HOOKS=”base udev autodetect keyboard keymap consolefont modconf block encrypt lvm2 filesystems fsck” work?

    Reply
    • Hi
      Yes. That will work. Important is that keyboard and keymap is in front of encrypt, because you need the keyboard and a proper keyboard layout to enter the password for the LUKS encryption.

      Reply
    • Hi

      Thanks for the hint. I’ve not installed Arch since a while. I added some packages I think they are needed or useful. Tellme if I should add some more.

      I added the following:

      – linux
      – linux-firmware
      – lvm2
      – e2fsprogs
      – vim
      – net-tools
      – dhcpcd
      – man-db
      – man-pages

      Thanks & best wishes,
      Emanuel

      Reply
  6. Hi, thanks for post
    To me doesnt work, i try to follow steps in my virtual machine and a laptop but in laptop i have kernel panic after boot, and in virtualbox i have only a black screen after boot , i dont know what are missing.
    Do you have some trouble like that?

    Reply
  7. Hi.
    Thank you very much for the great procedure.I’m just wondering if it’s necessary to make an extra / Var folder.Thank you very much for your answer.And an apology for my English

    Reply
    • Hi

      You’re welcome.

      No, it’s not neccessary. It’s just an advantage: If something in the /var directory get’s larger over time (e.g. logfiles), the root filesystem is not filled up. This could crash your system otherwise. You can have everything except /boot on the / filesystem.

      Grz,
      Emanuel

      Reply
  8. Hey Emanuel,

    thanks for the guide! I always referred back to it when I needed to install arch again.
    It seems to be outdated now however 🙁
    Any chance you will be updating it?

    Best,
    John

    Reply

Leave a Comment