Arch Linux installation with GPT, LUKS, LVM and i3

This post describes an installation of Arch Linux with GPT (GUID partition table), LUKS (Linux Unified Key Setup) and LVM (Logical Volume Manager) with the basic graphical window manager i3. LVM is set up on top of LUKS. Systemd-boot is used as an EFI compatible boot manager. I wrote this post, so next time I don’t have to search all the information in the Arch Linux Wiki. For more details, consult the links in the reference section.

Important: This is not a beginners guide for an Arch Linux installation, so you should have basic understanding of Arch Linux, LUKS and LVM. You should understand all options so you can adjust them to your needs.

Preparations

Set keyboard layout:

# loadkeys de_CH-latin1

Activate vi mode for more convinience

# set -o vi

Connect to WiFi:

# wifi-menu

Set system time using NTP:

# timedatectl set-ntp true
# timedatectl status

Disk setup

Setup GUID partition Table (GPT):

# gdisk /dev/sda

o # Create a new empty GUID partition table (GPT)
y # Confirm

# EFI System Partition (ESP)
n # Add a new partition
1 # Partition number
[Return] # First sector
+512M # Last sector = size
ef00 # Partition type = EFI System

# LUKS container
n # Add a new partition
2 # Partition number
[Return] # First sector
[Return] # Last sector = Use remaining space
8e00 # Partition type = Linux LVM

p # Check partitions

w # Write changes to disk and exit
y # Confirm

Format EFI System Partition (ESP):

# mkfs.fat -F32 /dev/sda1

Encrypt the other partition with LUKS (512 Bit AES-XTS and SHA512 for passphrase):

# cryptsetup luksFormat -v -s 512 -h sha512 /dev/sda2
# cryptsetup luksOpen /dev/sda2 luks

Setup Logical Volume Manager:

# pvcreate /dev/mapper/luks
# vgcreate rootvg /dev/mapper/luks

Create Logical Volumes:

# lvcreate -n swap -L 4G -C y rootvg # -C = continuous data blocks)
# lvcreate -n root -L 25G rootvg
# lvcreate -n var -L 15G rootvg
# lvcreate -n home -l 100%FREE rootvg

Check LVM Setup:

# pvs
# vgs
# lvs

Create filesystems for LVs:

# mkfs.ext4 /dev/mapper/rootvg-home
# mkfs.ext4 /dev/mapper/rootvg-root
# mkfs.ext4 /dev/mapper/rootvg-var
# mkswap /dev/mapper/rootvg-swap
# swapon /dev/mapper/rootvg-swap

Install base system

Mount LVs and ESP for installation:

# mount /dev/mapper/rootvg-root /mnt
# mkdir /mnt/{var,home,boot}
# mount /dev/mapper/rootvg-home /mnt/home
# mount /dev/mapper/rootvg-var /mnt/var
# mount /dev/sda1 /mnt/boot

Select mirrors:

# vi /etc/pacman.d/mirrorlist

Synchronize repositories:

# pacman -Suy

Install base packages:

# pacstrap /mnt base

Generate fstab file:

# genfstab -p /mnt > /mnt/etc/fstab

Chroot into the new system:

# arch-chroot /mnt

Basic configuration

Configure hostname:

# echo chaos > /etc/hostname

Configure timezone:

# ln -s /usr/share/zoneinfo/Europe/Zurich /etc/localtime

Configure locale:

# vi /etc/locale.gen # uncomment the following locales
en_US.UTF-8 UTF-8
en_US ISO-8859-1

# locale-gen

# echo “LANG=en_US.UTF-8” > /etc/locale.conf

Configure virtual console:

# echo "KEYMAP=de-latin1" > /etc/vconsole.conf
# echo "FONT=eurlatgr" > /etc/vconsole.conf

Configure pacman:

# vi /etc/pacman.conf
# Add to [options] section:
Color
ILoveCandy
# Enable Multilib
[multilib]
Include = /etc/pacman.d/mirrorlist

Install basic software

Install basic packages:

# pacman -S bash-completion

Install packages for WiFi:

# pacman -S dialog wpa_supplicant wpa_actiond wireless-tools rfkill
# systemctl enable netctl-auto@wlp4s0

Activate IPv6 Privacy extension:

# sudo vi /etc/sysctl.d/ipv6_tempaddr.conf
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2

Install and configure sudo:

# pacman -S sudo vim
# visudo
%wheel ALL=(ALL) NOPASSWD: ALL

Activate NTP Client:

# systemctl enable systemd-timesyncd

Install and activate OpenSSH:

# pacman -S openssh rxvt-unicode-terminfo
# systemctl enable sshd

Configure users

Set root password:

# passwd

Add new user:

# useradd -m -G wheel emanuel
# passwd emanuel

Configure boot environment

Configure hooks for initramfs:

# vi /etc/mkinitcpio.conf
HOOKS=( ... keyboard keymap encrypt lvm2 ... filesystems ...)

Create initramfs:

# mkinitcpio -p linux

Install bootloader

# bootctl install

Create bootloader entry:

# blkid | grep sda2 | cut -f2 -d\" > /boot/loader/entries/arch.conf # Write long UUID to file for later use
# vi /boot/loader/entries/arch.conf
title Arch Linux
linux /vmlinuz-linux
initrd /initramfs-linux.img
options cryptdevice=UUID=da360677-31d9-41da-b738-7c53c9932914:luks root=/dev/mapper/rootvg-root rw

Create default entry:

# vi /boot/loader/loader.conf
timeout 2
default arch

Install basic desktop environment (X11 and i3 window manager)

Install video driver:

# pacman -S xf86-video-intel

Install Xorg

# pacman -S xorg xterm xorg-xrandr
# localectl --no-convert set-x11-keymap ch

Install i3 window manager

# pacman -S i3 dmenu_run

Install login manager

# pacman -S lightdm lightdm-gtk-greeter
# systemctl enable lightdm.service

Install basic desktop applications:

# pacman -S rxvt-unicode urxvt-perls acpi

Install alsa-utils for sound:

# pacman -S alsa-utils

Finish installation

Reboot into new system:

# exit
# umount -R /mnt
# reboot # Yay!

References

10 thoughts on “Arch Linux installation with GPT, LUKS, LVM and i3

  1. You forgot to add pacman -Syu to synchronize repo databases. It’ll give you an error if you try installing a package after adding multilib.

  2. Great article !
    Thank you

    # mount /dev/mapper/rootvg-root /mnt
    # mkdir /mnt/{var,home,boot}
    # mount /dev/mapper/rootvg-home /mnt/home
    # mount /dev/mapper/rootvg-var /mnt/var
    # mount /dev/sda1 /mnt/boot
    —————–+————————
    # swapon /dev/mapper/luks

    • Thx. I added it directly after creating the filesystems:

      Create filesystems for LVs:

      # mkfs.ext4 /dev/mapper/rootvg-home
      # mkfs.ext4 /dev/mapper/rootvg-root
      # mkfs.ext4 /dev/mapper/rootvg-var
      # mkswap /dev/mapper/rootvg-swap
      # swapon /dev/mapper/rootvg-swap
  3. Thanks Emanuel
    It’s a great article. I will follow all of it, but I need another help as I have an ssd ( Samsung 850 EVO)
    I will be much obliged if you kindly let me know what extra settings should I add to get the most out from my ssd. As I am willing to encryptt the whole disk what extra steps should I take to work trim service perfectly and to improve the performance of my ssd.

  4. is this line correct

    # lvcreate -n swap -L 4G -C y rootvg # -C = continuous data blocks)

    I’ve searched high and low for a command like this and could not justify it.

    • Hi

      This line creates a new LV for paging/swapping with the name “swap” in the VG “rootvg” and the size of 4 GB. The “-C y” option defines that all blocks have to be continuous on the disk. This is done due to performance reasons.

      Regards,
      Emanuel

Leave a Reply

Your email address will not be published. Required fields are marked *