Arch - Install

Has been updated 2025.04.20

UEFI Arch Linux Installation

Configure our Pre-Install eviroment

  • boot of a archlinux live enviroment
  • Optional for network enabled install 
    • systemctl start sshd
passwd
  • enable timesync
    • timedatectl set-ntp true
  • update mirrorlist
    • local pacache server: Using DNS Search domain hack to determine pacache instance location flexo cache instacne 
      • cat > /etc/pacman.d/mirrorlist << EOF
Server = http://pacache:7878/\$repo/os/\$arch
EOF

# we need to configure live enviroment to use our dns
resolvectl dns 2 10.193.120.5;
resolvectl domain 2 lair.lan;
    • or use reflector for fast download speed 
      • pacman -Sy reflector
reflector --latest 100 --age 12 --fastest 20 --sort rate --  threads 10 --country SE,NL,DE,NO,DK --save /etc/pacman.d/mirrorlist

Actual install

Partition disk
export BOB_UEFI=
export BOB_ROOT=
export BOB_HOME=
export BOB_SWAP=

export BOB_HOSTNAME=
Pay attention, failure may result in data loss
  • Use gdisk to partition harddrive
    • UEFISYS partition
    • root partition
    • optional
      • swap (file or partition)
      • home
  • Create filesystems
    • UEFISYS:
      • mkfs.fat -F16 -n UEFISYS /dev/${BOB_UEFI};
    • root:
      • BTRFS
        • mkfs.btrfs -f -L btrfsroot /dev/${BOB_ROOT};
      • EXT4
        • mkfs.ext4 -L root /dev/${BOB_ROOT};
    • Optional partitions:
      • HOME
        • mkfs.ext4 -L home /dev/${BOB_HOME};
      • SWAP: 
        • mkswap -L ArchSWAP --verbose /dev/${BOB_SWAP};
swapon /dev/${BOB_SWAP};
  • Create and mount btrfs 
    • mkdir /btrfs;
mount -o rw,noatime,compress=zstd,ssd,discard,space_cache=v2 LABEL="btrfsroot" /btrfs;

btrfs subvolume create /btrfs/@archlinux;
btrfs subvolume create /btrfs/@archlinux/root;
btrfs subvolume create /btrfs/@archlinux/var;
btrfs subvolume create /btrfs/@snapshots;
    • Optional create BTRFS Home subvolume
      • btrfs subvolume create /btrfs/@archlinux/home;
    • Optional Swap file
      • On BTRFS: 
        •   btrfs subvolume create /btrfs/@swap
  btrfs filesystem mkswapfile --size 4g --uuid clear /btrfs/@swap/archlinux
  swapon /btrfs/@swap/archlinux
      • On non Copy-on-Write filesystem 
        •   mkswap -U clear --size 4G --file /pathtostore/swapfile
  swapon /pathtostore/swapfile
Prepping filesystem and mounts
  • Mount the subvolumes correctly in /mnt
    • mount -o rw,noatime,compress=zstd,ssd,space_cache=v2,subvol=@archlinux/root LABEL="btrfsroot" /mnt;
  • Create directories for subvolumes/partitions
    • mkdir /mnt/{boot,efi,home,var};
  • Mount UEFI System
    • mount -o fmask=0077,dmask=0077 LABEL="UEFISYS" /mnt/efi;
  • Create Archlinux EFI folder and bind it in place 
    • mkdir -p /mnt/efi/EFI/arch;
mount --bind /mnt/efi/EFI/arch /mnt/boot;
  • Mount var
    • mount -o rw,noatime,compress=zstd,ssd,space_cache=v2,subvol=@archlinux/var LABEL="btrfsroot" /mnt/var
  • Mount home
    • BTRFS: mount -o rw,noatime,compress=zstd,ssd,space_cache=v2,subvol=@archlinux/home LABEL="btrfsroot" /mnt/home;
    • EXT4 : mount LABEL=home -o rw,noatime,errors=remount-ro,data=ordered /mnt/home;
Installing the system
  • THIS SECTION IS STILL BEING DEBATED 
    • pacstrap /mnt \
base linux linux-firmware mkinitcpio linux-headers \
base-devel git bash-completion sudo pacman-contrib openssh \
gptfdisk btrfs-progs dosfstools cifs-utils mtools ntfs-3g fuse \
smbclient nmap wget mtr whois traceroute bind bridge-utils iptraf-ng net-tools \
mc neovim tmux p7zip zip unrar \

man-db \
htop iotop usbutils lm_sensors  \
amd-ucode \ 
intel-ucode \
reflector
less
nano
polkit
  • Generate fstab for the new system
    • genfstab -p -L /mnt >> /mnt/etc/fstab
      • VERIFY MOUNT OPTIONS
        • UEFISYS needs fmask=0077,dmask=0077 for systemd-boot random seed to be secure
        • cat /mnt/etc/fstab
        •   LABEL=UEFISYS    /efi    vfat    rw,noatime,fmask=0077,dmask=0077,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro   0 2
  /efi/EFI/zenix   /boot   none    bind    0 0
  LABEL=home       /home   ext4    rw,noatime,errors=remount-ro,data=ordered    0 2
Configuring

  • chroot into the new system

    • arch-chroot /mnt

  • Set hostname

    • echo ${BOB_HOSTNAME:=archlinux} > /etc/hostname;

  • Basic configuration

    • ln -sf /usr/share/zoneinfo/Europe/Copenhagen /etc/localtime;
sed -i 's/#en_US.UTF-8/en_US.UTF-8/' /etc/locale.gen;
locale-gen;
echo LANG=en_US.UTF-8 > /etc/locale.conf;
echo "set colored-stats on" >> /etc/inputrc;
sed -i 's/MODULES=()/MODULES=(btrfs vfat)/' /etc/mkinitcpio.conf;
mkinitcpio -p linux;
sed -i 's/#Color/Color/' /etc/pacman.conf;
sed -i 's/#CleanMethod = KeepInstalled/CleanMethod = KeepCurrent/' /etc/pacman.conf;
sed -i "s/#MAKEFLAGS=\"-j2\"/MAKEFLAGS=\"-j\${nproc}\"/" /etc/makepkg.conf
sed -i 's/^OPTIONS=.*/OPTIONS=(strip docs !libtool !staticlibs emptydirs zipman purge !debug lto)/' /etc/makepkg.conf
sed -i "s/#SystemMaxUse=/SystemMaxUse=32M/" /etc/systemd/journald.conf
sed -i "s/#Storage=/Storage=none/" /etc/systemd/coredump.conf
sed -i "s/#ProcessSizeMax=/ProcessSizeMax=0/" /etc/systemd/coredump.conf

  • Configure pacman hooks

    • pacman cache server 
      • mkdir -p /etc/pacman.d/hooks/;
cat >> /etc/pacman.d/hooks/cleanafterinstall.hook << EOF
[Trigger]
Operation = Upgrade
Operation = Install
Operation = Remove
Type = Package
Target = *

[Action]
Description = Cleaning pacman cache...
When = PostTransaction
Exec = /usr/bin/paccache --remove --keep 0
EOF
    • reflector to update mirrorlist 
      • mkdir -p /etc/pacman.d/hooks/;
cat >> /etc/pacman.d/hooks/mirrorupgrade.hook << EOF
[Trigger]
Operation = Upgrade
Type = Package
Target = pacman-mirrorlist

[Action]
Description = Updating pacman-mirrorlist with reflector and removing pacnew...
When = PostTransaction
Depends = reflector
Exec = /usr/bin/env sh -c "reflector --latest 100 --age 12 --fastest 20 --sort rate --threads 10 --country SE,NL,DE,NO,PL,GB,US,DK --save /etc/pacman.d/mirrorlist; if [[ -f /etc/pacman.d/mirrorlist.pacnew ]]; then rm /etc/pacman.d/mirrorlist.pacnew; fi"
EOF

  • Services

    • Basic network (Insert link to systemd-networkd examples elsewhere) 
      • systemctl enable systemd-networkd;
cat >> /etc/systemd/network/lan.network << EOF
[Match]
Name=en*

[Network]
DHCP=ipv4
LinkLocalAddressing=no
LLMNR=no
MulticastDNS=no
DNSSEC=no
IPv6AcceptRA=no

[DHCPv4]
UseDNS=Yes
UseDomains=Yes
UseHostname=false
RouteMetric=1
EOF

systemctl enable systemd-resolved;
systemctl enable btrfs-scrub@-.timer;
    • ssh 
      • systemctl enable sshd;
sed -i 's/#UseDNS no/UseDNS no/' /etc/ssh/sshd_config;
echo "   HashKnownHosts no" >> /etc/ssh/ssh_config;

  • Configure root/users

    • root 
      • mkdir /root/.ssh/;
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILHpKI6RVc61NGEmN7mJKqbsHq5Nv3FSQSE2o5JUMWXv vociferous@skylake" >> /root/.ssh/authorized_keys;
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKb66uTmD0AhtankAHfHA1y3cGoN5MQnQbKRVJCcOMyU vociferous@anoia" >> /root/.ssh/authorized_keys;
chmod 600 /root/.ssh/authorized_keys;
passwd;
    • add user 
      • useradd -m -u 1000 -G wheel,log -s /bin/bash vociferous;
mkdir /home/vociferous/.ssh/;
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILHpKI6RVc61NGEmN7mJKqbsHq5Nv3FSQSE2o5JUMWXv vociferous@skylake" >> /home/vociferous/.ssh/authorized_keys;
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKb66uTmD0AhtankAHfHA1y3cGoN5MQnQbKRVJCcOMyU vociferous@anoia" >> /home/vociferous/.ssh/authorized_keys;
chmod 700 /home/vociferous/.ssh;
chmod -R 600 /home/vociferous/.ssh/*;
chown -R vociferous:vociferous /home/vociferous/.ssh;
passwd vociferous;

  • sudo

    • cat >> /etc/sudoers.d/sudo << EOF
%wheel ALL=(ALL) ALL
EOF

  • systemd-boot

    • mkdir -p /efi/loader/entries/;
cat >> /efi/loader/entries/99-arch.conf << EOF
title          Arch Linux (LABEL)
linux          /EFI/arch/vmlinuz-linux
initrd         /EFI/arch/initramfs-linux.img
initrd         /EFI/arch/amd-ucode.img
options        root=LABEL=btrfsroot rw rootflags=subvol=@archlinux/root
EOF
bootctl install;
sed -i 's/#timeout 3/timeout 2/' /efi/loader/loader.conf;

  • disable tty1 clearing on boot

    • mkdir -p /etc/systemd/system/getty@tty1.service.d/;
cat >> /etc/systemd/system/getty@tty1.service.d/noclear.conf << EOF
[Service]
TTYVTDisallocate=no
EOF

  • REBOOT ##### Yoinked Tweaks #####

  • Disable systemd coredums

    • `bash echo “Storage=none” >> /etc/systemd/coredump.conf echo “ProcessSizeMax=0” >> /etc/systemd/coredump.conf echo “SystemMaxUse=32M” >> /etc/systemd/journald.conf ```

  • Lower journald log limit

    • echo "SystemMaxUse=32M" >> /etc/systemd/journald.conf

  • Polkit

    •   pacman -S polkit
  echo -e "polkit.addAdminRule(function(action, subject) {\treturn ["unix-group:wheel"];\n});" > /etc/polkit-1/rules.d/50-default.rules
Post reboot configuration
  • link systemd-resolved to /etc/resolv.conf
    • ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf;
AUR

yay

Preinstall steps

  • install base-devel is needed for compiling
    • sudo pacman -S --needed base-devel;
  • adjust makepkg threads to be dynamic
    • sudo sed -i "s/#MAKEFLAGS=\"-j2\"/MAKEFLAGS=\"-j\${nproc}\"/" /etc/makepkg.conf
  • fix makepkg options, disable debug packages
    • sudo sed -i 's/^OPTIONS=.*/OPTIONS=(strip docs !libtool !staticlibs emptydirs zipman purge !debug lto)/' /etc/makepkg.conf

Installing

cd /tmp
git clone https://aur.archlinux.org/yay-bin.git
cd yay-bin
makepkg -si --noconfirm
yay -Y --devel --answerclean a --answerdiff n --removemake --cleanafter  --save

If replacing another AUR helper

Use yay -Y --gendb to generate a development package database for *-git packages that were installed without yay. This command should only be run once.

Source: https://github.com/Jguer/yay

Local AUR Repo

  • sudo nano /etc/makepkg.conf
    • PKGDEST=/home/packages
  • sudo systemctl --full --force edit repo.path 
    • [Path]
PathChanged=/home/packages
Unit=repo.service
TriggerLimitIntervalSec=30sec

[Install]
WantedBy=multi-user.target
  • sudo systemctl --user --full --force edit repo.service 
    • [Service]
Type=oneshot
ExecStartPre=/usr/bin/logger Start - Local AUR Repo Update
ExecStart=/bin/sh -c '/usr/bin/repo-add --nocolor --quiet --remove --prevent-downgrade /home/packages/bobs.db.tar.gz /home/packages/*.pkg.tar.zst'
ExecStartPost=/usr/bin/logger Done - Local AUR Repo Update

[Install]
WantedBy=multi-user.target
agetty/tty1

agetty

Various agetty tricks to make booting into a system smoother

Do NOT clear tty on boot

# /etc/systemd/system/getty@tty1.service.d/noclear.conf

[Service]
TTYVTDisallocate=no

tty1 autologin

Make an override for getty@tty.service with the following

# /etc/systemd/system/getty@tty1.service.d/autologin.conf

[Service]
ExecStart=
ExecStart=-/sbin/agetty -o '-p -f -- \u' --skip-login --nonewline --noissue --noclear --autologin vociferous - $TERM
autostart graphical env
#$HOME/.bashrc snippet

export AUTOSTART=wayland
if [[ $AUTOSTART = "wayland" ]] && [[ -z $DISPLAY ]] && [[ $(tty) = /dev/tty1 ]]; then
    /usr/lib/plasma-dbus-run-session-if-needed /usr/bin/startplasma-wayland
elif [[ $AUTOSTART = "x11" ]] && [[ -z $DISPLAY ]] && [[ $(tty) = /dev/tty1 ]]; then
    exec startx -- -keeptty >~/.xorg.log 2>&1
fi

Last modified: Fri Nov 28 02:01:56 2025