My ArchLinux installation guide

Last updated: Dec 10, 2022

I will describe here how I install ArchLinux for my own desktop. With a little luck it could be usefull for others and maybe for you!

I personnaly like ArchLinux for many reasons :
- Rolling release : we always have the latest update
- Software packages are quickly updated
- KISS philosophy : Keep It Simple Stupid
- Highly configurable
- Light
- The official wiki is very well provided

But I would never install it on a server for which I prefer debian. But that's another topic.

So here are the features that I will discuss :
- UEFI boot
- GNOME desktop environment
- btrfs on a SSD drive
- encrypted partitions
- AMD FirePro W5000 with hardware acceleration

Note : This tutorial is largely inspired by the official installation guide.

Installation medium

First download iso media on the official download web page (see here to verify signature) :

https://archlinux.org/download/

Identify usb media :

[root@host ~]# fdisk -l

I personnaly create a usb boot media :

[root@host ~]# dd if=archlinux-XXXX.XX.XX-x86_64.iso of=/dev/sdX bs=16M status=progress; sync

Disable UEFI secure boot (because the installation media does not support the feature) and boot to USB.

Pre-Install

Set the console keyboard layout (fr for french, us for us, de for german etc…) :

root@archiso ~ # loadkeys fr

Verify we are in UEFI boot mode :

root@archiso ~ # if [ -d /sys/firmware/efi/efivars ]; then echo "UEFI OK"; else echo "UEFI KO"; fi

Network Configuration

List and identify network interfaces :

root@archiso ~ # ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
    link/ether 00:50:56:80:0b:32 brd ff:ff:ff:ff:ff:ff
    altname enp11s0

Get network configuration via dhcp :

root@archiso ~ # dhclient ens192

Or set ip manually :

root@archiso ~ # ip addr add 192.168.1.10/24 dev ens192 root@archiso ~ # ip route add default via 192.168.1.254 root@archiso ~ # echo 'nameserver 192.168.1.254' >> /etc/resolv.conf

Check internet connectivity :

root@archiso ~ # ping 46.105.57.169

Check name resolution :

root@archiso ~ # host std.rocks
std.rocks has address 46.105.57.169
std.rocks has IPv6 address 2001:41d0:301::20
std.rocks mail is handled by 1 mx4.mail.ovh.net.
std.rocks mail is handled by 10 mx3.mail.ovh.net.

Note : from this step, if necessary, you can log in from another machine to the installation program as root via ssh. Just use passwd command before in order to set a password.

Update system clock :

root@archiso ~ # timedatectl set-ntp true

Partition the disk

I'm gonna partition my 40G disk like this.

Partition	Note	Filesystem
EFI	efi parition	FAT32
/boot	boot partition	ext2
swap	swap partition	swap on LUKS
/	root partition	btrfs on LUKS

The graphical view of the disk partitioning :

a linux disk partitionned with efi, boot, swap and root partitions

⚠️ Be advised that the sda disk will be completly erased and the data will be deleted as a result.⚠️

Identify destination disk :

root@archiso ~ # fdisk -l
Disk /dev/sda: 40 GiB, 42949672960 bytes, 83886080 sectors
Disk model: Virtual disk    
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/loop0: 683.24 MiB, 716427264 bytes, 1399272 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes

Start partitionning, here with /dev/sda device :

root@archiso ~ # gdisk /dev/sda
GPT fdisk (gdisk) version 1.0.9

Partition table scan:
  MBR: protective
  BSD: not present
  APM: not present
  GPT: present

Found valid GPT with protective MBR; using GPT.

Delete existing partitions :

Command (? for help): d

Create EFI partition :

Command (? for help): n
Partition number (1-128, default 1): 
First sector (34-83886046, default = 2048) or {+-}size{KMGTP}: 
Last sector (2048-83886046, default = 83884031) or {+-}size{KMGTP}: +512M
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): EF00
Changed type of partition to 'EFI system partition'

Create /boot partition :

Command (? for help): n
Partition number (2-128, default 2): 
First sector (34-83886046, default = 1050624) or {+-}size{KMGTP}: 
Last sector (1050624-83886046, default = 83884031) or {+-}size{KMGTP}: +500M
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): 
Changed type of partition to 'Linux filesystem'

Create swap encrypted partition :

Command (? for help): n
Partition number (3-128, default 3): 
First sector (34-83886046, default = 2074624) or {+-}size{KMGTP}: 
Last sector (2074624-83886046, default = 83884031) or {+-}size{KMGTP}: +2G
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): 8309
Changed type of partition to 'Linux LUKS'

Create / encrypted partition :

Command (? for help): n
Partition number (4-128, default 4): 
First sector (34-83886046, default = 6268928) or {+-}size{KMGTP}: 
Last sector (6268928-83886046, default = 83884031) or {+-}size{KMGTP}: 
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): 8309
Changed type of partition to 'Linux LUKS'

Check and write partitions to disk :

Command (? for help): p
Disk /dev/sda: 83886080 sectors, 40.0 GiB
Model: Virtual disk    
Sector size (logical/physical): 512/512 bytes
Disk identifier (GUID): 45AB06C7-DDAF-45D4-A781-B5C33DAF56D2
Partition table holds up to 128 entries
Main partition table begins at sector 2 and ends at sector 33
First usable sector is 34, last usable sector is 83886046
Partitions will be aligned on 2048-sector boundaries
Total free space is 4029 sectors (2.0 MiB)

Number  Start (sector)    End (sector)  Size       Code  Name
   1            2048         1050623   512.0 MiB   EF00  EFI system partition
   2         1050624         2074623   500.0 MiB   8300  Linux filesystem
   3         2074624         6268927   2.0 GiB     8309  Linux LUKS
   4         6268928        83884031   37.0 GiB    8309  Linux LUKS

Command (? for help): w

Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!

Do you want to proceed? (Y/N): Y
OK; writing new GUID partition table (GPT) to /dev/sda.
The operation has completed successfully.

Format the partitions

Format EFI partition :

root@archiso ~ # mkfs.fat -F32 /dev/sda1

Format /boot partition :

root@archiso ~ # mkfs.ext2 /dev/sda2

Create LUKS partition for swap :

Note : The complexity of the password will not be important here because we will use after a random password for the swap partition.

root@archiso ~ # cryptsetup luksFormat /dev/sda3

WARNING!
========
This will overwrite data on /dev/sda3 irrevocably.

Are you sure? (Type 'yes' in capital letters): YES
Enter passphrase for /dev/sda3: STDp@$$
Verify passphrase: STDp@$$
cryptsetup luksFormat /dev/sda3  16.55s user 1.08s system 86% cpu 20.303 total

Decrypt swap partition :

root@archiso ~ # cryptsetup luksOpen /dev/sda3 swap
Enter passphrase for /dev/sda3: STDp@$$

Check swap device is present :

root@archiso ~ # ls /dev/mapper
control  swap

Format swap device :

root@archiso ~ # mkswap /dev/mapper/swap

Create LUKS partition for / :

root@archiso ~ # cryptsetup luksFormat /dev/sda4
WARNING: Device /dev/sda4 already contains a 'dos' partition signature.

WARNING!
========
This will overwrite data on /dev/sda4 irrevocably.

Are you sure? (Type 'yes' in capital letters): YES
Enter passphrase for /dev/sda4: ComplexSTDp@$$
Verify passphrase: ComplexSTDp@$$
cryptsetup luksFormat /dev/sda4  9.72s user 0.68s system 75% cpu 13.721 total

Decrypt / (root) partition :

root@archiso ~ # cryptsetup luksOpen /dev/sda4 root
Enter passphrase for /dev/sda3: ComplexSTDp@$$

Check root device is present :

root@archiso ~ # ls /dev/mapper
control  root  swap

Format / (root) partition :

root@archiso ~ # mkfs.btrfs /dev/mapper/root

Mount the file system and chroot to /mnt/

Mount to /mnt

Mount / (root) :

root@archiso ~ # mount /dev/mapper/root /mnt/

Enable swap :

root@archiso ~ # swapon /dev/mapper/swap

Mount /boot :

root@archiso ~ # mount --mkdir /dev/sda2 /mnt/boot

Mount /efi :

root@archiso ~ # mount --mkdir /dev/sda1 /mnt/efi

Create btrfs subvolumes (Optional)

If necessary we can here add btrfs subvolumes, for example here with /home.

Create /home subvolume :

root@archiso ~ # btrfs subvolume create /mnt/home

Mount /home :

root@archiso ~ # mount /dev/mapper/root -o subvol=home /mnt/home

Install

Install essential packages

root@archiso ~ # pacstrap /mnt base linux linux-firmware btrfs-progs vim grub efibootmgr

Generate fstab file :

root@archiso ~ # genfstab -U /mnt >> /mnt/etc/fstab

Edit /mnt/etc/fstab file and replace swap entry with this line :

/dev/mapper/swap none swap defaults 0 0

Chroot to /mnt :

root@archiso ~ # arch-chroot /mnt

Time zone

Identify your Time zone :

[root@archiso /]# ls /usr/share/zoneinfo/

Set your your Time zone :

[root@archiso /]# ln -sf /usr/share/zoneinfo/Region/City /etc/localtime

Exemple :

[root@archiso /]# ln -sf /usr/share/zoneinfo/Asia/Tokyo /etc/localtime

Generate /etc/adjtime :

[root@archiso /]# hwclock --systohc

Localization

Edit /etc/locale.gen and uncomment en_US.UTF-8 UTF-8 plus other needed locales, for exemple :

[…]
#en_SG ISO-8859-1  
en_US.UTF-8 UTF-8
#en_US ISO-8859-1  
[…]
#fr_CH ISO-8859-1  
fr_FR.UTF-8 UTF-8
#fr_FR ISO-8859-1

Generate locales :

[root@archiso /]# locale-gen

Create /etc/locale.conf file and set the LANG variable accordingly :
- For examples :

[root@archiso /]# echo 'LANG=en_US.UTF-8' > /etc/locale.conf [root@archiso /]# echo 'LANG=fr_FR.UTF-8' > /etc/locale.conf

Set keyboard layout :
- For examples :

[root@archiso /]# echo 'KEYMAP=fr' > /etc/vconsole.conf [root@archiso /]# echo 'KEYMAP=us' > /etc/vconsole.conf

Network configuration

Set hostname :

[root@archiso /]# echo 'stdesktop' > /etc/hostname

Initramfs

Edit /etc/mkinitcpio.conf to enable (luks (to decrypt encrypted devices)) :

MODULES=(dm_mod ext2 btrfs ext4 xfs)
[…]
#add lvm2, mdadm if needed
HOOKS=(base udev autodetect modconf block keyboard keymap encrypt filesystems usr fsck shutdown)

Generate a new initramfs :

[root@archiso /]# mkinitcpio -P

Add the swap entry in /etc/crypttab file to set random key encrypted swap partition :

[root@archiso /]# echo 'swap    /dev/sda3       /dev/urandom            swap,cipher=aes-cbc-essiv:sha256,size=256' >> /etc/crypttab

Boot Loader

Edit /etc/default/grub, here I :
- amdgpu.audio=0 : disable HDMI/DP Audio because I don't need it. (see complete Module parameters here).
- announce my crypted root device : /dev/sda4:root
- I removed quiet word because I like to have a verbose boot in case of debug needed.

GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 amdgpu.audio=0"
#we can use /dev/sda4 UUID like that : cryptdevice=UUID=XXXX-XXXX-XXXX:root if we prefer
GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda4:root"

Install GRUB EFI application to /efi/ (sda1) :

[root@archiso /]# grub-install --target=x86_64-efi --efi-directory=/efi/ --bootloader-id=GRUB

Installing for x86_64-efi platform.
Installation finished. No error reported.

Generate grub.cfg main configuration file :

[root@archiso /]# grub-mkconfig -o /boot/grub/grub.cfg
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-linux
Found initrd image: /boot/initramfs-linux.img
Found fallback initrd image(s) in /boot:  initramfs-linux-fallback.img
Warning: os-prober will not be executed to detect other bootable partitions.
Systems on them will not be added to the GRUB boot configuration.
Check GRUB_DISABLE_OS_PROBER documentation entry.
Adding boot menu entry for UEFI Firmware Settings ...
done

Reboot

Set root password :

[root@archiso /]# passwd

Remove boot media and reboot system :

[root@archiso /]# exit root@archiso ~ # reboot

Post-Install

Add simple user

Create a user :

[root@stdesktop ~]# useradd -m newuser

Define user password :

[root@stdesktop ~]# passwd newuser

Network

We can configure Network manually, statically or via DHCP.

First thing to to is identify your network interface :

[root@stdesktop ~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether 24:1f:fe:d3:bc:2a brd ff:ff:ff:ff:ff:ff

Manually with ip commands

Note : This configuration will be reset after each reboot.

Enable network interface :

[root@stdesktop ~]# ip link set ens192 up

Set ip address :

[root@stdesktop ~]# ip addr add 192.168.1.10/24 dev ens192

Set gateway :

[root@stdesktop ~]# ip route add default via 192.168.1.254

Set dns :

[root@stdesktop ~]# echo 'nameserver 80.67.169.12' > /etc/resolv.conf

Statically with systemd-networkd

Create a /etc/systemd/network/ens192.network file :

[Match]
Name=ens192

[Network]
Address=192.168.1.10/24
Gateway=192.168.1.254
DNS=192.168.1.254

Enable and start systemd-networkd service :

[root@stdesktop ~]# systemctl enable systemd-networkd.service && systemctl start systemd-networkd.service

DHCP with systemd-networkd

Create a /etc/systemd/network/ens192.network file :

[Match]
Name=ens192

[Network]
DHCP=yes

Enable and start systemd-networkd service :

[root@stdesktop ~]# systemctl enable systemd-networkd.service && systemctl start systemd-networkd.service

Desktop environment

Install GNOME (simply press enter to each question) :

[root@stdesktop ~]# pacman -S gnome

If your are not in qwerty, set the gdm keyboard layout according to your language :

[root@stdesktop ~]# localectl set-x11-keymap fr

Enable and start gdm service :

[root@stdesktop ~]# systemctl enable gdm [root@stdesktop ~]# systemctl start gdm archlinux gdm screen waiting to log in

Misc

Hardware acceleration for the AMD FirePro W5000

If like me you have a AMD FirePro W5000 you should want to enable hardware video acceleration.

Install libva-mesa-driver and mesa-vdpau :

[root@stdesktop ~]# pacman -S libva-mesa-driver mesa-vdpau

Install vainfo, vdpauinfo plus radeontop tools :

[root@stdesktop ~]# pacman -S libva-utils vdpauinfo radeontop

Create /etc/modprobe.d/amdgpu.conf file :

options amdgpu si_support=1

Create /etc/modprobe.d/radeon.conf file :

options radeon si_support=0
options radeon cik_support=0

Edit /etc/mkinitcpio.conf file :

MODULES=(dm_mod ext2 btrfs ext4 xfs amdgpu)
[…]
HOOKS=(base udev autodetect modconf block keyboard keymap encrypt lvm2 filesystems usr fsck shutdown)

Generate a new initramfs :

[root@archiso /]# mkinitcpio -P

Reboot and check amdgpu is loaded :

[newuser@stdesktop ~]$ lspci -k | grep -A 3 -E "(VGA|3D)"
01:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Pitcairn LE GL [FirePro W5000]
        Subsystem: Advanced Micro Devices, Inc. [AMD/ATI] Device 0b06
        Kernel driver in use: amdgpu
        Kernel modules: radeon, amdgpu

Add VDPAU_DRIVER environment variable :

[newuser@stdesktop ~]$ echo 'export VDPAU_DRIVER=radeonsi' >> ~/.bashrc

Verify VA-API :

[newuser@stdesktop ~]$ vainfo
vainfo: VA-API version: 1.15 (libva 2.15.0)
vainfo: Driver version: Mesa Gallium driver 22.1.7 for ATI FirePro V(FireGL V) Graphics Adapter (pitcairn, LLVM 14.0.6, DRM 3.47, 5.19.9-arch1-1)
vainfo: Supported profile and entrypoints
      VAProfileMPEG2Simple            : VAEntrypointVLD
      VAProfileMPEG2Main              : VAEntrypointVLD
      VAProfileVC1Simple              : VAEntrypointVLD
      VAProfileVC1Main                : VAEntrypointVLD
      VAProfileVC1Advanced            : VAEntrypointVLD
      VAProfileH264ConstrainedBaseline: VAEntrypointVLD
      VAProfileH264Main               : VAEntrypointVLD
      VAProfileH264High               : VAEntrypointVLD
      VAProfileNone                   : VAEntrypointVideoProc

Verify VDPAU :

[newuser@stdesktop ~]$ vdpauinfo
display: :0   screen: 0
API version: 1
Information string: G3DVL VDPAU Driver Shared Library version 1.0

Video surface:

name   width height types
-------------------------------------------
420    16384 16384  NV12 YV12 
422    16384 16384  UYVY YUYV 
444    16384 16384  Y8U8V8A8 V8U8Y8A8 
420_16 16384 16384  
422_16 16384 16384  
444_16 16384 16384  

Decoder capabilities:
[…]

Open applications at login

When I log in, I like to have the applications I use the most open automatically.

Create ~/.config/autostart/ folder :

[newuser@stdesktop ~]$ mkdir ~/.config/autostart

Create ~/.config/autostart/apps.desktop file :

[Desktop Entry]
Name=AutostartScript
GenericName=Gnome Auto Start Script
Comment=Script wich launch applications at startup
Exec=/home/newuser/.config/autostart.sh
Terminal=false
Type=Application
X-GNOME-Autostart-enabled=true

Create ~/.config/autostart.sh file :

#Open terminal
gnome-terminal&
#Open Firefox
firefox &
#Open Explorer
nautilus&

Add executions rights :

[newuser@stdesktop ~]$ chmod +x ~/.config/autostart.sh

Crontab

I usually use cron as a task scheduler. There are implementations of cron in ArchLinux but none of them are pre-installed. By default the base system uses systemd/Timers. We will see here how to create a systemd/Timers task.

Create a /etc/systemd/system/mytask.service file which will run a program (here we copy /home/newuser/a_file to a /backup location using date command substitution) :

[Unit]
Description=Copy a file
Wants=mytask.timer

[Service]
Type=oneshot
User=newuser
#Normaly $(/usr/bin/date +%Y%m%d) but $ and % need to be escaped
ExecStart=/bin/bash -c  '/usr/bin/cp /home/newuser/a_file /backup/a_file.$$(/usr/bin/date +%%Y%%m%%d)'

[Install]
WantedBy=multi-user.target

Create associated /etc/systemd/system/mytask.timer file where we will set the trigger :

[Unit]
Description=Copy a file trigger
Requires=mytask.service

[Timer]
Unit=mytask.service
#It will run each day at 19h00
OnCalendar=*-*-* 19:00:00

[Install]
WantedBy=timers.target

Enable and reload rule :

[root@stdesktop ~]# systemctl enable mytask.timer && systemctl daemon-reload

Check mytask.timer status :

[root@stdesktop ~]# systemctl status mytask.timer
● mytask.timer - Copy a file
     Loaded: loaded (/etc/systemd/system/mytask.timer; enabled; preset: disabled)
     Active: active (waiting) since Sun 2022-09-25 16:28:31 CEST; 26min ago
      Until: Sun 2022-09-25 16:28:31 CEST; 26min ago
    Trigger: Sun 2022-09-25 19:00:00 CEST; 2h 4min left
   Triggers: ● mytask.service

sept. 25 16:28:31 stddesktop.local systemd[1]: Started Copy a file.

Computing

Music

Misc

My ArchLinux installation guide

Installation medium

Pre-Install

Network Configuration

Partition the disk

Format the partitions

Mount the file system and chroot to /mnt/

Mount to /mnt

Create btrfs subvolumes (Optional)

Install

Install essential packages

Time zone

Localization

Network configuration

Initramfs

Boot Loader

Reboot

Post-Install

Add simple user

Network

Manually with ip commands

Statically with systemd-networkd

DHCP with systemd-networkd

Desktop environment

Misc

Hardware acceleration for the AMD FirePro W5000

Open applications at login

Crontab

References