Inital commit. there isnt much here, but its a start

2021-04-05 02:17:04 -05:00 · 2021-04-05 02:17:04 -05:00 · 7365c708e3
commit 7365c708e3
2 changed files with 267 additions and 0 deletions
--- a/13
+++ b/13
@ -0,0 +1,13 @@
 host this thing with gatsby, jekyll, hugo, or antora
 write about interacting with nextcloud instance via cli with cadaver, rclone, maybye lftp?
 write about synthing, talk about cli program syncthingmanager
 write about installing gittea
 write about how static site is generated
 write about w3ms featurs. Many people dont realize it has tabs and bookmarks.
 write about magic-wormhole
--- a/arch.adoc
+++ b/arch.adoc
@ -0,0 +1,254 @@
 installing btrfs, systemd-boot, and LUKS with a hibernateable swap partition.
 == Installing via ssh
 It can sometimes be nice to install using the same computer you are reading this documentation on.
 [IMPORTANT]
 ====
 On a normal, already installed machine, *NEVER* use just a password for SSH. *ESPECIALLY* if it is internet-facing or connected to a public network. 
 We are only doing this because we are (hopefully) on a personal network, and the password-based SSH session only exists on the Arch ISO, so as soon as you boot into your fresh system, the SSH session will be gone.
 ====
 On the installee, make a password for the root account
 # passwd
 Enable SSH using
 # systemctl start sshd.service
 Find the ip adress with
 # ip addr show
 you are looking for a line like
 inet 192.168.1.162/24 brd 192.168.1.255 scope global dynamic enp0s25
 in this case, my LAN IP is 192.168.1.162
 now, on the pc you are going to be SSHing from,
 # ssh root@[ip we just found on installee]
 and type in the password you set on the installee
 now lets continue with the installation.
 == inital setup
 verify you are connected to the internet
 # ping 1.1.1.1
 turn on ntp
 # timedatectl set-ntp true
 == Partitioning
 create paritions using the tools of your choice. I will be using the following partition map. If you use a different one, then 
 an EFI partition of 512M
 a swap partition with a size equal to your RAM.
 a btrfs partition containing the rest of the space.
 == Encryption
 Encrypt the btrfs parition with
 # cryptsetup luksFormat /dev/sda3
 # cryptsetup config --label="btrfs" /dev/sda3
 and enter the encryption passkey. I reccomend making it a full sentence for security.
 Encrypt the swap partition. Use the same password as last time.
 # cryptsetup luksFormat /dev/sda2
 # cryptsetup config --label="swap" /dev/sda2
 now open the newly encrypted partitions
 # cryptsetup open /dev/sda2 swap
 # cryptsetup open /dev/sda3 btrfs
 == Filesystem creation
 format the EFI poartion with FAT32 and give it the label EFI (label can be something else.)
 # mkfs.vfat -F32 -n EFI /dev/sda1
 format the swap partiton as swap
 # mkswap /dev/mapper/swap
 format the root partition with btrfs and give the label root (label can be something else.)
 # mkfs.btrfs -L btrfs /dev/mapper/btrfs
 == Creating and mounting subvolumes
 ....
 # mount /dev/mapper/btrfs /mnt           
 # btrfs subvolume create /mnt/root
 # btrfs subvolume create /mnt/home
 # umount /mnt
 ....
 mount subvols and EFI partition
 ....
 # mount -o noatime,nodiratime,compress=zstd,ssd,discard,subvol=root /dev/mapper/btrfs /mnt
 # mkdir /mnt/home
 # mount -o noatime,nodiratime,compress=zstd,ssd,discard,subvol=home /dev/mapper/btrfs /mnt/home
 # mkdir /mnt/boot
 # mount /dev/sda1 /mnt/boot
 # swapon /dev/mapper/swap
 ....
 == installing base system, generating *stab
 install arch (ajust this to suit your needs), change intel-ucode if using an AMD processor.
 # pacstrap /mnt linux linux-firmware base base-devel btrfs-progs zsh neovim git stow tmux connman wpa_supplicant openvpn fzf htop rsync tig tree xdg-user-dirs units python tree openssh w3m curl intel-ucode
 generate an fstab
 # genfstab -U /mnt > /mnt/etc/fstab
 make /mnt/etc/crypttab.initramfs containing:
 ....
 #our swap device
 swap LABEL=swap
 #our main device
 btrfs LABEL=btrfs
 ....
 == system config
 chroot into the new system
 # arch-chroot /mnt/
 set time zone.
 # ln -sf /usr/share/zoneinfo/Region/City /etc/localtime
 run hwclock
 # hwclock --systohc
 uncomment needed locales in /etc/locale.gen (you always need to at least uncomment en_US.UTF-8 UTF-8.)
 gen locales
 # locale-gen
 set LANG variable
 # echo 'LANG=en_US.UTF-8' > /etc/locale.conf
 create the hostname file
 # echo '[myhostname]' > /etc/hostname
 and add maching entries to /etc/hosts, like so (if static ip, use that. if dynamic, use 127)
 ....
 127.0.0.1	localhost
 ::1		localhost
 127.0.1.1	myhostname.localdomain	myhostname
 ....
 == installing the boot loader
 edit /etc/mkinitcpio.conf so the HOOKS line looks like this:
 ....
 HOOKS=(base systemd udev autodetect modconf block sd-encrypt btrfs resume filesystems keyboard fsck)
 ....
 and regen the initramfs
 # mkinitcpio -p linux
 install systemd-boot
 # bootctl install
 create /boot/loader/entries/arch.conf containing:
 ....
 title Arch Linux
 linux /vmlinuz-linux
 initrd /intel-ucode.img
 initrd /initramfs-linux.img
 options root=/dev/mapper/btrfs rootflags=subvol=/root resume=/dev/mapper/swap
 ....
 edit /boot/loader/loader.conf and add:
 ....
 default arch.conf
 timeout 2
 console-mode max
 editor no
 ....
 == system config
 set root password
 # passwd
 exit and shutdown the system
 # exit
 # shutdown now
 remove the install media, and boot back up. make sure everythign boots. from now on, configure the system as normal.
 == configuring userspace
 add a non-root user
 # useradd -m -G wheel -s /bin/sh your_username
 # passwd your_username
 symlink neovim to vi
 # ln -s /usr/bin/nvim /usr/bin/vi
 configure sudo
 # visudo
 uncomment the line that reads
 %wheel ALL=(ALL) ALL
 enable multilib: uncomment the following lines in /ec/pacman.conf
 ....
 [multilib]
 Include = /etc/pacman.d/mirrorlist
 ....
 Congrats! you now have a barebones, but functional, encrypted arch install!