mirror of
https://github.com/pigmonkey/spark.git
synced 2026-01-23 02:24:09 +00:00
formatting
This commit is contained in:
Pig Monkey
parent
b6c6dd140e
commit
9743f927ba
1 changed files with 12 additions and 12 deletions
24
INSTALL.md
24
INSTALL.md
|
|
@ -5,18 +5,18 @@ It will provide a system with full-disk encryption using [LVM on LUKS][4].
|
|||
There is no separate `/boot` partition. The entire installation is encrypted
|
||||
and booted via [Grub's crypto hooks][5].
|
||||
|
||||
1. Boot into Arch installer
|
||||
Boot into the Arch installer.
|
||||
|
||||
2. Verify that the [system clock is up to date][6].
|
||||
Verify that the [system clock is up to date][6].
|
||||
|
||||
$ timedatectl set-ntp true
|
||||
|
||||
3. Create a single partition for LUKS.
|
||||
Create a single partition for LUKS.
|
||||
|
||||
$ parted -s /dev/sda mklabel msdos
|
||||
$ parted -s /dev/sda mkpart primary 2048s 100%
|
||||
|
||||
4. Create and mount the encrypted filesystem.
|
||||
Create and mount the encrypted filesystem.
|
||||
|
||||
$ cryptsetup luksFormat /dev/sda1
|
||||
$ cryptsetup luksOpen /dev/sda1 lvm
|
||||
|
|
@ -33,20 +33,20 @@ and booted via [Grub's crypto hooks][5].
|
|||
$ mount /dev/mapper/arch-home /mnt/home
|
||||
$ swapon /dev/mapper/arch-swap
|
||||
|
||||
5. Optionally [edit the mirror list][7].
|
||||
Optionally [edit the mirror list][7].
|
||||
|
||||
$ vi /etc/pacman.d/mirrorlist
|
||||
|
||||
6. Install the [base system][8].
|
||||
Install the [base system][8].
|
||||
|
||||
$ pacstrap -i /mnt base base-devel
|
||||
|
||||
7. Generate and verify [fstab][9].
|
||||
Generate and verify [fstab][9].
|
||||
|
||||
$ genfstab -U -p /mnt >> /mnt/etc/fstab
|
||||
$ less /mnt/etc/fstab
|
||||
|
||||
8. Change root into the base install and perform [base configuration tasks][10].
|
||||
Change root into the base install and perform [base configuration tasks][10].
|
||||
|
||||
$ arch-chroot /mnt /bin/bash
|
||||
$ echo en_US.UTF-8 UTF-8 >> /etc/locale.gen
|
||||
|
|
@ -59,7 +59,7 @@ and booted via [Grub's crypto hooks][5].
|
|||
$ systemctl enable dhcpcd.service
|
||||
$ passwd
|
||||
|
||||
9. Add a key file to decrypt the volume and properly set the hooks.
|
||||
Add a key file to decrypt the volume and properly set the hooks.
|
||||
|
||||
$ dd bs=512 count=8 if=/dev/urandom of=/crypto_keyfile.bin
|
||||
$ cryptsetup luksAddKey /dev/sda1 /crypto_keyfile.bin
|
||||
|
|
@ -68,7 +68,7 @@ and booted via [Grub's crypto hooks][5].
|
|||
$ sed -i 's/^HOOKS=.*/HOOKS="base udev autodetect modconf block keyboard encrypt lvm2 filesystems fsck"/' /etc/mkinitcpio.conf
|
||||
$ mkinitcpio -p linux
|
||||
|
||||
10. Install GRUB.
|
||||
Install GRUB.
|
||||
|
||||
$ pacman -S grub
|
||||
$ echo GRUB_ENABLE_CRYPTODISK=y >> /etc/default/grub
|
||||
|
|
@ -77,13 +77,13 @@ and booted via [Grub's crypto hooks][5].
|
|||
$ grub-install /dev/sda
|
||||
$ chmod -R g-rwx,o-rwx /boot
|
||||
|
||||
11. Cleanup and reboot!
|
||||
Cleanup and reboot!
|
||||
|
||||
$ exit
|
||||
$ umount -R /mnt
|
||||
$ reboot
|
||||
|
||||
12. Run ansible!
|
||||
Run ansible!
|
||||
|
||||
|
||||
[1]: https://www.archlinux.org/
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue