How to install Arch Linux with cryptoLuks and KDE Plasma

A complete guide to installing Arch Linux with encryption, /, /boot and /home partitions, the KDE Plasma environment, and additional configuration

Step 1: Preparing the bootable USB drive

1. Download the Arch Linux ISO:

   • Go to the official Arch Linux website and download the latest ISO image.

2. Create the bootable USB drive:

   • Use dd (Linux/MacOS):

     sudo dd if=archlinux.iso of=/dev/sdX bs=4M status=progress oflag=sync

     Where /dev/sdX is your USB drive.

Step 2: Configuring the laptop’s BIOS/UEFI

1. Power on the laptop and enter BIOS/UEFI (usually F2 or Del on startup).

2. Check and configure:

   • Boot Mode: enable UEFI.
   • Secure Boot: disable.
   • Fast Boot: disable.
   • Enable AHCI for the disk (if available).

3. Make sure the USB drive is first in the boot order.

Step 3: Booting from the USB drive

1. Boot from the USB drive by selecting it through the Boot Menu (F12 or a similar key).
2. In the startup menu select Arch Linux (x86_64).

Step 4: Network configuration

1. Connecting to the network via Wi-Fi:

   • For interfaces with iwctl:

     iwctl
     device list  # Find your Wi-Fi interface
     station wlan0 scan
     station wlan0 connect "SSID"
     exit

2. Make sure the network is working:

   ping archlinux.org

Step 5: Configuring mirrors (optional)

Update the mirror list:

pacman -S reflector
reflector --latest 10 --country='RU' --sort rate --save /etc/pacman.d/mirrorlist

Step 6: Disk partitioning and encryption

1. Partitioning the disk with fdisk:

   fdisk /dev/sda

   • Press n to create a new partition:
     • EFI partition: size 512M, type EFI System (code 1 in the t menu).
     • Swap partition: size 8G, type Linux Swap (code 19 in the t menu)
     • Main partition: remaining space for encryption, type Linux filesystem.
   • Press w to write the changes.

2. Formatting the EFI partition:

   mkfs.vfat -F32 /dev/sda1

3. Formatting and enabling Swap:

   mkswap -L swap /dev/sda2
   swapon /dev/sda2

4. Setting up LUKS encryption:

   cryptsetup luksFormat /dev/sda3
   cryptsetup open /dev/sda3 Disk

5. Creating LVM inside LUKS:

   pvcreate /dev/mapper/Disk
   vgcreate VG0 /dev/mapper/Disk
   lvcreate -n ROOT -L 100G VG0
   lvcreate -n HOME -l 100%FREE VG0

6. Formatting the partitions:

   mkfs.ext4 /dev/VG0/ROOT
   mkfs.ext4 /dev/VG0/HOME

7. Mounting the partitions:

   mount /dev/VG0/ROOT /mnt
   mkdir -p /mnt/boot /mnt/home
   mount /dev/sda1 /mnt/boot
   mount /dev/VG0/HOME /mnt/home

Step 7: Installing the base system

1. Install the base packages:

   pacstrap /mnt base base-devel linux-lts linux-lts-headers linux-firmware bash-completion net-tools dnsutils dialog rsync wget os-prober mtools dosfstools nfs-utils ntfs-3g vim mlocate usbutils gvfs git iwd dhclient lvm2

2. Create the fstab file:

   genfstab -U /mnt >> /mnt/etc/fstab

Step 8: System configuration

1. Enter the installed system:

   arch-chroot /mnt

   Set the root password:

   passwd

2. Configure the timezone:

   ln -sf /usr/share/zoneinfo/Europe/Moscow /etc/localtime
   hwclock --systohc

3. Configure localization:

   • In /etc/locale.gen uncomment:

     ru_RU.UTF-8 UTF-8
     en_US.UTF-8 UTF-8

   • Generate the locales:

     locale-gen
     echo "LANG=ru_RU.UTF-8" > /etc/locale.conf

4. Set the hostname:

   echo "myhostname" > /etc/hostname

5. Configure the network:

   systemctl enable NetworkManager

Step 9: Bootloader configuration

1. Create the bootloader and a minimal kernel image (skip this and come back to it later if something doesn’t go according to plan)

   pacman -S linux-firmware efibootmgr

2. Edit /etc/mkinitcpio.conf like this:

   MODULES=(ext4)
   HOOKS=(base udev autodetect plymouth microcode modconf kms keyboard keymap encrypt lvm2 consolefont block filesystems fsck)
   #resume if you have SWAP, otherwise it will complain

3. A nice splash screen on login:

   pacman -S extra/plymouth

   plymouth-set-default-theme -l   # list themes
   plymouth-set-default-theme bgrt  # or spinner

4. Rebuild the minimal kernel image:

   mkinitcpio -P

5. Install systemd-boot:

   bootctl install

   pacman -S amd-ucode

6. Create the bootloader entry file:

   vim /boot/loader/entries/arch.conf

   Contents:

   title Arch Linux
   linux /vmlinuz-linux-lts
   initrd  /amd-ucode.img
   initrd  /initramfs-linux-lts.img
   options cryptdevice=UUID=270f815e-a9ad-468d-883f-b7151ee5e3d2:crypt root=/dev/mapper/VG0-ROOT rw quiet splash loglevel=3 nowatchdog amd_pstate=active amdgpu.dc=1 amdgpu.noretry=0
   

7. Find the UUID for the LUKS partition:

   blkid

   Replace <disk-UUID> in the bootloader configuration. Take the UUID of /dev/nvme0n1p3 - the partition with the whole encrypted Crypto_LUKS system, not boot and not Swap

8. Edit loader.conf:

   echo "default arch.conf" > /boot/loader/loader.conf

Step 10: Installing drivers

1. Install the paru package manager:

   git clone https://aur.archlinux.org/paru.git
   cd paru
   sudo makepkg -si

2. Installing Intel graphics drivers (for AMD replace all ‘Intel’ with ‘amd’, for nvidia - search for your nvidia version)

   Intel graphics use the xf86-video-intel and mesa drivers. Install them with the following command:

   sudo pacman -S xf86-video-intel mesa lib32-mesa vulkan-intel lib32-vulkan-intel
   sudo pacman -S alsa-utils pulseaudio

   xf86-video-intel — 2D graphics driver. mesa — provides 3D graphics and OpenGL support. lib32-mesa — 32-bit version of Mesa for compatibility with 32-bit applications. vulkan-intel — Vulkan support for Intel. lib32-vulkan-intel — 32-bit version of Vulkan for Intel.

   AMD:

   pacman -S lib32-mesa vulkan-radeon lib32-vulkan-radeon vulkan-icd-loader lib32-vulkan-icd-loader

   NVIDIA:

   pacman -S nvidia-utils lib32-nvidia-utils nvidia-settings nvidia-dkms

Step 11: Installing the desktop environment

1. Install the graphical environment (KDE Plasma)

   pacman -S plasma plasma-meta kde-applications-meta sddm

2. Enable the display manager:

   systemctl enable sddm

3. Install additional packages:

   pacman -S konsole dolphin ark

Step 12: Creating a user and granting permissions

1. Create a user:

   useradd -m -G wheel -s /bin/bash username
   passwd username

2. Configure sudo:

   pacman -S sudo
   EDITOR=vim visudo

   Uncomment the line:

   %wheel ALL=(ALL) ALL

3. Reboot:

   exit
   umount -R /mnt
   reboot

Step 13: Extras

1. Rebuilding the minimal kernel image:

   mkinitcpio -P

2. Console styling:

   paru -Ss alsi

3. System update:

   paru -Syyuu

4. Pacman configuration:

   Uncomment in the /etc/pacman.conf file

   [multilib]
   Include = /etc/pacman.d.mirrorlist

   Color
   ParallelDownloads = 10
   ILoveCandy

5. Automatic package cache cleanup:

   sudo pacman -S pacman-contrib
   sudo systemctl enable paccache.timer

6. It makes sense to disable building debug packages by turning off !debug and !strip:

   sudo sed -i.bak '/^OPTIONS=/s/strip/!strip/; /^OPTIONS=/s/debug/!debug/' /etc/makepkg.conf