2021-02-01 07:18:08 -05:00
### Introduction
2021-04-10 17:40:40 -04:00
This is my fork of [easy-arch ](https://github.com/classy-giraffe/easy-arch ), a **script** made in order to boostrap a basic **Arch Linux** environment with **snapshots** and **encryption** by using a fully automated process.
2021-02-01 07:16:56 -05:00
2021-02-03 02:04:07 -05:00
### How does it work?
1. Download an Arch Linux ISO from [here ](https://archlinux.org/download/ )
2. Flash the ISO onto an [USB Flash Drive ](https://wiki.archlinux.org/index.php/USB_flash_installation_medium ).
3. Boot the live environment.
2021-04-10 17:26:27 -04:00
4. Connect to the internet.
2021-04-10 17:40:40 -04:00
5. `git clone https://github.com/tommytran732/Arch-Setup-Script/edit/main/README.md`
6. `cd Arch-Setup-Script`
2021-04-14 00:41:25 -04:00
7. `chmod u+x ./install.sh && ./install.sh`
2021-02-03 02:04:07 -05:00
2021-04-10 17:49:18 -04:00
### Changes to the original project
2021-04-14 19:39:11 -04:00
1. Enabled AppArmor
2021-04-23 02:38:18 -04:00
2. SUSE - like partition layout
3. Default umask to 077
4. Firewalld is enabled by default
5. Improved kernel settings for better security
6. Minimally setup GNOME 40
2021-04-10 17:33:58 -04:00
2021-02-01 05:43:36 -05:00
### Partitions layout
2021-02-01 05:20:58 -05:00
2021-02-01 05:43:36 -05:00
| Partition Number | Label | Size | Mountpoint | Filesystem |
|------------------|-----------|-------------------|------------|------------------------|
2021-04-14 19:49:27 -04:00
| 1 | ESP | 300 MiB | /boot/efi | FAT32 |
2021-04-14 19:39:11 -04:00
| 2 | cryptroot | Rest of the disk | / | Encrypted BTRFS (LUKS1)|
2021-02-01 05:11:02 -05:00
2021-02-01 07:24:31 -05:00
The **partitions layout** is pretty straightforward, it's inspired by [this section ](https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system#Btrfs_subvolumes_with_swap ) of the Arch Wiki. As you can see there's just a couple of partitions:
2021-04-14 19:42:29 -04:00
1. A **FAT32** , 512MiB sized, mounted at `/boot/efi` for the ESP.
2021-02-07 03:46:50 -05:00
2. A **LUKS encrypted container** , which takes the rest of the disk space, mounted at `/` for the rootfs.
2021-04-10 17:24:29 -04:00
3. /boot is **encrypted** .