mirror of
https://github.com/tommytran732/Arch-Setup-Script
synced 2024-11-21 17:11:34 -05:00
Setting up Arch Linux with BTRFS, snapshots and full disk encryption including /boot (UEFI only).
install.sh | ||
LICENSE | ||
README.md |
Introduction
This is my fork of easy-arch, a script made in order to boostrap a basic Arch Linux environment with snapshots and encryption by using a fully automated process.
How does it work?
- Download an Arch Linux ISO from here
- Flash the ISO onto an USB Flash Drive.
- Boot the live environment.
- Connect to the internet.
git clone https://github.com/tommytran732/Arch-Setup-Script/edit/main/README.md
cd Arch-Setup-Script
./install.sh
Changes to the original project
- /boot is now encrypted
- Added option to select your own kernel flavor
- Enabled AppArmor
Partitions layout
Partition Number | Label | Size | Mountpoint | Filesystem |
---|---|---|---|---|
1 | ESP | 512 MiB | /boot/efi | FAT32 |
2 | Cryptroot | Rest of the disk | / | Encrypted BTRFS (LUKS1) |
The partitions layout is pretty straightforward, it's inspired by this section of the Arch Wiki. As you can see there's just a couple of partitions:
- A FAT32, 512MiB sized, mounted at
/boot
for the ESP. - A LUKS encrypted container, which takes the rest of the disk space, mounted at
/
for the rootfs. - /boot is encrypted.
BTRFS subvolumes layout
Subvolume Number | Subvolume Name | Mountpoint |
---|---|---|
1 | @ | / |
2 | @home | /home |
3 | @snapshots | /.snapshots |
4 | @var_log | /var/log |
5 | @swap | /swap (optional) |
The BTRFS subvolumes layout follows the traditional and suggested layout used by Snapper, you can find it here. I only added a swap subvolume in case you need a swapfile, but it's totally optional. You'll be asked if you want it or not during the script execution. Here's a brief explanation of the BTRFS layout I chose:
@
mounted as/
.@boot
mounted as/boot
.@home
mounted as/home
.@snapshots
mounted as/.snapshots
.@var_log
mounted as/var/log
.@swap
mounted as/swap
(optional).