# Arch with Gnome - [Arch with Gnome](#arch-with-gnome) - [Installation](#installation) - [Post Install](#post-install) - [Hardware Acceleration](#hardware-acceleration) - [Firewall](#firewall) - [Power Management](#power-management) - [TPM2 LUKS Decryption](#tpm2-luks-decryption) - [Fingerprint Reader Support](#fingerprint-reader-support) - [AppImage Support](#appimage-support) - [Bluetooth](#bluetooth) - [Audio](#audio) - [Firefox](#firefox) - [RDP Remote Desktop](#rdp-remote-desktop) - [Virtualization](#virtualization) - [CUPS Printing](#cups-printing) - [Steam](#steam) - [XWayland](#xwayland) - [Wireguard](#wireguard) - [btrbk](#btrbk) - [Bashrc](#bashrc) - [Help](#help) - [Update Grub](#update-grub) - [Downgrading Kernel](#downgrading-kernel) - [Packages](#packages) - [Official](#official) - [AUR](#aur) ## Installation Follow most of the instructions here: 1. Download Arch 2. Verify the image 3. Create a bootable ISO 4. Disable secureboot (reenable later) 5. Boot into the live image 6. Check for network connectivity ```bash # Check for internet ip a ping archlinux.org ``` 7. `timedatectl` to update system clock 8. Create disk partitions ```bash fdisk -l fdisk /dev/vda ``` - +1G for /boot - t EFI SYSTEM for /boot - remaining for / 9. `mkfs.fat -F 32 /dev/vda1` (/mnt/boot partition) 10. `cryptsetup luksFormat /dev/vda2` 11. `cryptsetup luksOpen /dev/vda2 root` 12. `mkfs.btrfs /dev/mapper/root` (root partition) 13. Mount the root partition with `mount /mnt` 14. Mount the boot partition with `mount --mkdir /mnt/boot` 15. `pacstrap -K /mnt base linux linux-firmware` Note: linux-zen works, linux-hardened breaks appimages 16. `genfstab -U /mnt >> /mnt/etc/fstab` 17. `arch-chroot /mnt` 18. `ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime` 19. `hwclock --systohc` 20. `echo 'LANG=en_US.UTF-8' > /etc/locale.conf` 21. `echo 'hostname' > /etc/hostname` 22. `pacman -S sudo vim gdm gnome dhclient dhcpcd bash-completion grub` 23. `grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=BOOT` (this will fail) 24. Note: for some systems you'll have to move grubx64.efi into an expected location: ```bash cp /boot/EFI/BOOT/grubx64.efi /boot/EFI/BOOT/bootx64.efi ``` 25. Edit /etc/default/grub ```conf GRUB_CMDLINE_LINUX="quiet splash rd.luks.uuid=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" GRUB_ENABLE_CRYPTODISK=y GRUB_DISABLE_SUBMENU=y GRUB_DEFAULT=saved GRUB_SAVEDEFAULT=true ``` 26. Edit /etc/mkinitcpio.conf and set up systemd/sd-encrypt ```conf HOOKS=(systemd autodetect modconf kms keyboard sd-vconsole block sd-encrypt filesystems fsck) ``` 27. `mkinitcpio -P` 28. `grub-mkconfig -o /boot/grub/grub.cfg` 29. `sudo systemctl enable gdm` 30. `useradd ducoterra` 31. `passwd ducoterra` 32. `groupadd sudo` 33. Edit /etc/sudoers and uncomment the section allowing sudo and wheel group privilege 34. `usermod -aG sudo ducoterra` 35. `usermod -aG wheel ducoterra` 36. `mkdir /home/ducoterra` 37. `chown ducoterra:ducoterra /home/ducoterra` 38. `exit` 39. `reboot` ## Post Install Set up locale with correct information (required for certain binaries like minecraft-launcher) 1. `vim /etc/locale.gen` Uncomment the line: en_US.UTF-8 UTF-8 2. `sudo locale-gen` ### Hardware Acceleration (This helps enable hardware encoding/decoding for steam streaming) Intel ```bash sudo pacman -S libva-utils intel-media-driver vainfo ``` AMD ```bash sudo pacman -S libva-utils libva-mesa-driver mesa-vdpau ``` ### Firewall ```bash sudo pacman -S ufw sudo ufw enable ``` ### Power Management 1. For laptops install `tlp` ```bash sudo pacman -S tlp sudo systemctl enable --now tlp ``` 2. For desktops install cpupower ```bash sudo pacman -S cpupower systemctl enable --now cpupower ``` Temporarily set power profile with `cpupower frequency-set -g performance` Edit /etc/default/cpupower ```conf governor='performance' ``` ### TPM2 LUKS Decryption 2. `pacman -S tpm2-tss` 3. `systemd-cryptenroll /dev/vda2 --wipe-slot=tpm2 --tpm2-device=auto --tpm2-pcrs=""` ### Fingerprint Reader Support 1. `sudo pacman -S fprintd` 2. `sudo systemctl enable --now fprintd` 3. Enable fingerprint terminal login but prompt for password first (enter switches to prompt for fingerprint) sudo vim /etc/pam.d/sudo and at the top of the file: ```conf # fingerprint auth auth sufficient pam_unix.so try_first_pass likeauth nullok auth sufficient pam_fprintd.so ``` ### AppImage Support fuse is required to run most appimages. Also chmod +x before running. 1. `sudo pacman -S fuse` 2. `cp ~/Downloads/xxxxxxx.appimage ~/Applications 3. Write a .desktop entry at ~/.local/share/applications/ ```conf [Desktop Entry] Encoding=UTF-8 Name= Exec=/home/ducoterra/Applications/ Icon=/home/ducoterra/Applications/ Type=Application Categories=; ``` ### Bluetooth 1. `sudo pacman -S bluez bluez-utils` 2. `sudo systemctl enable --now bluetooth` ### Audio Without pipewire-pulse the audio level/device will reset every reboot. 1. `sudo pacman -S pipewire-pulse` (remove conflicting packages) ### Firefox You'll want firefox and gnome-browser-connector (for gnome extension management). ```bash sudo pacman -S firefox gnome-browser-connector ``` ### RDP Remote Desktop 1. `sudo pacman -S remmina freerdp` ### Virtualization 1. Install virtualization capabilties ```bash sudo pacman -S qemu-full sudo pacman -S libvirt sudo pacman -S iptables-nft dnsmasq sudo pacman -S virt-manager qemu-desktop sudo usermod -aG libvirt ducoterra sudo virsh net-autostart default ``` 2. Edit /etc/libvirt/libvirtd.conf ```conf ... unix_sock_group = 'libvirt' ... unix_sock_rw_perms = '0770' ... ``` 3. Edit /etc/libvirt/qemu.**conf** ```conf # Some examples of valid values are: # # user = "qemu" # A user named "qemu" # user = "+0" # Super user (uid=0) # user = "100" # A user named "100" or a user with uid=100 # user = "ducoterra" # The group for QEMU processes run by the system instance. It can be # specified in a similar way to user. group = "ducoterra" ``` 4. `systemctl enable --now libvirtd` If you get a blank screen when launching windows VMs check that you've used a secboot loader. ### CUPS Printing 12. `sudo pacman -S cups avahi` 14. `sudo vim /etc/nsswitch.conf` ```conf hosts: mymachines mdns_minimal [NOTFOUND=return] resolve [!UNAVAIL=return] files myhostname dns ``` 15. `sudo systemctl start cups` 16. `sudo systemctl start avahi-daemon` ### Steam When prompted, use vulkan-radeon ### XWayland Provides compatibility with X server applications (like wine) 1. `sudo pacman -S xorg-xwayland` ### Wireguard 1. `sudo pacman -S wireguard-tools` ### btrbk 1. Grab the btrbk binary from the github repo. Copy it to /usr/local/bin/btrbk. 2. Create a snapshot config /etc/btrbk/snapshots.conf ```conf snapshot_preserve_min 24h snapshot_preserve 14d volume /mnt/btr_pools/root subvolume root snapshot_dir .snapshots volume /mnt/btr_pools/root subvolume home snapshot_dir .snapshots volume /mnt/btr_pools/root subvolume libvirt snapshot_dir .snapshots volume /mnt/btr_pools/root subvolume nextcloud snapshot_dir .snapshots ``` 3. Then create a snapshot service at /etc/systemd/system/btrbk_snapshots.service ```conf [Unit] Description=Runs btrbk with config file at /etc/btrbk/snapshots.conf [Service] ExecStart=/usr/local/bin/btrbk -c /etc/btrbk/snapshots.conf -v run ``` 4. Then create a timer for the service at /etc/systemd/system/btrbk_snapshots.timer ```conf [Unit] Description=Run snapshots every hour [Timer] OnCalendar=hourly AccuracySec=10min Persistent=true Unit=btrbk_snapshots.service [Install] WantedBy=timers.target ``` 5. Then enable the service ```bash systemctl enable --now btrbk_snapshots.conf ``` ## Bashrc ~/.bashrc ```bash # .bashrc # Source global definitions if [ -f /etc/bashrc ]; then . /etc/bashrc fi # User specific binaries if ! [[ "$PATH" =~ "$HOME/.local/bin:$HOME/bin:" ]] then PATH="$HOME/.local/bin:$HOME/bin:$PATH" fi export PATH # User specific aliases and functions (source .bashrc.d/) if [ -d ~/.bashrc.d ]; then for rc in ~/.bashrc.d/*; do if [ -f "$rc" ]; then . "$rc" fi done fi # clear var used in for loop unset rc ``` ~/.bashrc.d/aliases.sh ```bash # (Mostly) Taken from https://www.cyberciti.biz/tips/bash-aliases-mac-centos-linux-unix.html # Author: Vivek Gite ## Colorize the ls output ## alias ls="ls --color=auto" ## Colorize the grep command output for ease of use (good for log files)## alias grep='grep --color=auto' alias egrep='egrep --color=auto' alias fgrep='fgrep --color=auto' ## Make mount human readable ## alias mount='mount |column -t' ## show open ports ## alias ports='ss -tulanp' # do not delete / or prompt if deleting more than 3 files at a time # alias rm='rm -I --preserve-root' # confirmation # alias mv='mv -i' alias cp='cp -i' alias ln='ln -i' # Parenting changing perms on / # alias chown='chown --preserve-root' alias chmod='chmod --preserve-root' alias chgrp='chgrp --preserve-root' ## pass options to free ## alias meminfo='free -m -l -t' ## get top process eating memory alias psmem='ps auxf | sort -nr -k 4' alias psmem10='ps auxf | sort -nr -k 4 | head -10' ## get top process eating cpu ## alias pscpu='ps auxf | sort -nr -k 3' alias pscpu10='ps auxf | sort -nr -k 3 | head -10' ## this one saved by butt so many times ## alias wget='wget -c' ## set some other defaults ## alias df='df -H' alias du='du -ch' ## ls but with file sizes, showing largest at the bottom ## alias lst='ls --human-readable --size -1 -S --classify -r' ## ls show only directories alias lsd='ls -d */' ## Count the number of files in a directory alias lsc='find . -type f | wc -l' ## ls sort by last modified ## alias lmt='ls -t -1' ``` ## Help ### Update Grub 1. `grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=BOOT` 1. `cp /boot/EFI/BOOT/grubx64.efi /boot/EFI/BOOT/bootx64.efi` ### Downgrading Kernel You can find old kernel versions at You can find old kernel-header versions at If you want to downgrade to a previously installed kernel you can use pacman cache: 1. `cd /var/cache/pacman/pkg` 2. `pacman -U linux-x.x.x.arch1-1-x86_64.pkg.tar.zst linux-headers-x.x.x.arch1-1-x86_64.pkg.tar.zst` 3. `reboot` If you want to downgrade to a kernel that wasn't previously installed: 1. Download linux... and linux-headers... from above 2. `pacman -U linux-x.x.x.arch1-1-x86_64.pkg.tar.zst linux-headers-x.x.x.arch1-1-x86_64.pkg.tar.zst` 3. `reboot` ## Packages ### Official | name | purpose | | ----------------------- | --------------------------------- | | grub | boot loader | | sudo | sudo privilege for non-root users | | dhclient | dhcp client tool | | dhcpcd | dhcp services | | networkmanager | Gnome networking in settings | | qemu-guest-agent | Auto resize | | spice-vdagent | Clipboard | | firefox | Firefox browser | | gnome-browser-connector | Firefox gnome connector | | base-devel | makepkg requirement | | kubectl | kubernetes kubectl | | wine | wine64 emulator | | code | open source vscode | | steam | steam | | git | git | | fprintd | fingerprint reader capability | | tlp | power management | | bluez | bluetooth | | bluetoothctl | bluetooth | | cups | cups printing daemon | | avahi | .local address resolution | | cups-pdf | ipp support for printers | | xorg-xwayland | X server support | | wireguard-tools | wireguard | | iperf3 | iperf3 network speedtest | ### AUR | name | purpose | | ---------------- | -------------------------------- |