install notes
This commit is contained in:
parent
f00093ef8e
commit
24f3a7c485
@ -6,6 +6,80 @@
|
||||
- name: detect booted ip address
|
||||
|
||||
- name: configure disks
|
||||
# Specify root disk and part, set to type 23 (linux root x86-64), label root
|
||||
# Specify efi disk and part, set to type 1 (efi system), label efi
|
||||
# format efi partition
|
||||
# mkfs.fat -F32 /dev/mmcblk0p1
|
||||
# Ecrypt root partition
|
||||
# cryptsetup -y -v luksFormat /dev/sda1 # TODO add keyfile/password automatically
|
||||
# cryptsetup open /dev/sda1 root
|
||||
# mkfs.ext4 /dev/mapper/root
|
||||
# mkdir /mnt/root
|
||||
# mount /dev/mapper/root /mnt/root
|
||||
# mkdir /mnt/root/efi
|
||||
# mount /dev/mmcblk0p1 /mnt/root/efi
|
||||
|
||||
# Add cryptsetup params to kernel cmdline
|
||||
# cryptdevice=UUID=device-UUID:root root=/dev/mapper/root rw
|
||||
|
||||
# add efi to /etc/fstab
|
||||
|
||||
|
||||
|
||||
- name: sync ntp
|
||||
# timedatectl set-timezone Australia/Brisbane
|
||||
# timedatectl set-ntp true
|
||||
|
||||
# run reflector to get a list of mirrors
|
||||
# relfector -c AU --save /etc/pacman.d/mirrorlist
|
||||
|
||||
# update dbs
|
||||
# pacman -Sy
|
||||
|
||||
|
||||
# pacstrap
|
||||
# pacstrap -K /mnt/root base linux-lts linux-firmware nano openssh bind bash efibootmgr reflector screen pv pinentry sudo man-db man-pages texinfo ufw nftables intel-ucode e2fsprogs dosfstools curl cryptsetup
|
||||
|
||||
# gen fstab
|
||||
# genfstab -L /mnt/root >> /mnt/root/etc/fstab
|
||||
|
||||
#
|
||||
# chroot from here
|
||||
#
|
||||
|
||||
# set hostname
|
||||
# echo hv00 > /etc/hostname
|
||||
|
||||
# link timezone
|
||||
# ln -sf /usr/share/zoneinfo/Australia/Brisbane /etc/localtime
|
||||
|
||||
# enable ntp again
|
||||
# timedatectl set-ntp true # TODO move this post reboot
|
||||
|
||||
# sync hardware clock
|
||||
# hwclock --systohc
|
||||
|
||||
# set locale
|
||||
# sed -i 's/#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/g' /etc/locale.gen
|
||||
# locale-gen
|
||||
# echo LANG=en_US.UTF-8 > /etc/locale.conf
|
||||
|
||||
# uncomment wheel group in /etc/sudoers
|
||||
# sed -i 's/# %wheel ALL=(ALL:ALL) ALL/%wheel ALL=(ALL:ALL) ALL/g' /etc/sudoers
|
||||
|
||||
# add user
|
||||
# useradd -u 1000 -U -m -b /home/ -G wheel -s /bin/bash ladmin
|
||||
# set new user password
|
||||
|
||||
# disable root password
|
||||
# passwd -l root
|
||||
|
||||
# create /etc/kernel/cmdline file
|
||||
# echo 'cryptdevice=dbbb9fb2-5509-4701-a2bb-5660934a5378:root root=/dev/mapper/root rw' > /etc/kernel/cmdline
|
||||
# echo 'rd.luks.name=dbbb9fb2-5509-4701-a2bb-5660934a5378=root root=/dev/mapper/root rw' > /etc/kernel/cmdline
|
||||
|
||||
|
||||
# modify mkinitcpio for encryption
|
||||
# old HOOKS=(base udev autodetect modconf kms keyboard keymap consolefont block filesystems fsck)
|
||||
# new HOOKS=(base systemd keyboard autodetect modconf kms block sd-encrypt filesystems fsck)
|
||||
# sed -i 's/^HOOKS=(base udev autodetect modconf block filesystems keyboard fsck)/HOOKS=(base udev autodetect modconf block encrypt filesystems keyboard fsck)/g' /etc/mkinitcpio.conf
|
||||
Loading…
Reference in New Issue
Block a user