Install

Note: This is not an install guide. Purely personal notes.

Two partition: gdisk /dev/nvme0n1

EFI system partition (ESP)
- 512M
- GPT GUID: EF00
System partition
- all available disk
- GPT GUID: 8304

Important to remember GPT GUIDs since we are using systemd initramfs and discoverable partitions for booting. Relevant for the initramfs section.

mkfs.vfat -F32 /dev/nvme0n1p1
cryptsetup luksFormat /dev/nvme0n1p2
cryptsetup open /dev/nvme0n1p2 root
cryptsetup --perf-no_read_workqueue --perf-no_write_workqueue --allow-discards --persistent refresh root
mkfs.btrfs /dev/mapper/root

We also add support

btrfs subvolumes

This list is currently inspired by the opensuse BTRFS setup.

/ → @root
/home → @home
/srv → @srv
/var → @var

Note that we are adding @root-snapshots and @home-snapshots for snapper. But later.

Now we are making all the subvolumes. I like doing them on a pivot partitions. We don't care about access time and rest of the flags should be applied by btrfs automatically.

mkdir /mnt_tmp
mount -o relatime,compress=zstd /dev/mapper/root /mnt_tmp
btrfs subvolume create /mnt_tmp/@root

Create for each partition under /mnt_tmp, then umount /mnt_tmp. We also use btrfs subvolume set-default 256 / for systemd initramfs to specify the root subvolume.

Later if we DO need to mount the actual root we need to specify the subvolid 5 which is a magic number: mount -osubvolid=5 /dev/mapper/root /var/btrfs

Then mount each respective directory to /mnt. Don't forget to mount /dev/nvme0n1p1 to /efi.

mount -o relatime,compress=zstd,subvol=@root /dev/mapper/root /mnt
mount -o relatime,compress=zstd,subvol=@var /dev/mapper/root /mnt/var
mount -o relatime,compress=zstd,subvol=@srv /dev/mapper/root /mnt/srv
mkdir /mnt/efi
mount /dev/nvme0n1p1 /mnt/efi

We mount /dev/nvme0n1p1 to /mnt/efi because we are using the new UEFI stub system for mkinitcpio. See next section :)

This is the base packages. Rest are pulled inn by my system packages.

pacstrap /mnt base base-devel linux linux-firmware btrfs-progs

Create fstab: genfstab -U /mnt >> /mnt/etc/fstab

initramfs - systemd

We do the systemd enabled initramfs. This allows us to simplify boot with discoverable partitions as we used the proper GPT GUIDs during partitioning earlier.

--- /etc/mkinitcpio.conf	2021-08-12 14:54:44.835669088 +0200
+++ /etc/mkinitcpio.conf	2021-07-22 20:30:18.593193125 +0200
@@ -49,7 +49,7 @@
 #
 ##   NOTE: If you have /usr on a separate partition, you MUST include the
 #    usr, fsck and shutdown hooks.
-HOOKS=(base udev autodetect modconf block filesystems keyboard fsck)
+HOOKS=(base systemd autodetect modconf block keyboard sd-encrypt filesystems)

 # COMPRESSION
 # Use this to compress the initramfs image. By default, zstd compression

Changes to /etc/mkinitcpio.d/linux.preset. Note this requires mkinitcpio 31 and beyond.

--- /etc/mkinitcpio.d/linux.preset	2021-08-13 18:54:44.835669088 +0200
+++ /etc/mkinitcpio.d/linux.preset	2021-07-22 20:30:18.593193125 +0200
@@ -2,13 +2,10 @@

 ALL_config="/etc/mkinitcpio.conf"
 ALL_kver="/boot/vmlinuz-linux"

- PRESETS=('default' 'fallback')
+ PRESETS=('default')

-#default_config="/etc/mkinitcpio.conf"
-default_image="/boot/initramfs-linux.img"
-#default_options=""
-
-#fallback_config="/etc/mkinitcpio.conf"
-fallback_image="/boot/initramfs-linux-fallback.img"
-fallback_options=""
+default_image="/boot/initramfs-linux-systemd.img"
+default_efi_image="/efi/EFI/Linux/arch-linux.efi"
+default_options="--splash /usr/share/systemd/bootctl/splash-arch.bmp"

For the kernel cmdline options we are using /etc/kernel/cmdline as that is what mkinitcpio will be using to read from to create our boot entry.

$ cat /etc/kernel/cmdline
rw quiet bgrt_disable nowatchdog

Regenerate the linux iniramfs with mkinitcpio so we get our options mkinitcpio -P. The important part is to have the UEFI stub generation.

[..snip..]
==> Starting build: 5.13.10-arch1-1
  -> Running build hook: [base]
  -> Running build hook: [systemd]
  -> Running build hook: [autodetect]
  -> Running build hook: [modconf]
  -> Running build hook: [block]
  -> Running build hook: [keyboard]
  -> Running build hook: [sd-encrypt]
  -> Running build hook: [filesystems]
==> Generating module dependencies
==> Creating zstd-compressed initcpio image: /boot/initramfs-linux.img
==> Image generation successful
==> Creating UEFI executable: /efi/EFI/Linux/arch-linux.efi
  -> Using UEFI stub: /usr/lib/systemd/boot/efi/linuxx64.efi.stub
  -> Using kernel image: /lib/modules/5.13.10-arch1-1/vmlinuz
  -> Using os-release file /etc/os-release
==> UEFI executable generation successful

Tips and Tricks

Run makepkg as sudo

Never actually use this: env EUID=1000 makepkg -srcf

Disable work queues for cryptsetup

cryptsetup sector size

https://fedoraproject.org/wiki/Changes/LUKSEncryptionSectorSize

λ ~ » sudo blockdev --getpbsz /dev/nvme0n1
512
λ ~ » sudo nvme id-ns -H /dev/nvme0n1
[snip]
LBA Format  0 : Metadata Size: 0   bytes - Data Size: 512 bytes - Relative Performance: 0 Best (in use)
                                                      ^^^^^^^^^ sector size
λ ~ » sudo cryptsetup luksDump /dev/nvme0n1p2 | grep sector
	sector: 512 [bytes]

This should be autoselected with new cryptsetup. But not sure if this applies to NVME? https://gitlab.com/cryptsetup/cryptsetup/-/blob/master/docs/v2.4.0-ReleaseNotes#L167 Note for the future: Get a NVME which supports sector size 4096?

https://openzfs.github.io/openzfs-docs/Performance%20and%20Tuning/Hardware.html?highlight=sector#nvme-low-level-formatting

mkinitcpio

Test package for /etc/kernel/cmdline.d for laptop specific settings

misc stuff

xdg-mime default org.pwmt.zathura.desktop application/pdf
xdg-settings set default-web-browser org.qutebrowser.qutebrowser.desktop

Some Wiki