---
tags: 環境構築,Arch Linux
---
# デスクトップPC設定
## ToDo
- [x] Windows 10 インストールメディア(USBメモリ)用意
- [x] Windows 10 インストール
- [x] Windows Cドライブ縮小(200GB)
- [x] 起動ディスク一時変更(USB storage device)
- [x] ArchLinux インストールメディア(USBメモリ)用意
- [x] ArchLinux起動テスト
- [x] memtest86(5.01)
- [x] Ethernetケーブル接続
- [x] 疎通確認(ping 1.1.1.1)
- [x] 暫定ssh daemon起動
- [x] X1Cからログイン
- [x] Arch用パーティション用意
- [x] LUKSセットアップ
- [x] ファイルシステム設定
- [x] マウント
- [x] NTP設定
- [x] pacman mirror設定
- [x] 初期パッケージインストール
- [x] fstab生成
- [x] 時刻設定
- [x] locale設定
- [x] hostname設定
- [x] mkinitcpio
- [x] rootパスワード設定
- [x] ブートローダインストール
- [x] 再起動
- [x] 起動ディスク戻す
- [x] Win10ログインできるか確認
- [x] Archログイン
- [x] ユーザ作製
- [x] visudo
## コマンド
### base system install
```bash
gdisk /dev/nvme0n1
c
4
Windows C-drive
n
+250G
n
w
Y
cryptsetup benchmark
# Tests are approximate using memory only (no storage IO).
PBKDF2-sha1 2490679 iterations per second for 256-bit key
PBKDF2-sha256 4396545 iterations per second for 256-bit key
PBKDF2-sha512 1801676 iterations per second for 256-bit key
PBKDF2-ripemd160 911805 iterations per second for 256-bit key
PBKDF2-whirlpool 724154 iterations per second for 256-bit key
argon2i 7 iterations, 1048576 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time)
argon2id 7 iterations, 1048576 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time)
# Algorithm | Key | Encryption | Decryption
aes-cbc 128b 1256.5 MiB/s 4302.2 MiB/s
serpent-cbc 128b 106.3 MiB/s 717.5 MiB/s
twofish-cbc 128b 213.2 MiB/s 418.5 MiB/s
aes-cbc 256b 961.2 MiB/s 3543.7 MiB/s
serpent-cbc 256b 111.0 MiB/s 717.6 MiB/s
twofish-cbc 256b 220.9 MiB/s 418.5 MiB/s
aes-xts 256b 2070.5 MiB/s 2073.6 MiB/s
serpent-xts 256b 712.6 MiB/s 698.9 MiB/s
twofish-xts 256b 413.6 MiB/s 412.9 MiB/s
aes-xts 512b 1822.7 MiB/s 1823.4 MiB/s
serpent-xts 512b 714.4 MiB/s 698.7 MiB/s
twofish-xts 512b 414.5 MiB/s 412.6 MiB/s
cryptsetup -v luksFormat /dev/nvme0n1p5
cryptsetup open /dev/nvme0n1p5 cryptroot
mkfs.btrfs -L "Arch Linux" /dev/mapper/cryptroot
mount /dev/mapper/cryptroot /mnt
btrfs subvolume create /mnt/@root
btrfs subvolume create /mnt/@home
btrfs subvolume create /mnt/@var
umount /mnt
mount -o noatime,ssd,compress=zstd,space_cache,subvol=@root /dev/mapper/cryptroot /mnt
mkdir /mnt/boot /mnt/home /mnt/var
mount /dev/nvme0n1p2 /mnt/boot
mount -o noatime,ssd,compress=zstd,space_cache,subvol=@home /dev/mapper/cryptroot /mnt/home
mount -o noatime,ssd,compress=zstd,space_cache,subvol=@var /dev/mapper/cryptroot /mnt/var
timedatectl set-ntp true
vim /etc/pacman.d/mirrorlist
pacman -Sy pacman-contrib archlinux-keyring
pacstrap /mnt base base-devel linux linux-firmware linux-headers efibootmgr dosfstools cryptsetup btrfs-progs netctl net-tools dhcpcd dhclient inetutils networkmanager openssh usbutils vim sudo git which man-db man-pages
genfstab -t PARTUUID -p /mnt >> /mnt/etc/fstab
arch-chroot /mnt
ln -sf /usr/share/zoneinfo/Asia/Tokyo /etc/localtime
hwclock --systohc --utc
vim /etc/locale.gen
locale-gen
echo LANG=en_US.UTF-8 > /etc/locale.conf
echo KEYMAP=jp106 > /etc/vconsole.conf
echo yohanesu > /etc/hostname
vim /etc/hosts
vim /etc/mkinitcpio.conf
HOOKS=(base systemd autodetect modconf block keymap encrypt filesystems keyboard fsck)
cp /etc/crypttab /etc/crypttab.initramfs
vim /etc/crypttab.initramfs
luks-<LUKSなpartのUUID> UUID=<UUID> none luks,timeout=120
mkinitcpio -p linux
pacman -S amd-ucode
bootctl install
vim /boot/loader/entries/arch.conf
title Arch Linux
linux /vmlinuz-linux
initrd /amd-ucode.img
initrd /initramfs-linux.img
# encrypt hook
# options cryptdevice=/dev/nvme0n1p5:cryptroot root=/dev/mapper/cryptroot rootflags=subvol=@root rw
# sd-encrypt
options luks.uuid=<UUID> luks.options=allow-discards root=/dev/mapper/luks-<さっきのUUID> rootflags=subvol=@root rw
vim /boot/loader/loader.conf
default arch
timeout 5
console-mode max
editor no
passwd
systemctl enable NetworkManager
useradd -m -G wheel -s /bin/bash sksat
passwd sksat
EDITOR=vim visudo
```
### ユーザーセットアップ
```bash
mkdir build
cd build
git clone https://aur.archlinux.org/yay.git
cd yay
makepkg -si
yay
yay -S xorg-server xorg-xinit
yay -S i3-wm i3blocks rofi sakura
yay -S otf-ipafont ibus ibus-mozc
yay -S firefox vivaldi-snapshot vivaldi-snapshot-ffmpeg-codecs vivaldi-widevine
cd ~
vim .bashrc
export EDITOR=vim
export TERMINAL=sakura
vim .xinitrc
export GTK_IM_MODULE=ibus
export QT_IM_MODULE=ibus
export XMODIFIERS=@im=ibus
ibus-daemon -rdx
exec i3
```
## パーティション
- nvme0n1
- p1(529MiB) Windowsのなんか
- p2(100MiB) EFI System
- p3(16MiB) Microsoft reserved
- p4(199.4GiB) Windows C-drive
- p5(250GiB) Arch Linux
- 77814dc1-849e-425d-8f40-aaaf83dd7991
- p6(26.9GiB) shared
### 初期状態
```
Disk /dev/nvme0n1: 1000215216 sectors, 476.9 GiB
Model: ADATA SX8200PNP
Sector size (logical/physical): 512/512 bytes
Disk identifier (GUID): F1425CA5-EF88-47E5-B21E-E5FD25D18A7F
Partition table holds up to 128 entries
Main partition table begins at sector 2 and ends at sector 33
First usable sector is 34, last usable sector is 1000215182
Partitions will be aligned on 2048-sector boundaries
Total free space is 580784749 sectors (276.9 GiB)
Number Start (sector) End (sector) Size Code Name
1 2048 1085439 529.0 MiB 2700 Basic data partition
2 1085440 1290239 100.0 MiB EF00 EFI system partition
3 1290240 1323007 16.0 MiB 0C01 Microsoft reserved ...
4 1323008 419432447 199.4 GiB 0700 Basic data partition
```
### 変更後
```
Number Start (sector) End (sector) Size Code Name
1 2048 1085439 529.0 MiB 2700 Basic data partition
2 1085440 1290239 100.0 MiB EF00 EFI system partition
3 1290240 1323007 16.0 MiB 0C01 Microsoft reserved ...
4 1323008 419432447 199.4 GiB 0700 Windows C-drive
5 419432448 943720447 250.0 GiB 8309 Arch Linux
6 943720448 1000215182 26.9 GiB 0700 shared
```
## SSD追加(1TB)
```
$ mkdir ~/backup/0811/
$ sudo btrfs subvolume snapshot -r / backup/0811/root
Create a readonly snapshot of '/' in 'backup/0811/root'
ERROR: cannot snapshot '/': Text file busy
$ sudo btrfs subvolume snapshot -r /home backup/0811/home
Create a readonly snapshot of '/home' in 'backup/0811/home'
$ sudo btrfs subvolume snapshot -r /opt backup/0811/opt
Create a readonly snapshot of '/opt' in 'backup/0811/opt'
$ sudo btrfs subvolume snapshot -r /var backup/0811/var
Create a readonly snapshot of '/var' in 'backup/0811/var'
$ sudo cgdisk /dev/nvme1n1
$ sudo mkfs.btrfs -L 'Arch Linux' /dev/nvme1n1p1
btrfs-progs v5.7
See http://btrfs.wiki.kernel.org for more information.
Detected a SSD, turning off metadata duplication. Mkfs with -m dup if you want to force metadata duplication.
Label: Arch Linux
UUID: 1143da7e-a5a0-453c-b6d5-5c7fc3a74379
Node size: 16384
Sector size: 4096
Filesystem size: 953.87GiB
Block group profiles:
Data: single 8.00MiB
Metadata: single 8.00MiB
System: single 4.00MiB
SSD detected: yes
Incompat features: extref, skinny-metadata
Runtime features:
Checksum: crc32c
Number of devices: 1
Devices:
ID SIZE PATH
1 953.87GiB /dev/nvme1n1p1
$ sudo mount /dev/nvme1n1p1 /mnt
$ sudo btrfs subvolume create /mnt/@root
Create subvolume '/mnt/@root'
$ sudo mount /dev/nvme1n1p1 -o subvol=@root /mnt
$ sudo btrfs send backup/0811/var | sudo btrfs receive /mnt
At subvol backup/0811/var
At subvol var
$ sudo umount -R /mnt
$ sudo mount -o noatime,ssd,compress=zstd,space_cache,subvol=@root /dev/nvme1n1p1 /mnt
$ sudo mkdir /mnt/boot
$ sudo mount /dev/nvme0n1p2 /mnt/boot
$ sudo mkdir /mnt/home /mnt/var /mnt/opt
$ sudo mount -o noatime,ssd,compress=zstd,space_cache,subvol=home /dev/nvme1n1p1 /mnt/home
$ sudo mount -o noatime,ssd,compress=zstd,space_cache,subvol=var /dev/nvme1n1p1 /mnt/var
$ sudo mount -o noatime,ssd,compress=zstd,space_cache,subvol=opt /dev/nvme1n1p1 /mnt/opt
$ yay -S arch-install-scripts
$ sudo btrfs property set /mnt/var ro false
$ sudo btrfs property set /mnt/opt ro false
$ sudo btrfs property set /mnt ro false
$ sudo umount /mnt/var
$ sudo btrfs subvolume delete -i 302 /mnt # var
$ sudo pacstrap -i /mnt base base-devel linux linux-firmware linux-headers efibootmgr dosfstools cryptsetup btrfs-progs netctl net-tools dhcpcd dhclient inetutils networkmanager openssh usbutils vim sudo git which man-db man-pages
$ sudo genfstab -t PARTUUID -p /mnt >> /mnt/etc/fstab
$ yay -Qqe > pkglist.txt
$ sudo mv pkglist /mnt
$ sudo cp /etc/pacman.d/mirrorlist /mnt/etc/pam.d/
$ sudo cp /etc/locale.gen /mnt/etc/
$ sudo cp /etc/locale.conf /mnt/etc/
$ sudo cp /etc/vconsole.conf /mnt/etc/
$ sudo cp /etc/hostname /mnt/etc/
$ sudo cp /etc/hosts /mnt/etc/
$ sudo cp /etc/mkinitcpio.conf /mnt/etc/
$ sudo cp /etc/crypttab /mnt/etc/
$ sudo btrfs property set /mnt/home ro false
$ sudo rm /boot/initramfs-linux*
$ sudo rm /boot/vmlinuz*
$ sudo rm /boot/amd-ucode.img
$ sudo arch-chroot /mnt
# cd home/sksat/pkg
# git clone https://aur.archlinux.org/yay.git
# cd yay
# cd
# ln -sf /usr/share/zoneinfo/Asia/Tokyo /etc/localtime
# hwclock --systohc --utc
# locale-gen
# pacman -S linux-zen amd-ucode
# bootctl install
# useradd -m -G wheel -s /bin/bash sksat
# passwd sksat
# EDITOR=vim visudo
# pacman -S linux-firmware linux-headers efibootmgr dosfstools btrfs-progs netctl net-tools dhcpcd dhclient inetutils networkmanager openssh usbutils vim sudo git which man-db man-pages
# systemctl enable NetworkManager
# vim /boot/loader/entries/arch.conf # PARTUUIDだけ093bab9b-bdff-49d5-8fa3-21052e12be63に変更
# exit
再起動
```
```
$ sudo mkfs.btrfs -L 'Arch Linux' /dev/nvme1n1p1
$ sudo mount /dev/nvme1n1p1 /mnt
$ sudo btrfs subvolume create /mnt/@root
$ sudo btrfs subvolume snapshot -r /opt backup/0812/opt
$ sudo btrfs subvolume snapshot -r /home backup/0812/home
$ sudo btrfs send backup/0812/opt | sudo btrfs receive /mnt
$ sudo btrfs send backup/0812/home | sudo btrfs receive /mnt
$ sudo btrfs property set /mnt/opt ro false
$ sudo btrfs property set /mnt/home ro false
$ sudo umount -R /mnt
$ sudo mount /dev/nvme1n1p1 /mnt -o subvol=@root
$ sudo mkdir /mnt/home /mnt/opt
$ sudo mount /dev/nvme1n1p1 /mnt/home -o subvol=home
$ sudo mount /dev/nvme1n1p1 /mnt/opt -o subvol=opt
$ sudo pacstrap -i /mnt base base-devel linux-zen linux-firmware linux-headers efibootmgr dosfstools cryptsetup btrfs-progs netctl net-tools dhcpcd dhclient inetutils networkmanager openssh usbutils vim sudo git which man-db man-pages
$ sudo genfstab -t PARTUUID -p /mnt >> /mnt/etc/fstab
$ yay -Qqe > pkglist.txt
$ sudo mv pkglist.txt /mnt
$ sudo cp /etc/pacman.d/mirrorlist /mnt/etc/pam.d/
sudo cp /etc/locale.gen /mnt/etc/
sudo cp /etc/locale.conf /mnt/etc/
sudo cp /etc/vconsole.conf /mnt/etc/
sudo cp /etc/hostname /mnt/etc/
sudo cp /etc/hosts /mnt/etc/
sudo cp /etc/mkinitcpio.conf /mnt/etc/
$ sudo mount /dev/nvme0n1p2 /mnt/boot
sudo rm /mnt/boot/initramfs-linux*
sudo rm /mnt/boot/vmlinuz*
sudo rm /mnt/boot/amd-ucode.img
$ sudo arch-chroot /mnt
# ln -sf /usr/share/zoneinfo/Asia/Tokyo /etc/localtime
hwclock --systohc --utc
locale-gen
# pacman -S linux-zen amd-ucode
# pacman -S linux-firmware linux-headers efibootmgr dosfstools btrfs-progs netctl net-tools dhcpcd dhclient inetutils networkmanager openssh usbutils vim sudo git which man-db man-pages
# bootctl install
# passwd
# useradd -m -G wheel -s /bin/bash sksat
passwd sksat
# EDITOR=vim visudo
# systemctl enable NetworkManager
# vim /boot/loader/entries/arch.conf # PARTUUIDだけ5b5280ac-6a58-4bce-ac93-d43440eb33d9に変更
# exit
$ sudo umount -R /mnt
再起動
# pacman -S fish
$ cd build
$ git clone https://aur.archlinux.org/yay.git
$ cd yay
$ makepkg -si
$ yay
$ yay -S - < /pkglist.txt
```
Sign in with Wallet
Connect another wallet