From 04e8fe15d747aa65d61f03affee2bad925bec434 Mon Sep 17 00:00:00 2001
From: Bastian de Byl <bastian@bdebyl.net>
Date: Fri, 9 Oct 2020 22:01:55 -0400
Subject: [PATCH 1/2] CU-dcp47r updated archinstall post for clarity

---
 content/post/archinstall.md | 204 +++++++++++++++++++++++++++---------
 1 file changed, 155 insertions(+), 49 deletions(-)

diff --git a/content/post/archinstall.md b/content/post/archinstall.md
index de3dc2f..11a0cc1 100644
--- a/content/post/archinstall.md
+++ b/content/post/archinstall.md
@@ -25,24 +25,103 @@ better understanding of the tools and methods used.
      (type: `8e00`)
 1. Make the the EFI/boot partition FAT32 via `mkfs.fat -F32`
 
+## Partitioning with `fdisk`
+
+{{% admonition warning Warning %}}
+This operation will destroy any data on the device, please ensure to back up
+any data desired prior to this operation!
+{{% /admonition %}}
+
+{{% admonition info Info %}}
+Replace instances of `/dev/sdN` with your actual device name (e.g. `/dev/sda`).
+References specific to partitions will be stated as such (e.g. `/dev/sdN1`,
+`/dev/sdN2`)
+{{% /admonition %}}
+
+1. Remove any existing partitions on the drive:
+
+   ```bash
+   $ dd if=/dev/zero of=/def/sdN bs=4M count=1
+   1+0 records in
+   1+0 records out
+   4194304 bytes (4.2 MB, 4.0 MiB) copied, 0.499143 s, 8.4 MB/s
+   ```
+
+1. Create a new `gpt` partition table with `fdisk`:
+
+   ```bash
+   $ sudo fdisk /dev/sdN
+
+   Command (m for help): g
+   Created a new GPT disklabel (GUID: 07D99608-7AE7-1144-8BCA-BDF9833DAFD0).
+
+   Command (m for help): p
+
+   Command (m for help): n
+   Partition number (1-128, default 1):
+   First sector (2048-15155166, default 2048):
+   Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-15155166, default
+   15155166): +512M
+
+   Created a new partition 1 of type 'Linux filesystem' and of size 512 MiB.
+
+   Command (m for help): t
+   Selected partition 1
+   Partition type or alias (type L to list all): 1
+   Changed type of partition 'Linux LVM' to 'EFI System'.
+
+   Command (m for help): n
+   Partition number (2-128, default 2):
+   First sector (1050624-15155166, default 1050624):
+   Last sector, +/-sectors or +/-size{K,M,G,T,P} (1050624-15155166, default
+   15155166):
+
+   Created a new partition 2 of type 'Linux filesystem' and of size 6.7 GiB.
+
+   Command (m for help): t
+   Partition number (1,2, default 2):
+   Partition type or alias (type L to list all): 30
+
+   Changed type of partition 'Linux filesystem' to 'Linux LVM'.
+
+   Command (m for help): w
+   The partition table has been altered.
+   Calling ioctl() to re-read partition table.
+   Syncing disks.
+
+   $ fdisk -l /dev/sdN
+   ...
+   Disklabel type: gpt
+
+   Device       Start      End  Sectors  Size Type
+   /dev/sdN1     2048  1050623  1048576  512M EFI System
+   /dev/sdN2  1050624 15155166 14104543  6.7G Linux LVM
+   ```
+
 # Encryption
 
 1. Format the Linux LVM partition:
 
    ```bash
-   cryptsetup luksFormat /dev/sdaN
+   cryptsetup luksFormat /dev/sdN2
    Enter passphrase:
    ```
 
-   **Note:** _Remember your passphrase! You will need this every time you boot
-   your computer_
+   {{< sub >}}
+   Remember your passphrase! You will need this every time you boot
+   your computer
+   {{< /sub >}}
+
 1. Create a mapping for your Linux LVM (LUKS):
 
    ```bash
-   cryptsetup open --type luks /dev/sdaN <map_name>
+   cryptsetup open --type luks /dev/sdN2 <map_name>
    ```
 
-   _Use whatever name you want. Ex. `lvm`, `volume`, etc._
+   {{< sub >}}
+   Use whatever name you want. Ex. `lvm`, `volume`, etc.
+   {{< /sub >}}
+
 1. Create the physical volume, volume group, and logical volumes for
    `<map_name>` specified in the previous step:
 
@@ -51,19 +130,28 @@ better understanding of the tools and methods used.
    vgcreate <volume_name> /dev/mapper/<map_name>
    ```
 
-   _Use whatever volume name you want. Ex. `volume`, `main`, `linux`, etc._
+   {{< sub >}}
+   Use whatever volume name you want. Ex. `volume`, `main`, `linux`, etc.
+   {{< /sub >}}
 
    ```bash
    lvcreate -L2G <volume_name> -n swap
    ```
 
-   _Select size for swap, if desired. Here we use `2G` for 2Gb._
+   {{< sub >}}
+   Select size for swap, if desired. Here we use `2G` for 2Gb.
+   {{< /sub >}}
 
    ```bash
    lvcreate -L16G <volume_name> -n root
    lvcreate -l 100%FREE <volume_name> -n home
    ```
 
+   {{< sub >}}
+   Set your `root` partition size and `home` size if using separate `/home`
+   partition. Otherwise, simply create your `-l 100%FREE` volume.
+   {{< /sub >}}
+
 1. Specify and write the desired filesystems:
 
    ```bash
@@ -81,7 +169,7 @@ better understanding of the tools and methods used.
    mkdir /mnt/home
    mkdir /mnt/boot
    mount /dev/mapper/<volume_name>-home /mnt/home
-   mount /dev/sdaN /mnt/boot
+   mount /dev/sdN1 /mnt/boot
    swapon /dev/mapper/<volume_name>-swap
    ```
 
@@ -89,11 +177,18 @@ better understanding of the tools and methods used.
    `wifi-menu`, or other, to connect to the internet at this point._):
 
    ```bash
-   pacstrap /mnt base base-devel
+   pacstrap /mnt base base-devel linux linux-firmware lvm2 dhclient
    ```
 
+   {{< sub >}}
+   Here we are using `linux` kernel as an example, though you may want to use
+   `linux-hardened`
+   {{< /sub >}}
+
 # Set-up Linux Installation
 
+## Generate `fstab`
+
 1. Generate the `fstab`:
 
    ```bash
@@ -106,55 +201,66 @@ better understanding of the tools and methods used.
    arch-chroot /mnt
    ```
 
-1. Configure `initramfs`:
-   1. Edit `HOOKS` in `/etc/mkinitcpio.conf` using text editor of your choice
-      (e.g. `vi`, `nano`, etc.). Move the `keyboard` hook before `filesystems`,
-      and add `encrypt` and `lvm2` hooks **before** `filesystems`:
+## Configure `initramfs`
 
-      ```bash
-      $ egrep '^HOOKS' /etc/mkinitcpio.conf
-      HOOKS=(base udev autodetect modconf block keyboard encrypt lvm2 filesystems fsck)
-      ```
+1. Edit `HOOKS` in `/etc/mkinitcpio.conf` using text editor of your choice
+   (e.g. `vi`, `nano`, etc.). Move the `keyboard` hook before `filesystems`,
+   and add `encrypt` and `lvm2` hooks **before** `filesystems`:
 
-      _Read the comment documentation on `HOOKS` in the document to find out
-      more._
+   ```bash
+   $ egrep '^HOOKS' /etc/mkinitcpio.conf
+   HOOKS=(base udev autodetect modconf block keyboard encrypt lvm2 filesystems fsck)
+   ```
 
-   1. Generate `initramfs`:
+   {{< sub >}}
+   Read the comment on `HOOKS` in the `mkinitcpio.conf` file to find out more.
+   {{< /sub >}}
 
-      ```bash
-      mkinitcpio -p linux
-      ```
+1. Generate `initramfs`:
 
-1. Install a bootloader (e.g. `systemd-boot`, `grub`, `syslinux`, etc.):
-   1. I will be using `systemd-boot`
+   ```bash
+   mkinitcpio -p linux
+   ```
 
-      ```bash
-      bootctl --path=/boot/ install
-      ```
+## Configure bootloader
 
-   1. Edit the loader configuration using a text editor of your choice:
+Install a bootloader (e.g. `systemd-boot`, `grub`, `syslinux`, etc.) and
+configure it as per it's documentation/installation steps.
 
-      ```bash
-      $ cat /boot/loader/loader.conf
-      default arch
-      timeout 3
-      editor 0
-      ```
+### Bootloader Example: `systemd-boot`
 
-   1. Create the loader entry for the default `arch` entry specified above (_You
-      can edit this name if desired._). Use `blkid /dev/sdaN` to find the UUID
-      of your crypt device, and recall the volume name you gave your device
-      above (_`main` in example below_):
+1. I will be using `systemd-boot`
 
-      ```bash
-      $ cat /boot/loader/entries/arch.conf
-      title Arch Linux
-      linux /vmlinuz-linux.img
-      initrd /initramfs-linux.img
-      options cryptdevice=UUID=9f1fc119-b1dc-49d8-9a5a-686ad9e2fd2e:volume root=/dev/mapper/main-root quiet rw
-      ```
+   ```bash
+   bootctl --path=/boot/ install
+   ```
+
+1. Edit the loader configuration using a text editor of your choice:
+
+   ```bash
+   $ cat /boot/loader/loader.conf
+   default arch
+   timeout 3
+   editor 0
+   ```
+
+1. Create the loader entry for the default `arch` entry specified above (_You
+   can edit this name if desired._). Use `blkid /dev/sdNx` to find the UUID
+   of your crypt device, and recall the volume name you gave your device
+   above (_`main` in example below_):
+
+   ```bash
+   $ cat /boot/loader/entries/arch.conf
+   title Arch Linux
+   linux /vmlinuz-linux.img
+   initrd /initramfs-linux.img
+   options cryptdevice=UUID=9f1fc119-b1dc-49d8-9a5a-686ad9e2fd2e:volume root=/dev/mapper/main-root quiet rw
+   ```
+
+## Configure finishing touches
+
+1. Create a root password using `passwd`
 
-1. Create a root password using `passwd`.
 1. Set a hostname:
 
    ```bash
@@ -168,7 +274,7 @@ better understanding of the tools and methods used.
    hwclock --systohc --utc
    ```
 
-1. Set the locale to `en_US`:
+1. Set the locale (_example for `en_US`_):
 
    ```bash
    sed -i 's/^\#en_US/en_US/' /etc/locale.gen
@@ -176,7 +282,7 @@ better understanding of the tools and methods used.
    locale > /etc/locale.conf
    ```
 
-1. Done!
+1. Exit and reboot:
 
    ```bash
    exit

From f7191869c7e140f1f538b3f34c5f3f9f3f1a8fff Mon Sep 17 00:00:00 2001
From: Bastian de Byl <bastian@bdebyl.net>
Date: Fri, 9 Oct 2020 22:03:36 -0400
Subject: [PATCH 2/2] CU-dcp47r added note under fdisk example block

---
 content/post/archinstall.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/content/post/archinstall.md b/content/post/archinstall.md
index 11a0cc1..6e246ec 100644
--- a/content/post/archinstall.md
+++ b/content/post/archinstall.md
@@ -98,6 +98,12 @@ References specific to partitions will be stated as such (e.g. `/dev/sdN1`,
    /dev/sdN2  1050624 15155166 14104543  6.7G Linux LVM
    ```
 
+   {{< sub >}}
+   The above example `fdisk` run was done on an 8G USB drive and is provided
+   for reference purposes. Ignore the sizes listed above when comparing to your
+   installation.
+   {{< /sub >}}
+
 # Encryption
 
 1. Format the Linux LVM partition: