Arch Linux the Easy Way: Encrypted Wayland KDE, Timeshift, Working Boot from Snapshots

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

greetings everyone and welcome to another tutorial the rolling Arch Linux distribution is always evolving and so are my installation methods I'm excited to share them with you right after this [Music] I built the freshest Arch ISO this morning using the latest sources so I'm going to boot a fresh KVM with it I'm going to hit enter here to boot this Arch ISO which is the important first step in getting Arch Linux installed so these are the standard boot up messages from the kernel and other things starting up the services here we go kernel 6.0.12. which is current as of today all right um so if you need Wireless connectivity you know the drill iwctl and follow instructions archwiki has a lot of good instructions but uh we have DHCP configured correctly for this virtual machine if I type IPA you can see I have a local private address assigned so internet connectivity is working so since that's working Pac-Man Dash syy to synchronize the package databases and then we'll check for any updates that are available so Pac-Man syu ah there's already an update uh one package cloud in it so that's done so let's take a look here the font's a little bit small so let's fix that by typing set font Terminus 128n okay that's very nice and large so we're ready to go with uh Arch install which I will use to set up the basic defaults for a lux encrypted system and it looks like uh the font bug is still here it made the fonts tiny sorry guys but we'll just proceed here and select the region which in my case is United States where to get the packages from uh geographic location every Locale looks good drives the target Drive uh today will be a 64 gig vda device and for disk layout I'm going to choose wipe all selected drives and use best effort default partition layout butterfs for the main partition or the root partition we'll use the btrfs sub volumes with a default structure yes BTR RFS compression yes and for the Lux encryption uh lvm encryption we'll type in my uh password for today for this machine and we'll enter it again for verification that's good so for bootloader I'd like to be able to boot from snapshots using time shift so I will select yes as use grub as bootloader swap is zram Swap and we'll leave that set to true host name instead of Arch Linux that's kind of boring I'll call this machine Archie host name Archie root password will leave unset because we don't want to have root account accessible we'll add a user instead username of course will be Steven and I'll give myself a password actually once and enter it twice for verification as it says should Stephen be super user sudu yes like to become root using sudo confirm and exit looking pretty good next for the profile I'm going to choose the minimal a very basic installation that allows you to customize Arch Linux as you see fit and that's perfect because we just want to use Arch install to set up the drive and the encryption really basically so audio will leave us none kernels as Linux I'll set up later additional packages I do want to include some utilities here uh git I'll need Nano for editing open SSH it's always good to have if you want to remote into your installed system Terminus font to fix the tiny font issue or rather to have you guys be able to read what I'm typing here again bear with me I'll fix this as soon as I can for networking I'll just copy the iso network configuration to installation that works for DHCP in my case uh we'll install network manager and all the tools later for the time zone I will choose U.S Pacific since that's where I am and we'll use automatic time sync and TP is true so Network time protocol synchronizes the clock option repositories I'll use the multi-lib 32-bit Library repository enabled so I always like to do that and we'll just hit enter on install and to encrypt I'll choose index number one which is the primary uh btrfest root file system to encrypt so I'll select one here enter the continue so it just gives you a summary that usually is mostly off screen and just hit enter to begin the install process and so which is partitions encryptions to drive sets up the butter FS or ptrfs sub volumes downloads installs the packages enables various services and it's done so um let's do post installation configurations charroot so let's check our file system table here Nano Etsy file system table or FS tab and as you can see it ignored my request for compression and also relay time is not very good for ssds that I usually have and space cache equals B2 is redundant here I'm going to instead type compress equals z standard for uh compression on the Fly that butterfest offers same thing for all the other sub volumes so root dot snapshots do no access time and compress equals z standard again these options for butterfs mounts reduce the right Cycles on your SSD because it has a limited uh lifespan of a number of rights that can tolerate Fort wears out so we'll also do the home sub volume also the Pac-Man package sub volume same thing here space cache equals version two is um automatically add it and I'll show you this uh in a bit when I check the mount options you know in our booted system so we also got the log sub volume effects so all the butterfs sub volumes I generally uh change the options this way I find that's very good for performance and least amount of wear on my solid state drives this has no effect on your rotating platters obviously maybe it increases the performance there as well I don't know I haven't tested it since I don't have rotating platters anymore okay next let's check the encryption here let's do Nano Etsy default grub oh yeah so Crypt device is set up already for us thank you Arch install and because this is a VM with a certain um resolution I like to type video equals 1920 by 1080. if you're on physical Hardware your chances are you won't need to do this as you can see Crypt device and the unique identifier is correct for the roots of volume so root FS type is butterfs everything looks good here on that file so we modified the grub configuration so we type grub make config Dash o uh boot grub grub.cfg exactly what the arch Wiki tells us to do and let me check one more file here Nano Etsy MK init copyio.com let's see what Arch installed it here never trust anything Arch install does unless you check yourself and you're happy with it so modules butterfs is good and it also loads the encrypt hook before it loads the file systems hook so Lux encryption is configured correctly it seems so far looks promising so uh we're done with post install config for now so let's exit and reboot it's cross fingers and hopefully this works but just as you can see Arch install has some bugs left uh it's just normal that's easily fixed right so Arch Linux okay Enter passphrase I'm going to enter the decryption for the uh Crypt lvm volume let it decrypt the volume so it can boot take a couple seconds here and there we go log into Stephen give it my password all right tiny fonts here so set font tur 128n because we installed the Terminus font earlier in Arch install additional packages that's much more legibly I hope for you guys sorry about the tiny fonts earlier just can't be helped so I'm checking the amount uh options here as you can see no access time compress equals z standard level 3 and space cache equals version two has been enabled automatically if this had been an SSD and a real SSD SSD would have been an option as well so let's make deer git because I'm on a pull uh my package lists from the public GitHub repo so I'll do I'll leave the link in the description below so git clone https colon github.com Stevens Tech talks slash Archie Linux and there we go I only have many files in there uh yet in this uh GitHub repo uh that may happen in the future depending on what my plans are okay so in pack lists uh and then today's date I've got a bunch of packages all date stamped so let's um install them but before we do that let me become root and configure Pac-Man first so sudo-s so sudo works and what I want to do is uh make sure we're synced up with the repository so Pac-Man Dash syy make sure another update hasn't snuck in there no it hasn't with syu that is so um let's Nano Etsy pacman.conf and what I want to do is go down here to miscellaneous options and enable color because I like color and for parallel downloads because we're downloading a bunch of packages we want to make this as quick as possible so we want to saturate the network connection today your experience moved very tremendously depending on where you are in the world so parallel downloads equals 10. is what I'll use to keep this video short so now we're ready uh to install these package lists so Pac-Man Dash s dash dash needed hyphen less than or greater than uh Arch Linux redirect that is Arch ISO underscore packed list 22.2212.16.text and we'll just hit enter and that lists a bunch of packages we need to download so you can see parallel downloads equals 10 speeds things up tremendously and it's done all that typing has been saved you just have to type it once and put the in these files so next I'd like to install the drivers list again you can modify these depending on your needs and your Hardware everybody needs different drivers so these are my drivers that I use for this VM so next I will install uh the networking uh packages or network related packages so I only install what I need yes I want iptables uh the new version nft install iptables the old version which comes from the archa ISO there we go and next what I want to do to certain order to these that I would suggest so next I would like to install the fonts a whole bunch of fonts it's like to have my interface my desktop KDE interface looking pretty more fonts the merrier again these are Latin based fonts Place uh with Cyrillic or other fonts as needed so once that's done I'm going to install the printing related packages look at all that typing I saved that's a lot of packages that would need to be typed using the traditional Arch way a lot of typing and a lot of fiddling with the installed system afterwards I'm kind of lazy in my older age I don't want to type too much I want to type it once and be done okay so uh next what I'd like to do is take care of the multimedia package list that's kind of short it pulls in a bunch of packages yeah parallel downloads equals 10 really works for me in my particular environment your mileage may vary as we say in the United States okay um next step is let's install the basic X Windows system server and that's done with all its uh associate utilities went quick now we can install all the KDE plasma packages the latest packages available from Arch repos we'll do the phonon qt5 G streamer that's the default we're using gstreamer in this install hit yes so a bunch of more packages for a complete KDE plasma environment have been downloaded and installed next and finally I'll have some miscellaneous apps that don't fit in any other other lists to download that includes uh filezilla Firefox etc etc and also LibreOffice fresh I like to have in my installed system to be productive right good so that's taken care of that saved me a whole bunch of typing let's enable uh system services and timers here so first we'll type systemctl enable avahi demon that's for um network discovery for example next we'll enable Bluetooth this VM doesn't have a Bluetooth uh adapter but I install it anyway because all my physical Hardware has Bluetooth I like to disable here the DHCP client Daemon or dhcpcd dot service because we'll be using network manager going forward so the arch ISO has the DHCP enabled so we don't want that now with the installed system so we disable that next we'll enable for Randomness random number generation etc etc the have get or have GED service I don't know how to pronounce that it's a good thing to have on the system especially for encryption purposes Etc cup service for printing I like to enable next like to enable the firewall Daemon firewall d ice I want that running as soon as possible for security purposes even though this is a secure private Network you never know if you have to connect to the public internet at a cafe for example sddm for the KDE plasma display manager and will also enable network manager with the aforementioned network manager and we'll also want to enable sshd for secure shelling into the system hander handy and also micropower we're controlling USB and other uh power system so anyway um power saving okay so ID Stephen shows I'm not a member of very many groups Arch installed and add me to very many groups because I did a minimal install so let me fix that by adding myself to additional groups for the best experience right so user mod Dash a capital G I like to add my account to Sis ADM Network scanner power Unix to Unix copy our UCP audio Legacy like line printing or LP RF kill to control my radio cards like Wi-Fi and Bluetooth video storage Optical otherwise I'll have any Optical drives anymore but it's good to have users and we'll do a new line here looks good and uh yeah the account is Steven that we'd like to apply this modification to so now if I type I ID Steven you'll see I've been added magically to all these additional groups that's good so let's reboot and here comes the important thing the smoke test as it were hoping after I enter the password for decryption here uh I hope to be greeted with the sddm or simple display manager I think it's called then we should have access to KDE plasma desktop so let's see what happens and there it is so we have plasma Whelan session available so I installed the William packages and also X11 let's stay with Weyland 's working really well with KDE lately so well and it is finally okay so there we go not quite so psychedelic default wallpaper thank you KDE team so let's switch for my eyes of my accessibility needs to Breeze dark and like to select clicking files or folders selects them and then double click to open so I'll click apply like that behavior and uh on display I will fix the screen resolution 1920x1080 and I'll select the scale to 150. make the screen more legible For You YouTube viewers out there apply applies instantly Wayland however I'm going to do is log out and log back in again because I found some of the fonts can look a little funky if I don't do this so let me just log out quickly log back in again to reload the Weyland plasma session and we should have nice crisp ish crispy fonts look how pretty they are so here we have the firewall already enabled it's assumed public oh that's fine yeah that works yeah it looks like everything works here sound everything so yeah um my list includes a lot of different connection types including all kinds of vpns that might be handy in Bridge and all that stuff that's available to you pretty much threw in everything and the kitchen sink so let's open uh console here let me drag this down to the taskbar open console and the font's still a little bit small let me nudge it up one notch there we go hopefully you can read it so neofetch shows that we have just a little over a thousand packages installed this is running plasma 5.26.4 it's not quite 5.27 3.8 shows zram is working great I don't have too much RAM used it's still building the database for search Etc so yeah um lsblk shows the Crypt lvm is under vda2 which is the entire btrfs file system and all the sub volumes df-8 shows those thousand packages taking around six gigs of disk space not too bad because we installed a lot of packages if you're gonna do this once mice will do it right right so you have a working system right out of the box at least that's my view so let's enable Aur by typing git clone https colon slash a u r dot Arch Linux dot org slash paru I like paru as the Aur Helper because it's written in Rust and works really well for me I like the way it works better than yay but you might like yay so you know what to do if you want yay so CD Paro make package Dash SI builds the package and installs it so it asks for the password for elevating privileges so it downloads rust I prefer rust package over rust up because that's more system close but usually if I develop rust I use rust up instead for a local install of rust all right let's proceed with the installation and it's done so let me change to my home directory with CD let me type uh paru to test it it looks like it works great no updates so let's remove the build directory with rm-fr paru cool because now we can install packages from the Aur which is time shift for example which we want to use today so power time shift shows us a bunch of options I like to select option two here time shift Auto snap which should automatically pull in time shift and for every package update it creates an automatic snapshot using time shift so we'll select yes to everything here and um get going with that so it builds a whole bunch of things and it's installed the magic of video editing so it it suggests we also install grub Dash btrfs but before we do that um for booting from snapshots right so before we do that let me run time shift and configure it and then uh create the first snapshot for the freshly installed system so butterfs is detected it's fantastic no I don't want to include at home so again this is uh it's it shows the Lux uh encrypted butterfest root file system correctly snapshot levels everything uh should be fine as default for me again you may choose something else here scheduled uh no we won't include at home in backups I usually do standard backups for my personal files and we'll just finish here let's create our first snapshot which should be pretty much instant for butterfs all right very easy and butterfest so we'll call this first snapshot the base image as installed and there we go our first snapshot again before you do anything substantial with the system uh please be sure to make a snapshot first so you can always roll back if something goes wrong so uh let's go ahead with the optional dependency we do paru Dash capital S just like Pac-Man grub Dash B butterfs so again that adds a Grub Sub menu for booting from snapshots I'll demonstrate that in a moment so once that's installed looks like installed correctly so next step is let's sudo grub Dash mkconfig Dash o slash boot slash grub slash grub.cfg because we modified our grub configuration with the grub-bgrfs so we'll have to let the grub configuration know that we've done so so I found array the snapshot which is the on-demand base image as installed snapshot so it looks like everything is successful some warnings we can ignore all right and you can automate this uh using the documentation I'll link to in the description below for keeping the arch the group menu up to date so uh let's install duf um and uh let's type the UF here some people like to see this so here's duf for this system so of course with the snapshot we're using a little more space 6.7 gigs for the root file system not bad cool so let's uh close out of the console let me demonstrate the booting from snapshot functionality here let me restart and wait for the system to come up again oh that's a big mouse pointer all right look we've got a new Sub menu here on the bottom Arch Linux snapshots so let's enter into that and here's our single base image as installed snapshot so let's enter into here the enter key or return and instead of fallback I'm going to select the standard edit Ram FS intel microcode if you've got an AMD microcode you can choose that instead I've had both micro codes installed in this in this particular device as you can see the snapshots are also all encrypted naturally so let me answer the password here or the passphrase rather for devvda2 this will boot a read-only snapshot I believe um as you can see this warning is typical and normal for these snapshots you can ignore this warning it just means it's not configured for read write that's expected so we log in to the snapshot yeah so I'll stand by being detected booted into time shift snapshot please restore the snapshot wonderful isn't that nice so let's enter the password my password to launch time shift I'm going to select our base image as installed a snapshot and restore so data will be modified in Dev uh the vda2 or dm0 click next and restore is completed it's almost instantaneous with butterfs you can continue to working or restart I would say see made another snapshot here live before restoring so that's what's running currently is the new snapshot so what I like to do is reboot as soon as possible not do too much for the system I'm going to restart and uh reboot now again that warning you'll see you can safely ignore that's typical every time I've seen that forever okay so now we should be booting our restored system so I'm going to hit enter here for the first menu item in grub and show the good old passphrase to unlock the root file system or unencrypt or make it accessible rather it doesn't unencrypt everything well it feels that way it takes a while with this virtual machine okay so let me log in here and here's our freshly rolled back system looks pretty healthy let me open console quickly make a little bigger font here and let's type Doof duf command not found because we've rolled back so it's gone so the time shift snapshot booting system everything working great let me launch discover here because I also installed flat packs so let me test a flat pack system let me search for oh I don't know Chrome Google Chrome is what I want uh looks like this cover works great let me type Google Chrome ah there it is in Google Chrome web browser from Google is available as a flat pack so um let me click here in the description as you can see gives you a nice ratings where it's distributed from mixed reviews that's okay everybody has complaints right permission is for Google Chrome it has access to everything on your system not not really but uh this is for a test right I'm doing this for you guys I'm making a sacrifice and installing Google Chrome that's a great web browser I'm just kidding okay so it's installed remove here um let me check here yeah it's the system is up to date so that works as well you can use discover to update your system I don't recommend it I would use paru to do that or yay in your case if you want that let me launch uh Google Chrome to check to make sure the flat pack system is working uh yes running the background too it's a little reminder Chrome does that unless you disable it explicitly look at those pretty fonts I love the font list that the font package to the packages that I've uh have in the list there so if you have a Latin alphabet you will like it too I hope so here's the arch linux.org website um it is uh pretty standard I still suggest you keep up with the news in case you have to do an intervention okay let me select choose the package uh search here so Linux kernel uh we're still on 6012 which is marked out of date six one hopefully is coming soon as you can see using modular package lists broken down by functions saves a lot of typing reduces errors and makes maintenance much easier as Arch rolls on just set this up once and you're done I hope this video was useful to you and you had as much fun as I have if so please consider leaving a like to help with the YouTube algorithm And subscribe if you haven't already until next time take care [Music]

Info

Channel: Stephen's Tech Talks

Views: 27,476

Rating: undefined out of 5

Keywords: arch linux, install arch linux, how to install arch linux, arch installer, linux tutorial, linux help, linux tips, it tips, arch linux tutorial, arch linux setup, linux, gnu linux, archinstall, arch linux installation, arch installer script, switch to linux, learn linux, command line, terminal, arch linux desktop, desktop environment, window manager, arch linux customization, windows vs linux, linux is better, kde, luks, encryption, btrfs, snapshot, rollback, ubuntu, fedora, 2023

Id: zQQN3Pj4K0Y

Channel Id: undefined

Length: 35min 6sec (2106 seconds)

Published: Fri Dec 16 2022