2020-05-01 15:10:22 +00:00
|
|
|
# Arch Linux installation to serve as a docker host
|
|
|
|
|
2020-05-18 22:49:18 +00:00
|
|
|
###### guide-by-example
|
2020-05-01 15:10:22 +00:00
|
|
|
|
|
|
|
![logo](https://i.imgur.com/SkENpGn.png)
|
|
|
|
|
2022-12-25 12:13:03 +00:00
|
|
|
# Notice
|
|
|
|
|
|
|
|
**Since 2022 I am using the [archinstall script](https://github.com/archlinux/archinstall)
|
|
|
|
that comes with arch iso**<br>
|
|
|
|
**After the install [I use my ansible playbooks](https://github.com/DoTheEvo/ansible-arch) to setup the arch the way I like it**
|
|
|
|
|
2020-05-01 15:10:22 +00:00
|
|
|
# Purpose
|
|
|
|
|
|
|
|
Linux that will run docker.
|
|
|
|
|
2020-06-15 20:35:59 +00:00
|
|
|
This is not a hand holding explaining guide how to install arch.<br>
|
2020-05-21 11:50:39 +00:00
|
|
|
It's more of a checklist on what to do if you already done it
|
2020-06-15 20:35:59 +00:00
|
|
|
and know what you are doing.<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
|
|
|
|
* [Official site](https://www.archlinux.org/)
|
|
|
|
* [Arch wiki install guide](https://wiki.archlinux.org/index.php/installation_guide)
|
|
|
|
* [Arch wiki docker entry](https://wiki.archlinux.org/index.php/docker)
|
|
|
|
|
|
|
|
# Files and directory structure
|
|
|
|
|
|
|
|
```
|
|
|
|
/home/
|
|
|
|
└── bastard/
|
|
|
|
└── docker/
|
|
|
|
├── container-setup #1
|
|
|
|
├── container-setup #2
|
|
|
|
├── ...
|
|
|
|
```
|
|
|
|
|
|
|
|
# Make installation usb
|
|
|
|
|
2020-05-09 15:22:04 +00:00
|
|
|
[wiki](https://wiki.archlinux.org/index.php/USB_flash_installation_media)
|
2020-05-01 15:10:22 +00:00
|
|
|
|
|
|
|
`sudo dd bs=4M if=archlinux-2020.05.01-x86_64.iso of=/dev/sdX status=progress oflag=direct`
|
|
|
|
|
2020-05-09 15:13:49 +00:00
|
|
|
The above command will fuck your machine up if you dunno what you are doing.
|
2020-05-01 15:10:22 +00:00
|
|
|
|
|
|
|
# Boot from the usb
|
|
|
|
|
2020-05-02 20:48:23 +00:00
|
|
|
This is BIOS/MBR setup as I am running on an old thinkpad with a busted screen,
|
2020-06-15 20:35:59 +00:00
|
|
|
plus I like the simplicity of it.<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
So if theres boot menu option choose non-uefi.
|
|
|
|
|
|
|
|
# Installation
|
|
|
|
|
2020-06-15 20:35:59 +00:00
|
|
|
* create a single partition and mark it bootable<br>
|
2020-05-18 23:51:04 +00:00
|
|
|
`cfdisk -z /dev/sda`
|
2020-06-15 20:35:59 +00:00
|
|
|
* build ext4 filesystem on it<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
`mkfs.ext4 /dev/sda1`
|
2020-06-15 20:35:59 +00:00
|
|
|
* mount the new partition<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
`mount /dev/sda1 /mnt`
|
2020-06-15 20:35:59 +00:00
|
|
|
* install the base system <br>
|
2021-02-17 22:31:28 +00:00
|
|
|
`pacstrap /mnt base linux linux-firmware base-devel grub micro`
|
2020-06-15 20:35:59 +00:00
|
|
|
* generate fstab<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
`genfstab -U /mnt > /mnt/etc/fstab`
|
2020-06-15 20:35:59 +00:00
|
|
|
* chroot in to the new system<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
`arch-chroot /mnt`
|
2020-06-15 20:35:59 +00:00
|
|
|
* install grub<br>
|
|
|
|
`grub-install /dev/sda`<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
`grub-mkconfig -o /boot/grub/grub.cfg`
|
2020-06-15 20:35:59 +00:00
|
|
|
* set password for root<br>
|
2020-05-21 15:46:06 +00:00
|
|
|
`passwd`
|
2020-06-15 20:35:59 +00:00
|
|
|
* remove the bootable media and restart the machine<br>
|
|
|
|
`exit`<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
`reboot`
|
|
|
|
|
|
|
|
# Basic configuration after the first boot
|
|
|
|
|
2020-06-15 20:35:59 +00:00
|
|
|
* login as `root`<br>
|
|
|
|
* set hostname<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
`echo docker-host > /etc/hostname`
|
2020-06-15 20:35:59 +00:00
|
|
|
* add new user and set their password<br>
|
|
|
|
`useradd -m -G wheel bastard`<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
`passwd bastard`
|
2020-06-15 20:35:59 +00:00
|
|
|
* edit sudoers to allow users of the group wheel to sudo<br>
|
2021-02-17 22:31:28 +00:00
|
|
|
`EDITOR=micro visudo`<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
*%wheel ALL=(ALL) ALL*
|
2020-06-15 20:35:59 +00:00
|
|
|
* check the network interface name<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
`ip link`
|
2020-12-28 20:51:46 +00:00
|
|
|
* setup networking using systemd-networkd and systemd-resolved<br>
|
|
|
|
create `20-wired.network` file either in static or dhcp configuration
|
|
|
|
|
2021-02-17 22:31:28 +00:00
|
|
|
`micro /etc/systemd/network/20-wired.network`
|
2020-05-19 18:50:16 +00:00
|
|
|
|
|
|
|
```
|
|
|
|
[Match]
|
|
|
|
Name=enp0s25
|
|
|
|
|
|
|
|
[Network]
|
|
|
|
Address=10.0.19.2/24
|
|
|
|
Gateway=10.0.19.1
|
2020-12-28 20:51:46 +00:00
|
|
|
#DNS=8.8.8.8
|
2020-05-21 15:44:40 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
```
|
2020-12-28 20:51:46 +00:00
|
|
|
[Match]
|
|
|
|
Name=enp0s25
|
|
|
|
|
|
|
|
[Network]
|
|
|
|
DHCP=yes
|
2020-05-19 18:50:16 +00:00
|
|
|
```
|
|
|
|
|
2020-12-28 20:51:46 +00:00
|
|
|
for DNS resolution and hostname exposure using mDNS and LLMNR<br>
|
|
|
|
`systemd-resolved` will be used in stub mode</br>
|
|
|
|
by replacing `/etc/resolv.conf` with a link to `stub-resolv.conf`
|
2020-05-19 18:50:16 +00:00
|
|
|
|
2020-12-28 20:51:46 +00:00
|
|
|
`ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf`
|
|
|
|
|
|
|
|
enable the services
|
|
|
|
|
|
|
|
* `systemctl enable --now systemd-resolved`
|
|
|
|
* `systemctl enable --now systemd-networkd`
|
2020-05-21 15:44:40 +00:00
|
|
|
|
2020-06-15 20:35:59 +00:00
|
|
|
* uncomment desired locales in locale.gen<br>
|
2021-02-17 22:31:28 +00:00
|
|
|
`micro /etc/locale.gen`<br>
|
2020-06-15 20:35:59 +00:00
|
|
|
* generate new locales and set one system wide<br>
|
|
|
|
`locale-gen`<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
`localectl set-locale LANG=en_US.UTF-8`
|
2020-06-15 20:35:59 +00:00
|
|
|
* select timezone and set it permanent<br>
|
|
|
|
`tzselect`<br>
|
2020-06-24 20:24:51 +00:00
|
|
|
`timedatectl set-timezone 'Europe/Bratislava'`
|
2020-06-15 20:35:59 +00:00
|
|
|
* set hardware clock and sync using ntp<br>
|
|
|
|
`hwclock --systohc --utc`<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
`timedatectl set-ntp true`
|
2020-06-15 20:35:59 +00:00
|
|
|
* setup a swap file<br>
|
2020-06-19 22:18:05 +00:00
|
|
|
`dd if=/dev/zero of=/swapfile bs=1M count=8192 status=progress`<br>
|
2020-06-15 20:35:59 +00:00
|
|
|
`chmod 600 /swapfile`<br>
|
|
|
|
`mkswap /swapfile`<br>
|
2021-02-17 22:31:28 +00:00
|
|
|
`micro /etc/fstab`<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
*/swapfile none swap defaults 0 0*
|
2020-06-15 20:35:59 +00:00
|
|
|
* reboot<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
`reboot`
|
|
|
|
|
2020-05-21 11:49:08 +00:00
|
|
|
# SSH, Docker, ZSH, AUR
|
2020-05-01 15:10:22 +00:00
|
|
|
|
2020-05-01 23:19:39 +00:00
|
|
|
From now on its login as non-root user.
|
2020-05-01 15:10:22 +00:00
|
|
|
|
|
|
|
### Setup SSH access
|
|
|
|
|
2020-05-09 18:15:42 +00:00
|
|
|
[wiki](https://wiki.archlinux.org/index.php/OpenSSH)
|
|
|
|
|
2020-06-15 20:35:59 +00:00
|
|
|
* install openssh package<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
`sudo pacman -S openssh`
|
2020-06-15 20:35:59 +00:00
|
|
|
* edit sshd_config<br>
|
2021-02-17 22:31:28 +00:00
|
|
|
`sudo micro /etc/ssh/sshd_config`<br>
|
2020-05-01 23:19:39 +00:00
|
|
|
*PasswordAuthentication yes*
|
2020-06-15 20:35:59 +00:00
|
|
|
* enable sshd service<br>
|
2020-05-01 23:19:39 +00:00
|
|
|
`sudo systemctl enable --now sshd`
|
2020-05-01 15:10:22 +00:00
|
|
|
|
2020-05-21 11:49:08 +00:00
|
|
|
### Setup docker
|
|
|
|
|
|
|
|
[Wiki](https://wiki.archlinux.org/index.php/docker)
|
|
|
|
|
2020-06-15 20:35:59 +00:00
|
|
|
* have `docker` and `docker-compose` packages installed<br>
|
2020-05-21 11:49:08 +00:00
|
|
|
`sudo pacman -S docker docker-compose`
|
2020-06-15 20:35:59 +00:00
|
|
|
* enable docker service<br>
|
2020-05-21 11:49:08 +00:00
|
|
|
`sudo systemctl enable --now docker`
|
2020-06-15 20:35:59 +00:00
|
|
|
* add non-root user to the docker group<br>
|
2020-05-21 11:49:08 +00:00
|
|
|
`sudo gpasswd -a bastard docker`
|
|
|
|
|
2020-05-01 15:10:22 +00:00
|
|
|
### ZSH shell
|
|
|
|
|
2020-05-09 18:15:42 +00:00
|
|
|
[wiki](https://wiki.archlinux.org/index.php/zsh)
|
|
|
|
|
2020-05-01 23:19:39 +00:00
|
|
|
I like [Zim](https://github.com/zimfw/zimfw),
|
2020-06-08 03:15:06 +00:00
|
|
|
it's the fastest zsh framework and set up nicely out of the box
|
2020-05-01 15:10:22 +00:00
|
|
|
|
2020-06-15 20:35:59 +00:00
|
|
|
* install zsh and curl packages<br>
|
2020-05-19 19:25:44 +00:00
|
|
|
`sudo pacman -S zsh git curl`
|
2020-06-15 20:35:59 +00:00
|
|
|
* install zim<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
`curl -fsSL https://raw.githubusercontent.com/zimfw/install/master/install.zsh | zsh`
|
2020-06-15 20:35:59 +00:00
|
|
|
* change the default shell to zsh <br>
|
2020-05-19 19:25:44 +00:00
|
|
|
`chsh -s /bin/zsh`
|
2022-01-15 17:00:26 +00:00
|
|
|
* I prefer [steeef](https://github.com/zimfw/steeef) theme
|
|
|
|
`echo 'zmodule steeef' >> ~/.zimrc && zimfw install`
|
2020-05-01 15:10:22 +00:00
|
|
|
|
2020-05-09 18:15:42 +00:00
|
|
|
##### Adding stuff to .zshrc
|
|
|
|
|
2021-02-17 22:31:28 +00:00
|
|
|
`micro .zshrc`
|
2020-05-09 18:15:42 +00:00
|
|
|
|
2021-02-17 22:31:28 +00:00
|
|
|
* `export EDITOR=micro`<br>
|
|
|
|
`export VISUAL=micro`
|
2020-05-09 18:15:42 +00:00
|
|
|
|
2020-05-19 19:46:03 +00:00
|
|
|
* for ctrl+f prepending sudo
|
|
|
|
|
|
|
|
```bash
|
|
|
|
add_sudo (){
|
|
|
|
BUFFER="sudo $BUFFER"
|
|
|
|
zle -w end-of-line
|
|
|
|
}
|
|
|
|
zle -N add_sudo
|
|
|
|
bindkey "^f" add_sudo
|
|
|
|
```
|
2020-05-09 18:15:42 +00:00
|
|
|
|
2020-05-21 11:49:08 +00:00
|
|
|
##### ZSH docker autocomplete
|
2020-05-01 15:10:22 +00:00
|
|
|
|
2020-05-21 11:49:08 +00:00
|
|
|
[Here](https://docs.docker.com/compose/completion/#zsh).
|
|
|
|
For zim it's "Without oh-my-zsh shell" section.
|
2020-05-01 15:10:22 +00:00
|
|
|
|
2020-05-09 18:15:42 +00:00
|
|
|
### Access to AUR
|
2020-05-01 15:10:22 +00:00
|
|
|
|
2020-05-09 18:15:42 +00:00
|
|
|
Using [Yay](https://github.com/Jguer/yay).
|
2020-05-01 15:10:22 +00:00
|
|
|
|
2020-06-15 20:35:59 +00:00
|
|
|
* install git package<br>
|
2020-05-09 18:15:42 +00:00
|
|
|
`sudo pacman -S git`
|
2020-06-15 20:35:59 +00:00
|
|
|
* install yay<br>
|
|
|
|
`git clone https://aur.archlinux.org/yay-bin.git`<br>
|
|
|
|
`cd yay-bin && makepkg -si`<br>
|
|
|
|
`cd .. && rm -rf yay-bin`<br>
|
2020-05-01 15:10:22 +00:00
|
|
|
|
2020-05-19 19:46:03 +00:00
|
|
|
`ctop-bin` and `inxi` are good AUR packages.
|
2020-05-09 18:15:42 +00:00
|
|
|
|
|
|
|
# Extra stuff
|
2020-05-05 15:39:05 +00:00
|
|
|
|
2020-06-15 20:35:59 +00:00
|
|
|
[wiki - general general recommendations](https://wiki.archlinux.org/index.php/general_recommendations)<br>
|
|
|
|
[wiki - improving performance](https://wiki.archlinux.org/index.php/Improving_performance)<br>
|
|
|
|
|
|
|
|
### CPU [microcode](https://wiki.archlinux.org/index.php/Microcode)
|
|
|
|
|
|
|
|
* `sudo pacman -S intel-ucode`
|
|
|
|
* `sudo grub-mkconfig -o /boot/grub/grub.cfg`
|
2020-05-05 15:39:05 +00:00
|
|
|
|
2020-05-09 18:15:42 +00:00
|
|
|
### Some packages
|
|
|
|
|
|
|
|
Tools
|
|
|
|
|
2021-02-17 22:31:28 +00:00
|
|
|
* `sudo pacman -S fuse curl wget micro nnn bind-tools borg python-llfuse`
|
2020-05-09 18:15:42 +00:00
|
|
|
|
|
|
|
Monitoring and testing
|
|
|
|
|
2020-05-10 21:48:51 +00:00
|
|
|
* `sudo pacman -S htop lm_sensors iotop nload powertop iproute2`
|
2020-05-09 18:15:42 +00:00
|
|
|
|
|
|
|
### Performance and maintenance
|
|
|
|
|
2020-06-15 20:35:59 +00:00
|
|
|
* install cron and enable the service<br>
|
|
|
|
`sudo pacman -S cronie`<br>
|
2020-05-10 01:28:20 +00:00
|
|
|
`sudo systemctl enable --now cronie`
|
2020-06-15 20:35:59 +00:00
|
|
|
* if ssd, enable periodic trim<br>
|
|
|
|
`sudo pacman -S util-linux`<br>
|
2020-05-09 18:15:42 +00:00
|
|
|
`sudo systemctl enable --now fstrim.timer`
|
2020-06-15 20:35:59 +00:00
|
|
|
* set noatime in fstab to prevent unnecessary tracking of read times<br>
|
2021-02-17 22:31:28 +00:00
|
|
|
`sudo micro /etc/fstab`<br>
|
2020-05-09 18:15:42 +00:00
|
|
|
*UUID=cdd..addb / ext4 rw,noatime 0 1*
|
2020-06-15 20:35:59 +00:00
|
|
|
* enable use of all cpu cores for makepkg jobs and disable compression<br>
|
2021-02-17 22:31:28 +00:00
|
|
|
`sudo micro /etc/makepkg.conf`<br>
|
2020-06-15 20:35:59 +00:00
|
|
|
*MAKEFLAGS="-j$(nproc)"*<br>
|
2020-05-09 18:15:42 +00:00
|
|
|
*PKGEXT='.pkg.tar'*
|
2020-06-15 20:35:59 +00:00
|
|
|
* clean up old packages weekly, keep last 3<br>
|
|
|
|
`sudo pacman -S pacman-contrib`<br>
|
2020-05-09 18:15:42 +00:00
|
|
|
`sudo systemctl enable --now paccache.timer`
|
2022-01-15 19:21:28 +00:00
|
|
|
|
2020-06-15 20:35:59 +00:00
|
|
|
* use reflector to get the fastest mirrors based on country `-c <country code>`<br>
|
|
|
|
`sudo pacman -S reflector`<br>
|
2022-01-15 19:21:28 +00:00
|
|
|
`sudo reflector -c SK,CZ,UA -p http --score 20 --sort rate --save /etc/pacman.d/mirrorlist`
|
|
|
|
|
|
|
|
automatic mirror update with reflector
|
|
|
|
|
|
|
|
`/etc/xdg/reflector/reflector.conf`
|
|
|
|
```
|
|
|
|
--save /etc/pacman.d/mirrorlist
|
|
|
|
--protocol http
|
|
|
|
--country SK,CZ,UA
|
|
|
|
--score 20
|
|
|
|
--sort rate
|
|
|
|
```
|
|
|
|
|
|
|
|
enable it, it will run weekly
|
|
|
|
|
2022-01-15 21:34:55 +00:00
|
|
|
`sudo systemctl enable --now reflector.timer`
|
2020-05-09 18:15:42 +00:00
|
|
|
|
|
|
|
### Comfort
|
|
|
|
|
2020-06-15 20:35:59 +00:00
|
|
|
* enable colors in pacman.conf<br>
|
2021-02-17 22:31:28 +00:00
|
|
|
`sudo micro /etc/pacman.conf`<br>
|
2020-05-09 18:15:42 +00:00
|
|
|
*Color*
|
2020-05-17 00:44:09 +00:00
|
|
|
|
|
|
|
### Notebook
|
|
|
|
|
2020-06-15 20:35:59 +00:00
|
|
|
Lid closed should not make the machine go to sleep.
|
|
|
|
|
|
|
|
* Set lid handle switch to ignore in systemd logind.conf<br>
|
2021-02-17 22:31:28 +00:00
|
|
|
`sudo micro /etc/systemd/logind.conf`<br>
|
2020-05-17 00:44:09 +00:00
|
|
|
*HandleLidSwitch=ignore*
|
|
|
|
|
2020-06-15 20:38:13 +00:00
|
|
|
**But this alone leaves the screen running nonstop.**
|
2020-06-15 20:35:59 +00:00
|
|
|
|
2020-06-15 20:38:13 +00:00
|
|
|
Tried to find solution, and while `sudo vbetool dpms off` works,
|
|
|
|
turning it back on does not `sudo vbetool dpms on` and it timesout without
|
|
|
|
any message or error.
|
2020-06-15 20:35:59 +00:00
|
|
|
|
|
|
|
Might be specific for the hardware, currently its latitude E5570
|