In my previous post I went through the steps I used to install Arch Linux on my Pinebook Pro with a LUKS encrypted root partition. It appears that the repositories used in that post have been retired, and the packages hosted at https://nhp.sh/pinebookpro/ are no longer there. A big thanks to Nadia Holmquist Pedersen for all the work she’s done for Arch on the Pinebook Pro.
The following instructions use Sven Kiljan’s project. You can find his blog post discussing it here, and the GitHub repository here.
Installation on microSD card
These steps are largely for my personal reference, but they’re here for the public to read in the event that they may help someone do something similar. The majority of them are copied straight from archlinuxarm-pbp’s INSTALL.md, with LUKS encryption stuff inserted here and there.
-
Boot from the ArchISO. In my previous post I flashed my eMMC with Naudia’s ArchISO. This is what I used to complete the steps below to reinstall Arch on my SD Card.
-
wifi-menuto get connected. -
Zero the beginning of the SD card:
dd if=/dev/zero of=/dev/mmcblk1 bs=1M count=32 -
Start fdisk to partition the SD card or eMMC module:
fdisk /dev/mmcblk1 - At the fdisk prompt, create the new partition:
- Type o. This will clear out any partitions on the drive.
- Type p to list partitions. There should be no partitions left.
- Type n, then p for primary, 1 for the first partition on the drive, 32768 for the first sector, and then type 442367 for the last sector.
- Type t, then c to set the first partition to type W95 FAT32 (LBA).
- Type n, then p for primary, 2 for the second partition on the drive, 442368 for the first sector, and then press ENTER to accept the default last sector.
- Write the partition table and exit by typing w.
-
Create and mount the FAT filesystem:
mkfs.vfat -n BOOT_ALARM /dev/mmcblk1p1 -
Encrypt the second partition with:
cryptsetup -y -v luksFormat /dev/mmcblk1p2 -
Open the encrypted partition:
cryptsetup open /dev/mmcblk1p2 cryptroot -
Write the EXT4 file system to the partition we’ve just opened (our encrypted root)
sudo mkfs.ext4 -L ROOT_ALARM /dev/mapper/cryptoroot -
MOUNT UP!:
sudo mount /dev/mapper/crytoroot /mnt && sudo mount /dev/mmcblk1p1 /mnt/boot -
Download the filesystem via
cd /mnt && wget https://github.com/SvenKiljan/archlinuxarm-pbp/releases/latest/download/ArchLinuxARM-pbp-latest.tar.gz -
Extract the root filesystem:
sdtar -xpf ArchLinuxARM-pbp-latest.tar.gz -C . - Install the Tow-Boot bootloader:
dd if=boot/idbloader.img of=/dev/mmcblk1p1 seek=64 conv=notrunc,fsync dd if=boot/tow-boot.itb of=/dev/mmcblk1p1 seek=16384 conv=notrunc,fsync -
Enter chroot via
arch-chroot /mnt -
Edit
/etc/locale.gen, uncommenting what you need. For me this wasen_US.UTF-8 UTF-8. -
Execute
locale-gento generate the locales. -
Modify
/etc/mkinitcpio.confto include hooks,HOOKS=(base udev autodetect keyboard keymap modconf block encrypt filesystems fsck) - Issue
blkidto get the UUID of/dev/mapper/cryptrootand modify/boot/extlinux/extlinux.confto look like such (replacing YOUR-UUID with your own):LABEL Arch Linux ARM KERNEL /Image FDT /dtbs/rockchip/rk3399-pinebook-pro.dtb APPEND initrd=/initramfs-linux.img console=ttyS2,1500000 console=tty0 rootwait cryptdevice=UUID=YOUR-UUID:cryptroot root=/dev/mapper/cryptroot rw plymouth.ignore-serial-consoles -
Regenerate all the initramfs images with
mkinitcpio -P -
Now, leave chroot and reboot your machine to the new install on the SD card.
-
Log in as root (password is “root”) and connect to the wifi with
wifi-menuagain. - Synchronize the system and RTC clocks:
timedatectl set-ntp on hwclock -w - Initialize the pacman keyring and populate the Arch Linux ARM and Pinebook Pro package signing keys:
pacman-key --init pacman-key --populate archlinuxarm pacman-key --populate archlinuxarm-pbp - Reboot, change password for root user, remove alarm user and add your own…continue to setup things how you’d like them to be (window manager, all other software, the fun stuff).
Comments