Partitioning (LUKS)

LVM on LUKS

LVM on LUKS has the benefit of being able to encrypt an entire drive (useful for laptops with encrypted swap for resume). The LVM container cannot, however, span multiple disks.

1. List disks with fdisk -l to determine your drive
2. Partition the drive with cfdisk /dev/nvme0n1 (assuming /dev/nvme0n1 is your disk)
3. Partition with the following scheme

   FS Type	Size	Mount Point	Comment
   vfat	1G	/boot	EFI System
   LUKS	(remaining)		Linux file system

4. Create the LUKS container:

   cryptsetup luksFormat /dev/nvme0n1p2
   

5. Enter a passphrase for the LUKS container (don't forget it!!)
6. Open the newly created LUKS container (using cryptlvm as an example mapper name, choose whatever you want):

   cryptsetup open /dev/nvme0n1p2 cryptlvm
   

7. Create an LVM physical volume inside LUKS container:

   pvcreate /dev/mapper/cryptlvm
   

8. Create the volume group:

   vgcreate vg0 /dev/mapper/cryptlvm
   

9. Create the logical volumes (when using resume, make lv_swap as large as RAM):

   lvcreate -L 16G -n lv_swap vg0
   lvcreate -l 100%FREE -n lv_root vg0
   

10. Create partitions

    mkfs.fat -F 32 /dev/nvme0n1p1        # EFI System Partition
    mkfs.btrfs /dev/mapper/vg0-lv_root   # Btrfs root volume
    mkswap /dev/mapper/vg0-lv_swap       # Swap space
    

11. Create Btrfs subvolumes

    # Activate swap
    swapon /dev/mapper/vg0-lv_swap
    
    # First, mount Btrfs root volume
    mount /dev/mapper/vg0-lv_root /mnt
    
    # Create subvolumes
    btrfs subvolume create /mnt/@
    btrfs subvolume create /mnt/@home
    btrfs subvolume create /mnt/@log
    btrfs subvolume create /mnt/@pkg
    

12. Mount partitions

    # Unmount Btrfs root volume
    umount -R /mnt
    
    # Mount main Btrfs subvolume
    mount /dev/mapper/vg0-lv_root -o noatime,compress-force=zstd,space_cache=v2,subvol=@ /mnt
    
    # Create directories for other mount points
    mkdir -p /mnt/{efi,home,var/log,var/cache/pacman/pkg}
    
    # Mount EFI System Partition
    mount /dev/nvme0n1p1 /mnt/efi
    
    # Mount remaining Btrfs subvolumes
    mount /dev/mapper/vg0-lv_root -o noatime,compress-force=zstd,space_cache=v2,subvol=@home /mnt/home
    mount /dev/mapper/vg0-lv_root -o noatime,compress-force=zstd,space_cache=v2,subvol=@log /mnt/var/log
    mount /dev/mapper/vg0-lv_root -o noatime,compress-force=zstd,space_cache=v2,subvol=@pkg /mnt/var/cache/pacman/pkg