1. Initial Setup and Installation

Begin by booting from the Fedora installation media and starting the setup process.

• 0:43 - Boot your computer from the Fedora 42 media in UEFI mode.
• 0:59 - On the welcome screen, click "Install Fedora."
• 1:22 - Select your preferred language and keyboard layout.

2. Custom Partitioning with Full Disk Encryption

We'll use the advanced storage editor to create a custom layout that supports both encryption and Btrfs subvolumes.

• 2:47 - In the "Installation Destination" screen, select your disk, then click the three-dot menu in the top right and choose "Launch storage editor."
• 3:07 - Create a new GPT partition table. This will erase all data on the disk.
• 3:43 - Create the EFI System Partition:
  • Size: 1.07 GB
  • Type: EFI System Partition
  • Label: ESP
• 4:23 - Create the main Btrfs Partition:
  • Size: Use all remaining space.
  • Type: Btrfs
  • Encryption: Check the box and set your passphrase.
  • Label: FEDORA

3. Btrfs Subvolume Configuration

Creating separate subvolumes allows you to roll back system files without affecting your personal data.

• 5:43 - Within the Btrfs partition, create the following subvolumes:
  • `root` mounted at `/`
  • `home` mounted at `/home`
  • `opt` mounted at `/opt`
  • `cache` mounted at `/var/cache`
  • `gdm` mounted at `/var/lib/gdm`
  • `libvirt` mounted at `/var/lib/libvirt`
  • `log` mounted at `/var/log`
  • `spool` mounted at `/var/spool`
  • `tmp` mounted at `/var/tmp`

4. Finalizing Installation

• 9:46 - Return to the main installation screen.
• 10:13 - Review the summary and click "Install."
• 10:44 - After installation, reboot and complete the initial user setup.

5. Post-Installation Configuration & Boot Fix

These steps are crucial for setting up snapshots and ensuring your encrypted system remains bootable after updates.

Step 5.1: System Update

14:10 - First, open a terminal and fully update your system.

sudo dnf update -y

Step 5.2: CRITICAL GRUB BOOT FIX

Video 2, 4:35 - Identify the UUID of your crypto_LUKS partition.

lsblk -pf

From the output, copy the `UUID` of the partition with `FSTYPE="crypto_LUKS"`.

Video 2, 4:39 - Edit the EFI GRUB configuration file.

sudo nano /boot/efi/EFI/fedora/grub.cfg

Video 2, 4:50 - Add the `cryptomount` command as the very first line in the file. Replace the example UUID with your own, but make sure to remove all dashes.

cryptomount -u 17378d24d4f94877953af2126b17bce4

Step 5.3: Install Snapshot Tools

17:51 - Install Snapper and other essential utilities.

sudo dnf install snapper libdnf5-plugin-actions btrfs-assistant inotify-tools git make

Step 5.4: Configure Snapper

19:15 - Create Snapper configurations for your root and home subvolumes.

sudo snapper -c root create-config /
sudo snapper -c home create-config /home

Step 5.5: Configure grub-btrfs

22:35 - Install `grub-btrfs` to make your snapshots visible in the boot menu.

git clone https://github.com/Antynea/grub-btrfs.git
cd grub-btrfs/
# Edit the config file for Fedora
nano config

Inside the `config` file, uncomment and modify these two lines:

GRUB_BTRFS_GRUB_DIRNAME="/boot/grub2"
GRUB_BTRFS_MKCONFIG="/sbin/grub2-mkconfig"

Save the file (Ctrl+O, Enter) and exit (Ctrl+X). Then, install it:

sudo make install

Step 5.6: Enable Services

24:30 - Enable the services to automatically update GRUB and create snapshots.

# Enable grub-btrfs auto-updates
sudo systemctl enable --now grub-btrfsd.service

# Disable timeline snapshots for /home (recommended)
sudo snapper -c home set-config TIMELINE_CREATE=no

# Enable timeline snapshots and cleanup for /
sudo systemctl enable --now snapper-timeline.timer
sudo systemctl enable --now snapper-cleanup.timer