[satriani]

Hello Arch Linux Community,

I'm attempting to install Arch Linux ARM with full disk encryption on a Hetzner Cloud server (aarch64 architecture) but am encountering issues preventing the system from booting.

**Server Details:**
- **CPU:** 2 cores
- **Memory:** 3835 MB
- **Disk:** /dev/sda, 40 GB
- **Boot Mode:** EFI

**Installation Steps Taken:**

1. **Prepare the Disk:**
- Encrypted `/dev/sda1` using LUKS:
```bash
cryptsetup luksFormat /dev/sda1
cryptsetup open /dev/sda1 cryptroot
```
- Created an ext4 filesystem and mounted it:
```bash
mkfs.ext4 -L root /dev/mapper/cryptroot
mount -o noatime /dev/mapper/cryptroot /mnt
```
- Mounted the boot partition:
```bash
mkdir /mnt/boot
mount /dev/sda15 /mnt/boot
```

2. **Install Arch Linux ARM:**
- Downloaded and extracted the Arch Linux ARM tarball:
```bash
wget "http://os.archlinuxarm.org/os/ArchLinuxARM-aarch64-latest.tar.gz"
bsdtar -xpf ArchLinuxARM-aarch64-latest.tar.gz -C /mnt
```
- Bound necessary filesystems and chrooted:
```bash
mount --bind /dev /mnt/dev
mount -t proc proc /mnt/proc
mount -t sysfs sys /mnt/sys
chroot /mnt
mount -t efivarfs efivarfs /sys/firmware/efi/efivars
bootctl install
```

3. **Configure Boot Loader:**
- Retrieved the UUID of `/dev/sda1`:
```bash
blkid /dev/sda1
```
- Created the boot loader entry (`/boot/loader/entries/arch.conf`):
```
title Arch Linux ARM
linux /Image
initrd /initramfs-linux.img
options cryptdevice=UUID=<LUKS-UUID>:cryptroot root=/dev/mapper/cryptroot rw
```
*Replaced `<LUKS-UUID>` with the actual UUID from the `blkid` command.*

4. **Configure Initramfs:**
- Ensured the `encrypt` hook is included in `/etc/mkinitcpio.conf` before `filesystems`:
```
HOOKS=(... encrypt filesystems ...)
```
- Regenerated the initramfs:
```bash
mkinitcpio -P
```

5. **Finalize Installation:**
- Set root password:
```bash
passwd
```
- Exited chroot, unmounted filesystems, and rebooted:
```bash
exit
umount -R /mnt
reboot
```

**Issue:**
After rebooting, the system fails to boot. There are no clear error messages displayed via the Hetzner Cloud Console's VNC interface, making it challenging to diagnose the problem.

**Troubleshooting Steps Taken:**
- Verified that the `cryptdevice` parameter in the boot loader entry uses the correct UUID.
- Confirmed that the `encrypt` hook is present in the `HOOKS` array in `/etc/mkinitcpio.conf` and that the initramfs was regenerated.
- Ensured that `bootctl install` was executed without errors.

**Request for Assistance:**
I'm seeking guidance on how to further diagnose and resolve this boot issue. Are there specific configurations or steps required for setting up Arch Linux ARM with full disk encryption on a Hetzner Cloud aarch64 server that I might have overlooked? Any insights or suggestions would be greatly appreciated.

Thank you in advance for your help.

Best regards,
Alex