What you will learn there:
- how to migrate from Windows to Linux (Arch based Manjaro - but things may be partially applied on other systems too)
- have fully encrypted system and boot partition (MBR will be left readable)
- setup VPN/Wireguard/Shadowsocks + firewall killswitch
- setup RAM based intelligent compressed SWAP (zswap)


I hope my days on Windows are numbered and i am finally migrating to Linux for good. Currently i am finishing the migration and i came to the point where nearly everything is working on Linux. So i want to share whole guide.

Here are the tips and things to note before you do migration from Windows to Arch Linux like Manajaro is. I have selected Manjaro, because it is ranked among the top of user friendly, latest software, good number of packages in repos, good support community, rolling release distribution without need to reinstall system.

Windows to Manjaro migration notes:

Backups:
Save settings of the popular apps - ideally all apps, space is cheap and time restoring manually is expensive: (C:\Users\user\AppData\Roaming ; C:\Users\user\AppData\Local ; Documents, Images, Downloads, Music.., Program Files folder etc.)

Set e-mail client offline and export its data to Linux supported format (.eml, mbox ?) and quit client

sync/backup all data to external drive (unless you will be installing Linux on different drive than current Windows system drive)

Copy ovpn and wg files to usb stick (if you are using VPN service)

Bootable installation disk: Use full Manjaro installation image to minimise the downtime. https://manjaro.org/download/ Make bootable USB stick using Windows software called "Ventoy" (by installing it and simply copying the .iso(s) to the drive or using software "Yumi" (i used it), some people recommend Rufus.

When ready to reinstall (having backup of the drive, or ideally install on different drive), try to boot from Manjaro USB disk. Maybe you will need to hit F12 old Fn+F12 to select boot source. Or F2, Fn+F2, Del keys to access BIOS and play with EUFI/Legacy, disable secure boot or change boot order.

When booting up live Manjaro system from USB, you can play with it and then click Install. To secure data i ticked encryption. If adventurous, one can use custom partitioning, create new partition table MBR, /boot ext2 partition with boot flag 500MB, and then remaing space for example btrfs partition with / mountpoint and "root" flag. + tick encryption on both (i have not tested this, though btrfs has some advantages over default ext4 - if i install it, i would make sure to check mount parameters -o ssd , enable defrag, noatime instead relatime, space_cache by def.). Regarding swap some people rather recommend not to create swap partition and later create swap file https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption#With_suspend-to-disk_support

After finished, maybe it will not boot from drive, maybe you will need to change boot order in BIOS or such settings.

If selected encryption, then it will accept passphrase. Make sure to enable num lock and using right keymap (y/z) etc. After submitting password by Enter key, it can take a minute or so for it to do something.

Now you have booted into the newly installed Manjaro system.

Have laptop, but using external monitor? Prevent closed laptop lid to turn off external monitor:
sed -i "s|#IgnoreLid=true|IgnoreLid=true|g" /etc/UPower/UPower.conf;sed -i "s|IgnoreLid=false|IgnoreLid=true|g" /etc/UPower/UPower.conf;sudo systemctl restart upower.service

In my case i setup VPN first to secure and anonymize internet activity:

1 - WIREGUARD:
Using NetworkManager (GUI) tray icon disable OpenVPN connection if active and disable it from main network interface also using NM GUI.
sudo pacman -S wireguard-tools
cd /path/to/wg_conf_and_ovpn_client_files
cp -p wg-client.conf wg0.conf
nmcli connection import type wireguard file wg0.conf
sudo wg;ip r;nmcli connection;for ip in $(curl -L http://cpanel.net/showip.shtml 2>/dev/null);do echo $ip && whois $ip|grep -i netname;done
systemctl enable [email protected]e;systemctl status [email protected]e (if fails, list units and use correct name: systemctl ) - https://wiki.archlinux.org/index.php/WireGuard#NetworkManager
Not working? https://snapcraft.io/install/wireguard-ammp/manjaro

2 - OPENVPN:
NetworkManager has new connection import entry to import .ovpn file.

3 - SHADOWSOCKS:
sudo pacman -S shadowsocks-libev shadowsocks-qt5
From Manjaro menu, type shadow and run the SS gui app and add your connection configs in it. Make the app to start at boot and set one connection to autoconnect.

VPN KILLSWITCH (prevent leaking unsecured traffic when VPN/WG is off):
ufw status
ufw was disabled, i used iptables killswitch rules from https://internetlifeforum.com/security/8687-how-setup-linux-firewall-iptables-ufw-prevent-leaking-non-vpn-connections/
Though that page shows also rules for ufw. or try:
1. https://internetlifeforum.com/security/8687-how-setup-linux-firewall-iptables-ufw-prevent-leaking-non-vpn-connections/
2. https://www.ivpn.net/knowledgebase/222/Kill-switch-using-the-Uncomplicated-Firewall-UFW.html
3. https://www.ivpn.net/knowledgebase/238/WireGuard-Kill-switch.html
and once traffic works, saved iptables (Arch/manjaro) + enabled iptables:
iptables-save > /etc/iptables/iptables.rules;systemctl enable iptables
UFW backup files are btw. in ls /etc/default/ufw/ ?

// End of securing network activity

Setting up SWAP file + zswap (i am not using partition, but if you already use swap and want zswap, possibly first disable existing swap: swapon & swapoff path & rm path & remove from fstab):
sudo pamac install systemd-swap;sudo systemctl enable systemd-swap.service;mkdir -p /etc/systemd/swap.conf.d/;echo -e "zswap_enabled=1\nzram_enabled=0\nswapfc_enabled=1 " > /etc/systemd/swap.conf.d/myswap.conf
sudo sed -i "s/zswap_max_pool_percent=25/zswap_max_pool_percent=70/g" /usr/share/systemd-swap/swap-default.conf

Installing additional SW:
1. sudo pacman -S wine-staging winetricks wine-mono wine_gecko qbittorrent transmission-gtk transmission-remote-gtk amule mldonkey nicotine+ whois veracrypt keepassxc clementine featherpad dolphin dolphin-plugins filezilla putty gsmartcontrol glances sysstat dstat mtr nmap dnsutils recode appimagelauncher torbrowser-launcher wireguard-tools shadowsocks-libev shadowsocks-qt5 manjaro-printer
2. Arch User contributed Repo - AUR:
pacman -S stardict;pamac build stardict-cz stardict-en-cz fsearch-gitv freefilesync losslesscut xnviewmp doublecmd-gtk2
3. SNAP:
sudo pacman -S snapd;sudo systemctl enable --now snapd.socket;sudo ln -s /var/lib/snapd/snap /snap;sudo snap install jdownloader2;sudo snap install eiskaltdcpp --candidate

Install Ungoogled-Chromium browser from un-official repo on Arch/Manjaro:
1. sudo su
2. pacman-key --keyserver hkps://keys.openpgp.org -r 3DEA62513C8035383A245A12E5786B42E8E5D565;pacman-key --lsign-key 3DEA62513C8035383A245A12E5786B42E8E5D565;echo -e "[jk-aur]\nServer = https://repo.vin.ovh/arch/\$arch" >> /etc/pacman.conf;pacman -Sy ungoogled-chromium pepper-flash;sed -i "/jk-aur/d" /etc/pacman.conf;sed -i "/repo.vin.ovh/d" /etc/pacman.conf;pacman -Sy;exit

Try to update time and let it be synchronized:
timedatectl set-ntp true
systemctl enable --now systemd-timesyncd.service

Some txt files from Windows had non-standard encoding and Linux shown malformed characters. Solution? 1. install "recode" utility (sudo pacman -S recode), 2. in terminal go to directory with a wrong text file and backup it, 3. run command "recode ms-ee *.srt" (in this case it should fix encoding in all .srt files in that directory). Or read "man recode".

---------

Transmission torrent client configuration migration Windows to Linux:
On Manjaro (based on Arch): pacman -S transmission-gtk transmission-remote-gtk
I ran it and then quit.
Then
cd;cd .config/transmission
cp /path/to/windowsbackup/c/users/me/appdata/local/transmission/* .
rmdir Torrents Resume;mv torrents Torrents;mv resume Resume
Now the paths was wrong. I can sort by path in Transmission Remote app. and possibly do bulk change in torrent location.

-------

Filezilla FTP client configuration migration from Windows 10 to Linux worked:
1. Backup Windows: C:\Users\user\AppData\Roaming\FileZilla
2. install Filezilla on Linux: sudo apt install filezilla 2>/dev/null||sudo pacman -S filezilla 2>/dev/null||yum install filezilla 2>/dev/null
3. open FIlezilla in Linux, close it
4. copy Windows folder content to Linux folder: /home/user/.config/filezilla/

-------

PuTTY SSH client configuration migration Windows to Linux:
Following is not restoring saved usernames and passwords, only list of hostnames/ips
sudo pacman -S putty
Either run installed app and save first connection or first copy the configuration files to /home/user/.putty/sessions (small letter case, not Sessions)
cd /home/user/.putty/sessions
WIndows KiTTY or PuTTY put backslashes in connection config files and Linux not:
sed -i 's/\\/=/' /home/user/.putty/sessions/*
sed -i 's/\\//' /home/user/.putty/sessions/*

--------

Managing software with pacman(official repo) and pamac(unofficial Arch User Repository AUR)

Package search:
a) official sudo pacman -Ss packagename
b) official+AUR: pamac search -a packagename
Package setup:
a) official: sudo pacman -S packagename
b) AUR: pamac build packagename (or "pamac install packagename" for official repo)
Package removal:
a) official: sudo pacman -R packagename
b) AUR: pamac remove packagename
IN SHORT: use pamac to find/install/remove in official and user contributed repos: pamac search -a; pamac install (or pamac build for AUR package); pamac remove

next things: setup automatic backups to external drive or cloud. (Syncthing?, mega.nz?)