Based on Artix Linux: Full Disk Encryption with UEFI : added the solutions for some new problems, and - since I'm using AMD PC with an opensource coreboot+SeaBIOS to avoid the proprietary UEFI holes/backdoors (more system info) - I had to replace the UEFI-related disk commands with the BIOS ones.

LiveCD - get and boot

Get an Artix Live ISO with your favorite Desktop Environment and OpenRC. Burn it to CD/DVD with Brasero/Xfburn - or write to USB flash drive: after inserting it to your PC, use a

 dmesg

terminal command to learn your drive letter from a Linux kernel log, then write to it with

 sudo su
 dd if=~/Downloads/artix-xfce-openrc-20200506-x86_64.iso iflag=nocache bs=4096 | pv | dd of=/dev/sdX oflag=direct bs=4096 || true
 sync

where X in sdX is a letter of your USB flash drive, and pv helps to see a progress (if you don't have pv, simply unite these dd commands into a single one).

While booting from your live media, choose From CD/DVD/ISO option regardless of if you are using a CD/DVD or USB. Those who dared to use the forbidden From Stick/HDD option, experienced problems with polkit and other issues, examples of which can be found: here, here, here etc. After booting, open a terminal and write

 sudo su

to run the subsequent commands under root.

Format a disk

Here is a disk partitioning scheme we are going to get:

 /dev/sdX - physical disk with MBR partition table
 /dev/sdX1 - /boot unencrypted partition
 /dev/sdX2 - encrypted with LUKS (Linux Unified Key Setup) and partitioned into a LVM (Logical Volume Manager) container
 |---> Logical volume 1 - /dev/mapper/lvm-volSwap - swap partition, the size of which is >= size of your RAM (i.e. 16 GB)
 |---> Logical volume 2 - /dev/mapper/lvm-volRoot - / root partition, which gets 100% of remaining free space

Learn the X of your desired drive:

 parted -l

Print its' partition table with

 parted -s /dev/sdX print

Check there's nothing important on it, then erase its' partition table and some/all of contents with

 dd bs=4096 if=/dev/zero iflag=nocache of=/dev/sdX oflag=direct

Let it run for a minute and interrupt with Ctrl+C/Ctrl+Z if you are in a hurry or wait until it ends, then

 sync

to flush the disk operations.

Create a new MBR partition table:

  parted -s /dev/sdX mklabel msdos

Set up a /dev/sdX1 partition for /boot with a boot flag - 1GB should be enough:

 parted -s -a optimal /dev/sdX mkpart "primary" "fat16" "0%" "1024MiB"
 parted -s /dev/sdX set 1 boot on

Print the partition table of a drive and see if the alignment of your first partition is optimal:

 parted -s /dev/sdX print
 parted -s /dev/sdX align-check optimal 1

Make a /dev/sdX2 partition which will take the rest of free space after 1GB, and set a LVM flag:

 parted -s -a optimal /dev/sdX mkpart "primary" "ext4" "1024MiB" "100%"
 parted -s /dev/sdX set 2 lvm on

Disk Encryption and Logical Volumes

The disk encryption will utilise the Linux Unified Key Setup (LUKS), which is now part of an enhanced version of cryptsetup, using dm-crypt (device-mapper crypt) as the disk encryption backend.

To force loading the Linux kernel modules related to Serpent and other strong encryptions from your LiveCD/LiveUSB, run

 cryptsetup benchmark

- and, after it completes, use a command like

 cryptsetup --verbose --type luks1 --cipher serpent-xts-plain64 --key-size 512 --hash whirlpool --iter-time 10000 --use-random --verify-passphrase luksFormat /dev/sdX2

to create and format the LUKS partition with your custom encryption flags. Open and mount it using the device mapper - into i.e. lvm-system :

 cryptsetup luksOpen /dev/sdX2 lvm-system

Note: later you will encounter the following warnings - they happen because /run is not available inside the chroot - so you can ignore them:

 WARNING: Failed to connect to lvmetad. Falling back to device scanning.
 /run/lvm/lvmetad.socket: connect failed: No such file or directory
 WARNING: failed to connect to lvmetad: No such file or directory. Falling back to internal scanning.

Now it is possible to create a physical volume using the Logical Volume Manager (LVM) and the previously used id lvm-system as follows:

 pvcreate /dev/mapper/lvm-system

Having the physical volume, it is possible to create a logical volume group named lvmSystem as follows:

 vgcreate lvmSystem /dev/mapper/lvm-system

And having the logical volume group, the logical volumes can be created as follows. As an example, a 16GB for swap (volSwap) and the rest for the root partition (volRoot):

 lvcreate -L 16G lvmSystem -n volSwap
 lvcreate -l +100%FREE lvmSystem -n volRoot

Format a swap partition with

 mkswap /dev/lvmSystem/volSwap

This command will print a message like

 # Setting up swapspace version 1, size = 16 GiB (17179865088 bytes)
 # no label, UUID=6955244c-c72a-4dec-8dee-079ec743a818

Copy your UUID somewhere - you will need it later.

 mkfs.fat -n BOOT /dev/sda1
 mkfs.ext4 -L volRoot /dev/lvmSystem/volRoot

Install

Commands...

After

Commands...

This terminal log soon will be split and surrounded with useful comments and stuff:

 sudo su
 cat /proc/crypto | grep "serp"
 cryptsetup benchmark
 cat /proc/crypto | grep "serp"
 pacman -Sy
 parted -s /dev/sda print
 parted -s /dev/sda mklabel msdos
 parted -s -a optimal /dev/sda mkpart "primary" "fat16" "0%" "1024MiB"
 parted -s /dev/sda set 1 boot on
 parted -s /dev/sda print
 parted -s /dev/sda align-check optimal 1
 parted -s -a optimal /dev/sda mkpart "primary" "ext4" "1024MiB" "100%"
 parted -s /dev/sda set 2 lvm on
 cryptsetup --verbose --type luks1 --cipher serpent-xts-plain64 --key-size 512 --hash whirlpool --iter-time 10000 --use-random --verify-passphrase luksFormat /dev/sda2
 cryptsetup luksOpen /dev/sda2 lvm-system
 pvcreate /dev/mapper/lvm-system
 vgcreate lvmSystem /dev/mapper/lvm-system
 lvcreate -L 16G lvmSystem -n volSwap
 lvcreate -l +100%FREE lvmSystem -n volRoot
 mkswap /dev/lvmSystem/volSwap
 # Setting up swapspace version 1, size = 16 GiB (17179865088 bytes)
 # no label, UUID=6955244c-c72a-4dec-8dee-079ec743a818
 ### ^^^ REMEMBER THIS UUID, YOU WILL NEED IT LATER
 mkfs.fat -n BOOT /dev/sda1
 mkfs.ext4 -L volRoot /dev/lvmSystem/volRoot
 swapon /dev/lvmSystem/volSwap
 mount /dev/lvmSystem/volRoot /mnt
 mkdir /mnt/boot
 mount /dev/sda1 /mnt/boot
 ###
 cat /home/artix/Desktop/calamares.desktop | grep "Exec"
 # TryExec=calamares
 # Exec=pkexec env DISPLAY=:0 XAUTHORITY=/home/artix/.Xauthority QT_QPA_PLATFORMTHEME=gtk2 calamares
 ###
 ### nano /usr/lib/calamares/modules/bootloader/main.py
 ### ===> function "def run()" : prepare_bootloader(fw_type) ---> # prepare_bootloader(fw_type)
 ### That's to avoid a GRUB error in the end of installation
 ###
 pkexec env DISPLAY=:0 XAUTHORITY=/home/artix/.Xauthority QT_QPA_PLATFORMTHEME=gtk2 calamares
 ###
 nano /mnt/etc/fstab
 # ^^^ Delete all uncommented lines
 fstabgen -U /mnt >> /mnt/etc/fstab
 # Do all sed's manually:
 sed -i "s/ordered/ordered,discard/g" /mnt/etc/fstab
 # Insert to the end of /mnt/etc/fstab (without leading #)
 # tmpfs	/tmp	tmpfs	nodev,nosuid,size=8G	0 0
 ###
 artools-chroot /mnt /bin/bash
 # cat /etc/locale.gen --- already set up
 # cat /etc/localtime --- already set up
 nano /etc/conf.d/hostname
 # ^^^ Change to your desired hostname
 nano /etc/mkinitcpio.conf
 # base udev autodetect modconf block keyboard keymap lvm2 filesystems fsck ===>
 # base udev autodetect modconf block encrypt keyboard keymap lvm2 resume filesystems fsck
 ###
 pacman -Sy
 pacman -Rc artix-grub-theme
 pacman -S lvm2 cryptsetup linux mkinitcpio
 ###
 mkinitcpio -p linux
 passwd
 pacman -S grub
 pacman -S dosfstools freetype2 fuse2 gptfdisk libisoburn mtools os-prober
 pacman -S iw memtest86+ wpa_supplicant
 ### /etc/default/grub modifications using a template: need to change two UUID's
 blkid -s UUID -o value /dev/sda2
 ### Can't specify resume=UUID=...long ID here... because /dev/lvmSystem/volSwap isn't visible!
 grub-install --target=i386-pc --boot-directory=/boot --bootloader-id=artix --recheck /dev/sda
 grub-mkconfig -o /boot/grub/grub.cfg
 ###
 pacman -S device-mapper-openrc lvm2-openrc cryptsetup-openrc
 rc-update add device-mapper boot
 rc-update add lvm boot
 rc-update add dmcrypt boot
 rc-status sysinit | grep udev
 rc-update add dbus default
 rc-update add elogind boot
 pacman -S haveged haveged-openrc
 rc-update add haveged default
 pacman -S cronie cronie-openrc
 rc-update add cronie default
 ###
 pacman -S networkmanager networkmanager-openrc networkmanager-openvpn network-manager-applet
 rc-update add NetworkManager default
 pacman -S ntp ntp-openrc acpid acpid-openrc syslog-ng syslog-ng-openrc
 rc-update add ntpd default
 rc-update add acpid default
 rc-update add syslog-ng default
 ###
 pacman -S artools bash-completion lsof strace
 pacman -S wget htop mc zip samba unrar p7zip unzip
 pacman -S hdparm smartmontools hwinfo dmidecode
 pacman -S whois rsync nmap tcpdump inetutils net-tools ndisc6
 pacman -S yaourt
 exit
 umount -R /mnt
 swapoff -a
 reboot