There are several excellent Guides by @linux-aarhus how to install an encrypted system with CLI only:
I followed it but used weaker but lighter encryption options from here: dm-crypt/Device encryption - ArchWiki I mean 256 instead of 512 and 2000 instead of 5000.
But I used --type luks2 option even though I didn’t need the additional feature, but maybe it is more future proof regarding support and compatibility.