diff --git a/install.sh b/install.sh index df7e329..d686e63 100755 --- a/install.sh +++ b/install.sh @@ -3,13 +3,13 @@ # Cleaning the TTY. clear -# Updating the live environment -pacman -Syu +# Updating the live environment usually causes more problems than its worth, and quite often can't be done without remounting cowspace with more capacity, especially at the end of any given month. +pacman -Sy # Installing curl pacman -S --noconfirm curl -# Selecting the kernel flavor to install. +# Selecting the kernel flavor to install. kernel_selector () { echo "List of kernels:" echo "1) Stable — Vanilla Linux kernel and modules, with a few patches applied." @@ -90,7 +90,7 @@ BTRFS="/dev/mapper/cryptroot" # Formatting the LUKS Container as BTRFS. echo "Formatting the LUKS container as BTRFS." mkfs.btrfs $BTRFS &>/dev/null -mount $BTRFS /mnt +mount -o clear_cache,nospace_cache $BTRFS /mnt # Creating BTRFS subvolumes. echo "Creating BTRFS subvolumes." @@ -148,15 +148,16 @@ chmod 600 /mnt/@/.snapshots/1/info.xml umount /mnt echo "Mounting the newly created subvolumes." mount -o ssd,noatime,space_cache,compress=zstd:15 $BTRFS /mnt -mkdir -p /mnt/{boot,root,home,.snapshots,srv,tmp,/var/log,/var/log/journal,/var/crash,/var/cache,/var/tmp,/var/spool,/var/lib/libvirt/images,/var/lib/machines,/var/lib/gdm,/var/lib/AccountsService,/cryptkey} +mkdir -p /mnt/{boot,root,home,.snapshots,srv,tmp,/var/log,/var/crash,/var/cache,/var/tmp,/var/spool,/var/lib/libvirt/images,/var/lib/machines,/var/lib/gdm,/var/lib/AccountsService,/cryptkey} mount -o ssd,noatime,space_cache=v2,autodefrag,compress=zstd:15,discard=async,nodev,nosuid,noexec,subvol=@/boot $BTRFS /mnt/boot -mount -o ssd,noatime,space_cache=v2,autodefrag,compress=zstd:15,discard=async,nodev,nosuid,subvol=@/root $BTRFS /mnt/root +mount -o ssd,noatime,space_cache=v2,autodefrag,compress=zstd:15,discard=async,nodev,nosuid,subvol=@/root $BTRFS /mnt/root mount -o ssd,noatime,space_cache=v2.autodefrag,compress=zstd:15,discard=async,nodev,nosuid,subvol=@/home $BTRFS /mnt/home mount -o ssd,noatime,space_cache=v2,autodefrag,compress=zstd:15,discard=async,subvol=@/.snapshots $BTRFS /mnt/.snapshots mount -o ssd,noatime,space_cache=v2.autodefrag,compress=zstd:15,discard=async,subvol=@/srv $BTRFS /mnt/srv mount -o ssd,noatime,space_cache=v2,autodefrag,compress=zstd:15,discard=async,nodatacow,nodev,nosuid,noexec,subvol=@/var_log $BTRFS /mnt/var/log -# Toolbox (https://github.com/containers/toolbox) needs /var/log/journal to have dev, suid, and exec. Thus I am splitting the subvolume. +# Toolbox (https://github.com/containers/toolbox) needs /var/log/journal to have dev, suid, and exec, Thus I am splitting the subvolume. Need to make the directory after /mnt/var/log/ has been mounted. +mkdir -p /mnt/var/log/journal mount -o ssd,noatime,space_cache=v2,autodefrag,compress=zstd:15,discard=async,nodatacow,subvol=@/var_log_journal $BTRFS /mnt/var/log/journal mount -o ssd,noatime,space_cache=v2,autodefrag,compress=zstd:15,discard=async,nodatacow,nodev,nosuid,noexec,subvol=@/var_crash $BTRFS /mnt/var/crash @@ -185,7 +186,7 @@ kernel_selector # Pacstrap (setting up a base sytem onto the new root). # As I said above, I am considering replacing gnome-software with pamac-flatpak-gnome as PackageKit seems very buggy on Arch Linux right now. echo "Installing the base system (it may take a while)." -pacstrap /mnt base ${kernel} ${microcode} linux-firmware grub grub-btrfs snapper snap-pac efibootmgr sudo networkmanager apparmor python2-notify python-psutil chrony nano gdm gnome-control-center gnome-terminal gnome-software gnome-software-packagekit-plugin gnome-tweaks nautilus pipewire-pulse pipewire-alsa pipewire-jack flatpak firewalld zram-generator adobe-source-han-sans-otc-fonts adobe-source-han-serif-otc-fonts gnu-free-fonts reflector mlocate man-db +pacstrap /mnt base ${kernel} ${microcode} linux-firmware grub grub-btrfs snapper snap-pac efibootmgr sudo networkmanager apparmor python-psutil python-notify2 nano gdm gnome-control-center gnome-terminal gnome-software gnome-software-packagekit-plugin gnome-tweaks nautilus pipewire-pulse pipewire-alsa pipewire-jack flatpak firewalld zram-generator adobe-source-han-sans-otc-fonts adobe-source-han-serif-otc-fonts gnu-free-fonts reflector mlocate man-db chrony # Routing jack2 through PipeWire. echo "/usr/lib/pipewire-0.3/jack" > /mnt/etc/ld.so.conf.d/pipewire-jack.conf @@ -208,7 +209,7 @@ cat > /mnt/etc/hosts <> /mnt/etc/modprobe.d/30_security-misc.conf @@ -323,19 +324,19 @@ EOF chmod 600 /mnt/etc/NetworkManager/conf.d/ip6-privacy.conf -# Configuring the system. +# Configuring the system. arch-chroot /mnt /bin/bash -e </dev/null - + # Setting up clock. hwclock --systohc - - # Generating locales.my keys aren't even on + + # Generating locales.my keys aren't even on echo "Generating locales." locale-gen &>/dev/null - + # Generating a new initramfs. echo "Creating a new initramfs." chmod 600 /boot/initramfs-linux* &>/dev/null @@ -352,8 +353,8 @@ arch-chroot /mnt /bin/bash -e </dev/null - + grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=GRUB --modules="normal test efi_gop efi_uga search echo linux all_video gfxmenu gfxterm_background gfxterm_menu gfxterm loadenv configfile gzio part_gpt cryptodisk luks gcry_rijndael gcry_sha256 btrfs" --disable-shim-lock &>/dev/null + # Creating grub config file. echo "Creating GRUB config file." grub-mkconfig -o /boot/grub/grub.cfg &>/dev/null @@ -363,14 +364,16 @@ arch-chroot /mnt /bin/bash -e < /mnt/home/${USER}/.config/autostart/apparmor-notify.desktop' <<-'EOF' +# Enable AppArmor notifications +# Must create ~/.config/autostart first +mkdir -p -m 700 /mnt/home/${username}/.config/autostart/ +bash -c "cat > /mnt/home/${username}/.config/autostart/apparmor-notify.desktop" <<-'EOF' [Desktop Entry] Type=Application Name=AppArmor Notify @@ -380,10 +383,13 @@ Exec=aa-notify -p -s 1 -w 60 -f /var/log/audit/audit.log StartupNotify=false NoDisplay=true EOF +chmod 700 /mnt/home/${username}/.config/autostart/apparmor-notify.desktop +arch-chroot /mnt chown -R $username:$username /home/${username}/.config + + +# Setting user password. + -# Setting root password. -echo "Setting root password." -arch-chroot /mnt /bin/passwd [ -n "$username" ] && echo "Setting user password for ${username}." && arch-chroot /mnt /bin/passwd "$username" # Giving wheel user sudo access.