1
0
mirror of https://github.com/tommytran732/Arch-Setup-Script synced 2024-11-22 01:21:34 -05:00

Cleanup mountpoints

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2024-05-30 22:03:12 -07:00
parent dcf1536d2a
commit f72a957468
Signed by: Tomster
GPG Key ID: 555C902A34EC968F

View File

@ -46,7 +46,7 @@ kernel_selector () {
output "2) Hardened — A security-focused Linux kernel." output "2) Hardened — A security-focused Linux kernel."
output "3) Longterm — Long-term support (LTS) Linux kernel and modules." output "3) Longterm — Long-term support (LTS) Linux kernel and modules."
output "4) Zen Kernel — Optimized for desktop usage." output "4) Zen Kernel — Optimized for desktop usage."
read -r -p "Insert the number of the corresponding kernel: " choice read -r -p "Insert the number of the corresponding kernel:" choice
output "$choice will be installed" output "$choice will be installed"
case $choice in case $choice in
1 ) kernel=linux 1 ) kernel=linux
@ -71,7 +71,7 @@ luks_password_prompt () {
luks_password_prompt luks_password_prompt
fi fi
output "Confirm your encryption password (the password will not be shown on the screen): " output "Confirm your encryption password (the password will not be shown on the screen):"
read -r -s luks_password2 read -r -s luks_password2
if [ "${luks_password}" != "${luks_password2}" ]; then if [ "${luks_password}" != "${luks_password2}" ]; then
output "Passwords don't match, please try again." output "Passwords don't match, please try again."
@ -79,6 +79,16 @@ luks_password_prompt () {
fi fi
} }
disk_prompt (){
output "Please select the number of the corresponding disk (e.g. 1):"
select entry in $(lsblk -dpnoNAME|grep -P "/dev/sd|nvme|vd");
do
disk="${entry}"
output "Arch Linux will be installed on the following disk: ${disk}"
break
done
}
username_prompt (){ username_prompt (){
output "Enter your username:" output "Enter your username:"
read -r username read -r username
@ -98,7 +108,7 @@ user_password_prompt () {
user_password_prompt user_password_prompt
fi fi
output "Confirm your user password (the password will not be shown on the screen): " output "Confirm your user password (the password will not be shown on the screen):"
read -r -s user_password2 read -r -s user_password2
if [ "${user_password}" != "${user_password2}" ]; then if [ "${user_password}" != "${user_password2}" ]; then
output "Passwords don't match, please try again." output "Passwords don't match, please try again."
@ -107,6 +117,7 @@ user_password_prompt () {
} }
# Set hardcoded variables (temporary, these will be replaced by future prompts) # Set hardcoded variables (temporary, these will be replaced by future prompts)
hostname=localhost
locale=en_US locale=en_US
kblayout=us kblayout=us
@ -117,68 +128,58 @@ clear
install_mode_selector install_mode_selector
kernel_selector kernel_selector
luks_password_prompt luks_password_prompt
disk_prompt
username_prompt username_prompt
user_password_prompt user_password_prompt
# Check if this is a VM # Check if this is a VM
virtualization=$(systemd-detect-virt) virtualization=$(systemd-detect-virt)
# Installation
## Installation ## ## Updating the live environment usually causes more problems than its worth, and quite often can't be done without remounting cowspace with more capacity, especially at the end of any given month.
# Updating the live environment usually causes more problems than its worth, and quite often can't be done without remounting cowspace with more capacity, especially at the end of any given month.
pacman -Sy pacman -Sy
# Installing curl ## Installing curl
pacman -S --noconfirm curl pacman -S --noconfirm curl
# Selecting the target for the installation. ## Formatting the disk
PS3="Select the disk where Arch Linux is going to be installed: " wipefs -af "${disk}" &>/dev/null
select ENTRY in $(lsblk -dpnoNAME|grep -P "/dev/sd|nvme|vd"); sgdisk -Zo "${disk}" &>/dev/null
do
DISK=${ENTRY}
echo "Installing Arch Linux on ${DISK}."
break
done
# formatting the disk ## Creating a new partition scheme.
wipefs -af "${DISK}" &>/dev/null output "Creating new partition scheme on ${disk}."
sgdisk -Zo "${DISK}" &>/dev/null parted -s "${disk}" \
# Creating a new partition scheme.
echo "Creating new partition scheme on ${DISK}."
parted -s "${DISK}" \
mklabel gpt \ mklabel gpt \
mkpart ESP fat32 1MiB 128MiB \ mkpart ESP fat32 1MiB 513MiB \
set 1 esp on \ set 1 esp on \
mkpart cryptroot 128MiB 100% \ mkpart CRYPTROOT 513MiB 100% \
sleep 0.1 ESP="/dev/disk/by-partlabel/ESP"
ESP="/dev/$(lsblk "${DISK}" -o NAME,PARTLABEL | grep ESP| cut -d " " -f1 | cut -c7-)" cryptroot="/dev/disk/by-partlabel/cryptroot"
cryptroot="/dev/$(lsblk "${DISK}" -o NAME,PARTLABEL | grep cryptroot | cut -d " " -f1 | cut -c7-)"
# Informing the Kernel of the changes. ## Informing the Kernel of the changes.
echo "Informing the Kernel about the disk changes." output "Informing the Kernel about the disk changes."
partprobe "${DISK}" partprobe "${disk}"
# Formatting the ESP as FAT32. ## Formatting the ESP as FAT32.
echo "Formatting the EFI Partition as FAT32." output "Formatting the EFI Partition as FAT32."
mkfs.fat -F 32 -s 2 "${ESP}" &>/dev/null mkfs.fat -F 32 -s 2 "${ESP}" &>/dev/null
# Creating a LUKS Container for the root partition. ## Creating a LUKS Container for the root partition.
echo "Creating LUKS Container for the root partition." output "Creating LUKS Container for the root partition."
cryptsetup luksFormat --type luks1 ${cryptroot} echo -n "${luks_password}" | cryptsetup luksFormat --type luks1 ${cryptroot} -d - &>/dev/null
echo "Opening the newly created LUKS Container." echo -n "${luks_password}" | cryptsetup open ${cryptroot} cryptroot -d -
cryptsetup open ${cryptroot} cryptroot
BTRFS="/dev/mapper/cryptroot" BTRFS="/dev/mapper/cryptroot"
# Formatting the LUKS Container as BTRFS. ## Formatting the LUKS Container as BTRFS.
echo "Formatting the LUKS container as BTRFS." output "Formatting the LUKS container as BTRFS."
mkfs.btrfs $BTRFS &>/dev/null mkfs.btrfs "${BTRFS}" &>/dev/null
mount -o clear_cache,nospace_cache $BTRFS /mnt mount "${BTRFS}" /mnt
## Creating BTRFS subvolumes.
output "Creating BTRFS subvolumes."
# Creating BTRFS subvolumes.
echo "Creating BTRFS subvolumes."
btrfs su cr /mnt/@ &>/dev/null btrfs su cr /mnt/@ &>/dev/null
btrfs su cr /mnt/@/.snapshots &>/dev/null btrfs su cr /mnt/@/.snapshots &>/dev/null
mkdir -p /mnt/@/.snapshots/1 &>/dev/null mkdir -p /mnt/@/.snapshots/1 &>/dev/null
@ -199,7 +200,10 @@ btrfs su cr /mnt/@/var_lib_gdm &>/dev/null
btrfs su cr /mnt/@/var_lib_AccountsService &>/dev/null btrfs su cr /mnt/@/var_lib_AccountsService &>/dev/null
btrfs su cr /mnt/@/cryptkey &>/dev/null btrfs su cr /mnt/@/cryptkey &>/dev/null
## Disable CoW on subvols we are not taking snapshots of
chattr +C /mnt/@/boot chattr +C /mnt/@/boot
chattr +C /mnt/@/home
chattr +C /mnt/@/root
chattr +C /mnt/@/srv chattr +C /mnt/@/srv
chattr +C /mnt/@/var_log chattr +C /mnt/@/var_log
chattr +C /mnt/@/var_log_journal chattr +C /mnt/@/var_log_journal
@ -213,48 +217,46 @@ chattr +C /mnt/@/var_lib_gdm
chattr +C /mnt/@/var_lib_AccountsService chattr +C /mnt/@/var_lib_AccountsService
chattr +C /mnt/@/cryptkey chattr +C /mnt/@/cryptkey
#Set the default BTRFS Subvol to Snapshot 1 before pacstrapping ## Set the default BTRFS Subvol to Snapshot 1 before pacstrapping
btrfs subvolume set-default "$(btrfs subvolume list /mnt | grep "@/.snapshots/1/snapshot" | grep -oP '(?<=ID )[0-9]+')" /mnt btrfs subvolume set-default "$(btrfs subvolume list /mnt | grep "@/.snapshots/1/snapshot" | grep -oP '(?<=ID )[0-9]+')" /mnt
cat << EOF >> /mnt/@/.snapshots/1/info.xml echo '<?xml version="1.0"?>
<?xml version="1.0"?>
<snapshot> <snapshot>
<type>single</type> <type>single</type>
<num>1</num> <num>1</num>
<date>1999-03-31 0:00:00</date> <date>1999-03-31 0:00:00</date>
<description>First Root Filesystem</description> <description>First Root Filesystem</description>
<cleanup>number</cleanup> <cleanup>number</cleanup>
</snapshot> </snapshot>' > /mnt/@/.snapshots/1/info.xml
EOF
chmod 600 /mnt/@/.snapshots/1/info.xml chmod 600 /mnt/@/.snapshots/1/info.xml
# Mounting the newly created subvolumes. ## Mounting the newly created subvolumes.
umount /mnt umount /mnt
echo "Mounting the newly created subvolumes." echo "Mounting the newly created subvolumes."
mount -o ssd,noatime,space_cache,compress=zstd:3 ${BTRFS} /mnt mount -o ssd,noatime,space_cache,compress=zstd:3 "${BTRFS}" /mnt
mkdir -p /mnt/{boot,root,home,.snapshots,srv,tmp,/var/log,/var/crash,/var/cache,/var/tmp,/var/spool,/var/lib/libvirt/images,/var/lib/machines,/var/lib/gdm,/var/lib/AccountsService,/cryptkey} mkdir -p /mnt/{boot,root,home,.snapshots,srv,tmp,/var/log,/var/crash,/var/cache,/var/tmp,/var/spool,/var/lib/libvirt/images,/var/lib/machines,/var/lib/gdm,/var/lib/AccountsService,/cryptkey}
mount -o ssd,noatime,space_cache=v2,compress=zstd:3,discard=async,nodev,nosuid,noexec,subvol=@/boot ${BTRFS} /mnt/boot mount -o ssd,noatime,compress=zstd,nodev,nosuid,noexec,subvol=@/boot "${BTRFS}" /mnt/boot
mount -o ssd,noatime,space_cache=v2,compress=zstd:3,discard=async,nodev,nosuid,subvol=@/root ${BTRFS} /mnt/root mount -o ssd,noatime,compress=zstd,nodev,nosuid,subvol=@/root "${BTRFS}" /mnt/root
mount -o ssd,noatime,space_cache=v2,compress=zstd:3,discard=async,nodev,nosuid,subvol=@/home ${BTRFS} /mnt/home mount -o ssd,noatime,compress=zstd,nodev,nosuid,subvol=@/home "${BTRFS}" /mnt/home
mount -o ssd,noatime,space_cache=v2,compress=zstd:3,discard=async,subvol=@/.snapshots ${BTRFS} /mnt/.snapshots mount -o ssd,noatime,compress=zstd,subvol=@/.snapshots "${BTRFS}" /mnt/.snapshots
mount -o ssd,noatime,space_cache=v2,compress=zstd:3,discard=async,subvol=@/srv ${BTRFS} /mnt/srv mount -o ssd,noatime,compress=zstd,subvol=@/srv "${BTRFS}" /mnt/srv
mount -o ssd,noatime,space_cache=v2,compress=zstd:3,discard=async,nodatacow,nodev,nosuid,noexec,subvol=@/var_log ${BTRFS} /mnt/var/log mount -o ssd,noatime,compress=zstd,nodatacow,nodev,nosuid,noexec,subvol=@/var_log "${BTRFS}" /mnt/var/log
# Toolbox (https://github.com/containers/toolbox) needs /var/log/journal to have dev, suid, and exec, Thus I am splitting the subvolume. Need to make the directory after /mnt/var/log/ has been mounted. ## Toolbox (https://github.com/containers/toolbox) needs /var/log/journal to have dev, suid, and exec, Thus I am splitting the subvolume. Need to make the directory after /mnt/var/log/ has been mounted.
mkdir -p /mnt/var/log/journal mkdir -p /mnt/var/log/journal
mount -o ssd,noatime,space_cache=v2,compress=zstd:3,discard=async,nodatacow,subvol=@/var_log_journal ${BTRFS} /mnt/var/log/journal mount -o ssd,noatime,compress=zstd,nodatacow,subvol=@/var_log_journal "${BTRFS}" /mnt/var/log/journal
mount -o ssd,noatime,space_cache=v2,compress=zstd:3,discard=async,nodatacow,nodev,nosuid,noexec,subvol=@/var_crash ${BTRFS} /mnt/var/crash mount -o ssd,noatime,compress=zstd,nodatacow,nodev,nosuid,noexec,subvol=@/var_crash "${BTRFS}" /mnt/var/crash
mount -o ssd,noatime,space_cache=v2,compress=zstd:3,discard=async,nodatacow,nodev,nosuid,noexec,subvol=@/var_cache ${BTRFS} /mnt/var/cache mount -o ssd,noatime,compress=zstd,nodatacow,nodev,nosuid,noexec,subvol=@/var_cache "${BTRFS}" /mnt/var/cache
mount -o ssd,noatime,space_cache=v2,compress=zstd:3,discard=async,nodatacow,nodev,nosuid,noexec,subvol=@/var_tmp ${BTRFS} /mnt/var/tmp mount -o ssd,noatime,compress=zstd,nodatacow,nodev,nosuid,noexec,subvol=@/var_tmp "${BTRFS}" /mnt/var/tmp
mount -o ssd,noatime,space_cache=v2,compress=zstd:3,discard=async,nodatacow,nodev,nosuid,noexec,subvol=@/var_spool ${BTRFS} /mnt/var/spool mount -o ssd,noatime,compress=zstd,nodatacow,nodev,nosuid,noexec,subvol=@/var_spool "${BTRFS}" /mnt/var/spool
mount -o ssd,noatime,space_cache=v2,compress=zstd:3,discard=async,nodatacow,nodev,nosuid,noexec,subvol=@/var_lib_libvirt_images ${BTRFS} /mnt/var/lib/libvirt/images mount -o ssd,noatime,compress=zstd,nodatacow,nodev,nosuid,noexec,subvol=@/var_lib_libvirt_images "${BTRFS}" /mnt/var/lib/libvirt/images
mount -o ssd,noatime,space_cache=v2,compress=zstd:3,discard=async,nodatacow,nodev,nosuid,noexec,subvol=@/var_lib_machines ${BTRFS} /mnt/var/lib/machines mount -o ssd,noatime,compress=zstd,nodatacow,nodev,nosuid,noexec,subvol=@/var_lib_machines "${BTRFS}" /mnt/var/lib/machines
# The encryption is splitted as we do not want to include it in the backup with snap-pac. ## The encryption is splitted as we do not want to include it in the backup with snap-pac.
mount -o ssd,noatime,space_cache=v2,compress=zstd:3,discard=async,nodatacow,nodev,nosuid,noexec,subvol=@/cryptkey ${BTRFS} /mnt/cryptkey mount -o ssd,noatime,compress=zstd,nodatacow,nodev,nosuid,noexec,subvol=@/cryptkey "${BTRFS}" /mnt/cryptkey
mkdir -p /mnt/boot/efi mkdir -p /mnt/boot/efi
mount -o nodev,nosuid,noexec "${ESP}" /mnt/boot/efi mount -o nodev,nosuid,noexec "${ESP}" /mnt/boot/efi