Tomster/Arch-Setup-Script
1
0
Fork 0
mirror of https://github.com/tommytran732/Arch-Setup-Script synced 2024-10-17 18:55:14 -04:00
Code

Compare commits

base: Tomster:7fd0563729d296ed7dc9495d8c7d5ec6d73a6565
Branches Tags
Tomster:main
..
compare: Tomster:f400b8b0b2638e9a193343cd0970b5a30b2a0964
Branches Tags
Tomster:main

No commits in common. "7fd0563729d296ed7dc9495d8c7d5ec6d73a6565" and "f400b8b0b2638e9a193343cd0970b5a30b2a0964" have entirely different histories.
7fd0563729 ... f400b8b0b2

1 changed files with 47 additions and 51 deletions
Show Stats Expand all files Collapse all files

98
install.sh
View File

@ -177,14 +177,17 @@ pacman -Sy
## Installing curl
pacman -S --noconfirm curl
## Wipe the disk
sgdisk --zap-all "${disk}"
## Formatting the disk
wipefs -af "${disk}" &>/dev/null
sgdisk -Zo "${disk}" &>/dev/null
## Creating a new partition scheme.
output "Creating new partition scheme on ${disk}."
sgdisk -g "${disk}"
sgdisk -I -n 1:0:+512M -t 1:ef00 -c 1:'ESP' "${disk}"
sgdisk -I -n 2:0:0 -c 2:'rootfs' "${disk}"
parted -s "${disk}" \
mklabel gpt \
mkpart ESP fat32 1MiB 513MiB \
set 1 esp on \
mkpart rootfs 513MiB 100%
ESP='/dev/disk/by-partlabel/ESP'
@ -198,12 +201,12 @@ partprobe "${disk}"
## Formatting the ESP as FAT32.
output 'Formatting the EFI Partition as FAT32.'
mkfs.fat -F 32 -s 2 "${ESP}"
mkfs.fat -F 32 -s 2 "${ESP}" &>/dev/null
## Creating a LUKS Container for the root partition.
if [ "${use_luks}" = '1' ]; then
output 'Creating LUKS Container for the root partition.'
echo -n "${luks_password}" | cryptsetup luksFormat --pbkdf pbkdf2 "${cryptroot}" -d -
echo -n "${luks_password}" | cryptsetup luksFormat --pbkdf pbkdf2 "${cryptroot}" -d - &>/dev/null
echo -n "${luks_password}" | cryptsetup open "${cryptroot}" cryptroot -d -
BTRFS='/dev/mapper/cryptroot'
else
@ -212,35 +215,35 @@ fi
## Formatting the partition as BTRFS.
output 'Formatting the rootfs as BTRFS.'
mkfs.btrfs "${BTRFS}"
mkfs.btrfs "${BTRFS}" &>/dev/null
mount "${BTRFS}" /mnt
## Creating BTRFS subvolumes.
output 'Creating BTRFS subvolumes.'
btrfs su cr /mnt/@
btrfs su cr /mnt/@/.snapshots
mkdir -p /mnt/@/.snapshots/1
btrfs su cr /mnt/@/.snapshots/1/snapshot
btrfs su cr /mnt/@/boot/
btrfs su cr /mnt/@/home
btrfs su cr /mnt/@/root
btrfs su cr /mnt/@/srv
btrfs su cr /mnt/@/var_log
btrfs su cr /mnt/@/var_log_journal
btrfs su cr /mnt/@/var_crash
btrfs su cr /mnt/@/var_cache
btrfs su cr /mnt/@/var_tmp
btrfs su cr /mnt/@/var_spool
btrfs su cr /mnt/@/var_lib_libvirt_images
btrfs su cr /mnt/@/var_lib_machines
btrfs su cr /mnt/@ &>/dev/null
btrfs su cr /mnt/@/.snapshots &>/dev/null
mkdir -p /mnt/@/.snapshots/1 &>/dev/null
btrfs su cr /mnt/@/.snapshots/1/snapshot &>/dev/null
btrfs su cr /mnt/@/boot/ &>/dev/null
btrfs su cr /mnt/@/home &>/dev/null
btrfs su cr /mnt/@/root &>/dev/null
btrfs su cr /mnt/@/srv &>/dev/null
btrfs su cr /mnt/@/var_log &>/dev/null
btrfs su cr /mnt/@/var_log_journal &>/dev/null
btrfs su cr /mnt/@/var_crash &>/dev/null
btrfs su cr /mnt/@/var_cache &>/dev/null
btrfs su cr /mnt/@/var_tmp &>/dev/null
btrfs su cr /mnt/@/var_spool &>/dev/null
btrfs su cr /mnt/@/var_lib_libvirt_images &>/dev/null
btrfs su cr /mnt/@/var_lib_machines &>/dev/null
if [ "${install_mode}" = 'desktop' ]; then
btrfs su cr /mnt/@/var_lib_gdm
btrfs su cr /mnt/@/var_lib_AccountsService
btrfs su cr /mnt/@/var_lib_gdm &>/dev/null
btrfs su cr /mnt/@/var_lib_AccountsService &>/dev/null
fi
if [ "${use_luks}" = '1' ]; then
btrfs su cr /mnt/@/cryptkey
btrfs su cr /mnt/@/cryptkey &>/dev/null
fi
## Disable CoW on subvols we are not taking snapshots of
@ -326,14 +329,7 @@ fi
mkdir -p /mnt/boot/efi
mount -o nodev,nosuid,noexec "${ESP}" /mnt/boot/efi
## Pacstrap
output 'Installing the base system (it may take a while).'
output "You may see an error when mkinitcpio tries to generate a new initramfs."
output "It is okay. The script will regenerate the initramfs later in the installation process."
pacstrap /mnt apparmor base chrony efibootmgr firewalld grub grub-btrfs inotify-tools linux-firmware linux-hardened linux-lts nano reflector sbctl snapper sudo zram-generator
## Check the microcode to install.
if [ "${virtualization}" = 'none' ]; then
CPU=$(grep vendor_id /proc/cpuinfo)
if [[ "${CPU}" == *"AuthenticAMD"* ]]; then
@ -341,10 +337,16 @@ if [ "${virtualization}" = 'none' ]; then
else
microcode=intel-ucode
fi
pacstrap /mnt "${microcode}"
fi
## Pacstrap
output 'Installing the base system (it may take a while).'
output "You may see an error when mkinitcpio tries to generate a new initramfs."
output "It is okay. The script will regenerate the initramfs later in the installation process."
pacstrap /mnt apparmor base chrony efibootmgr firewalld grub grub-btrfs inotify-tools linux-firmware linux-hardened linux-lts "${microcode}" nano reflector sbctl snapper sudo zram-generator
if [ "${network_daemon}" = 'networkmanager' ]; then
pacstrap /mnt networkmanager
fi
@ -435,8 +437,8 @@ fi
## Add keyfile to the initramfs to avoid double password.
if [ "${use_luks}" = '1' ]; then
dd bs=512 count=4 if=/dev/random of=/mnt/cryptkey/.root.key iflag=fullblock
chmod 000 /mnt/cryptkey/.root.key
dd bs=512 count=4 if=/dev/random of=/mnt/cryptkey/.root.key iflag=fullblock &>/dev/null
chmod 000 /mnt/cryptkey/.root.key &>/dev/null
echo -n "${luks_password}" | cryptsetup luksAddKey /dev/disk/by-partlabel/rootfs /mnt/cryptkey/.root.key -d -
sed -i 's#FILES=()#FILES=(/cryptkey/.root.key)#g' /mnt/etc/mkinitcpio.conf
sed -i "s#module\.sig_enforce=1#module.sig_enforce=1 rd.luks.key=/cryptkey/.root.key#g" /mnt/etc/default/grub
@ -515,20 +517,20 @@ arch-chroot /mnt /bin/bash -e <<EOF
# Setting up timezone.
# Temporarily hardcoding here
ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime
ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime &>/dev/null
# Setting up clock.
hwclock --systohc
# Generating locales.my keys aren't even on
echo 'Generating locales.'
echo "Generating locales."
locale-gen
# Create SecureBoot keys. This isn't strictly necessary, but certain things like linux-hardened preset expects it and mkinitcpio will fail without it, sooo...
sbctl create-keys
# Generating a new initramfs.
echo 'Creating a new initramfs.'
echo "Creating a new initramfs."
chmod 600 /boot/initramfs-linux*
mkinitcpio -P
@ -541,22 +543,17 @@ arch-chroot /mnt /bin/bash -e <<EOF
grub-mkconfig -o /boot/grub/grub.cfg
# Adding user with sudo privilege
echo 'Adding $username with root privilege.'
echo "Adding $username with root privilege."
useradd -m $username
usermod -aG wheel $username
if [ "${install_mode}" = 'desktop' ]; then
# Setting up dconf
echo 'Setting up dconf.'
echo "Setting up dconf."
dconf update
fi
# Use systemd-resolved for DNS resolution
rm /etc/resolv.conf
ln -s /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
# Snapper configuration
echo 'Configuring Snapper.'
umount /.snapshots
rm -r /.snapshots
snapper --no-dbus -c root create-config /
@ -567,7 +564,7 @@ arch-chroot /mnt /bin/bash -e <<EOF
EOF
## Set user password.
[ -n "$username" ] && echo "Setting user password for ${username}." && echo -e "${user_password}\n${user_password}" | arch-chroot /mnt passwd "$username"
[ -n "$username" ] && echo "Setting user password for ${username}." && echo -e "${user_password}\n${user_password}" | arch-chroot /mnt passwd "$username" &>/dev/null
## Give wheel user sudo access.
sed -i 's/# %wheel ALL=(ALL:ALL) ALL/%wheel ALL=(ALL:ALL) ALL/g' /mnt/etc/sudoers
@ -582,7 +579,6 @@ systemctl enable reflector.timer --root=/mnt
systemctl enable snapper-timeline.timer --root=/mnt
systemctl enable snapper-cleanup.timer --root=/mnt
systemctl enable systemd-oomd --root=/mnt
systemctl enable systemd-resolved --root=/mnt
systemctl disable systemd-timesyncd --root=/mnt
if [ "${network_daemon}" = 'networkmanager' ]; then