Use systemd-resolved

Signed-off-by: Tommy <contact@tommytran.io>

install.sh

@@ -177,17 +177,14 @@ pacman -Sy
 ## Installing curl
 pacman -S --noconfirm curl
 
-## Formatting the disk
+## Wipe the disk
-wipefs -af "${disk}" &>/dev/null
+sgdisk --zap-all "${disk}"
-sgdisk -Zo "${disk}" &>/dev/null
 
 ## Creating a new partition scheme.
 output "Creating new partition scheme on ${disk}."
-parted -s "${disk}" \
+sgdisk -g "${disk}"
-    mklabel gpt \
+sgdisk -I -n 1:0:+512M -t 1:ef00 -c 1:'ESP' "${disk}"
-    mkpart ESP fat32 1MiB 513MiB \
+sgdisk -I -n 2:0:0 -c 2:'rootfs' "${disk}"
-    set 1 esp on \
-    mkpart rootfs 513MiB 100%
 
 ESP='/dev/disk/by-partlabel/ESP'
 
@@ -201,12 +198,12 @@ partprobe "${disk}"
 
 ## Formatting the ESP as FAT32.
 output 'Formatting the EFI Partition as FAT32.'
-mkfs.fat -F 32 -s 2 "${ESP}" &>/dev/null
+mkfs.fat -F 32 -s 2 "${ESP}"
 
 ## Creating a LUKS Container for the root partition.
 if [ "${use_luks}" = '1' ]; then
     output 'Creating LUKS Container for the root partition.'
-    echo -n "${luks_password}" | cryptsetup luksFormat --pbkdf pbkdf2 "${cryptroot}" -d - &>/dev/null
+    echo -n "${luks_password}" | cryptsetup luksFormat --pbkdf pbkdf2 "${cryptroot}" -d -
     echo -n "${luks_password}" | cryptsetup open "${cryptroot}" cryptroot -d -
     BTRFS='/dev/mapper/cryptroot'
 else
@@ -215,35 +212,35 @@ fi
 
 ## Formatting the partition as BTRFS.
 output 'Formatting the rootfs as BTRFS.'
-mkfs.btrfs "${BTRFS}" &>/dev/null
+mkfs.btrfs "${BTRFS}"
 mount "${BTRFS}" /mnt
 
 ## Creating BTRFS subvolumes.
 output 'Creating BTRFS subvolumes.'
 
-btrfs su cr /mnt/@ &>/dev/null
+btrfs su cr /mnt/@
-btrfs su cr /mnt/@/.snapshots &>/dev/null
+btrfs su cr /mnt/@/.snapshots
-mkdir -p /mnt/@/.snapshots/1 &>/dev/null
+mkdir -p /mnt/@/.snapshots/1
-btrfs su cr /mnt/@/.snapshots/1/snapshot &>/dev/null
+btrfs su cr /mnt/@/.snapshots/1/snapshot
-btrfs su cr /mnt/@/boot/ &>/dev/null
+btrfs su cr /mnt/@/boot/
-btrfs su cr /mnt/@/home &>/dev/null
+btrfs su cr /mnt/@/home
-btrfs su cr /mnt/@/root &>/dev/null
+btrfs su cr /mnt/@/root
-btrfs su cr /mnt/@/srv &>/dev/null
+btrfs su cr /mnt/@/srv
-btrfs su cr /mnt/@/var_log &>/dev/null
+btrfs su cr /mnt/@/var_log
-btrfs su cr /mnt/@/var_log_journal &>/dev/null
+btrfs su cr /mnt/@/var_log_journal
-btrfs su cr /mnt/@/var_crash &>/dev/null
+btrfs su cr /mnt/@/var_crash
-btrfs su cr /mnt/@/var_cache &>/dev/null
+btrfs su cr /mnt/@/var_cache
-btrfs su cr /mnt/@/var_tmp &>/dev/null
+btrfs su cr /mnt/@/var_tmp
-btrfs su cr /mnt/@/var_spool &>/dev/null
+btrfs su cr /mnt/@/var_spool
-btrfs su cr /mnt/@/var_lib_libvirt_images &>/dev/null
+btrfs su cr /mnt/@/var_lib_libvirt_images
-btrfs su cr /mnt/@/var_lib_machines &>/dev/null
+btrfs su cr /mnt/@/var_lib_machines
 if [ "${install_mode}" = 'desktop' ]; then
-    btrfs su cr /mnt/@/var_lib_gdm &>/dev/null
+    btrfs su cr /mnt/@/var_lib_gdm
-    btrfs su cr /mnt/@/var_lib_AccountsService &>/dev/null
+    btrfs su cr /mnt/@/var_lib_AccountsService
 fi
 
 if [ "${use_luks}" = '1' ]; then
-    btrfs su cr /mnt/@/cryptkey &>/dev/null
+    btrfs su cr /mnt/@/cryptkey
 fi
 
 ## Disable CoW on subvols we are not taking snapshots of
@@ -329,7 +326,14 @@ fi
 mkdir -p /mnt/boot/efi
 mount -o nodev,nosuid,noexec "${ESP}" /mnt/boot/efi
 
-## Check the microcode to install.
+## Pacstrap
+output 'Installing the base system (it may take a while).'
+
+output "You may see an error when mkinitcpio tries to generate a new initramfs."
+output "It is okay. The script will regenerate the initramfs later in the installation process."
+
+pacstrap /mnt apparmor base chrony efibootmgr firewalld grub grub-btrfs inotify-tools linux-firmware linux-hardened linux-lts nano reflector sbctl snapper sudo zram-generator
+
 if [ "${virtualization}" = 'none' ]; then
     CPU=$(grep vendor_id /proc/cpuinfo)
     if [[ "${CPU}" == *"AuthenticAMD"* ]]; then
@@ -337,16 +341,10 @@ if [ "${virtualization}" = 'none' ]; then
     else
         microcode=intel-ucode
     fi
+
+    pacstrap /mnt "${microcode}"
 fi
 
-## Pacstrap
-output 'Installing the base system (it may take a while).'
-
-output "You may see an error when mkinitcpio tries to generate a new initramfs."
-output "It is okay. The script will regenerate the initramfs later in the installation process."
-
-pacstrap /mnt apparmor base chrony efibootmgr firewalld grub grub-btrfs inotify-tools linux-firmware linux-hardened linux-lts "${microcode}" nano reflector sbctl snapper sudo zram-generator
-
 if [ "${network_daemon}" = 'networkmanager' ]; then
     pacstrap /mnt networkmanager
 fi
@@ -437,8 +435,8 @@ fi
 
 ## Add keyfile to the initramfs to avoid double password.
 if [ "${use_luks}" = '1' ]; then
-    dd bs=512 count=4 if=/dev/random of=/mnt/cryptkey/.root.key iflag=fullblock &>/dev/null
+    dd bs=512 count=4 if=/dev/random of=/mnt/cryptkey/.root.key iflag=fullblock
-    chmod 000 /mnt/cryptkey/.root.key &>/dev/null
+    chmod 000 /mnt/cryptkey/.root.key
     echo -n "${luks_password}" | cryptsetup luksAddKey /dev/disk/by-partlabel/rootfs /mnt/cryptkey/.root.key -d -
     sed -i 's#FILES=()#FILES=(/cryptkey/.root.key)#g' /mnt/etc/mkinitcpio.conf
     sed -i "s#module\.sig_enforce=1#module.sig_enforce=1 rd.luks.key=/cryptkey/.root.key#g" /mnt/etc/default/grub
@@ -517,20 +515,20 @@ arch-chroot /mnt /bin/bash -e <<EOF
 
     # Setting up timezone.
     # Temporarily hardcoding here
-    ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime &>/dev/null
+    ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime
 
     # Setting up clock.
     hwclock --systohc
 
     # Generating locales.my keys aren't even on
-    echo "Generating locales."
+    echo 'Generating locales.'
     locale-gen
 
     # Create SecureBoot keys. This isn't strictly necessary, but certain things like linux-hardened preset expects it and mkinitcpio will fail without it, sooo...
     sbctl create-keys
 
     # Generating a new initramfs.
-    echo "Creating a new initramfs."
+    echo 'Creating a new initramfs.'
     chmod 600 /boot/initramfs-linux*
     mkinitcpio -P
 
@@ -543,17 +541,22 @@ arch-chroot /mnt /bin/bash -e <<EOF
     grub-mkconfig -o /boot/grub/grub.cfg
 
     # Adding user with sudo privilege
-    echo "Adding $username with root privilege."
+    echo 'Adding $username with root privilege.'
     useradd -m $username
     usermod -aG wheel $username
 
     if [ "${install_mode}" = 'desktop' ]; then
         # Setting up dconf
-        echo "Setting up dconf."
+        echo 'Setting up dconf.'
         dconf update
     fi
 
+    # Use systemd-resolved for DNS resolution
+    rm /etc/resolv.conf
+    ln -s /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
+
     # Snapper configuration
+    echo 'Configuring Snapper.'
     umount /.snapshots
     rm -r /.snapshots
     snapper --no-dbus -c root create-config /
@@ -564,7 +567,7 @@ arch-chroot /mnt /bin/bash -e <<EOF
 EOF
 
 ## Set user password.
-[ -n "$username" ] && echo "Setting user password for ${username}." && echo -e "${user_password}\n${user_password}" | arch-chroot /mnt passwd "$username" &>/dev/null
+[ -n "$username" ] && echo "Setting user password for ${username}." && echo -e "${user_password}\n${user_password}" | arch-chroot /mnt passwd "$username"
 
 ## Give wheel user sudo access.
 sed -i 's/# %wheel ALL=(ALL:ALL) ALL/%wheel ALL=(ALL:ALL) ALL/g' /mnt/etc/sudoers
@@ -579,6 +582,7 @@ systemctl enable reflector.timer --root=/mnt
 systemctl enable snapper-timeline.timer --root=/mnt
 systemctl enable snapper-cleanup.timer --root=/mnt
 systemctl enable systemd-oomd --root=/mnt
+systemctl enable systemd-resolved --root=/mnt
 systemctl disable systemd-timesyncd --root=/mnt
 
 if [ "${network_daemon}" = 'networkmanager' ]; then