ange/archinstall
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: ange:devel
Branches Tags
ange:main
ange:devel
..
compare: ange:main
Branches Tags
ange:devel
ange:main

No commits in common. "devel" and "main" have entirely different histories.
devel ... main

28 changed files with 75 additions and 74 deletions
Show Stats Expand all files Collapse all files

18
config
View File

@ -1,4 +1,5 @@
# User Variables # User Variables
# Comment to disable
# shellcheck disable=SC2034 # shellcheck disable=SC2034
install_type=dwm # base|desktop|dwm install_type=dwm # base|desktop|dwm
@ -6,35 +7,34 @@ install_type=dwm # base|desktop|dwm
disk=/dev/nvme0n1 disk=/dev/nvme0n1
disk_passwd=cryptroot disk_passwd=cryptroot
swapfile=1024 # MiB, Comment to disable swapfile=1024 # MiB
username=ange username=ange
userpasswd=ange userpasswd=ange
rootpasswd=root # Comment to disable rootpasswd=root
shell=bash shell=bash
hostname="$username-pc" hostname="$username-pc"
tz=UTC # Europe/Paris tz=Europe/Paris
locales=en_US # en_US,fr_FR locales=en_US # 'en_US,fr_FR'
lang=en_US lang=en_US
pkg=( pkg=(
7zip unrar
base-devel man-{db,pages} tldr base-devel man-{db,pages} tldr
bash-completion bash-completion fzf
detox
dosfstools exfatprogs dosfstools exfatprogs
efibootmgr
fastfetch fastfetch
fzf
git git
iwd iptables-nft wireguard-tools gnu-netcat iwd iptables-nft wireguard-tools bind gnu-netcat
jq jq
lf lf
neovim{,-lspconfig} python-{pynvim,black} ripgrep bash-language-server pyright neovim{,-lspconfig} python-{pynvim,black} ripgrep bash-language-server pyright
opendoas opendoas
openssh openssh
p7zip unrar
podman docker-compose podman docker-compose
reflector reflector
renameutils perl-rename renameutils perl-rename

3
install.sh
View File

@ -1,8 +1,5 @@
#!/bin/bash #!/bin/bash
echo 'If you want Secure Boot support, you need to put your system in Setup Mode'
read -r
exec &> >(tee logs.out) exec &> >(tee logs.out)
set -a set -a

22
modules/10-chroot/10-bootloader.sh
View File

@ -1,22 +0,0 @@
#!/bin/bash
#shellcheck disable=SC2154
root="$(findmnt -n -osource /)"
boot="$(lsblk -ls -oname /dev/disk/by-partlabel/boot | tail -n1)"
cryptdev="$(cryptsetup status "$root" | awk '/device/ {print $2}')"
[ -n "$cryptdev" ] && {
uuid="$(blkid | grep "$cryptdev" | awk '{print $2}')"
options="cryptdevice=$uuid:${root##*/} "
}
options="${options}root=$root rw"
sbctl create-keys
sbctl enroll-keys
for l in arch{,-lts-fallback}; do
efibootmgr --create --unicode --label "$l" \
--disk "$boot" --part 1 --loader "\\EFI\\Linux\\arch-linux$l.efi"
done
echo "$options" > /etc/cmdline.d/root.conf

8
modules/base.sh
View File

@ -1,21 +1,21 @@
#!/bin/bash #!/bin/bash
#shellcheck disable=SC2154 #shellcheck disable=SC2154
for i in modules/00-prechroot/*.sh; do for i in modules/prechroot/*.sh; do
bash -x "$i" bash -x "$i"
done done
cp -r modules/chroot/ /mnt/ cp -r modules/chroot/ /mnt/
for i in modules/10-chroot/*.sh; do for i in modules/chroot/*.sh; do
arch-chroot /mnt bash -x "${i/modules/}" arch-chroot /mnt bash -x "${i/modules/}"
done done
for i in modules/10-chroot/user/*.sh; do for i in modules/chroot/user/*.sh; do
arch-chroot /mnt su - "$username" -c "bash -x '${i/modules/}'" arch-chroot /mnt su - "$username" -c "bash -x '${i/modules/}'"
done done
for i in modules/20-postchroot/*.sh; do for i in modules/postchroot/*.sh; do
bash -x "$i" bash -x "$i"
done done

0
modules/10-chroot/00-bootstrap.sh → modules/chroot/00-bootstrap.sh
View File

20
modules/chroot/10-bootloader.sh Normal file
View File

@ -0,0 +1,20 @@
#!/bin/bash
#shellcheck disable=SC2154
bootctl install
root="$(findmnt -nr -o source /)"
cryptdev="$(cryptsetup status "$root" | awk '/device/ {print $2}')"
[ -n "$cryptdev" ] && {
uuid="$(blkid | grep "$cryptdev" | awk '{print $2}')"
options="cryptdevice=$uuid:$(basename "$root") "
}
options="${options}root=$root"
for f in /boot/loader/entries/*.conf; do
cat << EOF >> "$f"
options $options rw
EOF
done

2
modules/10-chroot/20-users.sh → modules/chroot/20-users.sh
View File

@ -4,5 +4,5 @@
shell="$(sed -n "/$shell/{p;q}" /etc/shells)" shell="$(sed -n "/$shell/{p;q}" /etc/shells)"
useradd -mG wheel,video "$username" -s "${shell:-/bin/bash}" useradd -mG wheel,video "$username" -s "${shell:-/bin/bash}"
[ -n "$rootpasswd" ] && echo "root:$rootpasswd" | chpasswd echo "root:$rootpasswd" | chpasswd
echo "$username:$userpasswd" | chpasswd echo "$username:$userpasswd" | chpasswd

0
modules/10-chroot/30-services.sh → modules/chroot/30-services.sh
View File

0
modules/10-chroot/40-flatpak.sh → modules/chroot/40-flatpak.sh
View File

1
modules/10-chroot/50-dwm.sh → modules/chroot/50-dwm.sh.dwm
View File

@ -1,5 +1,4 @@
#!/bin/bash #!/bin/bash
#shellcheck disable=SC2154
git clone --depth 1 https://git.maby.dev/ange/.dotfiles.git /tmp/dotfiles git clone --depth 1 https://git.maby.dev/ange/.dotfiles.git /tmp/dotfiles
/tmp/dotfiles/.config/suckless/update.sh /tmp/dotfiles/.config/suckless/update.sh

4
modules/chroot/user/10-services.sh Normal file
View File

@ -0,0 +1,4 @@
#!/bin/bash
#shellcheck disable=SC2154
systemctl enable --user podman.socket

0
modules/10-chroot/user/10-dotfiles.sh → modules/chroot/user/20-dotfiles.sh
View File

9
modules/desktop.sh
View File

@ -6,9 +6,11 @@ printf '%s\n' \
aerc w3m \ aerc w3m \
alacritty \ alacritty \
bluez{,-utils} \ bluez{,-utils} \
dunst libnotify \
feh \ feh \
gammastep \ gammastep \
imagemagick ghostscript \ graphicsmagick ghostscript \
gvfs{,-gphoto2,-mtp} \
materia-gtk-theme papirus-icon-theme \ materia-gtk-theme papirus-icon-theme \
monero \ monero \
mpv \ mpv \
@ -18,7 +20,6 @@ printf '%s\n' \
pipewire{,-pulse,-jack} pavucontrol playerctl \ pipewire{,-pulse,-jack} pavucontrol playerctl \
polkit-gnome \ polkit-gnome \
qemu-{base,audio-pipewire,hw-usb-host,hw-display-virtio-{gpu,vga},ui-gtk} dnsmasq \ qemu-{base,audio-pipewire,hw-usb-host,hw-display-virtio-{gpu,vga},ui-gtk} dnsmasq \
udisks2 \
xdg-user-dirs \ xdg-user-dirs \
yt-dlp \ yt-dlp \
zathura{,-pdf-poppler} \ zathura{,-pdf-poppler} \
@ -33,9 +34,9 @@ printf '%s\n' \
>> modules/chroot/flatpak.txt >> modules/chroot/flatpak.txt
case "$(lspci | grep 'VGA\|3D')" in case "$(lspci | grep 'VGA\|3D')" in
*AMD*) echo vulkan-radeon mesa >> pkglist.txt ;; *AMD*) echo vulkan-radeon libva-mesa-driver mesa-vdpau >> pkglist.txt ;;
*Intel*) echo vulkan-intel intel-media-driver >> pkglist.txt ;; *Intel*) echo vulkan-intel intel-media-driver >> pkglist.txt ;;
*NVIDIA*) echo vulkan-nouveau mesa >> pkglist.txt ;; *NVIDIA*) echo vulkan-nouveau libva-mesa-driver mesa-vdpau >> pkglist.txt ;;
*) ;; *) ;;
esac esac

1
modules/dwm.sh
View File

@ -2,6 +2,7 @@
#shellcheck disable=SC2154 #shellcheck disable=SC2154
printf '%s\n' \ printf '%s\n' \
autorandr \
i3lock xss-lock \ i3lock xss-lock \
picom \ picom \
xorg-{server,xinit,xrandr,xsetroot} xclip xdotool \ xorg-{server,xinit,xrandr,xsetroot} xclip xdotool \

0
modules/20-postchroot/99-done.sh → modules/postchroot/99-done.sh
View File

16
modules/00-prechroot/10-disk.sh → modules/prechroot/10-disk.sh
View File

@ -2,11 +2,11 @@
#shellcheck disable=SC2154 #shellcheck disable=SC2154
sgdisk -Z \ sgdisk -Z \
-n '0:0:+512M' -t '0:ef00' -c '0:esp' \ -n '0:0:+512M' -t '0:ef00' -c '0:boot' \
-n '0:0:0' -t '0:8300' -c '0:root' \ -n '0:0:0' -t '0:8300' -c '0:root' \
"$disk" "$disk"
esp=/dev/disk/by-partlabel/esp boot=/dev/disk/by-partlabel/boot
root=/dev/disk/by-partlabel/root root=/dev/disk/by-partlabel/root
[ -n "$disk_passwd" ] && { [ -n "$disk_passwd" ] && {
@ -15,25 +15,21 @@ root=/dev/disk/by-partlabel/root
root=/dev/mapper/cryptroot root=/dev/mapper/cryptroot
} }
sleep 5 # wait /dev/disk/by-partlabel/ sleep 2 # wait for /dev/disk/by-partlabel/ to be populated
mkfs.vfat -F32 "$esp" mkfs.fat -F32 "$boot"
mkfs.ext4 -F "$root" mkfs.ext4 -F "$root"
mount "$root" /mnt/ mount "$root" /mnt/
mount -m -o fmask=0077,dmask=0077 /dev/disk/by-partlabel/boot /mnt/boot/
cat <<EOF > /mnt/etc/fstab
UUID=$(blkid "$root" -ovalue -sUUID) / ext4 rw,relatime 0 1
UUID=$(blkid "$esp" -ovalue -sUUID) /efi vfat rw,fmask=0077,dmask=0077,noauto 0 2
EOF
[ -n "$swapfile" ] && { [ -n "$swapfile" ] && {
dd if=/dev/zero of=/mnt/swapfile bs=1M count="$swapfile" status=progress dd if=/dev/zero of=/mnt/swapfile bs=1M count="$swapfile" status=progress
chmod 600 /mnt/swapfile chmod 600 /mnt/swapfile
mkswap /mnt/swapfile mkswap /mnt/swapfile
swapon /mnt/swapfile swapon /mnt/swapfile
echo "/swapfile none swap defaults 0 0" >> /mnt/etc/fstab
} }
cp -rfTv rootfs/ /mnt/ cp -rfTv rootfs/ /mnt/
genfstab -U /mnt/ >> /mnt/etc/fstab
swapoff /mnt/swapfile swapoff /mnt/swapfile

3
modules/00-prechroot/20-pkg.sh → modules/prechroot/20-pkg.sh
View File

@ -12,8 +12,7 @@ esac
[ -d /sys/class/power_supply/BAT0 ] && echo tlp >> pkglist.txt [ -d /sys/class/power_supply/BAT0 ] && echo tlp >> pkglist.txt
echo "$shell" >> pkglist.txt
pacstrap -C rootfs/etc/pacman.conf -K /mnt \ pacstrap -C rootfs/etc/pacman.conf -K /mnt \
base linux{,-lts,-firmware} efibootmgr sbctl - < pkglist.txt base linux{,-lts,-firmware} "$shell" - < pkglist.txt
find /mnt/etc/ -name '*.pacnew' -delete find /mnt/etc/ -name '*.pacnew' -delete

3
rootfs/boot/loader/entries/arch-lts.conf Normal file
View File

@ -0,0 +1,3 @@
title Arch Linux LTS
linux /vmlinuz-linux-lts
initrd /initramfs-linux-lts.img

3
rootfs/boot/loader/entries/arch.conf Normal file
View File

@ -0,0 +1,3 @@
title Arch Linux
linux /vmlinuz-linux
initrd /initramfs-linux.img

1
rootfs/boot/loader/loader.conf Normal file
View File

@ -0,0 +1 @@
default arch

0
rootfs/etc/cmdline.d/root.conf
View File

3
rootfs/etc/mkinitcpio.d/linux-lts.preset
View File

@ -1,3 +0,0 @@
ALL_kver='/boot/vmlinuz-linux-lts'
PRESETS=('fallback')
fallback_uki='/efi/EFI/Linux/arch-linux-lts-fallback.efi'

3
rootfs/etc/mkinitcpio.d/linux.preset
View File

@ -1,3 +0,0 @@
ALL_kver='/boot/vmlinuz-linux'
PRESETS=('default')
default_uki='/efi/EFI/Linux/arch-linux.efi'

1
rootfs/etc/modprobe.d/nobeep.conf
View File

@ -1 +1,2 @@
blacklist pcspkr blacklist pcspkr
blacklist snd_pcsp

14
rootfs/etc/nftables.conf
View File

@ -1,30 +1,26 @@
#!/usr/bin/nft -f #!/usr/bin/nft -f
# vim:set ts=2 sw=2 et: # vim:set ts=2 sw=2 et:
destroy table inet filter; flush ruleset
table inet filter { table inet filter {
chain input { chain input {
type filter hook input priority filter; policy drop; type filter hook input priority filter; policy drop;
#tcp dport 32768-65535 counter meta nftrace set 1 accept comment "WoW VoiceError:17" #tcp dport 32768-40960 counter meta nftrace set 1 accept comment "WoW VoiceError:17"
ct state invalid counter drop ct state invalid counter drop
ct state {established, related} counter accept ct state {established,related} counter accept
iif "lo" counter accept iif "lo" counter accept
ip protocol {icmp,icmpv6} counter accept ip protocol {icmp,icmpv6} counter accept
iifname "waydroid0" meta l4proto {tcp, udp} th dport {53, 67} counter accept
counter meta nftrace set 1 comment "dropped" counter meta nftrace set 1 comment "dropped"
} }
chain forward { chain forward {
type filter hook forward priority filter; policy drop; type filter hook forward priority filter; policy drop;
iifname "waydroid0" counter accept
oifname "waydroid0" counter accept
counter meta nftrace set 1 comment "dropped" counter meta nftrace set 1 comment "dropped"
} }

2
rootfs/etc/pacman.conf
View File

@ -35,8 +35,6 @@ Color
CheckSpace CheckSpace
VerbosePkgLists VerbosePkgLists
ParallelDownloads = 8 ParallelDownloads = 8
DownloadUser = alpm
#DisableSandbox
ILoveCandy ILoveCandy
# By default, pacman accepts packages signed by keys that its local keyring # By default, pacman accepts packages signed by keys that its local keyring

9
rootfs/etc/pacman.d/hooks/10-systemd-boot.hook Normal file
View File

@ -0,0 +1,9 @@
[Trigger]
Type = Package
Operation = Upgrade
Target = systemd
[Action]
Description = Gracefully upgrading systemd-boot...
When = PostTransaction
Exec = /usr/bin/systemctl restart systemd-boot-update.service

3
rootfs/etc/xdg/reflector/reflector.conf
View File

@ -1,3 +1,4 @@
--save /etc/pacman.d/mirrorlist --save /etc/pacman.d/mirrorlist
--protocol https --protocol https
--sort score --latest 5
--sort rate