iankelling.org Git - automated-distro-installer/blob - arch-init-chroot

   1 #!/bin/bash -x
   2 set -eE -o pipefail
   3 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
   4
   5 # note, when I did genfstab, i
   6 # neeeded to to do for x in mv /etc/*.pacorig; do mv $x ${x%.pacorig}; done
   7
   8 pacman -Syu
   9
  10 [[ -L /etc/localtime ]] || ln -s /usr/share/zoneinfo/America/Los_Angeles /etc/localtime
  11 l=en_US.UTF-8
  12 echo "$l UTF-8" > /etc/locale.gen
  13 locale-gen
  14 echo "LANG=$l" > /etc/locale.conf
  15 # if coming from windows, and you had to set the time, do this
  16 # hwclock --systohc --utc
  17
  18 # A password is required to access the  volume:
  19 # Command requires device and ampped name as arguments
  20
  21 # If we were using btrfs raid, we supposedly would need this.
  22 # # add btrfs as module instead of hook due to
  23 # # https://wiki.archlinux.org/index.php/Btrfs,
  24 # # https://bugs.archlinux.org/task/42884
  25 # # disabled, as with just the module, startup spammed something about
  26 # # command takes a device name and something else.
  27 # sed -ri --follow-symlinks '/^ *MODULES *=.*btrfs/!s/^( *MODULES *=.*)"/\1 btrfs"/' /etc/mkinitcpio.conf
  28 # # remove extra space
  29 # sed -ri --follow-symlinks 's/^( *MODULES *=[^"]*)" */\1"/' /etc/mkinitcpio.conf
  30
  31
  32
  33
  34 # for desktop without full fs encryption, use this:
  35 #cat > /etc/crypttab <<'EOF'
  36 #tmp  /dev/lvm/tmp  /dev/urandom  tmp,cipher=aes-xts-plain64,size=256
  37
  38 # otgherwise ERROR: file not found: `fsck.btrfs'
  39 pacman -S --noconfirm btrfs-progs
  40
  41 pacman -S --noconfirm grub gptfdisk
  42
  43
  44 shopt -s extglob
  45 echo "$0: fstab:"
  46 cat /etc/fstab
  47 # https://wiki.archlinux.org/index.php/Dm-crypt/System_configuration#Boot_loader
  48 # if cryptdevice was lvm, it woulde be in this format,
  49 # where x2-vg is from lvdisplay, VG Name field.
  50 # cryptdevice=/dev/disk/by-uuid/585dff23-136f-446f-815f-01053b70c957:x2-vg
  51 # but, if you are using your own fstab, it seems you just give it a name,
  52 # which will be the crypt device name under /dev/mapper/
  53 # https://wiki.archlinux.org/index.php/GRUB#Additional_arguments
  54
  55
  56 root_devs=( ${ROOT_PARTITIONS} )
  57 first_root_dev=${root_devs[0]}
  58
  59
  60 k_args=(
  61     cryptdevices=${ROOT_PARTITIONS// /,}
  62     root=/dev/mapper/crypt_dev_${first_root_dev##*/}
  63     resume=${first_root_dev%[0-9]}$swapn
  64 )
  65 extra_encrypt_hooks=()
  66
  67
  68 # If we have more than 1 to decrypt, arch wiki lead me onto
  69 # a sort of hacky way run the encrypt hook multiple times.
  70
  71 base=/usr/lib/initcpio
  72
  73
  74 # https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system#Configuring_mkinitcpio_2
  75 # used to have lvm2 after encrypt for lvm, but not using lvm anymore
  76 for x in encrypt btrfs; do
  77     sed -ri --follow-symlinks -f - /etc/mkinitcpio.conf <<EOF
  78 /^ *HOOKS.*\b$x\b/!s/^( *HOOKS=.*)filesystems/\1$x filesystems/
  79 EOF
  80 done
  81
  82 # this is the default file, otherwise you use cryptkey=device:fstype:path
  83 sed -ri --follow-symlinks -f - /etc/mkinitcpio.conf <<EOF
  84 s#^\s*FILES=.*#FILES="/crypto_keyfile.bin"#
  85 EOF
  86 echo "$0: FILES:"
  87 grep FILES /etc/mkinitcpio.conf
  88 k_args="${k_args[*]}"
  89 echo "$0: grub cmdline additions: $k_args"
  90 sed -ri --follow-symlinks -f - /etc/default/grub <<EOF
  91 \%$k_args%!s%^ *GRUB_CMDLINE_LINUX_DEFAULT *= *"%\0$k_args %
  92 EOF
  93
  94 mkinitcpio -p linux
  95
  96
  97 # remove the default quiet arg.
  98 # this doesn't seem to affect anything, so leave it alone.
  99 #sed -ri --follow-symlinks 's/^( *GRUB_CMDLINE_LINUX_DEFAULT *= *.*) ?\bquiet\b(.*)/\1\2/' /etc/default/grub
 100
 101 # https://wiki.archlinux.org/index.php/GRUB#Install_to_disk
 102 for dev in $BOOT_DEVICE; do
 103     grub-install --recheck $dev
 104 done
 105 grub-mkconfig -o /boot/grub/grub.cfg
 106 # gtk2 is an optional dependency of unison.
 107 # I know Im gonna want the gui, so just doing it now.
 108 pacman -S --noconfirm openssh rsync
 109
 110
 111 pacman -S --noconfirm sudo
 112
 113 . /a/bin/fai/fai-wrapper
 114 /a/bin/fai/fai/config/distro-install-common/end
 115 systemctl enable sshd
 116
 117 rm -rf /home/ian/.ssh
 118 cp -r /root/.ssh /home/ian
 119 chown -R ian:ian /home/ian/.ssh
 120 # the groups recommended by
 121 # https://wiki.archlinux.org/index.php/Users_and_groups#Group_list
 122 usermod -aG games,rfkill,users,uucp,wheel ian
 123
 124
 125 pacman -S --noconfirm net-tools # for route
 126 # get the mac of the interface used by the broadcast route.
 127 mac=$(cat /sys/class/net/$(route -n | sed -rn --follow-symlinks 's/^0\.0\.0\.0.*[[:space:]]([^[:space:]]+)[[:space:]]*$/\1/p')/address)
 128
 129
 130 # simple bridge.
 131 cat > /etc/systemd/network/wired.network <<EOF
 132 [Match]
 133 Name=en*
 134
 135 [Network]
 136 Bridge=br0
 137 EOF
 138
 139 cat > /etc/systemd/network/br0.network <<EOF
 140 [Match]
 141 Name=br0
 142
 143 [Network]
 144 DHCP=ipv4
 145 EOF
 146
 147 cat > /etc/systemd/network/br0.netdev <<EOF
 148 [NetDev]
 149 Name=br0
 150 Kind=bridge
 151 # use the same mac as the physical port,
 152 # which is mapped to a static ip in our dhcp server.
 153 MACAddress=$mac
 154 EOF
 155
 156
 157
 158
 159 for x in networkd resolved; do systemctl enable systemd-$x; done