3 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
5 # note, when I did genfstab, i
6 # neeeded to to do for x in mv /etc/*.pacorig; do mv $x ${x%.pacorig}; done
10 [[ -L /etc
/localtime
]] ||
ln -s /usr
/share
/zoneinfo
/America
/Los_Angeles
/etc
/localtime
12 echo "$l UTF-8" > /etc
/locale.gen
14 echo "LANG=$l" > /etc
/locale.conf
15 # if coming from windows, and you had to set the time, do this
16 # hwclock --systohc --utc
18 # A password is required to access the volume:
19 # Command requires device and ampped name as arguments
21 # If we were using btrfs raid, we supposedly would need this.
22 # # add btrfs as module instead of hook due to
23 # # https://wiki.archlinux.org/index.php/Btrfs,
24 # # https://bugs.archlinux.org/task/42884
25 # # disabled, as with just the module, startup spammed something about
26 # # command takes a device name and something else.
27 # sed -ri --follow-symlinks '/^ *MODULES *=.*btrfs/!s/^( *MODULES *=.*)"/\1 btrfs"/' /etc/mkinitcpio.conf
28 # # remove extra space
29 # sed -ri --follow-symlinks 's/^( *MODULES *=[^"]*)" */\1"/' /etc/mkinitcpio.conf
34 # for desktop without full fs encryption, use this:
35 #cat > /etc/crypttab <<'EOF'
36 #tmp /dev/lvm/tmp /dev/urandom tmp,cipher=aes-xts-plain64,size=256
38 # otgherwise ERROR: file not found: `fsck.btrfs'
39 pacman
-S --noconfirm btrfs-progs
41 pacman
-S --noconfirm grub gptfdisk
47 # https://wiki.archlinux.org/index.php/Dm-crypt/System_configuration#Boot_loader
48 # if cryptdevice was lvm, it woulde be in this format,
49 # where x2-vg is from lvdisplay, VG Name field.
50 # cryptdevice=/dev/disk/by-uuid/585dff23-136f-446f-815f-01053b70c957:x2-vg
51 # but, if you are using your own fstab, it seems you just give it a name,
52 # which will be the crypt device name under /dev/mapper/
53 # https://wiki.archlinux.org/index.php/GRUB#Additional_arguments
56 root_devs
=( ${ROOT_PARTITIONS} )
57 first_root_dev
=${root_devs[0]}
61 cryptdevices
=${ROOT_PARTITIONS// /,}
62 root
=/dev
/mapper
/crypt_dev_
${first_root_dev##*/}
63 resume
=${first_root_dev%[0-9]}$swapn
65 extra_encrypt_hooks
=()
68 # If we have more than 1 to decrypt, arch wiki lead me onto
69 # a sort of hacky way run the encrypt hook multiple times.
71 base
=/usr
/lib
/initcpio
74 # https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system#Configuring_mkinitcpio_2
75 # used to have lvm2 after encrypt for lvm, but not using lvm anymore
76 for x
in encrypt btrfs
; do
77 sed -ri --follow-symlinks -f - /etc
/mkinitcpio.conf
<<EOF
78 /^ *HOOKS.*\b$x\b/!s/^( *HOOKS=.*)filesystems/\1$x filesystems/
82 # this is the default file, otherwise you use cryptkey=device:fstype:path
83 sed -ri --follow-symlinks -f - /etc
/mkinitcpio.conf
<<EOF
84 s#^\s*FILES=.*#FILES="/crypto_keyfile.bin"#
87 grep FILES
/etc
/mkinitcpio.conf
89 echo "$0: grub cmdline additions: $k_args"
90 sed -ri --follow-symlinks -f - /etc
/default
/grub
<<EOF
91 \%$k_args%!s%^ *GRUB_CMDLINE_LINUX_DEFAULT *= *"%\0$k_args %
97 # remove the default quiet arg.
98 # this doesn't seem to affect anything, so leave it alone.
99 #sed -ri --follow-symlinks 's/^( *GRUB_CMDLINE_LINUX_DEFAULT *= *.*) ?\bquiet\b(.*)/\1\2/' /etc/default/grub
101 # https://wiki.archlinux.org/index.php/GRUB#Install_to_disk
102 for dev
in $BOOT_DEVICE; do
103 grub-install
--recheck $dev
105 grub-mkconfig
-o /boot
/grub
/grub.cfg
106 # gtk2 is an optional dependency of unison.
107 # I know Im gonna want the gui, so just doing it now.
108 pacman
-S --noconfirm openssh rsync
111 pacman
-S --noconfirm sudo
113 .
/a
/bin
/fai
/fai-wrapper
114 /a
/bin
/fai
/fai
/config
/distro-install-common
/end
115 systemctl
enable sshd
117 rm -rf /home
/ian
/.
ssh
118 cp -r /root
/.
ssh /home
/ian
119 chown
-R ian
:ian
/home
/ian
/.
ssh
120 # the groups recommended by
121 # https://wiki.archlinux.org/index.php/Users_and_groups#Group_list
122 usermod
-aG games
,rfkill
,users
,uucp,wheel ian
125 pacman
-S --noconfirm net-tools
# for route
126 # get the mac of the interface used by the broadcast route.
127 mac
=$
(cat /sys
/class
/net
/$
(route
-n |
sed -rn --follow-symlinks 's/^0\.0\.0\.0.*[[:space:]]([^[:space:]]+)[[:space:]]*$/\1/p')/address
)
131 cat > /etc
/systemd
/network
/wired.network
<<EOF
139 cat > /etc
/systemd
/network
/br0.network
<<EOF
147 cat > /etc
/systemd
/network
/br0.netdev
<<EOF
151 # use the same mac as the physical port,
152 # which is mapped to a static ip in our dhcp server.
159 for x
in networkd resolved
; do systemctl
enable systemd-
$x; done