iankelling.org Git - automated-distro-installer/blob - arch-init-chroot

   1 #!/bin/bash -x
   2 set -eE -o pipefail
   3 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
   4
   5 # note, when I did genfstab, i
   6 # neeeded to to do for x in mv /etc/*.pacorig; do mv $x ${x%.pacorig}; done
   7
   8 pacman -Syu
   9
  10 echo $hostname > /etc/hostname
  11 [[ -L /etc/localtime ]] || ln -s /usr/share/zoneinfo/America/Los_Angeles /etc/localtime
  12 l=en_US.UTF-8
  13 echo "$l UTF-8" > /etc/locale.gen
  14 locale-gen
  15 echo "LANG=$l" > /etc/locale.conf
  16 # if coming from windows, and you had to set the time, do this
  17 # hwclock --systohc --utc
  18
  19 # A password is required to access the  volume:
  20 # Command requires device and ampped name as arguments
  21
  22 # If we were using btrfs raid, we supposedly would need this.
  23 # # add btrfs as module instead of hook due to
  24 # # https://wiki.archlinux.org/index.php/Btrfs,
  25 # # https://bugs.archlinux.org/task/42884
  26 # # disabled, as with just the module, startup spammed something about
  27 # # command takes a device name and something else.
  28 # sed -ri '/^ *MODULES *=.*btrfs/!s/^( *MODULES *=.*)"/\1 btrfs"/' /etc/mkinitcpio.conf
  29 # # remove extra space
  30 # sed -ri 's/^( *MODULES *=[^"]*)" */\1"/' /etc/mkinitcpio.conf
  31
  32
  33
  34
  35 # for desktop without full fs encryption, use this:
  36 #cat > /etc/crypttab <<'EOF'
  37 #tmp  /dev/lvm/tmp  /dev/urandom  tmp,cipher=aes-xts-plain64,size=256
  38
  39 # otgherwise ERROR: file not found: `fsck.btrfs'
  40 pacman -S --noconfirm btrfs-progs
  41
  42 pacman -S --noconfirm grub gptfdisk
  43
  44
  45 shopt -s extglob
  46 echo "$0: fstab:"
  47 cat /etc/fstab
  48 # https://wiki.archlinux.org/index.php/Dm-crypt/System_configuration#Boot_loader
  49 # if cryptdevice was lvm, it woulde be in this format,
  50 # where x2-vg is from lvdisplay, VG Name field.
  51 # cryptdevice=/dev/disk/by-uuid/585dff23-136f-446f-815f-01053b70c957:x2-vg
  52 # but, if you are using your own fstab, it seems you just give it a name,
  53 # which will be the crypt device name under /dev/mapper/
  54 # https://wiki.archlinux.org/index.php/GRUB#Additional_arguments
  55
  56
  57 root_devs=( ${ROOT_PARTITIONS} )
  58 first_root_dev=${root_devs[0]}
  59
  60
  61 k_args=(
  62     cryptdevices=${ROOT_PARTITIONS// /,}
  63     root=/dev/mapper/crypt_dev_${first_root_dev##*/}
  64     resume=${first_root_dev%[0-9]}$swapn
  65 )
  66 extra_encrypt_hooks=()
  67
  68
  69 # If we have more than 1 to decrypt, arch wiki lead me onto
  70 # a sort of hacky way run the encrypt hook multiple times.
  71
  72 base=/usr/lib/initcpio
  73
  74
  75 # https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system#Configuring_mkinitcpio_2
  76 # used to have lvm2 after encrypt for lvm, but not using lvm anymore
  77 for x in encrypt btrfs; do
  78     sed -ri -f - /etc/mkinitcpio.conf <<EOF
  79 /^ *HOOKS.*\b$x\b/!s/^( *HOOKS=.*)filesystems/\1$x filesystems/
  80 EOF
  81 done
  82
  83 # this is the default file, otherwise you use cryptkey=device:fstype:path
  84 sed -ri -f - /etc/mkinitcpio.conf <<EOF
  85 s#^\s*FILES=.*#FILES="/crypto_keyfile.bin"#
  86 EOF
  87 echo "$0: FILES:"
  88 grep FILES /etc/mkinitcpio.conf
  89 k_args="${k_args[*]}"
  90 echo "$0: grub cmdline additions: $k_args"
  91 sed -ri -f - /etc/default/grub <<EOF
  92 \%$k_args%!s%^ *GRUB_CMDLINE_LINUX_DEFAULT *= *"%\0$k_args %
  93 EOF
  94
  95 mkinitcpio -p linux
  96
  97
  98 # remove the default quiet arg.
  99 # this doesn't seem to affect anything, so leave it alone.
 100 #sed -ri 's/^( *GRUB_CMDLINE_LINUX_DEFAULT *= *.*) ?\bquiet\b(.*)/\1\2/' /etc/default/grub
 101
 102 # https://wiki.archlinux.org/index.php/GRUB#Install_to_disk
 103 for dev in $BOOT_DEVICE; do
 104     grub-install --recheck $dev
 105 done
 106 grub-mkconfig -o /boot/grub/grub.cfg
 107 # gtk2 is an optional dependency of unison.
 108 # debian's unison binary has it linked in,
 109 # so i install it so I can use the same binary for syncing
 110 # the two distros.
 111 pacman -S --noconfirm openssh unison gtk2 rsync
 112
 113 echo "root:$ROOTPW" | chpasswd -e
 114
 115 pacman -S --noconfirm sudo
 116
 117 # 9 = user already exists. so we are idempotent.
 118 useradd -m -p "$ROOTPW" ian || [[ $? == 9 ]]
 119
 120 if [[ $hostname == frodo ]]; then
 121     useradd -m -p "$TPPASS" traci || [[ $? == 9 ]]
 122 else
 123     useradd -m traci || [[ $? == 9 ]]
 124 fi
 125 # comparing ian's groups to traci, I see none she should join on arch
 126 usermod -a -G traci ian
 127
 128
 129 /root/distro-install-common/end
 130 systemctl enable sshd
 131
 132 rm -rf /home/ian/.ssh
 133 cp -r /root/.ssh /home/ian
 134 chown -R ian:ian /home/ian/.ssh
 135 # the groups recommended by
 136 # https://wiki.archlinux.org/index.php/Users_and_groups#Group_list
 137 usermod -aG games,rfkill,users,uucp,wheel ian
 138
 139
 140 pacman -S --noconfirm net-tools # for route
 141 # get the mac of the interface used by the broadcast route.
 142 mac=$(cat /sys/class/net/$(route -n | sed -rn 's/^0\.0\.0\.0.*[[:space:]]([^[:space:]]+)[[:space:]]*$/\1/p')/address)
 143
 144
 145 # simple bridge.
 146 cat > /etc/systemd/network/wired.network <<EOF
 147 [Match]
 148 Name=en*
 149
 150 [Network]
 151 Bridge=br0
 152 EOF
 153
 154 cat > /etc/systemd/network/br0.network <<EOF
 155 [Match]
 156 Name=br0
 157
 158 [Network]
 159 DHCP=ipv4
 160 EOF
 161
 162 cat > /etc/systemd/network/br0.netdev <<EOF
 163 [NetDev]
 164 Name=br0
 165 Kind=bridge
 166 # use the same mac as the physical port,
 167 # which is mapped to a static ip in our dhcp server.
 168 MACAddress=$mac
 169 EOF
 170
 171
 172
 173
 174 for x in networkd resolved; do systemctl enable systemd-$x; done