#!/bin/bash # the storage device on which arch linux shall be installed storage_device='/dev/nvme0n1' #storage_device='/dev/sda' #storage_device='/dev/mmcblk0' # encryption password encryption_password='foobar' host='foobar' root_password='foobar' user='foobar' user_password='foobar' email='foo@bar.org' boot_mode='efi' #boot_mode='bios' # packages to install base='base base-devel grub efibootmgr xf86-input-synaptics stow tmux git vim python3 go wpa_supplicant dialog gnome gnome-tweaks libreoffice-fresh virtualbox virtualbox-guest-iso firefox hunspell-de nextcloud-client evolution vlc gst-libav gst-plugins-ugly progress gimp cups samsung-unified-driver sane xsane tlp tp_smapi acpi_call ntfs-3g gimagereader-gtk tesseract-date-eng tesseract-data-deu nmap youtube-dl octave kdenlive pkgfile signal-desktop-bin telegram-desktop-bin freecad zotero slic3r-bin downgrade pmount ttf-ms-fonts openvpn networkmanager-openvpn net-tools networkmanager-openconnect skypeforlinux-stable-bin fritzing python-pipenv' # helper cd $(dirname "${BASH_SOURCE[0]}") source bsf/bsf s() { $* >/dev/null; } S() { $* >/dev/null 2>&1; } e() { echo -n " ::: $* ... "; } d() { echo "done"; echo ""; } update() { pacman -Syyu; } if [[ `echo "$storage_device" | grep -E "(mmcblk|nvme)"` ]]; then storage="${storage_device}p" else storage="$storage_device" fi root e "checking internet connection" s ping -c1 archlinux.org if [[ "$?" -ne 0 ]]; then echo "error: internet connection needed" exit 1 fi d e "determining boot mode" if [[ ! "$boot_mode" ]]; then s ls /sys/firmware/efi/efivars if [[ "$?" -eq 0 ]]; then boot_mode='efi' else boot_mode='bios' fi fi d e "updating system clock" s timedatectl set-ntp true d e "wiping $storage_device" S umount /mnt/efi S umount /mnt/boot S umount /mnt S vgremove -y vg S cryptsetup luksClose lvm s wipefs -af "$storage_device" d e "creating partitions" if [[ "$boot_mode" == "efi" ]]; then s sgdisk -n "1:2048:+1G" -t "1:EF00" "$storage_device" else s sgdisk -n "1:2048:+1G" -t "1:EF02" "$storage_device" fi s sgdisk -n "2:0:0" -t "2:8309" "$storage_device" echo "$encryption_password" | cryptsetup -q luksFormat --type luks1 "${storage}2" echo "$encryption_password" | cryptsetup -q open "${storage}2" lvm d e "creating lvm" s pvcreate /dev/mapper/lvm s vgcreate vg /dev/mapper/lvm s lvcreate -L 8G vg -n swap s lvcreate -l 100%FREE vg -n root d e "formatting filesystems" if [[ "$boot_mode" == "efi" ]]; then s mkfs.vfat -F32 "${storage}1" else s mkfs.vfat "${storage}1" fi S mkfs.ext4 /dev/vg/root s mkswap /dev/vg/swap d e "mounting filesystems" s mount /dev/vg/root /mnt if [[ "$boot_mode" == "efi" ]]; then s mkdir /mnt/efi s mount "${storage}1" /mnt/efi else s mkdir /mnt/boot s mount "${storage}1" /mnt/boot fi d e "installing base system" s mkdir -p /mnt/var/cache/pacman/pkg s cp -rp /var/cache/pacman/pkg/* /mnt/var/cache/pacman/pkg/ s sync S pacstrap /mnt $base d e "generating fstab" genfstab -U /mnt >> /mnt/etc/fstab d e "copying config and setup scipts to new installation" uuid=`blkid | awk '/lvm/ { print $2 }' | grep -oP '[^"]*"\K[^"]*'` cat < /mnt/root/install.sh #!/bin/bash # helper s() { \$* >/dev/null; } S() { \$* >/dev/null 2>&1; } e() { echo -n " ::: \$* ... "; } d() { echo "done"; echo ""; } e "setting timezone" s ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime d e "synchronising hardware clock" s hwclock --systohc d e "setting locale" s sed -i 's/#de_DE\.UTF-8/de_DE.UTF-8/g' /etc/locale.gen s locale-gen echo "LANG=de_DE.UTF-8" > /etc/locale.con#f echo "KEYMAP=de-latin1" > /etc/vconsole.conf d e "setting hostname $host" echo "$host" > /etc/hostname echo "127.0.0.1 $host" > /etc/hosts echo "::1 $host" >> /etc/hosts echo "127.0.1.1 $host.localdomain $host" >> /etc/hosts d e "initializing pacman" S pacman-key --init d e "generating keyfile to unlock luks lvm after boot" S dd bs=512 count=4 if=/dev/urandom of=/luks.key iflag=fullblock s chmod 000 /luks.key echo "$encryption_password" | cryptsetup -q luksAddKey "${storage}2" /luks.key d e "generating mkinitcpio" #s sed -i 's/ filesystems keyboard / keyboard keymap encrypt lvm2 filesystems /g' /etc/mkinitcpio.conf #s sed -i 's/FILES=()/FILES=(\/luks.key)/g' /etc/mkinitcpio.conf S mkinitcpio -p linux S chmod 600 /boot/initramfs-linux* d e "configuring grub" #s sed -i 's/#GRUB_ENABLE_CRYPTODISK/GRUB_ENABLE_CRYPTODISK/g' /etc/default/grub s sed -i 's/UUID=:/UUID=$uuid:/g' /etc/default/grub #TODO # for efi mode this needs to be run from an efi system, else this will fail S grub-install --target=x86_64-efi --efi-directory=/efi --bootloader-id=GRUB --recheck S grub-mkconfig -o /boot/grub/grub.cfg d e "changing root password" echo -e "${root_password}\n${root_password}" | passwd d e "adding user $user" s useradd -m "$user" echo -e "${user_password}\n${user_password}" | passwd $user d e "yay" S pacman -S --needed --noconfirm go su $user -c "cd; git clone https://aur.archlinux.org/yay.git; cd yay; makepkg -s;" S pacman --noconfirm -U "/home/$user/yay/"\$(ls -ahl /home/$user/yay/ | grep -oE "yay-[0-9.-]+x86_64.pkg.tar.xz") cd /root s rm -rf /home/$user/yay d e "printing" s systemctl enable org.cups.cupsd.service d e "performance" echo -n 1 > /sys/devices/system/cpu/intel_pstate/no_turbo s systemctl enable --now tlp.service tlp-sleep.service s sed -i 's/CriticalPowerAction=HybridSleep/CriticalPowerAction=PowerOff/' /etc/UPower/UPower.conf d e "bluetooth" s modprobe btusb s systemctl enable bluetooth.service d e "wifi" s modprobe iwlwifi d e "git" s git config --global user.email "$email" s git config --global user.name "$user" d e "disable touchscreen" s echo 'SUBSYSTEM=="usb", ATTRS{idVendor}=="2386", ATTRS{idProduct}=="3114", ATTR{authorized}="0" > /etc/udev/rules.d/80-touchscreen.rules d #TOTEST: restore git .files e "restoring config" cd "$HOME" s mkdir -p it cd it s git clone https://willipink.eu/git/moritz/.files.git cd .files s bash ./setup.sh -bs d #TODO ## enabled gnome-extensions, * are not installed by default #*Hide app icon #*Hide activities button #Removable drive menu #Places status indicator #*Arch Linux updates indicator #-> einstellungen -> erweiterte einstellungen -> Kommando, um Pakete zu aktualisieren: #gnome-terminal -e 'yay -Syu --noconfirm --nocleanmenu --nodiffmenu --noeditmenu --noremovemake --norebuild --noredownload' #+Tray icon exit EOF s cp mkinitcpio.conf /mnt/etc/mkinitcpio.conf s cp grub /mnt/etc/default/grub d e "chrooting into arch" s arch-chroot /mnt chmod u+x /root/install.sh d arch-chroot /mnt /root/install.sh