install secondary lts kernel in addition to primary linux or linux-hardened kernel for update safety

Kernel updates have rendered my system unbootable several times. This aims to prevent such situations in the future.
author: Himbeer <himbeerserverde@gmail.com> 2024-03-14 20:21:48 +0100
committer: Himbeer <himbeerserverde@gmail.com> 2024-03-14 20:21:48 +0100
commit: db1a279abf4949ba71e860d0867d96326fc577b4 (patch)
tree: f9756ed2f7734871cd03784f027412e697562737
parent: 9bf73b77b8f29d0c79c13ab4ac60dc511e6972d1 (diff)
8 files changed, 27 insertions, 17 deletions
diff --git a/README.md b/README.md
index 2159485..5dc9696 100644
--- a/README.md
+++ b/README.md
@@ -74,8 +74,8 @@ A workaround is to add the entries from the UEFI setup menu
 
 BIOS installations follow this disk layout:
 
-* /boot: ext4, 256 MiB
-* /: btrfs, 100% - 256 MiB, compress=zstd, subvol=/root
+* /boot: ext4, 1 GiB
+* /: btrfs, 100% - 1 GiB, compress=zstd, subvol=/root
 
 If FDE is used both partitions are LUKS2 containers. The boot partition uses
 PBKDF2 as its key derivation function.
@@ -84,6 +84,5 @@ PBKDF2 as its key derivation function.
 
 UEFI installations follow this disk layout:
 
-* /boot/efi: fat32, 256 MiB
-* /boot: ext4, 256 MiB
-* /: btrfs, 100% - 512 MiB, compress=zstd, subvol=/root
+* /boot/efi: fat32, 1 GiB
+* /: btrfs, 100% - 1 GiB, compress=zstd, subvol=/root
diff --git a/artixinstall b/artixinstall
index 2d79dde..3e482d0 100755
--- a/artixinstall
+++ b/artixinstall
@@ -39,8 +39,8 @@ if [ -z "${TARGET}" ]; then
 fi
 
 parted -s ${DRIVE} mklabel msdos
-parted -s -a optimal ${DRIVE} mkpart primary ext4 0% 256MiB
-parted -s -a optimal ${DRIVE} mkpart primary btrfs 256MiB 100%
+parted -s -a optimal ${DRIVE} mkpart primary ext4 0% 1GiB
+parted -s -a optimal ${DRIVE} mkpart primary btrfs 1GiB 100%
 
 mkfs.ext4 -F -L BOOT ${PART_PREFIX}1
 mkfs.btrfs -f ${PART_PREFIX}2
@@ -57,7 +57,7 @@ mount ${PART_PREFIX}1 /mnt/boot
 rc-service ntpd start
 
 basestrap /mnt base openrc elogind-openrc vim man ntp-openrc git
-basestrap /mnt linux linux-firmware
+basestrap /mnt linux linux-lts linux-firmware
 
 artix-chroot /mnt bash -c "curl -fsSL https://raw.githubusercontent.com/HimbeerserverDE/artixinstall/main/mkartix | sh -s -- ${DRIVE} ${PART_PREFIX} ${TARGET}"
 
diff --git a/cryptinstall b/cryptinstall
index 5eff1fc..cf7ff53 100755
--- a/cryptinstall
+++ b/cryptinstall
@@ -43,8 +43,8 @@ fi
 #
 
 parted -s ${DRIVE} mklabel msdos
-parted -s -a optimal ${DRIVE} mkpart primary ext4 0% 256MiB
-parted -s -a optimal ${DRIVE} mkpart primary ext4 256MiB 100%
+parted -s -a optimal ${DRIVE} mkpart primary ext4 0% 1GiB
+parted -s -a optimal ${DRIVE} mkpart primary ext4 1GiB 100%
 
 echo "artix" | cryptsetup -q --pbkdf pbkdf2 luksFormat ${PART_PREFIX}1
 echo "artix" | cryptsetup -q open ${PART_PREFIX}1 boot_crypt
@@ -71,7 +71,7 @@ mount /dev/mapper/boot_crypt /mnt/boot
 rc-service ntpd start
 
 basestrap /mnt base openrc elogind-openrc vim man ntp-openrc git
-basestrap /mnt linux-hardened linux-firmware
+basestrap /mnt linux-hardened linux-lts linux-firmware
 
 artix-chroot /mnt bash -c "curl -fsSL https://raw.githubusercontent.com/HimbeerserverDE/artixinstall/main/mkcryptartix | sh -s -- ${DRIVE} ${PART_PREFIX} ${TARGET}"
 
diff --git a/cryptuefiinstall b/cryptuefiinstall
index 3ee1138..da26dc5 100755
--- a/cryptuefiinstall
+++ b/cryptuefiinstall
@@ -31,8 +31,8 @@ fi
 #
 
 parted -s ${DRIVE} mklabel gpt
-parted -s -a optimal ${DRIVE} mkpart primary fat32 0% 256MiB
-parted -s -a optimal ${DRIVE} mkpart primary ext4 256MiB 100%
+parted -s -a optimal ${DRIVE} mkpart primary fat32 0% 1GiB
+parted -s -a optimal ${DRIVE} mkpart primary ext4 1GiB 100%
 
 echo "artix" | cryptsetup -q --pbkdf pbkdf2 luksFormat ${PART_PREFIX}2
 echo "artix" | cryptsetup -q open ${PART_PREFIX}2 data_crypt
@@ -59,7 +59,7 @@ mount ${PART_PREFIX}1 /mnt/boot/efi
 rc-service ntpd start
 
 basestrap /mnt base openrc elogind-openrc vim man ntp-openrc git
-basestrap /mnt linux-hardened linux-firmware
+basestrap /mnt linux-hardened linux-lts linux-firmware
 
 artix-chroot /mnt bash -c "curl -fsSL https://raw.githubusercontent.com/HimbeerserverDE/artixinstall/main/mkcryptuefi | sh -s -- ${DRIVE} ${PART_PREFIX}"
 
diff --git a/mkcryptartix b/mkcryptartix
index 7270bc5..3241a45 100755
--- a/mkcryptartix
+++ b/mkcryptartix
@@ -65,6 +65,7 @@ grub-install --recheck --target=${TARGET} ${DRIVE}
 grub-mkconfig -o /boot/grub/grub.cfg
 
 mkinitcpio -p linux-hardened
+mkinitcpio -p linux-lts
 
 # Enable GRUB to unlock /boot
 CRYPTO_UUID=$(blkid -s UUID -o value ${PART_PREFIX}1 | tr -d -)
diff --git a/mkcryptuefi b/mkcryptuefi
index efc97e3..9de1d16 100755
--- a/mkcryptuefi
+++ b/mkcryptuefi
@@ -44,6 +44,8 @@ echo "loglevel=3 quiet root=UUID=${UUID_INNER} ro rootflags=subvol=root cryptdev
 
 sed -i 's/#default_uki="\/efi\/EFI\/Linux\/arch-linux-hardened\.efi"/default_uki="\/boot\/efi\/EFI\/artix\/artix-linux-hardened.efi"/' /etc/mkinitcpio.d/linux-hardened.preset
 sed -i 's/#fallback_uki="\/efi\/EFI\/Linux\/arch-linux-hardened-fallback\.efi"/fallback_uki="\/boot\/efi\/EFI\/artix\/artix-linux-hardened-fallback.efi"/' /etc/mkinitcpio.d/linux-hardened.preset
+sed -i 's/#default_uki="\/efi\/EFI\/Linux\/arch-linux-lts\.efi"/default_uki="\/boot\/efi\/EFI\/artix\/artix-linux-lts.efi"/' /etc/mkinitcpio.d/linux-lts.preset
+sed -i 's/#fallback_uki="\/efi\/EFI\/Linux\/arch-linux-lts-fallback\.efi"/fallback_uki="\/boot\/efi\/EFI\/artix\/artix-linux-lts-fallback.efi"/' /etc/mkinitcpio.d/linux-lts.preset
 
 mkdir -p /boot/efi/EFI/artix
 
@@ -58,7 +60,10 @@ userdel -r aur
 pacman -Rns --noconfirm fakeroot
 
 mkinitcpio -p linux-hardened
+mkinitcpio -p linux-lts
 
+efibootmgr --create --disk ${DRIVE} --part 1 --label "Artix Linux LTS (fallback initramfs)" --loader '\EFI\artix\artix-linux-lts-fallback.efi' --unicode
+efibootmgr --create --disk ${DRIVE} --part 1 --label "Artix Linux LTS" --loader '\EFI\artix\artix-linux-lts.efi' --unicode
 efibootmgr --create --disk ${DRIVE} --part 1 --label "Artix Linux (fallback initramfs)" --loader '\EFI\artix\artix-linux-hardened-fallback.efi' --unicode
 efibootmgr --create --disk ${DRIVE} --part 1 --label "Artix Linux" --loader '\EFI\artix\artix-linux-hardened.efi' --unicode
 
diff --git a/mkuefi b/mkuefi
index ab62658..b8f0663 100755
--- a/mkuefi
+++ b/mkuefi
@@ -41,6 +41,8 @@ echo "loglevel=3 quiet root=UUID=${UUID} ro rootflags=subvol=root" > /etc/kernel
 
 sed -i 's/#default_uki="\/efi\/EFI\/Linux\/arch-linux\.efi"/default_uki="\/boot\/efi\/EFI\/artix\/artix-linux.efi"/' /etc/mkinitcpio.d/linux.preset
 sed -i 's/#fallback_uki="\/efi\/EFI\/Linux\/arch-linux-fallback\.efi"/fallback_uki="\/boot\/efi\/EFI\/artix\/artix-linux-fallback.efi"/' /etc/mkinitcpio.d/linux.preset
+sed -i 's/#default_uki="\/efi\/EFI\/Linux\/arch-linux-lts\.efi"/default_uki="\/boot\/efi\/EFI\/artix\/artix-linux-lts.efi"/' /etc/mkinitcpio.d/linux-lts.preset
+sed -i 's/#fallback_uki="\/efi\/EFI\/Linux\/arch-linux-lts-fallback\.efi"/fallback_uki="\/boot\/efi\/EFI\/artix\/artix-linux-lts-fallback.efi"/' /etc/mkinitcpio.d/linux-lts.preset
 
 mkdir -p /boot/efi/EFI/artix
 
@@ -55,7 +57,10 @@ userdel -r aur
 pacman -Rns --noconfirm fakeroot
 
 mkinitcpio -p linux
+mkinitcpio -p linux-lts
 
+efibootmgr --create --disk ${DRIVE} --part 1 --label "Artix Linux LTS (fallback initramfs)" --loader '\EFI\artix\artix-linux-lts-fallback.efi' --unicode
+efibootmgr --create --disk ${DRIVE} --part 1 --label "Artix Linux LTS" --loader '\EFI\artix\artix-linux-lts.efi' --unicode
 efibootmgr --create --disk ${DRIVE} --part 1 --label "Artix Linux (fallback initramfs)" --loader '\EFI\artix\artix-linux-fallback.efi' --unicode
 efibootmgr --create --disk ${DRIVE} --part 1 --label "Artix Linux" --loader '\EFI\artix\artix-linux.efi' --unicode
 
diff --git a/uefiinstall b/uefiinstall
index ee934ae..2e51e49 100755
--- a/uefiinstall
+++ b/uefiinstall
@@ -27,8 +27,8 @@ else
 fi
 
 parted -s ${DRIVE} mklabel gpt
-parted -s -a optimal ${DRIVE} mkpart primary fat32 0% 256MiB
-parted -s -a optimal ${DRIVE} mkpart primary btrfs 256MiB 100%
+parted -s -a optimal ${DRIVE} mkpart primary fat32 0% 1GiB
+parted -s -a optimal ${DRIVE} mkpart primary btrfs 1GiB 100%
 
 mkfs.fat -F 32 ${PART_PREFIX}1 && fatlabel ${PART_PREFIX}1 ESP
 mkfs.btrfs -f ${PART_PREFIX}2
@@ -48,7 +48,7 @@ mount ${PART_PREFIX}1 /mnt/boot/efi
 rc-service ntpd start
 
 basestrap /mnt base openrc elogind-openrc vim man ntp-openrc git
-basestrap /mnt linux linux-firmware
+basestrap /mnt linux linux-lts linux-firmware
 
 artix-chroot /mnt bash -c "curl -fsSL https://raw.githubusercontent.com/HimbeerserverDE/artixinstall/main/mkuefi | sh -s -- ${DRIVE} ${PART_PREFIX}"
author	Himbeer <himbeerserverde@gmail.com>	2024-03-14 20:21:48 +0100
committer	Himbeer <himbeerserverde@gmail.com>	2024-03-14 20:21:48 +0100
commit	db1a279abf4949ba71e860d0867d96326fc577b4 (patch)
tree	f9756ed2f7734871cd03784f027412e697562737
parent	9bf73b77b8f29d0c79c13ab4ac60dc511e6972d1 (diff)