blob: 4ed70138641e4343e666f863755ef7eb5308bb08 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
#! /bin/bash
set -e
function get_cmdline {
sed -r 's/[[:alnum:]]+=/\n&/g' /proc/cmdline | awk -F= "\$1==\"$1\"{print \$2}" | sed 's/.\{1\}$//'
}
# cmdline options
TIMEZONE=$(get_cmdline tz)
KEYMAP=$(get_cmdline keytable)
DRIVE=$1
PART_PREFIX=$2
if [[ -z "${DRIVE}" ]] | [[ -z "${PART_PREFIX}" ]]; then
echo -e "\e[1m\e[1;31mUsage: mkcryptuefi <drive> <partition prefix>\e[0m"
exit 1
fi
ln -sf "/usr/share/zoneinfo/${TIMEZONE}" /etc/localtime
hwclock --systohc
sed -i "s/#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/" /etc/locale.gen
locale-gen
cat <<EOT > /etc/locale.conf
export LANG="en_US.UTF-8"
export LC_COLLATE="C"
EOT
sed -i "s/keymap=\"us\"/keymap=\"${KEYMAP}\"/" /etc/conf.d/keymaps
echo "KEYMAP=${KEYMAP}" > /etc/vconsole.conf
sed -i 's/^HOOKS=(\(.*\)block filesystems\(.*\))/HOOKS=(\1block encrypt filesystems\2)/g' /etc/mkinitcpio.conf
pacman -S --needed --noconfirm btrfs-progs efibootmgr device-mapper-openrc cryptsetup-openrc
UUID_CRYPT=$(blkid -s UUID -o value ${PART_PREFIX}2)
UUID_INNER=$(blkid -s UUID -o value /dev/mapper/data_crypt)
mkdir -p /etc/kernel
echo "loglevel=3 quiet root=UUID=${UUID_INNER} ro rootflags=subvol=root cryptdevice=UUID=${UUID_CRYPT}:data_crypt" > /etc/kernel/cmdline
sed -i 's/#default_uki="\/efi\/EFI\/Linux\/arch-linux-hardened\.efi"/default_uki="\/boot\/efi\/EFI\/artix\/artix-linux-hardened.efi"/' /etc/mkinitcpio.d/linux-hardened.preset
sed -i 's/#fallback_uki="\/efi\/EFI\/Linux\/arch-linux-hardened-fallback\.efi"/fallback_uki="\/boot\/efi\/EFI\/artix\/artix-linux-hardened-fallback.efi"/' /etc/mkinitcpio.d/linux-hardened.preset
sed -i 's/#default_uki="\/efi\/EFI\/Linux\/arch-linux-lts\.efi"/default_uki="\/boot\/efi\/EFI\/artix\/artix-linux-lts.efi"/' /etc/mkinitcpio.d/linux-lts.preset
sed -i 's/#fallback_uki="\/efi\/EFI\/Linux\/arch-linux-lts-fallback\.efi"/fallback_uki="\/boot\/efi\/EFI\/artix\/artix-linux-lts-fallback.efi"/' /etc/mkinitcpio.d/linux-lts.preset
mkdir -p /boot/efi/EFI/artix
pacman -S --needed --noconfirm fakeroot
useradd -m aur
(cd /home/aur && su aur -c 'git clone https://aur.archlinux.org/efistub-standalone.git')
(cd /home/aur/efistub-standalone && su aur -c 'makepkg -rc')
pacman -U --noconfirm /home/aur/efistub-standalone/efistub-standalone-*.pkg.tar.zst
userdel -r aur
pacman -Rns --noconfirm fakeroot
mkinitcpio -p linux-hardened
mkinitcpio -p linux-lts
efibootmgr --create --disk ${DRIVE} --part 1 --label "Artix Linux LTS (fallback initramfs)" --loader '\EFI\artix\artix-linux-lts-fallback.efi' --unicode
efibootmgr --create --disk ${DRIVE} --part 1 --label "Artix Linux LTS" --loader '\EFI\artix\artix-linux-lts.efi' --unicode
efibootmgr --create --disk ${DRIVE} --part 1 --label "Artix Linux (fallback initramfs)" --loader '\EFI\artix\artix-linux-hardened-fallback.efi' --unicode
efibootmgr --create --disk ${DRIVE} --part 1 --label "Artix Linux" --loader '\EFI\artix\artix-linux-hardened.efi' --unicode
echo -en 'artix\nartix' | passwd
# Network
## Hostname
echo artix > /etc/hostname
cat <<EOT > /etc/hosts
# Static table lookup for hostnames.
# See hosts(5) for details.
127.0.0.1 localhost
127.0.1.1 artix.local artix
# IPv6
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
EOT
sed -i 's/hostname="localhost"/hostname="artix"/' /etc/conf.d/hostname
## Networking essentials
pacman -S --noconfirm dhcpcd wpa_supplicant
# Repositories
## Artix
cat <<EOT >> /etc/pacman.conf
#
# Custom
#
# Artix
[universe]
Server = https://universe.artixlinux.org/\$arch
Server = https://mirror1.artixlinux.org/universe/\$arch
Server = https://mirror.pascalpuffke.de/artix-universe/\$arch
Server = https://artixlinux.qontinuum.space/artixlinux/universe/os/\$arch
Server = https://mirror1.cl.netactuate.com/artix/universe/\$arch
Server = https://ftp.crifo.org/artix-universe/
EOT
## Arch
pacman -Sy --needed --noconfirm artix-archlinux-support
cat <<EOT >> /etc/pacman.conf
# Arch
#[testing]
#Include = /etc/pacman.d/mirrorlist-arch
[extra]
Include = /etc/pacman.d/mirrorlist-arch
#[multilib-testing]
#Include = /etc/pacman.d/mirrorlist-arch
#[multilib]
#Include = /etc/pacman.d/mirrorlist-arch
EOT
pacman-key --populate archlinux
pacman -Sy
rc-update add ntpd default
exit 0
|
