blob: 15ada9056ec7d7ff39b0bbcf4e373fbee44239d0 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
#! /bin/bash
set -e
function get_cmdline {
sed -r 's/[[:alnum:]]+=/\n&/g' /proc/cmdline | awk -F= "\$1==\"$1\"{print \$2}" | sed 's/.\{1\}$//'
}
# cmdline options
TIMEZONE=$(get_cmdline tz)
KEYMAP=$(get_cmdline keytable)
DRIVE=$1
PART_PREFIX=$2
if [[ -z "${DRIVE}" ]] | [[ -z "${PART_PREFIX}" ]]; then
echo -e "\e[1m\e[1;31mUsage: mkcryptuefi <drive> <partition prefix>\e[0m"
exit 1
fi
ln -sf "/usr/share/zoneinfo/${TIMEZONE}" /etc/localtime
hwclock --systohc
sed -i "s/#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/" /etc/locale.gen
locale-gen
cat <<EOT > /etc/locale.conf
export LANG="en_US.UTF-8"
export LC_COLLATE="C"
EOT
sed -i "s/keymap=\"us\"/keymap=\"${KEYMAP}\"/" /etc/conf.d/keymaps
echo "KEYMAP=${KEYMAP}" > /etc/vconsole.conf
sed -i "s/HOOKS=(base udev autodetect modconf kms keyboard keymap consolefont block filesystems fsck)/HOOKS=(base udev autodetect modconf kms keyboard keymap consolefont block encrypt filesystems fsck)/" /etc/mkinitcpio.conf
pacman -S --needed --noconfirm btrfs-progs efibootmgr
UUID_CRYPT=$(blkid -s UUID -o value ${PART_PREFIX}2)
UUID_INNER=$(blkid -s UUID -o value /dev/mapper/data_crypt)
mkdir -p /etc/kernel
echo "loglevel=3 quiet root=UUID=${UUID_INNER} ro rootflags=subvol=root cryptdevice=UUID=${UUID_CRYPT}:data_crypt" > /etc/kernel/cmdline
sed -i 's/#default_uki="\\/efi\\/EFI\\/Linux\\/arch-linux-hardened\\.efi"/default_uki="/boot/efi/EFI/artix/artix-linux-hardened.efi"/' /etc/mkinitcpio.d/linux-hardened.preset
sed -i 's/#fallback_uki="\\/efi\\/EFI\\/Linux\\/arch-linux-hardened\\.efi"/fallback_uki="/boot/efi/EFI/artix/artix-linux-hardened-fallback.efi"/' /etc/mkinitcpio.d/linux-hardened.preset
mkdir -p /boot/efi/EFI/artix
mkinitcpio -p linux-hardened
efibootmgr --create --disk ${DRIVE} --part 1 --label "Artix Linux" --loader '\EFI\artix\artix-linux-hardened.efi' --unicode
efibootmgr --create --disk ${DRIVE} --part 1 --label "Artix Linux (fallback initramfs)" --loader '\EFI\artix\artix-linux-hardened-fallback.efi' --unicode
echo -en 'artix\nartix' | passwd
# Network
## Hostname
echo artix > /etc/hostname
cat <<EOT > /etc/hosts
# Static table lookup for hostnames.
# See hosts(5) for details.
127.0.0.1 localhost
127.0.1.1 artix.local artix
# IPv6
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
EOT
sed -i 's/hostname="localhost"/hostname="artix"/' /etc/conf.d/hostname
## Networking essentials
pacman -S --noconfirm dhcpcd wpa_supplicant
# Repositories
## Artix
cat <<EOT >> /etc/pacman.conf
#
# Custom
#
# Artix
[universe]
Server = https://universe.artixlinux.org/\$arch
Server = https://mirror1.artixlinux.org/universe/\$arch
Server = https://mirror.pascalpuffke.de/artix-universe/\$arch
Server = https://artixlinux.qontinuum.space/artixlinux/universe/os/\$arch
Server = https://mirror1.cl.netactuate.com/artix/universe/\$arch
Server = https://ftp.crifo.org/artix-universe/
EOT
## Arch
pacman -Sy --needed --noconfirm artix-archlinux-support
cat <<EOT >> /etc/pacman.conf
# Arch
#[testing]
#Include = /etc/pacman.d/mirrorlist-arch
[extra]
Include = /etc/pacman.d/mirrorlist-arch
#[community-testing]
#Include = /etc/pacman.d/mirrorlist-arch
[community]
Include = /etc/pacman.d/mirrorlist-arch
#[multilib-testing]
#Include = /etc/pacman.d/mirrorlist-arch
#[multilib]
#Include = /etc/pacman.d/mirrorlist-arch
EOT
pacman-key --populate archlinux
pacman -Sy
rc-update add ntpd default
exit 0
|
