diff --git a/.gitignore b/.gitignore index d4ff1d9..6814bd1 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ *.swp -temp \ No newline at end of file +temp +temp.sh \ No newline at end of file diff --git a/base.sh b/base.sh index 8047da0..a462484 100644 --- a/base.sh +++ b/base.sh @@ -1,8 +1,10 @@ #!/bin/bash # Vor Reboot -echo "Select Prozessor Vendor:" +echo "Select Prozessor Vendor (Defaults to no ucode):" echo "1) AMD 2) Intel 3) Other(no ucode)" read -r vendor +: "${vendor:=3}" + if [[ $vendor == 1 ]]; then echo "AMD" ucode="amd-ucode" @@ -17,39 +19,101 @@ else exit 1 fi -echo "Select Kernel" -echo "1) Linux 2) Linux+lts 3) Linux+zen 4) Linux+zen+lts 5) zen+lts" +echo "Select Kernel (Defaults to Linux):" +echo "1) Linux 2) Linux LTS 3) Linux Zen" read -r kernel +: "${kernel:=1}" -if [[ $kernel == 1 ]]; then - echo "Linux" - selectedKernel="linux" - header="linux-headers" -elif [[ $kernel == 2 ]]; then - echo "Linux/Linux LTS" - selectedKernel="linux linux-lts" - header="linux-headers linux-lts-headers" -elif [[ $kernel == 3 ]]; then - echo "Linux/Linux Zen" - selectedKernel="linux linux-zen" - header="linux-headers linux-zen-headers" -elif [[ $kernel == 4 ]]; then - echo "Linux/Linux LTS/Linux Zen" - selectedKernel="linux linux-lts linux-zen" - header="linux-headers linux-lts-headers linux-zen-headers" -elif [[ $kernel == 5 ]]; then - echo "Linux LTS/Linux Zen" - selectedKernel="linux-lts linux-zen" - header="linux-lts-headers linux-zen-headers" -else - echo "no Kernel selectet, aborting" +tempString=""; +for range in ${kernel//,/ }; do + tempString="$tempString{${range//-/..}}"; +done; +tempString=${tempString//\}{/\} {}; +tempString=$(echo $tempString | tr [:blank:] '\n' | sed 's/{\([0-9]\{1,2\}\)}/\1/' | tr '\n' ','); +tempString=${tempString/%,/}; +result=""; +for range2 in ${tempString//,/ }; do + result+=$(eval echo $range2); + result+=";"; +done; +result=${result/%;}; +result=${result//;/ }; +echo $result + +for index in ${result}; do + echo -n "Ausgewählt: " + case $index in + *1*) + echo "Linux" + selectedKernel+="linux " + header+="linux-headers " + ;; + *2*) + echo "Linux LTS" + selectedKernel+="linux-lts " + header+="linux-lts-headers " + ;; + *3*) + echo "Linux Zen" + selectedKernel+="linux-zen " + header+="linux-zen-headers " + ;; + *) echo "Error, aborting" ;; + esac +done + +#if [[ $kernel == 1 ]]; then +# echo "Linux" +# selectedKernel="linux" +# header="linux-headers" +#elif [[ $kernel == 2 ]]; then +# echo "Linux/Linux LTS" +# selectedKernel="linux linux-lts" +# header="linux-headers linux-lts-headers" +#elif [[ $kernel == 3 ]]; then +# echo "Linux/Linux Zen" +# selectedKernel="linux linux-zen" +# header="linux-headers linux-zen-headers" +#elif [[ $kernel == 4 ]]; then +# echo "Linux/Linux LTS/Linux Zen" +# selectedKernel="linux linux-lts linux-zen" +# header="linux-headers linux-lts-headers linux-zen-headers" +#elif [[ $kernel == 5 ]]; then +# echo "Linux LTS/Linux Zen" +# selectedKernel="linux-lts linux-zen" +# header="linux-lts-headers linux-zen-headers" +#else +# echo "no Kernel selectet, aborting" +# exit 1 +#fi + +read -r -p "Passwort für Root :" rootpw +: "${rootpw:=test}" +if [[ $rootpw == "" ]]; then + echo "Kein Passwort für Root vergeben, breche ab" + exit 1 +fi + +read -r -p "Nutzername: " nutzername +: "${nutzername:=eichehome}" +if [[ $nutzername == "" ]]; then + echo "Kein Nutzername eingegeben, breche ab" + exit 1 +fi + +read -r -p "Passwort für $nutzername: " nutzerpw +: "${nutzerpw:=testen}" +if [[ $rootpw == "" ]]; then + echo "Kein Passwort für $nutzername vergeben, breche ab" exit 1 fi echo "General configuration:" -echo "1) Server (Systemd-networkd, no graphics card) 2) Laptop/Desktop (Networkmanager, Graphics Card)" +echo "1) Server (Systemd-networkd, no graphics card) 2) Laptop/Desktop (Networkmanager(iwd), Graphics Card, GNOME)" read -r configuration +: "${configuration:=2}" + if [[ $configuration == 2 ]]; then echo "Laptop/Desktop" echo "" @@ -94,16 +158,21 @@ echo "arch" >> /etc/hostname echo "127.0.0.1 localhost" > /etc/hosts echo "::1 localhost" >> /etc/hosts echo "127.0.1.1 arch.localedomain arch" >> /etc/hosts -echo root:test | chpasswd +echo root:"${rootpw}" | chpasswd -pacman -S $selectedKernel "$ucode" -pacman -S base-devel $header +pacman -S ${selectedKernel} "${ucode}" +pacman -S base-devel ${header} -pacman -S iwd dialog reflector xdg-user-dirs xdg-utils inetutils ldns bash-completion openssh rsync iptables-nft ipset firewalld lynx +pacman -S iwd dialog reflector xdg-user-dirs xdg-utils inetutils ldns bash-completion openssh rsync iptables-nft ipset firewalld lynx man-db man-pages texinfo opendoas -pacman -S networkmanager -#Idee: ppp bluez(hier) modemmanager polkit(?) +echo "permit :wheel" > /etc/doas.conf +echo "permit persist eichehome as root" >> /etc/doas.conf +echo "" >> /etc/doas.conf +doas -C /etc/doas.conf && echo "config ok" || echo "config error" +read -r -p "Continue? (Y/N): " confirm && [[ $confirm == [yY] || $confirm == [yY][eE][sS] ]] && pacman -R sudo || echo "do not forget to check doas.conf and remove sudo afterwards" + +#Idee: ppp polkit(?) pacman -S efibootmgr mtools dosfstools @@ -120,20 +189,28 @@ if [[ $configuration == 1 ]]; then # Netzwerk # Ethernet echo "Ethernet" - ethernet_network=$(find / -type f -name 20-ethernet.network | grep configs) - cp "$ethernet_network" /etc/systemd/network/ + #ethernet_network=$(find / -type f -name 20-ethernet.network | grep configs) + cp "$(find "${PWD}" -type f -name )" /etc/systemd/network/ # Wlan echo "WLAN" - wlan_network=$(find / -type f -name 20-wlan.network | grep configs) - cp "$wlan_network" /etc/systemd/network/ + #wlan_network=$(find / -type f -name 20-wlan.network | grep configs) + cp "$(find "${PWD}" -type f -name )" /etc/systemd/network/ # Wwan (Mobilefunk) echo "Mobilfunk" - wwan_network=$(find / -type f -name 20-wwan.network | grep configs) - cp "$wwan_network" /etc/systemd/network/ + #wwan_network=$(find / -type f -name 20-wwan.network | grep configs) + cp "$(find "${PWD}" -type f -name )" /etc/systemd/network/ elif [[ $configuration == 2 ]]; then + pacman -S gnome gdm fwupd networkmanager modemmanager avahi bluez bluez-utils sshfs pipewire pipewire-audio pipewire-alsa pipewire-pulse pipewire-jack pipewire-zeroconf pipewire-v4l2 wireplumber gstreamer gst-plugin-pipewire gst-libav gst-plugins-good gst-plugins-base gst-plugins-vaapi gnome-software-packagekit-plugin xdg-desktop-portal-gnome festival networkmanager-openconnect networkmanager-openvpn networkmanager-pptp networkmanager-vpnc power-profiles-daemon + systemctl enable NetworkManager - wifi_backend_conf=$(find / -type f -name wifi_backend.conf | grep configs) - cp "$wifi_backend_conf" /etc/NetworkManager/conf.d/ + # Configure IWD as Backend for Networkmanager + #wifi_backend_conf=$(find / -type f -name wifi_backend.conf | grep configs) + cp "$(find "${PWD}" -type f -name )" /etc/NetworkManager/conf.d/ + # Disable MulticastDNS in systemd-resolved + #disable_multicastDNS_conf=$(find / -type f -name disable-multicastDNS.conf | grep configs) + mkdir -p /etc/systemd/resolved.conf.d + cp "$(find "${PWD}" -type f -name )" /etc/systemd/resolved.conf.d/ + systemctl enable avahi-daemon fi systemctl enable systemd-resolved @@ -141,6 +218,7 @@ systemctl enable systemd-timesyncd systemctl enable reflector.timer systemctl enable firewalld systemctl enable fstrim.timer +systemctl enable systemd-time-wait-sync.service if [[ $gracard == 1 ]]; then sed -i 's/MODULES=()/MODULES=(amdgpu)/' /etc/mkinitcpio.conf #AMD @@ -174,27 +252,36 @@ fi bootctl install # Bootloaderconfig -loader_conf=$(find / -type f -name loader.conf | grep configs) -cp "$loader_conf" /boot/loader/ +#loader_conf=$(find / -type f -name loader.conf | grep configs) +cp "$(find "${PWD}" -type f -name loader.conf)" /boot/loader/ #$selectedKernel="linux linux-lts linux-zen" -array_kernel_einzeln=$(echo "$selectedKernel" | tr " " "\n"); -entry_conf=$(find / -type f -name entry.conf | grep configs) -for kernel_einzeln in $array_kernel_einzeln; do - boot_entry_name="${kernel_einzeln//linux/arch}"; +entry_conf=$(find "${PWD}" -type f -name entry.conf) +for kernel in $selectedKernel; do + boot_entry_name="${kernel//linux/arch}"; # Standart echo "$boot_entry_name.conf" cp "$entry_conf" /boot/loader/entries/"$boot_entry_name".conf - sed -i "s/#KERNEL#/$kernel_einzeln/" /boot/loader/entries/"$boot_entry_name".conf - sed -i "s/#INITRAMFS#/$kernel_einzeln/" /boot/loader/entries/"$boot_entry_name".conf - title="${boot_entry_name//arch/arch-linux}" + sed -i "s/#KERNEL#/$kernel/" /boot/loader/entries/"$boot_entry_name".conf + sed -i "s/#INITRAMFS#/$kernel/" /boot/loader/entries/"$boot_entry_name".conf + boot_entry="${boot_entry_name//arch/arch-linux}" + title="" + for word in ${boot_entry//-/ }; do + word="${word@u} " + title="${title}${word//Lts/LTS}" + done sed -i "s/#TITLE#/$title/" /boot/loader/entries/"$boot_entry_name".conf # Fallback echo "$boot_entry_name-fallback.conf" cp "$entry_conf" /boot/loader/entries/"$boot_entry_name"-fallback.conf - sed -i "s/#KERNEL#/$kernel_einzeln/" /boot/loader/entries/"$boot_entry_name"-fallback.conf - sed -i "s/#INITRAMFS#/$kernel_einzeln-fallback/" /boot/loader/entries/"$boot_entry_name"-fallback.conf - title="${boot_entry_name//arch/arch-linux}-fallback" + sed -i "s/#KERNEL#/$kernel/" /boot/loader/entries/"$boot_entry_name"-fallback.conf + sed -i "s/#INITRAMFS#/$kernel-fallback/" /boot/loader/entries/"$boot_entry_name"-fallback.conf + boot_entry="${boot_entry_name//arch/arch-linux}-fallback" + title="" + for word in ${boot_entry//-/ }; do + word="${word@u} " + title="${title}${word//Lts/LTS}" + done sed -i "s/#TITLE#/$title/" /boot/loader/entries/"$boot_entry_name"-fallback.conf done; @@ -242,6 +329,7 @@ done; # sed -i 's/#Intel//' /boot/loader/entries/arch-zen-fallback.conf # fi #fi +# Verschlüsselungs-Passwort: testpassword cryptroot_name=$(grep "#\s/dev/mapper" /etc/fstab | head -n 1 | sed 's/#\s\/dev\/mapper\/\(.*\)\s.*/\1/') cryptroot_device_name=$(grep "LABEL=EFI" /etc/fstab | sed 's/#\s\/dev\/\(.\{3\}\).*/\1/') @@ -251,6 +339,6 @@ cryptroot_device_uuid=$(blkid -o value -s UUID /dev/"$cryptroot_device_name"2) find /boot -type f -name arch\*.conf -exec sed -i "s/root=LABEL=arch/root=\/dev\/mapper\/$cryptroot_name rd.luks.name=$cryptroot_device_uuid=$cryptroot_name/" {} \; useradd -mG wheel eichehome -echo eichehome:testen | chpasswd +echo "$nutzername":"$nutzerpw" | chpasswd echo "%wheel ALL=(ALL) ALL" >> /etc/sudoers.d/wheel_group \ No newline at end of file diff --git a/configs/disable-multicastDNS.conf b/configs/disable-multicastDNS.conf new file mode 100644 index 0000000..20d1884 --- /dev/null +++ b/configs/disable-multicastDNS.conf @@ -0,0 +1,2 @@ +[Resolve] +MulticastDNS=no \ No newline at end of file diff --git a/prep-BTRFS-UEFI-Encrypted.sh b/prep-BTRFS-UEFI-Encrypted.sh index 99d7930..50ac4dc 100644 --- a/prep-BTRFS-UEFI-Encrypted.sh +++ b/prep-BTRFS-UEFI-Encrypted.sh @@ -10,42 +10,42 @@ localectl set-keymap de-latin1-nodeadkeys timedatectl set-timezone Europe/Berlin timedatectl set-ntp yes -echo "Choose Device: 1) /dev/sda 2) /dev/vda 3) Other Path" +echo "Choose Device (Defaults to /dev/sda):" +echo "1) /dev/sda 2) /dev/vda 3) Other Path" read -r choise - +: "${choise:=1}" if [ "$choise" == 1 ];then path="/dev/sda" - part1="/dev/sda1" - part2="/dev/sda2" elif [ "$choise" == 2 ];then path="/dev/vda" - part1="/dev/vda1" - part2="/dev/vda2" elif [ "$choise" == 3 ];then read -r -p "Enter Device-Path: " path - part1="$path"1 - part2="$path"2 else echo "Path not recognized, aborting" exit 1 fi +echo "Install Device: ${path}" +part1="${path}"1 +part2="${path}"2 -cryptrootname="cryptroot" +read -r -p "Name for the cryptrootdevice (defaults to cryptroot): " cryptrootname +: "${cryptrootname:=cryptroot}" +echo "The cryptrootdevice will be named: ${cryptrootname}" -parted --script "$path" \ +parted --script "${path}" \ mklabel gpt \ mkpart "efi" fat32 1MiB 501MiB \ set 1 esp on \ mkpart "root" btrfs 501MiB 100% -mkfs.vfat "$part1" -n EFI -cryptsetup --cipher aes-xts-plain64 --hash sha512 --use-random --verify-passphrase luksFormat "$part2" +mkfs.vfat "${part1}" -n EFI +cryptsetup --cipher aes-xts-plain64 --hash sha512 --use-random --verify-passphrase luksFormat "${part2}" -cryptsetup luksOpen "$part2" $cryptrootname +cryptsetup luksOpen "${part2}" "${cryptrootname}" -mkfs.btrfs /dev/mapper/$cryptrootname -L arch +mkfs.btrfs "/dev/mapper/${cryptrootname}" -L arch -mount /dev/mapper/$cryptrootname /mnt +mount "/dev/mapper/${cryptrootname}" /mnt cd /mnt || exit 1 btrfs subvolume create @ btrfs subvolume create @home @@ -55,15 +55,15 @@ btrfs subvolume create @cache cd ~ || exit 1 umount -R /mnt -mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@ /dev/mapper/$cryptrootname /mnt +mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@ "/dev/mapper/${cryptrootname}" /mnt mkdir -p /mnt/{home,boot,var} -mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@home /dev/mapper/$cryptrootname /mnt/home -mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@var /dev/mapper/$cryptrootname /mnt/var +mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@home "/dev/mapper/${cryptrootname}" /mnt/home +mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@var "/dev/mapper/${cryptrootname}" /mnt/var mkdir -p /mnt/var/{cache,log} -mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@log /dev/mapper/$cryptrootname /mnt/var/log -mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@cache /dev/mapper/$cryptrootname /mnt/var/cache +mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@log "/dev/mapper/${cryptrootname}" /mnt/var/log +mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@cache "/dev/mapper/${cryptrootname}" /mnt/var/cache -mount "$part1" /mnt/boot +mount "${part1}" /mnt/boot pacstrap /mnt base linux-firmware vim git btrfs-progs