Skip to content

Instantly share code, notes, and snippets.

@CerebralMischief
Forked from fmarcia/archlinux.sh
Created August 2, 2018 05:21
Show Gist options
  • Save CerebralMischief/aed72848f0dd1e05e7dfdd4ae61c3e6a to your computer and use it in GitHub Desktop.
Save CerebralMischief/aed72848f0dd1e05e7dfdd4ae61c3e6a to your computer and use it in GitHub Desktop.
#!/usr/bin/bash
loadkeys fr
# ssd clearing (wiki.archlinux.org/index.php/SSD_memory_cell_clearing)
hdparm -I /dev/sda # and ensure the ssd is not frozen
hdparm --user-master u --security-set-pass MyPaSsWoRd /dev/sda
hdparm -I /dev/sda # in order to check
hdparm --user-master u --security-erase MyPaSsWoRd /dev/sda
# partitions
mkpart sda1
mkpart sda2
mkpart sda3
# file system
mkfs.vfat -n "BOOT" -F 32 /dev/sda1
mkfs.ext4 -L "ROOT" /dev/sda2
mkfs.ext4 -L "DATA" /dev/sda3
mount /dev/sda2 /mnt
mkdir -p /mnt/boot
mount /dev/sda1 /mnt/boot
# base installation
ip link set wlp3s0 up
wifi-menu wlp3s0
pacstrap /mnt base base-devel
# boot
arch-chroot /mnt
pacman -S efibootmgr dosfstools
efibootmgr --disk /dev/sda --part 1 --create --label "Arch Linux" --loader vmlinuz-linux \
--unicode "root=/dev/sda2 rw initrd=initramfs-linux.img quiet loglevel=0 rd.udev.log-priority=3 \
systemd.show_status=0 intel_pstate=disable elevator=noop"
cat > /etc/mkinitcpio.conf << EOF
MODULES="ahci sd_mod ext4"
HOOKS="base"
EOF
mkinitcpio -p linux
# Wifi
pacman -S iw wpa_supplicant dialog
systemctl enable wpa_supplicant --now
wifi-menu -o wlp3s0
netctl enable wlp3s0-Edelweiss
netctl start wlp3s0-Edelweiss
# hostname
echo scorpion > /etc/hostname
# fstab
cat > /etc/fstab << EOF
/dev/sda1 /boot/efi vfat defaults,noatime,discard 0 0
#/dev/sda2 none irst defaults 0 0
tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0
tmpfs /var/tmp tmpfs defaults,noatime,mode=1777 0 0
EOF
# hosts
cat >> /etc/hosts << EOF
192.168.2.160 nounours # franck-laptop-0
192.168.2.161 photon # nas-rpi
192.168.2.162 suricate # martine-laptop
192.168.2.163 otarie # marie-laptop
192.168.2.164 electron # cloud-rpi
192.168.2.165 ouistiti # franck-phone
192.168.2.166 scorpion # franck-laptop
192.168.2.167 martine-phone
192.168.2.168 martine-tablet
192.168.2.169 neutron # mediacenter-rpi
EOF
# pacman
sed -i 's/^#Color/Color/' /etc/pacman.conf
sed -i 's/^#TotalDownload/TotalDownload/' /etc/pacman.conf
sed -i 's/^#VerbosePkgLists/VerbosePkgLists/' /etc/pacman.conf
pacman-db-upgrade
pacman -Sy
# users
passwd
pacman -S zsh
useradd -m -G wheel,storage,power -s /bin/zsh franck
passwd franck
systemctl edit getty@tty1
# and type in:
[Service]
ExecStart=
ExecStart=-/usr/bin/agetty --autologin franck --noclear %I $TERM
# sudo
pacman -S sudo
cat > /etc/sudoers << EOF
Defaults env_reset,pwfeedback
root ALL=(ALL) ALL
franck ALL=(ALL) ALL
EOF
# reboot
systemctl poweroff
# remove usb stick
# power on
# log in as root
# locale and time
cat > /etc/vconsole.conf << EOF
LANG=fr_FR.UTF-8
EOF
localectl set-locale LANG=fr_FR.UTF-8
locale >> /etc/locale.conf
localectl set-keymap fr
timedatectl set-timezone Europe/Paris
timedatectl set-ntp true
hwclock --systohc --utc
# ssh-agent
mkdir -p /home/franck/.config/systemd/user
cd /home/franck/.config/systemd/user
cat > ssh-agent.service << EOF
[Unit]
Description=SSH key agent
[Service]
Type=forking
Environment=SSH_AUTH_SOCK=%t/ssh-agent.socket
ExecStart=/usr/bin/ssh-agent -a $SSH_AUTH_SOCK
[Install]
WantedBy=default.target
EOF
systemctl --user enable ssh-agent.service --now
# printer and scanner
pacman -S simple-scan cups hplip python-dbus
systemctl enable org.cups.cupsd.service --now
hp-setup -i
systemctl disable org.cups.cupsd.service --now # it'll be used on demand
# touchpad
cat > /etc/X11/xorg.conf.d/30-touchpad.conf << EOF
Section "InputClass"
Identifier "MyTouchpad"
MatchIsTouchpad "on"
Driver "libinput"
Option "Tapping" "on"
EndSection
EOF
# fonts
pacman -S ttf-dejavu
cat > /etc/fonts/conf.avail/29-prettify.conf << EOF
<?xml version='1.0'?>
<!DOCTYPE fontconfig SYSTEM 'fonts.dtd'>
<fontconfig>
<match target="font">
<edit mode="assign" name="antialias">
<bool>true</bool>
</edit>
<edit mode="assign" name="embeddedbitmap">
<bool>false</bool>
</edit>
<edit mode="assign" name="hinting">
<bool>true</bool>
</edit>
<edit mode="assign" name="hintstyle">
<const>hintslight</const>
</edit>
<edit mode="assign" name="rgba">
<const>rgb</const>
</edit>
<edit mode="assign" name="lcdfilter">
<const>lcdlight</const>
</edit>
</match>
</fontconfig>
EOF
cd /etc/fonts/conf.d
ln -s /etc/fonts/conf.avail/29-prettify.conf
# power
echo "options snd_hda_intel power_save=1" > /etc/modprobe.d/audio_powersave.conf
echo "kernel.nmi_watchdog = 0" > /etc/sysctl.d/disable_watchdog.conf
echo "vm.dirty_writeback_centisecs = 1500" > /etc/sysctl.d/dirty.conf
echo "vm.laptop_mode = 5" > /etc/sysctl.d/laptop.conf
echo 'ACTION=="add", SUBSYSTEM=="pci", ATTR{power/control}="auto"' > /etc/udev/rules.d/pci_pm.rules
echo 'ACTION=="add", SUBSYSTEM=="usb", TEST=="power/control", ATTR{power/control}="auto"' > /etc/udev/rules.d/50-usb_power_save.rules
echo "options usbcore autosuspend=5" > /etc/modprobe.d/usb-autosuspend.conf
echo 'ACTION=="add", SUBSYSTEM=="scsi_host", KERNEL=="host*", ATTR{link_power_management_policy}="min_power"' > /etc/udev/rules.d/hd_power_save.rules
# automount
pacman -S udisks2 udevil
chmod -s /usr/bin/udevil
cat > /etc/polkit-1/rules.d/50-udiskie.rules << EOF
polkit.addRule(function(action, subject) {
var YES = polkit.Result.YES;
// NOTE: there must be a comma at the end of each line except for the last:
var permission = {
// required for udisks1:
"org.freedesktop.udisks.filesystem-mount": YES,
"org.freedesktop.udisks.luks-unlock": YES,
"org.freedesktop.udisks.drive-eject": YES,
"org.freedesktop.udisks.drive-detach": YES,
// required for udisks2:
"org.freedesktop.udisks2.filesystem-mount": YES,
"org.freedesktop.udisks2.encrypted-unlock": YES,
"org.freedesktop.udisks2.eject-media": YES,
"org.freedesktop.udisks2.power-off-drive": YES,
// required for udisks2 if using udiskie from another seat (e.g. systemd):
"org.freedesktop.udisks2.filesystem-mount-other-seat": YES,
"org.freedesktop.udisks2.filesystem-unmount-others": YES,
"org.freedesktop.udisks2.encrypted-unlock-other-seat": YES,
"org.freedesktop.udisks2.eject-media-other-seat": YES,
"org.freedesktop.udisks2.power-off-drive-other-seat": YES
};
if (subject.isInGroup("storage")) {
return permission[action.id];
}
});
EOF
cat > /etc/udev/rules.d/99-udisks2.rules << EOF
# UDISKS_FILESYSTEM_SHARED
# ==1: mount filesystem to a shared directory (/media/VolumeName)
# ==0: mount filesystem to a private directory (/run/media/$USER/VolumeName)
# See udisks(8)
ENV{ID_FS_USAGE}=="filesystem|other|crypto", ENV{UDISKS_FILESYSTEM_SHARED}="1"
EOF
# X.org, tools, web, office, development
pacman -S xorg-server xorg-xinit xorg-server-utils xorg-utils mesa xf86-input-libinput xf86-video-intel
pacman -S wmctrl ranger highlight rofi
pacman -S rsync htop unrar ntfs-3g gst-libav keepassx pulseaudio
pacman -S openssh xterm acpid
pacman -S firefox firefox-i18n-fr flashplugin
pacman -S libreoffice-fresh libreoffice-fresh-fr
pacman -S nodejs npm go meld
# aur
pacman -U i3-blocks
pacman -U i3-gaps
pacman -U fonts
pacman -U sublimetext
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment