-
-
Save CerebralMischief/aed72848f0dd1e05e7dfdd4ae61c3e6a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/bash | |
loadkeys fr | |
# ssd clearing (wiki.archlinux.org/index.php/SSD_memory_cell_clearing) | |
hdparm -I /dev/sda # and ensure the ssd is not frozen | |
hdparm --user-master u --security-set-pass MyPaSsWoRd /dev/sda | |
hdparm -I /dev/sda # in order to check | |
hdparm --user-master u --security-erase MyPaSsWoRd /dev/sda | |
# partitions | |
mkpart sda1 | |
mkpart sda2 | |
mkpart sda3 | |
# file system | |
mkfs.vfat -n "BOOT" -F 32 /dev/sda1 | |
mkfs.ext4 -L "ROOT" /dev/sda2 | |
mkfs.ext4 -L "DATA" /dev/sda3 | |
mount /dev/sda2 /mnt | |
mkdir -p /mnt/boot | |
mount /dev/sda1 /mnt/boot | |
# base installation | |
ip link set wlp3s0 up | |
wifi-menu wlp3s0 | |
pacstrap /mnt base base-devel | |
# boot | |
arch-chroot /mnt | |
pacman -S efibootmgr dosfstools | |
efibootmgr --disk /dev/sda --part 1 --create --label "Arch Linux" --loader vmlinuz-linux \ | |
--unicode "root=/dev/sda2 rw initrd=initramfs-linux.img quiet loglevel=0 rd.udev.log-priority=3 \ | |
systemd.show_status=0 intel_pstate=disable elevator=noop" | |
cat > /etc/mkinitcpio.conf << EOF | |
MODULES="ahci sd_mod ext4" | |
HOOKS="base" | |
EOF | |
mkinitcpio -p linux | |
# Wifi | |
pacman -S iw wpa_supplicant dialog | |
systemctl enable wpa_supplicant --now | |
wifi-menu -o wlp3s0 | |
netctl enable wlp3s0-Edelweiss | |
netctl start wlp3s0-Edelweiss | |
# hostname | |
echo scorpion > /etc/hostname | |
# fstab | |
cat > /etc/fstab << EOF | |
/dev/sda1 /boot/efi vfat defaults,noatime,discard 0 0 | |
#/dev/sda2 none irst defaults 0 0 | |
tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0 | |
tmpfs /var/tmp tmpfs defaults,noatime,mode=1777 0 0 | |
EOF | |
# hosts | |
cat >> /etc/hosts << EOF | |
192.168.2.160 nounours # franck-laptop-0 | |
192.168.2.161 photon # nas-rpi | |
192.168.2.162 suricate # martine-laptop | |
192.168.2.163 otarie # marie-laptop | |
192.168.2.164 electron # cloud-rpi | |
192.168.2.165 ouistiti # franck-phone | |
192.168.2.166 scorpion # franck-laptop | |
192.168.2.167 martine-phone | |
192.168.2.168 martine-tablet | |
192.168.2.169 neutron # mediacenter-rpi | |
EOF | |
# pacman | |
sed -i 's/^#Color/Color/' /etc/pacman.conf | |
sed -i 's/^#TotalDownload/TotalDownload/' /etc/pacman.conf | |
sed -i 's/^#VerbosePkgLists/VerbosePkgLists/' /etc/pacman.conf | |
pacman-db-upgrade | |
pacman -Sy | |
# users | |
passwd | |
pacman -S zsh | |
useradd -m -G wheel,storage,power -s /bin/zsh franck | |
passwd franck | |
systemctl edit getty@tty1 | |
# and type in: | |
[Service] | |
ExecStart= | |
ExecStart=-/usr/bin/agetty --autologin franck --noclear %I $TERM | |
# sudo | |
pacman -S sudo | |
cat > /etc/sudoers << EOF | |
Defaults env_reset,pwfeedback | |
root ALL=(ALL) ALL | |
franck ALL=(ALL) ALL | |
EOF | |
# reboot | |
systemctl poweroff | |
# remove usb stick | |
# power on | |
# log in as root | |
# locale and time | |
cat > /etc/vconsole.conf << EOF | |
LANG=fr_FR.UTF-8 | |
EOF | |
localectl set-locale LANG=fr_FR.UTF-8 | |
locale >> /etc/locale.conf | |
localectl set-keymap fr | |
timedatectl set-timezone Europe/Paris | |
timedatectl set-ntp true | |
hwclock --systohc --utc | |
# ssh-agent | |
mkdir -p /home/franck/.config/systemd/user | |
cd /home/franck/.config/systemd/user | |
cat > ssh-agent.service << EOF | |
[Unit] | |
Description=SSH key agent | |
[Service] | |
Type=forking | |
Environment=SSH_AUTH_SOCK=%t/ssh-agent.socket | |
ExecStart=/usr/bin/ssh-agent -a $SSH_AUTH_SOCK | |
[Install] | |
WantedBy=default.target | |
EOF | |
systemctl --user enable ssh-agent.service --now | |
# printer and scanner | |
pacman -S simple-scan cups hplip python-dbus | |
systemctl enable org.cups.cupsd.service --now | |
hp-setup -i | |
systemctl disable org.cups.cupsd.service --now # it'll be used on demand | |
# touchpad | |
cat > /etc/X11/xorg.conf.d/30-touchpad.conf << EOF | |
Section "InputClass" | |
Identifier "MyTouchpad" | |
MatchIsTouchpad "on" | |
Driver "libinput" | |
Option "Tapping" "on" | |
EndSection | |
EOF | |
# fonts | |
pacman -S ttf-dejavu | |
cat > /etc/fonts/conf.avail/29-prettify.conf << EOF | |
<?xml version='1.0'?> | |
<!DOCTYPE fontconfig SYSTEM 'fonts.dtd'> | |
<fontconfig> | |
<match target="font"> | |
<edit mode="assign" name="antialias"> | |
<bool>true</bool> | |
</edit> | |
<edit mode="assign" name="embeddedbitmap"> | |
<bool>false</bool> | |
</edit> | |
<edit mode="assign" name="hinting"> | |
<bool>true</bool> | |
</edit> | |
<edit mode="assign" name="hintstyle"> | |
<const>hintslight</const> | |
</edit> | |
<edit mode="assign" name="rgba"> | |
<const>rgb</const> | |
</edit> | |
<edit mode="assign" name="lcdfilter"> | |
<const>lcdlight</const> | |
</edit> | |
</match> | |
</fontconfig> | |
EOF | |
cd /etc/fonts/conf.d | |
ln -s /etc/fonts/conf.avail/29-prettify.conf | |
# power | |
echo "options snd_hda_intel power_save=1" > /etc/modprobe.d/audio_powersave.conf | |
echo "kernel.nmi_watchdog = 0" > /etc/sysctl.d/disable_watchdog.conf | |
echo "vm.dirty_writeback_centisecs = 1500" > /etc/sysctl.d/dirty.conf | |
echo "vm.laptop_mode = 5" > /etc/sysctl.d/laptop.conf | |
echo 'ACTION=="add", SUBSYSTEM=="pci", ATTR{power/control}="auto"' > /etc/udev/rules.d/pci_pm.rules | |
echo 'ACTION=="add", SUBSYSTEM=="usb", TEST=="power/control", ATTR{power/control}="auto"' > /etc/udev/rules.d/50-usb_power_save.rules | |
echo "options usbcore autosuspend=5" > /etc/modprobe.d/usb-autosuspend.conf | |
echo 'ACTION=="add", SUBSYSTEM=="scsi_host", KERNEL=="host*", ATTR{link_power_management_policy}="min_power"' > /etc/udev/rules.d/hd_power_save.rules | |
# automount | |
pacman -S udisks2 udevil | |
chmod -s /usr/bin/udevil | |
cat > /etc/polkit-1/rules.d/50-udiskie.rules << EOF | |
polkit.addRule(function(action, subject) { | |
var YES = polkit.Result.YES; | |
// NOTE: there must be a comma at the end of each line except for the last: | |
var permission = { | |
// required for udisks1: | |
"org.freedesktop.udisks.filesystem-mount": YES, | |
"org.freedesktop.udisks.luks-unlock": YES, | |
"org.freedesktop.udisks.drive-eject": YES, | |
"org.freedesktop.udisks.drive-detach": YES, | |
// required for udisks2: | |
"org.freedesktop.udisks2.filesystem-mount": YES, | |
"org.freedesktop.udisks2.encrypted-unlock": YES, | |
"org.freedesktop.udisks2.eject-media": YES, | |
"org.freedesktop.udisks2.power-off-drive": YES, | |
// required for udisks2 if using udiskie from another seat (e.g. systemd): | |
"org.freedesktop.udisks2.filesystem-mount-other-seat": YES, | |
"org.freedesktop.udisks2.filesystem-unmount-others": YES, | |
"org.freedesktop.udisks2.encrypted-unlock-other-seat": YES, | |
"org.freedesktop.udisks2.eject-media-other-seat": YES, | |
"org.freedesktop.udisks2.power-off-drive-other-seat": YES | |
}; | |
if (subject.isInGroup("storage")) { | |
return permission[action.id]; | |
} | |
}); | |
EOF | |
cat > /etc/udev/rules.d/99-udisks2.rules << EOF | |
# UDISKS_FILESYSTEM_SHARED | |
# ==1: mount filesystem to a shared directory (/media/VolumeName) | |
# ==0: mount filesystem to a private directory (/run/media/$USER/VolumeName) | |
# See udisks(8) | |
ENV{ID_FS_USAGE}=="filesystem|other|crypto", ENV{UDISKS_FILESYSTEM_SHARED}="1" | |
EOF | |
# X.org, tools, web, office, development | |
pacman -S xorg-server xorg-xinit xorg-server-utils xorg-utils mesa xf86-input-libinput xf86-video-intel | |
pacman -S wmctrl ranger highlight rofi | |
pacman -S rsync htop unrar ntfs-3g gst-libav keepassx pulseaudio | |
pacman -S openssh xterm acpid | |
pacman -S firefox firefox-i18n-fr flashplugin | |
pacman -S libreoffice-fresh libreoffice-fresh-fr | |
pacman -S nodejs npm go meld | |
# aur | |
pacman -U i3-blocks | |
pacman -U i3-gaps | |
pacman -U fonts | |
pacman -U sublimetext |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment