redaphid · September 23, 2025 04:48
diff --git a/gistfile1.txt b/gistfile1.txt
 #!/bin/bash
 # archiso-zfs-rescue.sh
 # A custom Arch ISO with ZFS tools and remote access capabilities

 set -euo pipefail

 # Configuration - the coordinates for our dive
 WORK_DIR="./archiso-work"
 OUT_DIR="./out"
 ISO_NAME="archiso-zfs-rescue"
 ISO_LABEL="ARCH_ZFS_RESCUE"
 SSH_KEY="${SSH_KEY:-}" # Set via environment or edit below

 # Colors for output (optional flourish)
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 BLUE='\033[0;34m'
 NC='\033[0m'

 log() {
    echo -e "${BLUE}[$(date +'%H:%M:%S')]${NC} $1"
 }

 error() {
    echo -e "${RED}[ERROR]${NC} $1" >&2
    exit 1
 }

 # Preflight checks
 [[ $EUID -ne 0 ]] && error "This script must be run as root"
 [[ -z "$SSH_KEY" ]] && error "SSH_KEY environment variable not set. Set it to your public key."

 # Install build dependencies
 log "Installing archiso and dependencies..."
 pacman -Sy --needed --noconfirm archiso git base-devel

 # Create working directory from baseline
 log "Creating working directory..."
 rm -rf "$WORK_DIR"
 cp -r /usr/share/archiso/configs/baseline "$WORK_DIR"
 cd "$WORK_DIR"

 # Modify packages.x86_64
 log "Adding packages to the manifest..."
 cat >> packages.x86_64 << 'PACKAGES'
 # Terminal multiplexer - for when one view isn't enough
 zellij

 # Node ecosystem - the modern spelunker's tools  
 npm
 nodejs

 # SSH for remote access - your lifeline to the surface
 openssh

 # ZFS ecosystem - for diving into pool structures
 zfs-dkms
 zfs-utils
 zfsbootmenu
 efibootmgr
 refind

 # Additional recovery tools - never go unprepared
 tmux
 neovim
 git
 base-devel
 linux-headers
 PACKAGES

 # Create custom airootfs overlays
 log "Creating airootfs structure..."
 mkdir -p airootfs/etc/ssh
 mkdir -p airootfs/etc/systemd/system/multi-user.target.wants
 mkdir -p airootfs/root/.ssh
 mkdir -p airootfs/etc/skel/.config/zellij

 # Configure SSH with your key
 log "Configuring SSH access..."
 echo "$SSH_KEY" > airootfs/root/.ssh/authorized_keys
 chmod 700 airootfs/root/.ssh
 chmod 600 airootfs/root/.ssh/authorized_keys

 # SSH configuration - hardened but accessible
 cat > airootfs/etc/ssh/sshd_config << 'SSHCONFIG'
 # Underwater communications protocol
 Port 22
 PermitRootLogin prohibit-password
 PubkeyAuthentication yes
 PasswordAuthentication no
 ChallengeResponseAuthentication no
 UsePAM yes
 X11Forwarding no
 PrintMotd no
 AcceptEnv LANG LC_*
 Subsystem sftp /usr/lib/ssh/sftp-server

 # Only public key authentication - no weak links
 AuthorizedKeysFile .ssh/authorized_keys
 SSHCONFIG

 # Enable services
 ln -sf /usr/lib/systemd/system/sshd.service airootfs/etc/systemd/system/multi-user.target.wants/
 ln -sf /usr/lib/systemd/system/systemd-networkd.service airootfs/etc/systemd/system/multi-user.target.wants/
 ln -sf /usr/lib/systemd/system/systemd-resolved.service airootfs/etc/systemd/system/multi-user.target.wants/

 # Network configuration for DHCP on all interfaces
 mkdir -p airootfs/etc/systemd/network
 cat > airootfs/etc/systemd/network/20-wired.network << 'NETCONFIG'
 [Match]
 Name=en*
 Name=eth*

 [Network]
 DHCP=yes
 IPv6PrivacyExtensions=yes

 [DHCPv4]
 RouteMetric=512

 [DHCPv6]
 RouteMetric=512
 NETCONFIG

 # Custom initialization script
 cat > airootfs/root/.zshrc << 'ZSHRC'
 # The diver's heads-up display
 alias ll='ls -la'
 alias zpool='zpool status -v'
 alias zcheck='zfs list -o name,used,avail,refer,mountpoint'

 # Visual indicator - you're in rescue mode
 PS1='%F{red}[RESCUE]%f %F{cyan}%n@%m%f:%F{yellow}%~%f%# '

 echo -e "\033[1;33m=== Arch ZFS Rescue System ===\033[0m"
 echo "ZFS modules: $(lsmod | grep -c zfs) loaded"
 echo "SSH is active on port 22"
 echo ""
 echo "Tools available:"
 echo "  - zellij     : Terminal multiplexer"
 echo "  - zfs/zpool  : ZFS management"  
 echo "  - zfsbootmenu: ZFS boot configuration"
 echo ""
 ZSHRC

 # ProfileDef configuration
 cat > profiledef.sh << 'PROFILEDEF'
 #!/usr/bin/env bash
 # Profile definition - the blueprint

 iso_name="archiso-zfs-rescue"
 iso_label="ARCH_ZFS_RESCUE"
 iso_publisher="ZFS Rescue <https://github.com/zfsonlinux>"
 iso_application="Arch Linux ZFS Rescue System"
 iso_version="$(date +%Y.%m.%d)"
 install_dir="arch"
 buildmodes=('iso')
 bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito'
           'uefi-ia32.systemd-boot.esp' 'uefi-x64.systemd-boot.esp'
           'uefi-ia32.systemd-boot.eltorito' 'uefi-x64.systemd-boot.eltorito')
 arch="x86_64"
 pacman_conf="pacman.conf"
 airootfs_image_type="squashfs"
 airootfs_image_tool_options=('-comp' 'zstd' '-Xcompression-level' '19' '-b' '1M')
 file_permissions=(
  ["/etc/shadow"]="0:0:400"
  ["/root"]="0:0:750"
  ["/root/.ssh"]="0:0:700"
  ["/root/.ssh/authorized_keys"]="0:0:600"
  ["/etc/ssh/sshd_config"]="0:0:644"
 )
 PROFILEDEF

 # Add AUR helper and ZFS repo to pacman.conf
 log "Configuring pacman for ZFS..."
 cat >> pacman.conf << 'PACMANCONF'

 [archzfs]
 Server = https://archzfs.com/$repo/$arch
 SigLevel = Optional TrustAll
 PACMANCONF

 # Build the ISO
 log "Building ISO (this will take time - like waiting for decompression)..."
 mkdir -p "$OUT_DIR"
 mkarchiso -v -w "$WORK_DIR/work" -o "$OUT_DIR" "$WORK_DIR"

 # Final message - surfacing with treasure
 log "${GREEN}Build complete!${NC}"
 echo ""
 echo "ISO location: ${OUT_DIR}/${ISO_NAME}-*.iso"
 echo ""
 echo "To use:"
 echo "1. Write to USB: dd if=${ISO_NAME}-*.iso of=/dev/sdX bs=4M status=progress"
 echo "2. Boot the system"
 echo "3. SSH as root using your key"
 echo ""
 echo "The depths await..."
	#!/bin/bash
	# archiso-zfs-rescue.sh
	# A custom Arch ISO with ZFS tools and remote access capabilities

	set -euo pipefail

	# Configuration - the coordinates for our dive
	WORK_DIR="./archiso-work"
	OUT_DIR="./out"
	ISO_NAME="archiso-zfs-rescue"
	ISO_LABEL="ARCH_ZFS_RESCUE"
	SSH_KEY="${SSH_KEY:-}" # Set via environment or edit below

	# Colors for output (optional flourish)
	RED='\033[0;31m'
	GREEN='\033[0;32m'
	BLUE='\033[0;34m'
	NC='\033[0m'

	log() {
	echo -e "${BLUE}[$(date +'%H:%M:%S')]${NC} $1"
	}

	error() {
	echo -e "${RED}[ERROR]${NC} $1" >&2
	exit 1
	}

	# Preflight checks
	[[ $EUID -ne 0 ]] && error "This script must be run as root"
	[[ -z "$SSH_KEY" ]] && error "SSH_KEY environment variable not set. Set it to your public key."

	# Install build dependencies
	log "Installing archiso and dependencies..."
	pacman -Sy --needed --noconfirm archiso git base-devel

	# Create working directory from baseline
	log "Creating working directory..."
	rm -rf "$WORK_DIR"
	cp -r /usr/share/archiso/configs/baseline "$WORK_DIR"
	cd "$WORK_DIR"

	# Modify packages.x86_64
	log "Adding packages to the manifest..."
	cat >> packages.x86_64 << 'PACKAGES'
	# Terminal multiplexer - for when one view isn't enough
	zellij

	# Node ecosystem - the modern spelunker's tools
	npm
	nodejs

	# SSH for remote access - your lifeline to the surface
	openssh

	# ZFS ecosystem - for diving into pool structures
	zfs-dkms
	zfs-utils
	zfsbootmenu
	efibootmgr
	refind

	# Additional recovery tools - never go unprepared
	tmux
	neovim
	git
	base-devel
	linux-headers
	PACKAGES

	# Create custom airootfs overlays
	log "Creating airootfs structure..."
	mkdir -p airootfs/etc/ssh
	mkdir -p airootfs/etc/systemd/system/multi-user.target.wants
	mkdir -p airootfs/root/.ssh
	mkdir -p airootfs/etc/skel/.config/zellij

	# Configure SSH with your key
	log "Configuring SSH access..."
	echo "$SSH_KEY" > airootfs/root/.ssh/authorized_keys
	chmod 700 airootfs/root/.ssh
	chmod 600 airootfs/root/.ssh/authorized_keys

	# SSH configuration - hardened but accessible
	cat > airootfs/etc/ssh/sshd_config << 'SSHCONFIG'
	# Underwater communications protocol
	Port 22
	PermitRootLogin prohibit-password
	PubkeyAuthentication yes
	PasswordAuthentication no
	ChallengeResponseAuthentication no
	UsePAM yes
	X11Forwarding no
	PrintMotd no
	AcceptEnv LANG LC_*
	Subsystem sftp /usr/lib/ssh/sftp-server

	# Only public key authentication - no weak links
	AuthorizedKeysFile .ssh/authorized_keys
	SSHCONFIG

	# Enable services
	ln -sf /usr/lib/systemd/system/sshd.service airootfs/etc/systemd/system/multi-user.target.wants/
	ln -sf /usr/lib/systemd/system/systemd-networkd.service airootfs/etc/systemd/system/multi-user.target.wants/
	ln -sf /usr/lib/systemd/system/systemd-resolved.service airootfs/etc/systemd/system/multi-user.target.wants/

	# Network configuration for DHCP on all interfaces
	mkdir -p airootfs/etc/systemd/network
	cat > airootfs/etc/systemd/network/20-wired.network << 'NETCONFIG'
	[Match]
	Name=en*
	Name=eth*

	[Network]
	DHCP=yes
	IPv6PrivacyExtensions=yes

	[DHCPv4]
	RouteMetric=512

	[DHCPv6]
	RouteMetric=512
	NETCONFIG

	# Custom initialization script
	cat > airootfs/root/.zshrc << 'ZSHRC'
	# The diver's heads-up display
	alias ll='ls -la'
	alias zpool='zpool status -v'
	alias zcheck='zfs list -o name,used,avail,refer,mountpoint'

	# Visual indicator - you're in rescue mode
	PS1='%F{red}[RESCUE]%f %F{cyan}%n@%m%f:%F{yellow}%~%f%# '

	echo -e "\033[1;33m=== Arch ZFS Rescue System ===\033[0m"
	echo "ZFS modules: $(lsmod \| grep -c zfs) loaded"
	echo "SSH is active on port 22"
	echo ""
	echo "Tools available:"
	echo " - zellij : Terminal multiplexer"
	echo " - zfs/zpool : ZFS management"
	echo " - zfsbootmenu: ZFS boot configuration"
	echo ""
	ZSHRC

	# ProfileDef configuration
	cat > profiledef.sh << 'PROFILEDEF'
	#!/usr/bin/env bash
	# Profile definition - the blueprint

	iso_name="archiso-zfs-rescue"
	iso_label="ARCH_ZFS_RESCUE"
	iso_publisher="ZFS Rescue <https://github.com/zfsonlinux>"
	iso_application="Arch Linux ZFS Rescue System"
	iso_version="$(date +%Y.%m.%d)"
	install_dir="arch"
	buildmodes=('iso')
	bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito'
	'uefi-ia32.systemd-boot.esp' 'uefi-x64.systemd-boot.esp'
	'uefi-ia32.systemd-boot.eltorito' 'uefi-x64.systemd-boot.eltorito')
	arch="x86_64"
	pacman_conf="pacman.conf"
	airootfs_image_type="squashfs"
	airootfs_image_tool_options=('-comp' 'zstd' '-Xcompression-level' '19' '-b' '1M')
	file_permissions=(
	["/etc/shadow"]="0:0:400"
	["/root"]="0:0:750"
	["/root/.ssh"]="0:0:700"
	["/root/.ssh/authorized_keys"]="0:0:600"
	["/etc/ssh/sshd_config"]="0:0:644"
	)
	PROFILEDEF

	# Add AUR helper and ZFS repo to pacman.conf
	log "Configuring pacman for ZFS..."
	cat >> pacman.conf << 'PACMANCONF'

	[archzfs]
	Server = https://archzfs.com/$repo/$arch
	SigLevel = Optional TrustAll
	PACMANCONF

	# Build the ISO
	log "Building ISO (this will take time - like waiting for decompression)..."
	mkdir -p "$OUT_DIR"
	mkarchiso -v -w "$WORK_DIR/work" -o "$OUT_DIR" "$WORK_DIR"

	# Final message - surfacing with treasure
	log "${GREEN}Build complete!${NC}"
	echo ""
	echo "ISO location: ${OUT_DIR}/${ISO_NAME}-*.iso"
	echo ""
	echo "To use:"
	echo "1. Write to USB: dd if=${ISO_NAME}-*.iso of=/dev/sdX bs=4M status=progress"
	echo "2. Boot the system"
	echo "3. SSH as root using your key"
	echo ""
	echo "The depths await..."