Modular Install script

arch-setup/arch-setup.sh

@@ -52,60 +52,84 @@ if [ "$home_s" = "y" ]; then
     home=$device$home_p
 fi
 
+clear
+
 # Create the boot partition
 echo "[INFO]: Formatting boot partition"
 mkfs.fat -F32 $boot
 
-# Create the swap partition
-echo "[INFO]: Enter password for swap encryption"
-read swap_pass
-
-echo $swap_pass | cryptsetup -q luksFormat "$swap"
-mkdir /root/.keys
-dd if=/dev/urandom of=/root/.keys/swap-keyfile bs=1024 count=4
-chmod 600 /root/.keys/swap-keyfile
-echo $swap_pass | cryptsetup luksAddKey "$swap" /root/.keys/swap-keyfile
-echo "[INFO]: Keyfile saved to /root/.keys/swap-keyfile"
-cryptsetup open --key-file="/root/.keys/swap-keyfile" "$swap" swap
-mkswap /dev/mapper/swap
-swapon /dev/mapper/swap
-
-# Create the root partition
-echo "[INFO]: Enter password for root encryption"
-read root_pass
-
-echo $root_pass | cryptsetup -q luksFormat "$root"
-dd bs=512 count=4 if=/dev/random of=/root/.keys/root-keyfile iflag=fullblock
-chmod 600 /root/.keys/root-keyfile
-echo $root_pass | cryptsetup luksAddKey "$root" /root/.keys/root-keyfile
-echo "[INFO]: Keyfile saved to /root/.keys/root-keyfile"
-cryptsetup open --key-file="/root/.keys/root-keyfile" "$root" root
-mkfs.ext4 /dev/mapper/root
-
-if [ "$home_s" = "y" ]; then
-    echo "[INFO]: Enter password for home encryption"
-    read home_pass
-    echo $home_pass | cryptsetup -q luksFormat "$home"
-    dd bs=512 count=4 if=/dev/random of=/root/.keys/home-keyfile iflag=fullblock
-    chmod 600 /root/.keys/home-keyfile
-    echo $home_pass | cryptsetup luksAddKey "$home" /root/.keys/home-keyfile
-    echo "[INFO]: Keyfile saved to /root/.keys/home-keyfile"
-    cryptsetup open --key-file="/root/.keys/home-keyfile" "$home" home
-    mkfs.ext4 /dev/mapper/home
-    mkdir /mnt/sys/home
-    mount "/dev/mapper/home" /mnt/sys/home
+echo -n "[INFO]: Would you like to enrypt your disks?(Y/n): "
+read $encryption
+
+if [ ! "$encryption" = "n" ]; then
+    # Create the swap partition
+    echo "[INFO]: Enter password for swap encryption"
+    read swap_pass
+
+    echo $swap_pass | cryptsetup -q luksFormat "$swap"
+    mkdir /root/.keys
+    dd if=/dev/urandom of=/root/.keys/swap-keyfile bs=1024 count=4
+    chmod 600 /root/.keys/swap-keyfile
+    echo $swap_pass | cryptsetup luksAddKey "$swap" /root/.keys/swap-keyfile
+    echo "[INFO]: Keyfile saved to /root/.keys/swap-keyfile"
+    cryptsetup open --key-file="/root/.keys/swap-keyfile" "$swap" swap
+    mkswap /dev/mapper/swap
+    swapon /dev/mapper/swap
+
+    # Create the root partition
+    echo "[INFO]: Enter password for root encryption"
+    read root_pass
+
+    echo $root_pass | cryptsetup -q luksFormat "$root"
+    dd bs=512 count=4 if=/dev/random of=/root/.keys/root-keyfile iflag=fullblock
+    chmod 600 /root/.keys/root-keyfile
+    echo $root_pass | cryptsetup luksAddKey "$root" /root/.keys/root-keyfile
+    echo "[INFO]: Keyfile saved to /root/.keys/root-keyfile"
+    cryptsetup open --key-file="/root/.keys/root-keyfile" "$root" root
+    mkfs.ext4 /dev/mapper/root
+
+    mkdir /mnt/sys
+    mount /dev/mapper/root /mnt/sys
+
+    if [ "$home_s" = "y" ]; then
+        echo "[INFO]: Enter password for home encryption"
+        read home_pass
+        echo $home_pass | cryptsetup -q luksFormat "$home"
+        dd bs=512 count=4 if=/dev/random of=/root/.keys/home-keyfile iflag=fullblock
+        chmod 600 /root/.keys/home-keyfile
+        echo $home_pass | cryptsetup luksAddKey "$home" /root/.keys/home-keyfile
+        echo "[INFO]: Keyfile saved to /root/.keys/home-keyfile"
+        cryptsetup open --key-file="/root/.keys/home-keyfile" "$home" home
+        mkfs.ext4 /dev/mapper/home
+        mkdir /mnt/sys/home
+        mount "/dev/mapper/home" /mnt/sys/home
+    fi
+else
+    mkswap $swap
+    swapon $swap
+    mkfs.ext4 $root
+    mkdir /mnt/sys
+    mount $root /mnt/sys
+    if [ "$home_s" = "y" ]; then
+        mkfs.ext4 $home
+        mkdir /mnt/sys/home
+        mount "/dev/mapper/home" /mnt/sys/home
+    fi
 fi
 
-mkdir /mnt/sys
-mount /dev/mapper/root /mnt/sys
 mkdir /mnt/sys/boot
 mount "$boot" /mnt/sys/boot
 
+clear
+
 pacstrap /mnt/sys base linux linux-firmware base-devel git nano sudo
 genfstab -U /mnt/sys >> /mnt/sys/etc/fstab
 
+clear
+
 # Run on chrooted arch install
 mkdir /mnt/sys/install
+
 cp -r /root/.keys /mnt/sys/root
 curl https://raw.githubusercontent.com/theFr1nge/dotfiles/main/arch-setup/packages.minimal > /mnt/sys/install/packages.minimal
 curl https://raw.githubusercontent.com/theFr1nge/dotfiles/main/arch-setup/packages.full > /mnt/sys/install/packages.full
@@ -118,5 +142,10 @@ else
     echo -en "$boot\n$root\n$swap" > /mnt/sys/install/device
 fi
 
+
+if [ ! "$encryption" = "n" ]; then
+    touch /mnt/sys/install/encrypted
+fi
+
 pacman -Sy --noconfirm tmux
 tmux new-session -s "arch-setup" 'arch-chroot /mnt/sys /install/chroot.sh'

arch-setup/chroot.sh

@@ -1,5 +1,7 @@
 #!/bin/bash
 
+ln -sf /bin/bash /bin/sh
+
 if [ ! -f "/install/device" ]; then
     mkdir -p /install
     echo "Now you will specify the partitions you have created"
@@ -26,6 +28,8 @@ if [ ! -f "/install/device" ]; then
     fi
 fi
 
+clear
+
 boot=$(head -n 1 /install/device | tail -n 1)
 root=$(head -n 2 /install/device | tail -n 1)
 swap=$(head -n 3 /install/device | tail -n 1)
@@ -44,6 +48,7 @@ if [ ! -f "/tmp/.blackarch" ]; then
     /tmp/strap.sh
     touch /tmp/.blackarch
 fi
+clear
 echo "Please enter hostname: "
 read hostname
 echo $hostname > /etc/hostname
@@ -52,12 +57,14 @@ echo "Please enter name for regular user:"
 read username
 
 useradd -m $username
+echo "Set password for user $username: "
+passwd $username
 usermod -aG wheel $username
 
-systemctl enable fstrim.timer
 
 echo -e "127.0.0.1 localhost\n::1 localhost\n127.0.0.1 $hostname.localdomain $hostname" > /etc/hosts
 
+if [ -f "/install/encrypted" ]; then
 cat << EOF > /etc/initcpio/hooks/openswap
 run_hook ()
 {
@@ -127,6 +134,14 @@ FILES=()
 HOOKS=(base udev plymouth autodetect keyboard keymap consolefont modconf block plymouth-encrypt openswap resume filesystems fsck)
 EOF
 fi
+else
+cat << EOF > /etc/mkinitcpio.conf
+MODULES=(vfat i915)
+BINARIES=()
+FILES=()
+HOOKS=(base udev plymouth autodetect keyboard keymap consolefont modconf block plymouth resume filesystems fsck)
+EOF
+fi
 
 pacman --noconfirm -R vim
 
@@ -137,6 +152,7 @@ blkid | while IFS= read -r i; do
     ((line=line+1))
 done
 
+if [ -f "/install/encrypted" ]; then
 echo "Please select the device you will save the LUKS key to:"
 read keydev
 
@@ -144,25 +160,34 @@ uuid=$(blkid | sed -n 's/.*UUID=\"\([^\"]*\)\".*/\1/p'  | sed -n "$keydev"p)
 cat << EOF > /boot/refind_linux.conf
 "Boot with encryption"  "root=/dev/mapper/root resume=/dev/mapper/swap cryptdevice=UUID=$(blkid -s UUID -o value $root):root:allow-discards cryptkey=UUID=$uuid:vfat:key.yeet rw loglevel=3 quiet splash"
 EOF
+clear
+else
+cat << EOF > /boot/refind_linux.conf
+"Boot with encryption"  "root=UUID=$(blkid -s UUID -o value $root) resume=UUID=$(blkid -s UUID -o value $swap) rw loglevel=3 quiet splash"
+EOF
+fi
 
 mkdir -p /etc/sudoers.d
 echo "$username $hostname =NOPASSWD: /usr/bin/systemctl poweroff,/usr/bin/systemctl halt,/usr/bin/systemctl reboot,/usr/bin/systemctl hibernate" >> /etc/sudoers.d/wheel
 echo "Defaults env_reset,pwfeedback" >> /etc/sudoers.d/wheel
 echo "%wheel ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/nopwd
 
-echo "Set password for user $username: "
-passwd $username
 
 sudo -u $username bash -c "git clone https://aur.archlinux.org/yay.git /tmp/yay"
 sudo -u $username bash -c "(cd /tmp/yay; makepkg --noconfirm -si)"
 sudo -u $username bash -c "yay --noconfirm -S plymouth"
 
+clear
+
 refind-install
 
+clear
 
 sudo -u $username bash -c "git clone --recurse-submodules https://github.com/theFr1nge/dotfiles.git ~/.dotfiles"
 sudo -u $username bash -c "(cd ~/.dotfiles; ./install.sh)"
 
+clear
+
 git clone https://github.com/adi1090x/plymouth-themes.git /tmp/pthemes
 
 cat << EOF > /etc/plymouth/plymouthd.conf
@@ -171,25 +196,35 @@ Theme=sphere
 ShowDelay=0
 DeviceTimeout=8
 EOF
+
 cp -r /tmp/pthemes/pack_4/sphere /usr/share/plymouth/themes
 
 echo -e "/boot/EFI/refind\n2\n2" | sudo bash -c "$(curl -fsSL https://raw.githubusercontent.com/bobafetthotmail/refind-theme-regular/master/install.sh)"
 
 systemctl enable NetworkManager
 systemctl enable ly
+systemctl enable fstrim.timer
 systemctl enable cronie
 
+clear
+
 mkinitcpio -P
 
-vim /etc/fstab
+if [ -f "/install/encrypted" ]; then
+    vim /etc/fstab
+fi
 pacman -R nano # uninstall nano, eww
 
+clear
+
 rm -rf /etc/sudoers.d/nopwd
 echo "%wheel ALL=(ALL) ALL" >> /etc/sudoers.d/wheel
 
 rm -rf /bin/sh
 ln -sf /bin/dash /bin/sh
 
+clear
+
 echo "SETUP COMPLETE"
 bash
 rm -rf /install

install.sh

@@ -135,7 +135,10 @@ cd ~/.dotfiles/browser/startpage
 npm install
 npm run build
 cd $prev
-~/.dotfiles/arch-setup/fetch_keys.sh # Fetch keys (For personal use, this is not for you)
+
+if [ "$username" = "yigit" ]; then
+  ~/.dotfiles/arch-setup/fetch_keys.sh # Fetch keys (For personal use, this is not for you)
+fi
 
 # Install vim and tmux plugins
 mkdir -p ~/.tmux/plugins