From f4373a9cae8e3e0c722c5cfa1ab28701b7149ee4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=A9mie=20SALVI?=
 <jeremie.salvi@unixyourbrain.org>
Date: Fri, 12 Jul 2024 11:47:32 +0200
Subject: [PATCH] arch install scripts

---
 README.md              |  7 ++++
 archinstall/README.md  | 22 ++++++++++
 archinstall/install.sh | 91 ++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 120 insertions(+)
 create mode 100644 README.md
 create mode 100644 archinstall/README.md
 create mode 100755 archinstall/install.sh

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..63094ff
--- /dev/null
+++ b/README.md
@@ -0,0 +1,7 @@
+# ArchLinux Installation and Customisation
+
+This scripts will help you to install and configure archlinux
+
+## Disk partitionning
+
+Arch will be installed on the same disk with btrfs suvolumes for partitions
\ No newline at end of file
diff --git a/archinstall/README.md b/archinstall/README.md
new file mode 100644
index 0000000..f6dd9bf
--- /dev/null
+++ b/archinstall/README.md
@@ -0,0 +1,22 @@
+# Arch install script
+
+## How to
+
+- Change DISK variable to the install.sh script with your favourite editor.
+- Launch script
+
+## For testing purpose (kvm only)
+
+You can share filesystem from host to guest :
+
+Share scripts :
+
+```
+mount -t 9p scripts /opt
+```
+
+Share pacman cache :
+
+```
+mount -t 9p pkg /var/cache/pacman/pkg
+```
diff --git a/archinstall/install.sh b/archinstall/install.sh
new file mode 100755
index 0000000..45500e5
--- /dev/null
+++ b/archinstall/install.sh
@@ -0,0 +1,91 @@
+#!/bin/bash
+
+DISK="/dev/vda"
+MOUNTOPTS="defaults,ssd,compress=zstd,autodefrag,noatime"
+PASSWORD="root"
+
+set -e
+
+# Format disk
+sgdisk --clear \
+  --new=1:0:+1024MiB --typecode=1:ef00 --change-name=1:EFI \
+  --new=2:0:0        --typecode=2:8309 --change-name=2:SYS \
+  "$DISK"
+partprobe "$DISK"
+
+#Create Luks partition
+printf "%s\n" "$PASSWORD" | cryptsetup --batch-mode --verify-passphrase luksFormat /dev/disk/by-partlabel/SYS
+printf "%s\n" "$PASSWORD" | cryptsetup open /dev/disk/by-partlabel/SYS rootfs
+
+#Create filesystem
+mkfs.fat -F32 -n efi /dev/disk/by-partlabel/EFI
+mkfs.btrfs -f --label root /dev/mapper/rootfs
+
+#Create btrfs subvolumes
+mount -o $MOUNTOPTS /dev/mapper/rootfs /mnt
+cd /mnt
+btrfs subvolume create @
+btrfs subvolume create @readonly
+btrfs subvolume create @root
+btrfs subvolume create @home
+btrfs subvolume create @var
+cd
+umount /mnt
+
+#Mount volumes
+mount --mkdir -o $MOUNTOPTS,subvol=@ /dev/mapper/rootfs /mnt
+mount --mkdir -o $MOUNTOPTS,subvol=@readonly /dev/mapper/rootfs /mnt/readonly
+mount --mkdir -o $MOUNTOPTS,subvol=@root /dev/mapper/rootfs /mnt/root
+mount --mkdir -o $MOUNTOPTS,subvol=@home /dev/mapper/rootfs /mnt/home
+mount --mkdir -o $MOUNTOPTS,subvol=@var /dev/mapper/rootfs /mnt/var
+mount --mkdir /dev/disk/by-partlabel/EFI /mnt/boot
+
+#Init pacman keys
+pacman-key --init
+pacman-key --populate
+pacman -Sy
+
+##Install base
+pacstrap -c -K /mnt \
+    base \
+  base-devel \
+  linux \
+  linux-firmware \
+  intel-ucode \
+  efibootmgr \
+  btrfs-progs \
+  neovim \
+  bash-completion \
+  openssh \
+  git
+
+#Generate fstab
+genfstab -U /mnt | sed "s/subvolid=[0-9]\{3\},//" > /mnt/etc/fstab
+
+cd /mnt/bin
+ln -s nvim vi
+cd
+
+#configure minitcpio
+sed -i "/^HOOKS/s|block|block encrypt btrfs|" /mnt/etc/mkinitcpio.conf
+sed -i "s|^BINARIES.*|BINARIES=\(btrfs\)|" /mnt/etc/mkinitcpio.conf
+
+printf "cryptdevice=UUID=%s:rootfs root=UUID=%s rootflags=subvol=@ rw initrd=\\intel-ucode.img initrd=\\initramfs-linux.img loglevel=3 vt.default_red=40,224,152,229,97,198,86,171,40,224,152,229,97,198,86,171 vt.default_grn=44,108,195,192,175,120,182,178,44,108,195,192,175,120,182,178 vt.default_blu=52,117,121,123,239,221,194,191,52,117,121,123,239,221,194,191 intel_iommu=on iommu=pt" \
+  "$(blkid --match-token PARTLABEL=SYS -s UUID -o value)" \
+  "$(blkid --match-token LABEL=root -s UUID -o value)" \
+  > /mnt/etc/kernel/cmdline
+
+sed -i 's|^#default_uki.*|default_uki="/boot/arch-linux.efi"|' /mnt/etc/mkinitcpio.d/linux.preset
+sed -i "s|^#default_options|default_options|" /mnt/etc/mkinitcpio.d/linux.preset
+
+arch-chroot /mnt mkinitcpio -P
+
+efibootmgr --create --disk /dev/vda --part 1 --label "Arch Linux" --loader 'arch-linux.efi'
+
+sed -i "s|^#PermitRootLogin.*|PermitRootLogin yes|" /mnt/etc/ssh/sshd_config
+
+systemctl enable sshd.service systemd-networkd.service systemd-timesyncd.service systemd-resolved.service
+sed -i 's|root:|root:$y$j9T$3YRxaoJejVW5Dkn60sKFy1$DPB9WlmivJ4BClaiVz8BOJV8MMp.ZCCz.EHehKH6II3:19916::::::|' /mnt/etc/shadow
+
+#umount -R /mnt
+#cryptsetup close rootfs