diff --git a/0-preinstall.sh b/0-preinstall.sh index 4694b68..9e627a4 100644 --- a/0-preinstall.sh +++ b/0-preinstall.sh @@ -19,7 +19,7 @@ timedatectl set-ntp true pacman -S --noconfirm pacman-contrib terminus-font setfont ter-v22b sed -i 's/^#Para/Para/' /etc/pacman.conf -pacman -S --noconfirm reflector rsync +pacman -S --noconfirm reflector rsync grub cp /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.backup echo -e " - -----------------------------------------------------------------------------------" echo -e " ▀███▀▀▀██▄ ██ ██ ██ ███ " @@ -54,31 +54,26 @@ echo "--------------------------------------" # disk prep sgdisk -Z ${DISK} # zap all on disk -#dd if=/dev/zero of=${DISK} bs=1M count=200 conv=fdatasync status=progress sgdisk -a 2048 -o ${DISK} # new gpt disk 2048 alignment # create partitions -sgdisk -n 1:0:+1000M ${DISK} # partition 1 (UEFI SYS), default start block, 512MB -sgdisk -n 2:0:0 ${DISK} # partition 2 (Root), default start, remaining - -# set partition types -sgdisk -t 1:ef00 ${DISK} -sgdisk -t 2:8300 ${DISK} - -# label partitions -sgdisk -c 1:"UEFISYS" ${DISK} -sgdisk -c 2:"ROOT" ${DISK} +sgdisk -n 1::+1M --typecode=1:ef02 --change-name=1:'BIOSBOOT' ${DISK} # partition 1 (BIOS Boot Partition) +sgdisk -n 2::+100M --typecode=2:ef00 --change-name=2:'EFIBOOT' ${DISK} # partition 2 (UEFI Boot Partition) +sgdisk -n 3::-0 --typecode=3:8300 --change-name=3:'ROOT' ${DISK} # partition 3 (Root), default start, remaining +if [[ ! -d "/sys/firmware/efi" ]]; then + sgdisk -A 1:set:2 ${DISK} +fi # make filesystems echo -e "\nCreating Filesystems...\n$HR" if [[ ${DISK} =~ "nvme" ]]; then -mkfs.vfat -F32 -n "UEFISYS" "${DISK}p1" -mkfs.btrfs -L "ROOT" "${DISK}p2" -f -mount -t btrfs "${DISK}p2" /mnt +mkfs.vfat -F32 -n "EFIBOOT" "${DISK}p2" +mkfs.btrfs -L "ROOT" "${DISK}p3" -f +mount -t btrfs "${DISK}p3" /mnt else -mkfs.vfat -F32 -n "UEFISYS" "${DISK}1" -mkfs.btrfs -L "ROOT" "${DISK}2" -f -mount -t btrfs "${DISK}2" /mnt +mkfs.vfat -F32 -n "EFIBOOT" "${DISK}2" +mkfs.btrfs -L "ROOT" "${DISK}3" -f +mount -t btrfs "${DISK}3" /mnt fi ls /mnt | xargs btrfs subvolume delete btrfs subvolume create /mnt/@ @@ -96,7 +91,7 @@ esac mount -t btrfs -o subvol=@ -L ROOT /mnt mkdir /mnt/boot mkdir /mnt/boot/efi -mount -t vfat -L UEFISYS /mnt/boot/ +mount -t vfat -L EFIBOOT /mnt/boot/ if ! grep -qs '/mnt' /proc/mounts; then echo "Drive is not mounted can not continue" @@ -113,20 +108,13 @@ pacstrap /mnt base base-devel linux-hardened linux-firmware vim nano sudo archli genfstab -U /mnt >> /mnt/etc/fstab echo "keyserver hkp://keyserver.ubuntu.com" >> /mnt/etc/pacman.d/gnupg/gpg.conf echo "--------------------------------------" -echo "-- Bootloader Systemd Installation --" +echo "-- GRUB Bootloader Installation --" echo "--------------------------------------" -bootctl install --esp-path=/mnt/boot -sudo cp /boot/loader/entries/arch.conf /boot/loader/entries/arch-hardened.conf -sudo sed -i 's|Arch Linux|Arch Linux Hardened Kernel|g' /boot/loader/entries/arch-hardened.conf -sudo sed -i 's|vmlinuz-linux-hardened|vmlinuz-linux-lts|g' /boot/loader/entries/arch-hardened.conf -sudo sed -i 's|initramfs-linux.img|initramfs-linux-hardened.img|g' /boot/loader/entries/arch-hardened.conf -#[ ! -d "/mnt/boot/loader/entries" ] && mkdir -p /mnt/boot/loader/entries -#cat < /mnt/boot/loader/entries/arch.conf -#title Arch Linux -#linux /vmlinuz-linux-hardened -#initrd /initramfs-linux-hardened.img -#options root=LABEL=ROOT rw rootflags=subvol=@ -#EOF +if [[ ! -d "/sys/firmware/efi" ]]; then + grub-install --boot-directory=/mnt/boot ${DISK} +else + grub-install --efi-directory=/mnt/boot ${DISK} +fi cp -R ${SCRIPT_DIR} /mnt/root/BetterArch cp /etc/pacman.d/mirrorlist /mnt/etc/pacman.d/mirrorlist echo "--------------------------------------" diff --git a/1-setup.sh b/1-setup.sh index 6df698c..deb5593 100644 --- a/1-setup.sh +++ b/1-setup.sh @@ -32,7 +32,6 @@ sudo sed -i 's/#MAKEFLAGS="-j2"/MAKEFLAGS="-j$nc"/g' /etc/makepkg.conf echo "Changing the compression settings for "$nc" cores." sudo sed -i 's/COMPRESSXZ=(xz -c -z -)/COMPRESSXZ=(xz -c -T $nc -z -)/g' /etc/makepkg.conf fi - echo "-------------------------------------------------" echo " Setup Language to US and set locale " echo "-------------------------------------------------" @@ -84,6 +83,7 @@ PKGS=( 'bluedevil' 'bluez' 'bluez-libs' +'bluez-utils' 'breeze' 'breeze-gtk' 'bridge-utils' @@ -97,12 +97,14 @@ PKGS=( 'discover' 'dolphin' 'dosfstools' +'dtc' 'efibootmgr' # EFI boot 'egl-wayland' -'element-desktop-git' # Matrix client 'exfat-utils' 'fail2ban' # Intrusion prevention 'flameshot' +'extra-cmake-modules' +'filelight' 'flex' 'fuse2' 'fuse3' @@ -121,16 +123,24 @@ PKGS=( 'gst-libav' 'gst-plugins-good' 'gst-plugins-ugly' +'gwenview' 'haveged' 'htop' 'iptables-nft' 'jdk-openjdk' # Java 17 'kate' +'kcodecs' +'kcoreaddons' +'kde-plasma-addons' +'kinfocenter' +'kscreen' 'kvantum-qt5' 'kde-gtk-config' 'kitty' 'konsole' +'kscreen' 'layer-shell-qt' +'libdvdcss' 'libnewt' 'libtool' 'linux-firmware' @@ -158,11 +168,16 @@ PKGS=( 'patch' 'picom' 'pkgconf' +'plasma-nm' +'powerdevil' 'powerline-fonts' 'print-manager' 'pulseaudio' 'pulseaudio-alsa' 'pulseaudio-bluetooth' +'python-notify2' +'python-psutil' +'python-pyqt5' 'python-pip' 'protonvpn' 'qemu' @@ -236,14 +251,14 @@ fi echo -e "\nDone!\n" if ! source install.conf; then read -p "Please enter username:" username -echo "username=$username" >> ${HOME}/BetterArch/install.conf +echo "username=$username" >> ${HOME}/ArchTitus/install.conf fi if [ $(whoami) = "root" ]; then useradd -m -G wheel,libvirt -s /bin/bash $username passwd $username - cp -R /root/BetterArch /home/$username/ - chown -R $username: /home/$username/BetterArch + cp -R /root/ArchTitus /home/$username/ + chown -R $username: /home/$username/ArchTitus read -p "Please name your machine:" nameofmachine echo $nameofmachine > /etc/hostname else diff --git a/2-user.sh b/2-user.sh index 8b478cc..68864f5 100755 --- a/2-user.sh +++ b/2-user.sh @@ -34,6 +34,7 @@ PKGS=( 'github-desktop-bin' # Github Desktop sync 'intellij-idea-community-edition' 'lightly-git' +'lightlyshaders-git' 'mangohud' # Gaming FPS Counter 'mangohud-common' 'nerd-fonts-fira-code' diff --git a/3-post-setup.sh b/3-post-setup.sh index 51798e7..a9e2567 100644 --- a/3-post-setup.sh +++ b/3-post-setup.sh @@ -12,32 +12,31 @@ #------------------------------------------------------------------------------------ echo -e "\nFINAL SETUP AND CONFIGURATION" +grub-mkconfig -o /boot/grub/grub.cfg + # ------------------------------------------------------------------------ echo -e "\nEnabling Login Display Manager" - -sudo systemctl enable sddm.service - +systemctl enable sddm.service echo -e "\nSetup SDDM Theme" - -sudo cat < /etc/sddm.conf +cat < /etc/sddm.conf [Theme] Current=Nordic EOF # ------------------------------------------------------------------------ -sudo ufw limit 22/tcp -sudo ufw default deny incoming -sudo ufw default allow outgoing +ufw limit 22/tcp +ufw default deny incoming +ufw default allow outgoing # --- Harden /etc/sysctl.conf -sudo sysctl kernel.modules_disabled=1 -sudo sysctl -a -sudo sysctl -A -sudo sysctl mib -sudo sysctl net.ipv4.conf.all.rp_filter -sudo sysctl -a --pattern 'net.ipv4.conf.(eth|wlan)0.arp' +sysctl kernel.modules_disabled=1 +sysctl -a +sysctl -A +sysctl mib +sysctl net.ipv4.conf.all.rp_filter +sysctl -a --pattern 'net.ipv4.conf.(eth|wlan)0.arp' # --- PREVENT IP SPOOFS cat < /etc/host.conf @@ -54,13 +53,12 @@ sudo cp fail2ban.local /etc/fail2ban/ echo -e "\nEnabling essential services" systemctl enable cups.service -sudo ntpd -qg -sudo systemctl enable ntpd.service -sudo systemctl disable dhcpcd.service -sudo systemctl stop dhcpcd.service -sudo systemctl enable NetworkManager.service -sudo systemctl enable bluetooth -sudo systemctl enable ufw -sudo systemctl enable fail2ban -sudo systemctl start fail2ban -#sudo systemctl enable --now portmaster +ntpd -qg +systemctl enable ntpd.service +systemctl disable dhcpcd.service +systemctl stop dhcpcd.service +systemctl enable NetworkManager.service +systemctl enable bluetooth +systemctl enable ufw +systemctl enable fail2ban +systemctl start fail2ban