#!/bin/sh set -e _red="$(printf "\033[1;31m")" _yellow="$(printf "\033[1;33m")" _green="$(printf "\033[1;32m")" _clear="$(printf "\033[0m")" _disk="${INSTALLATION_DISK:-}" _cryptname="${CRYPTDEVICE_NAME:-root}" _install_path="${INSTALL_PATH:-/mnt}" _mnt="${_install_path}" _tz="${TZ:-America/New_York}" _hostname="${INSTALL_HOSTNAME:-arch}" PACSTRAP="${PACSTRAP:-yes}" DISK_SETUP="${DISK_SETUP:-yes}" CONFIGURE="${CONFIGURE:-yes}" echo "############################################################" echo "INSTALL PROCESS" echo "############################################################" echo echo "We're going to keep this short and to the point" echo "First the overview, here's the process:" echo echo " * Select the disk to install to. Ideally, remove all disks you don't want touched" echo " * Set the encryption passphrase. ${_red}THERE IS NO RECOVERY IF YOU LOSE IT${_clear}" echo " * Reboot into your new system" echo echo echo "No alternative parition layouts are supported, no dual booting to the same drive." echo "If you want these things, feel free to install Arch by hand, you're on your own" echo echo if [ "$DISK_SETUP" = yes ]; then _disk= echo "Select a disk from the list:" if [ "$(lsblk -N | wc -l)" -gt 1 ] ; then echo "NVME:" lsblk -N | sed -re "s/^(nvme[^ ]*)/$_green\1$_clear/g" else printf '%s' "$_yellow" echo "Warning: No NVME drives found on this system." printf '%s' "$_clear" fi if [ "$(lsblk -S | wc -l)" -gt 1 ] ; then echo "SCSI:" lsblk -S | sed -re "s/^(sd[^ ]*)/$_green\1$_clear/g" fi if [ "$(lsblk -v | wc -l)" -gt 1 ] ; then echo "Virtio:" lsblk -v | sed -re "s/^(vio[^ ]*)/$_green\1$_clear/g" fi if [ "$(lsblk -S | wc -l)" -lt 2 ] && [ "$(lsblk -N | wc -l)" -lt 2 ] && [ "$(lsblk -v | wc -l)" -lt 2 ]; then printf '%s' "$_red" echo No suitable drives for installation found, exiting printf '%s' "$_clear" exit 1 fi while true ; do printf "Which disk to use for installation (green): " read -r _disk printf "%s" "Selected disk ${_yellow}$_disk${_clear} Are you sure you want to ${_red}delete everything${_clear}? (type \"YES\" in caps): $_clear" read -r resp case $resp in YES) break;; *) continue ;; esac done if [ -b "$_disk" ] ; then true elif [ -b "/dev/$_disk" ] ; then _disk="/dev/$_disk" else echo Neither "$_disk" or /dev/"$_disk" appear to be valid block devices, exiting exit 1 fi _part1="${_disk}1" _part2="${_disk}2" _part3="${_disk}3" if echo "$_disk" | grep "nvme" ; then _part1="${_disk}p1" _part2="${_disk}p2" _part3="${_disk}p3" fi set -x wipefs -a "$_disk" sgdisk --zap-all "$_disk" sgdisk --hybrid "$_disk" sgdisk \ --new=1::+1G --typecode=1:ef00 \ --new=2::+2G --typecode=2:8300 \ --largest-new=3 --typecode=3:8e00 \ "$_disk" partprobe >/dev/null 2>&1 || echo "" mkfs.vfat -F 32 "$_part1" mkfs.ext4 "$_part2" set +x echo "You will now enter your passphrase for ${_red}disk encryption${_clear}: " cryptsetup luksFormat "$_part3" _part3_uuid="$(blkid -o json "$_part3" | jq -r .uuid | tr -d '\n')" if [ -z "$_part3_uuid" ] ; then echo "${_red}Unable to find UUID for partition 3, bailing${_clear}" exit 1 fi echo "We're now going to unlock that disk with the same passhrase: " cryptsetup luksOpen "$_part3" "$_cryptname" set -x mkfs.btrfs /dev/mapper/"$_cryptname" mount /dev/mapper/"$_cryptname" "$_mnt" cd "$_mnt" btrfs sub create root btrfs sub create home cd - umount /dev/mapper/"$_cryptname" mount -o subvol=root,compress=zstd /dev/mapper/"$_cryptname" "$_mnt" mkdir -p "$_mnt"/home mount -o subvol=home,compress=zstd /dev/mapper/"$_cryptname" "$_mnt"/home mkdir -p "$_mnt"/boot mount "$_part2" "$_mnt"/boot mkdir -p "$_mnt"/boot/efi mount "$_part1" "$_mnt"/boot/efi fi # DISK_SETUP do_edit() { printf "Edit \"$1\" ? : " read -r resp case $resp in Y|y) arch-chroot "${_install_path}" nvim "$1" ;; *) ;; esac } do_chroot() { arch-chroot "$_install_path" "$@" } pacman-key --init pacman-key --populate # TODO: all the same packages as the ISO if [ $PACSTRAP = yes ] ; then pacstrap -K "$_install_path" \ arch-install-scripts \ base \ base-devel \ btrfs-progs \ cryptsetup \ dosfstools \ e2fsprogs \ efibootmgr \ git \ gptfdisk \ grub \ linux \ linux-firmware \ linux-firmware-marvell \ lvm2 \ networkmanager \ nvim \ sof-firmware \ tmux \ xfsprogs \ fi if [ "$CONFIGURE" = yes ] ; then genfstab -U "$_install_path" > "${_install_path}/etc/fstab" # do_edit /etc/fstab # do_edit /etc/locale.gen sed -i -e '/^en_US.UTF-8 UTF-8$/d' "${_install_path}/etc/locale.gen" echo "en_US.UTF-8 UTF-8" >> "${_install_path}/etc/locale.gen" do_chroot locale-gen do_chroot ln -sf "/usr/share/zoneinfo/$_tz" /etc/localtime sed -i \ -e 's/^HOOKS=.*$/HOOKS=(base udev autodetect microcode modconf kms keyboard block keymap encrypt lvm2 consolefont filesystems fsck)/g' \ "${_install_path}/etc/mkinitcpio.conf" # do_edit /etc/mkinitcpio.conf do_chroot mkinitcpio -p linux sed -i \ -e 's/^GRUB_CMDLINE_LINUX_DEFAULT=.*$/GRUB_CMDLINE_LINUX_DEFAULT=""/' \ "${_install_path}"/etc/default/grub sed -i \ -e 's@^GRUB_CMDLINE_LINUX=.*$@GRUB_CMDLINE_LINUX="cryptdevice=UUID='"$_part3_uuid"':'"$_cryptname"'"@g' \ "${_install_path}"/etc/default/grub # do_edit /etc/default/grub # Make this bootable directly as removable media do_chroot grub-install --target=x86_64-efi --removable --efi-directory=/boot/efi # But also add an entry to the uEFI, and set it as default do_chroot grub-install --target=x86_64-efi --efi-directory=/boot/efi do_chroot grub-mkconfig -o /boot/grub/grub.cfg do_chroot passwd fi # CONFIGURE