Refactored and parametrisiert

2023-04-02 20:52:09 +02:00 · 2023-04-02 20:52:09 +02:00 · 5a30c9be5f
commit 5a30c9be5f
parent 1f6d7f3829
4 changed files with 166 additions and 75 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,3 @@
 *.swp
 temp
+temp.sh
--- a/base.sh
+++ b/base.sh
@ -1,8 +1,10 @@
 #!/bin/bash
 # Vor Reboot
-echo "Select Prozessor Vendor:"
+echo "Select Prozessor Vendor (Defaults to no ucode):"
 echo "1) AMD 2) Intel 3) Other(no ucode)"
 read -r vendor
+: "${vendor:=3}"
+
 if [[ $vendor == 1 ]]; then
  echo "AMD"
  ucode="amd-ucode"
@ -17,39 +19,101 @@ else
  exit 1
 fi

-echo "Select Kernel"
-echo "1) Linux 2) Linux+lts 3) Linux+zen 4) Linux+zen+lts 5) zen+lts"
+echo "Select Kernel (Defaults to Linux):"
+echo "1) Linux 2) Linux LTS 3) Linux Zen"
 read -r kernel
+: "${kernel:=1}"

-if [[ $kernel == 1 ]]; then
+tempString="";
+for range in ${kernel//,/ }; do
+	tempString="$tempString{${range//-/..}}";
+done;
+tempString=${tempString//\}{/\} {};
+tempString=$(echo $tempString | tr [:blank:] '\n' | sed 's/{\([0-9]\{1,2\}\)}/\1/' | tr '\n' ',');
+tempString=${tempString/%,/};
+result="";
+for range2 in ${tempString//,/ }; do
+	result+=$(eval echo $range2);
+	result+=";";
+done;
+result=${result/%;};
+result=${result//;/ };
+echo $result
+
+for index in ${result}; do
+  echo -n "Ausgewählt: "
+	case $index in
+		*1*)
      echo "Linux"
-  selectedKernel="linux"
-  header="linux-headers"
-elif [[ $kernel == 2 ]]; then
-  echo "Linux/Linux LTS"
-  selectedKernel="linux linux-lts"
-  header="linux-headers linux-lts-headers"
-elif [[ $kernel == 3 ]]; then
-  echo "Linux/Linux Zen"
-  selectedKernel="linux linux-zen"
-  header="linux-headers linux-zen-headers"
-elif [[ $kernel == 4 ]]; then
-  echo "Linux/Linux LTS/Linux Zen"
-  selectedKernel="linux linux-lts linux-zen"
-  header="linux-headers linux-lts-headers linux-zen-headers"
-elif [[ $kernel == 5 ]]; then
-  echo "Linux LTS/Linux Zen"
-  selectedKernel="linux-lts linux-zen"
-  header="linux-lts-headers linux-zen-headers"
-else
-  echo "no Kernel selectet, aborting"
+      selectedKernel+="linux "
+      header+="linux-headers "
+      ;;
+		*2*)
+      echo "Linux LTS"
+      selectedKernel+="linux-lts "
+      header+="linux-lts-headers "
+      ;;
+		*3*)
+      echo "Linux Zen"
+      selectedKernel+="linux-zen "
+      header+="linux-zen-headers "
+      ;;
+		*) echo "Error, aborting" ;;
+	esac
+done
+
+#if [[ $kernel == 1 ]]; then
+#  echo "Linux"
+#  selectedKernel="linux"
+#  header="linux-headers"
+#elif [[ $kernel == 2 ]]; then
+#  echo "Linux/Linux LTS"
+#  selectedKernel="linux linux-lts"
+#  header="linux-headers linux-lts-headers"
+#elif [[ $kernel == 3 ]]; then
+#  echo "Linux/Linux Zen"
+#  selectedKernel="linux linux-zen"
+#  header="linux-headers linux-zen-headers"
+#elif [[ $kernel == 4 ]]; then
+#  echo "Linux/Linux LTS/Linux Zen"
+#  selectedKernel="linux linux-lts linux-zen"
+#  header="linux-headers linux-lts-headers linux-zen-headers"
+#elif [[ $kernel == 5 ]]; then
+#  echo "Linux LTS/Linux Zen"
+#  selectedKernel="linux-lts linux-zen"
+#  header="linux-lts-headers linux-zen-headers"
+#else
+#  echo "no Kernel selectet, aborting"
+#  exit 1
+#fi
+
+read -r -p "Passwort für Root :" rootpw
+: "${rootpw:=test}"
+if [[ $rootpw == "" ]]; then
+  echo "Kein Passwort für Root vergeben, breche ab"
+  exit 1
+fi
+
+read -r -p "Nutzername: " nutzername
+: "${nutzername:=eichehome}"
+if [[ $nutzername == "" ]]; then
+  echo "Kein Nutzername eingegeben, breche ab"
+  exit 1
+fi
+
+read -r -p "Passwort für $nutzername: " nutzerpw
+: "${nutzerpw:=testen}"
+if [[ $rootpw == "" ]]; then
+  echo "Kein Passwort für $nutzername vergeben, breche ab"
  exit 1
 fi

 echo "General configuration:"
-echo "1) Server (Systemd-networkd, no graphics card) 2) Laptop/Desktop (Networkmanager, Graphics Card)"
+echo "1) Server (Systemd-networkd, no graphics card) 2) Laptop/Desktop (Networkmanager(iwd), Graphics Card, GNOME)"
 read -r configuration

+: "${configuration:=2}"
+
 if [[ $configuration == 2 ]]; then
  echo "Laptop/Desktop"
  echo ""
@ -94,16 +158,21 @@ echo "arch" >> /etc/hostname
 echo "127.0.0.1	localhost" > /etc/hosts
 echo "::1	localhost" >> /etc/hosts
 echo "127.0.1.1	arch.localedomain	arch" >> /etc/hosts
-echo root:test | chpasswd
+echo root:"${rootpw}" | chpasswd


-pacman -S $selectedKernel "$ucode"
-pacman -S base-devel $header
+pacman -S ${selectedKernel} "${ucode}"
+pacman -S base-devel ${header}

-pacman -S iwd dialog reflector xdg-user-dirs xdg-utils inetutils ldns bash-completion openssh rsync iptables-nft ipset firewalld lynx
+pacman -S iwd dialog reflector xdg-user-dirs xdg-utils inetutils ldns bash-completion openssh rsync iptables-nft ipset firewalld lynx man-db man-pages texinfo opendoas

-pacman -S networkmanager
-#Idee: ppp bluez(hier) modemmanager polkit(?)
+echo "permit :wheel" > /etc/doas.conf
+echo "permit persist eichehome as root" >> /etc/doas.conf
+echo "" >> /etc/doas.conf
+doas -C /etc/doas.conf && echo "config ok" || echo "config error"
+read -r -p "Continue? (Y/N): " confirm && [[ $confirm == [yY] || $confirm == [yY][eE][sS] ]] && pacman -R sudo || echo "do not forget to check doas.conf and remove sudo afterwards"
+
+#Idee: ppp polkit(?)

 pacman -S efibootmgr mtools dosfstools

@ -120,20 +189,28 @@ if [[ $configuration == 1 ]]; then
  # Netzwerk
  # Ethernet
  echo "Ethernet"
-  ethernet_network=$(find / -type f -name 20-ethernet.network | grep configs)
-  cp "$ethernet_network" /etc/systemd/network/
+  #ethernet_network=$(find / -type f -name 20-ethernet.network | grep configs)
+  cp "$(find "${PWD}" -type f -name )" /etc/systemd/network/
  # Wlan
  echo "WLAN"
-  wlan_network=$(find / -type f -name 20-wlan.network | grep configs)
-  cp "$wlan_network" /etc/systemd/network/
+  #wlan_network=$(find / -type f -name 20-wlan.network | grep configs)
+  cp "$(find "${PWD}" -type f -name )" /etc/systemd/network/
  # Wwan (Mobilefunk)
  echo "Mobilfunk"
-  wwan_network=$(find / -type f -name 20-wwan.network | grep configs)
-  cp "$wwan_network" /etc/systemd/network/
+  #wwan_network=$(find / -type f -name 20-wwan.network | grep configs)
+  cp "$(find "${PWD}" -type f -name )" /etc/systemd/network/
 elif [[ $configuration == 2 ]]; then
+  pacman -S gnome gdm fwupd networkmanager modemmanager avahi bluez bluez-utils sshfs pipewire pipewire-audio pipewire-alsa pipewire-pulse pipewire-jack pipewire-zeroconf pipewire-v4l2 wireplumber gstreamer gst-plugin-pipewire gst-libav gst-plugins-good gst-plugins-base gst-plugins-vaapi gnome-software-packagekit-plugin xdg-desktop-portal-gnome festival networkmanager-openconnect networkmanager-openvpn networkmanager-pptp networkmanager-vpnc power-profiles-daemon
+
  systemctl enable NetworkManager
-  wifi_backend_conf=$(find / -type f -name wifi_backend.conf | grep configs)
-  cp "$wifi_backend_conf" /etc/NetworkManager/conf.d/
+  # Configure IWD as Backend for Networkmanager
+  #wifi_backend_conf=$(find / -type f -name wifi_backend.conf | grep configs)
+  cp "$(find "${PWD}" -type f -name )" /etc/NetworkManager/conf.d/
+  # Disable MulticastDNS in systemd-resolved
+  #disable_multicastDNS_conf=$(find / -type f -name disable-multicastDNS.conf | grep configs)
+  mkdir -p /etc/systemd/resolved.conf.d
+  cp "$(find "${PWD}" -type f -name )" /etc/systemd/resolved.conf.d/
+  systemctl enable avahi-daemon
 fi

 systemctl enable systemd-resolved
@ -141,6 +218,7 @@ systemctl enable systemd-timesyncd
 systemctl enable reflector.timer
 systemctl enable firewalld
 systemctl enable fstrim.timer
+systemctl enable systemd-time-wait-sync.service

 if [[ $gracard == 1 ]]; then
  sed -i 's/MODULES=()/MODULES=(amdgpu)/' /etc/mkinitcpio.conf #AMD
@ -174,27 +252,36 @@ fi
 bootctl install

 # Bootloaderconfig
-loader_conf=$(find / -type f -name loader.conf | grep configs)
-cp "$loader_conf" /boot/loader/
+#loader_conf=$(find / -type f -name loader.conf | grep configs)
+cp "$(find "${PWD}" -type f -name loader.conf)" /boot/loader/

 #$selectedKernel="linux linux-lts linux-zen"
-array_kernel_einzeln=$(echo "$selectedKernel" | tr " " "\n");
-entry_conf=$(find / -type f -name entry.conf | grep configs)
-for kernel_einzeln in $array_kernel_einzeln; do
-  boot_entry_name="${kernel_einzeln//linux/arch}";
+entry_conf=$(find "${PWD}" -type f -name entry.conf)
+for kernel in $selectedKernel; do
+  boot_entry_name="${kernel//linux/arch}";
  # Standart
  echo "$boot_entry_name.conf"
  cp "$entry_conf" /boot/loader/entries/"$boot_entry_name".conf
-  sed -i "s/#KERNEL#/$kernel_einzeln/" /boot/loader/entries/"$boot_entry_name".conf
-  sed -i "s/#INITRAMFS#/$kernel_einzeln/" /boot/loader/entries/"$boot_entry_name".conf
-  title="${boot_entry_name//arch/arch-linux}"
+  sed -i "s/#KERNEL#/$kernel/" /boot/loader/entries/"$boot_entry_name".conf
+  sed -i "s/#INITRAMFS#/$kernel/" /boot/loader/entries/"$boot_entry_name".conf
+  boot_entry="${boot_entry_name//arch/arch-linux}"
+  title=""
+  for word in ${boot_entry//-/ }; do
+    word="${word@u} "
+    title="${title}${word//Lts/LTS}"
+  done
  sed -i "s/#TITLE#/$title/" /boot/loader/entries/"$boot_entry_name".conf
  # Fallback
  echo "$boot_entry_name-fallback.conf"
  cp "$entry_conf" /boot/loader/entries/"$boot_entry_name"-fallback.conf
-  sed -i "s/#KERNEL#/$kernel_einzeln/" /boot/loader/entries/"$boot_entry_name"-fallback.conf
-  sed -i "s/#INITRAMFS#/$kernel_einzeln-fallback/" /boot/loader/entries/"$boot_entry_name"-fallback.conf
-  title="${boot_entry_name//arch/arch-linux}-fallback"
+  sed -i "s/#KERNEL#/$kernel/" /boot/loader/entries/"$boot_entry_name"-fallback.conf
+  sed -i "s/#INITRAMFS#/$kernel-fallback/" /boot/loader/entries/"$boot_entry_name"-fallback.conf
+  boot_entry="${boot_entry_name//arch/arch-linux}-fallback"
+  title=""
+  for word in ${boot_entry//-/ }; do
+    word="${word@u} "
+    title="${title}${word//Lts/LTS}"
+  done
  sed -i "s/#TITLE#/$title/" /boot/loader/entries/"$boot_entry_name"-fallback.conf
 done;

@ -242,6 +329,7 @@ done;
 #    sed -i 's/#Intel//' /boot/loader/entries/arch-zen-fallback.conf
 #  fi
 #fi
+# Verschlüsselungs-Passwort: testpassword

 cryptroot_name=$(grep "#\s/dev/mapper" /etc/fstab | head -n 1 | sed 's/#\s\/dev\/mapper\/\(.*\)\s.*/\1/')
 cryptroot_device_name=$(grep "LABEL=EFI" /etc/fstab | sed 's/#\s\/dev\/\(.\{3\}\).*/\1/')
@ -251,6 +339,6 @@ cryptroot_device_uuid=$(blkid -o value -s UUID /dev/"$cryptroot_device_name"2)
 find /boot -type f -name arch\*.conf -exec sed -i "s/root=LABEL=arch/root=\/dev\/mapper\/$cryptroot_name rd.luks.name=$cryptroot_device_uuid=$cryptroot_name/" {} \;

 useradd -mG wheel eichehome
-echo eichehome:testen | chpasswd
+echo "$nutzername":"$nutzerpw" | chpasswd

 echo "%wheel ALL=(ALL) ALL" >> /etc/sudoers.d/wheel_group
--- a/configs/disable-multicastDNS.conf
+++ b/configs/disable-multicastDNS.conf
@ -0,0 +1,2 @@
+[Resolve]
+MulticastDNS=no
--- a/prep-BTRFS-UEFI-Encrypted.sh
+++ b/prep-BTRFS-UEFI-Encrypted.sh
@ -10,42 +10,42 @@ localectl set-keymap de-latin1-nodeadkeys
 timedatectl set-timezone Europe/Berlin
 timedatectl set-ntp yes

-echo "Choose Device: 1) /dev/sda 2) /dev/vda 3) Other Path"
+echo "Choose Device (Defaults to /dev/sda):"
+echo "1) /dev/sda 2) /dev/vda 3) Other Path"
 read -r choise
-
+: "${choise:=1}"
 if [ "$choise" == 1 ];then
  path="/dev/sda"
-  part1="/dev/sda1"
-  part2="/dev/sda2"
 elif [ "$choise" == 2 ];then
  path="/dev/vda"
-  part1="/dev/vda1"
-  part2="/dev/vda2"
 elif [ "$choise" == 3 ];then
  read -r -p "Enter Device-Path: " path
-  part1="$path"1
-  part2="$path"2
 else
  echo "Path not recognized, aborting"
  exit 1
 fi
+echo "Install Device: ${path}"
+part1="${path}"1
+part2="${path}"2

-cryptrootname="cryptroot"
+read -r -p "Name for the cryptrootdevice (defaults to cryptroot): " cryptrootname
+: "${cryptrootname:=cryptroot}"
+echo "The cryptrootdevice will be named: ${cryptrootname}"

-parted --script "$path" \
+parted --script "${path}" \
 mklabel gpt \
 mkpart "efi" fat32 1MiB 501MiB \
 set 1 esp on \
 mkpart "root" btrfs 501MiB 100%

-mkfs.vfat "$part1" -n EFI
-cryptsetup --cipher aes-xts-plain64 --hash sha512 --use-random --verify-passphrase luksFormat "$part2"
+mkfs.vfat "${part1}" -n EFI
+cryptsetup --cipher aes-xts-plain64 --hash sha512 --use-random --verify-passphrase luksFormat "${part2}"

-cryptsetup luksOpen "$part2" $cryptrootname
+cryptsetup luksOpen "${part2}" "${cryptrootname}"

-mkfs.btrfs /dev/mapper/$cryptrootname -L arch
+mkfs.btrfs "/dev/mapper/${cryptrootname}" -L arch

-mount /dev/mapper/$cryptrootname /mnt
+mount "/dev/mapper/${cryptrootname}" /mnt
 cd /mnt || exit 1
 btrfs subvolume create @
 btrfs subvolume create @home
@ -55,15 +55,15 @@ btrfs subvolume create @cache
 cd ~ || exit 1
 umount -R /mnt

-mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@ /dev/mapper/$cryptrootname /mnt
+mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@ "/dev/mapper/${cryptrootname}" /mnt
 mkdir -p /mnt/{home,boot,var}
-mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@home /dev/mapper/$cryptrootname /mnt/home
-mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@var /dev/mapper/$cryptrootname /mnt/var
+mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@home "/dev/mapper/${cryptrootname}" /mnt/home
+mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@var "/dev/mapper/${cryptrootname}" /mnt/var
 mkdir -p /mnt/var/{cache,log}
-mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@log /dev/mapper/$cryptrootname /mnt/var/log
-mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@cache /dev/mapper/$cryptrootname /mnt/var/cache
+mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@log "/dev/mapper/${cryptrootname}" /mnt/var/log
+mount -o noatime,compress=zstd,space_cache=v2,discard=async,subvol=@cache "/dev/mapper/${cryptrootname}" /mnt/var/cache

-mount "$part1" /mnt/boot
+mount "${part1}" /mnt/boot

 pacstrap /mnt base linux-firmware vim git btrfs-progs