mirror of
https://github.com/ItsDrike/dotfiles.git
synced 2024-12-25 12:44:35 +00:00
Update installation scripts and guide
This commit is contained in:
parent
2fec62fdd3
commit
f16a5c999a
|
@ -119,7 +119,7 @@ su -l itsdrike # press q or esc in the default zsh options
|
||||||
Setup user account
|
Setup user account
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
git clone --recursive https://github.com/dotfiles ~/dots
|
git clone --recursive https://github.com/ItsDrike/dotfiles ~/dots
|
||||||
cd ~/dots
|
cd ~/dots
|
||||||
./install_user.sh
|
./install_user.sh
|
||||||
```
|
```
|
||||||
|
@ -134,18 +134,16 @@ su -l itsdrike
|
||||||
Install astronvim
|
Install astronvim
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo pacman -S --needed luarocks rustup cargo cmake meson npm
|
|
||||||
rustup default stable
|
|
||||||
mkdir -p ~/.config/wakatime
|
|
||||||
git clone https://github.com/AstroNvim/AstroNvim ~/.config/nvim
|
git clone https://github.com/AstroNvim/AstroNvim ~/.config/nvim
|
||||||
git clone https://github.com/ItsDrike/AstroNvimUser ~/.config/nvim/lua/user
|
git clone https://github.com/ItsDrike/AstroNvimUser ~/.config/nvim/lua/user
|
||||||
```
|
```
|
||||||
|
|
||||||
## Auto-mounting encrypted partitions
|
## Auto-mounting encrypted partitions
|
||||||
|
|
||||||
We've create a bunch of LUKS encrypted partitions to store our date into,
|
We've created a LUKS encrypted partition to store our date into, however it
|
||||||
however it would be very inconvenient to have to mount them ourselves on each
|
would be very inconvenient to have to mount it ourselves on each boot. Instead,
|
||||||
boot. Instead, we'll probably want to set up a way to mount them automatically.
|
we'll probably want to set up a way to mount them automatically. Leaving only
|
||||||
|
the root partition that we'll need to enter a password for on boot.
|
||||||
|
|
||||||
### Key files
|
### Key files
|
||||||
|
|
||||||
|
@ -169,31 +167,20 @@ should prefer this approach if your root partition isn't encrypted, although
|
||||||
know that this can get pretty annoying with more than one encrypted device. If
|
know that this can get pretty annoying with more than one encrypted device. If
|
||||||
you wish to do this, you can skip this section.
|
you wish to do this, you can skip this section.
|
||||||
|
|
||||||
In this example, we'll be creating a different key for every encrypted
|
|
||||||
partition, but you could also share the same key file for all of them if you
|
|
||||||
wish. This is however more secure.
|
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
|
exit # Go back to root account
|
||||||
mkdir -p /etc/secrets
|
mkdir -p /etc/secrets
|
||||||
dd if=/dev/random bs=4096 count=1 of=/etc/secrets/keyFile-data.bin
|
dd if=/dev/random bs=4096 count=1 of=/etc/secrets/keyFile-data.bin
|
||||||
dd if=/dev/random bs=4096 count=1 of=/etc/secrets/keyFile-data2.bin
|
chmod -R 400 /etc/secrets
|
||||||
dd if=/dev/random bs=4096 count=1 of=/etc/secrets/keyFile-backups.bin
|
chmod 700 /etc/secrets
|
||||||
dd if=/dev/random bs=4096 count=1 of=/etc/secrets/keyFile-arch-hyprland.bin
|
|
||||||
dd if=/dev/random bs=4096 count=1 of=/etc/secrets/keyFile-arch-kde.bin
|
|
||||||
chmod -R 004 /etc/secrets
|
|
||||||
chmod 007 /etc/secrets
|
|
||||||
```
|
```
|
||||||
|
|
||||||
The bs argument signifies a block size (in bits), so this will create 4096-bit keys.
|
The bs argument signifies a block size (in bits), so this will create 4096-bit keys.
|
||||||
|
|
||||||
Now we can add these keys into our LUKS encrypted partitions:
|
Now we can add this key into our LUKS encrypted data partition:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
cryptsetup luksAddKey /dev/disk/by-label/DATA --new-keyfile /etc/secrets/keyFile-data.bin
|
cryptsetup luksAddKey /dev/disk/by-label/DATA --new-keyfile /etc/secrets/keyFile-data.bin
|
||||||
cryptsetup luksAddKey /dev/disk/by-label/DATA2 --new-keyfile /etc/secrets/keyFile-data2.bin
|
|
||||||
cryptsetup luksAddKey /dev/disk/by-label/BACKUPS --new-keyfile /etc/secrets/keyFile-backups.bin
|
|
||||||
cryptsetup luksAddKey /dev/disk/by-label/ARCH_ROOT1 --new-keyfile /etc/secrets/keyFile-arch-hyprland.bin
|
|
||||||
cryptsetup luksAddKey /dev/disk/by-label/ARCH_ROOT2 --new-keyfile /etc/secrets/keyFile-arch-kde.bin
|
|
||||||
```
|
```
|
||||||
|
|
||||||
### /etc/crypttab
|
### /etc/crypttab
|
||||||
|
@ -216,9 +203,6 @@ This is the `/etc/crypttab` file that I use:
|
||||||
# <name> <device> <password> <options>
|
# <name> <device> <password> <options>
|
||||||
|
|
||||||
cryptdata LABEL=DATA /etc/secrets/keyFile-data.bin discard
|
cryptdata LABEL=DATA /etc/secrets/keyFile-data.bin discard
|
||||||
cryptdata2 LABEL=DATA2 /etc/secrets/keyFile-data2.bin discard
|
|
||||||
cryptbackups LABEL=BACKUPS /etc/secrets/keyFile-backups.bin discard
|
|
||||||
cryptarch2 LABEL=ARCH_ROOT2 /etc/secrets/keyFile-arch-kde.bin discard
|
|
||||||
```
|
```
|
||||||
|
|
||||||
<!-- markdownlint-enable MD010 MD013 -->
|
<!-- markdownlint-enable MD010 MD013 -->
|
||||||
|
@ -245,30 +229,25 @@ interfaces for them, to mount those to a concrete directory, we still use
|
||||||
|
|
||||||
# region: LUKS encrypted devices (opened from /etc/crypttab, or mounted from initramfs)
|
# region: LUKS encrypted devices (opened from /etc/crypttab, or mounted from initramfs)
|
||||||
|
|
||||||
/dev/mapper/cryptroot / ext4 rw,relatime,nofail,discard 0 1
|
/dev/mapper/cryptroot / btrfs rw,realtime,ssd,space_cache=v2,subvolid=5,subvol=/,discard 0 1
|
||||||
/dev/mapper/cryptdata /mnt/data ext4 rw,relatime,nofail,discard 0 2
|
/dev/mapper/cryptdata /mnt/data btrfs rw,realtime,ssd,space_cache=v2,subvolid=5,subvol=/,discard 0 2
|
||||||
/dev/mapper/cryptdata2 /mnt/data2 ext4 rw,relatime,nofail,discard 0 2
|
|
||||||
/dev/mapper/cryptarch2 /mnt/arch-kde ext4 rw,relatime,nofail,discard 0 2
|
# Or, an example with ext4 filesystem
|
||||||
|
#/dev/mapper/cryptdata /mnt/data ext4 rw,relatime,nofail,discard 0 2
|
||||||
|
|
||||||
# endregion
|
# endregion
|
||||||
# region: Physical devices
|
# region: Physical devices
|
||||||
|
|
||||||
LABEL=BOOT /efi vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro 0 2
|
LABEL=BOOT /efi vfat rw,relatime,fmask=0137,dmask=0027,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro 0 2
|
||||||
LABEL=SWAP none swap defaults 0 0
|
LABEL=SWAP none swap defaults 0 0
|
||||||
|
|
||||||
# endregion
|
# endregion
|
||||||
# region: Bind mounts
|
# region: Bind mounts
|
||||||
|
|
||||||
# Write kernel images to /efi/arch-hyprland, not directly to the efi system partition (esp), to avoid conflicts when dual booting
|
# Write kernel images to /efi/arch-1, not directly to the efi system partition (esp), to avoid conflicts when dual booting
|
||||||
/efi/arch-hyprland /boot none rw,bind 0 0
|
/efi/arch-1 /boot none rw,bind 0 0
|
||||||
|
|
||||||
# Bind mounts for arch-kde
|
# endregion
|
||||||
/efi /mnt/arch-kde/efi none rw,bind 0 0
|
|
||||||
/efi/arch-kde /mnt/arch-kde/boot none rw,bind 0 0
|
|
||||||
/mnt/data /mnt/arch-kde/mnt/data none rw,bind 0 0
|
|
||||||
/mnt/data2 /mnt/arch-kde/mnt/data2 none rw,bind 0 0
|
|
||||||
/mnt/backups /mnt/arch-kde/mnt/backups none rw,bind 0 0
|
|
||||||
/ /mnt/arch-kde/mnt/arch-hyprland none rw,bind 0 0
|
|
||||||
```
|
```
|
||||||
|
|
||||||
<!-- markdownlint-enable MD010 MD013 -->
|
<!-- markdownlint-enable MD010 MD013 -->
|
||||||
|
@ -299,7 +278,7 @@ environment.
|
||||||
If you wish, you can also follow the instructions below to auto-enable numlock:
|
If you wish, you can also follow the instructions below to auto-enable numlock:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
yay -S mkinitcpio-numlock
|
sudo -u itsdrike yay -S mkinitcpio-numlock
|
||||||
# Go to HOOKS and add `numlock` after `keyboard` in:
|
# Go to HOOKS and add `numlock` after `keyboard` in:
|
||||||
sudo nvim /etc/mkinitcpio.conf
|
sudo nvim /etc/mkinitcpio.conf
|
||||||
```
|
```
|
||||||
|
@ -328,10 +307,10 @@ Create a new file - `/efi/loader/entries/arch-hyprland.conf`, with:
|
||||||
```bash
|
```bash
|
||||||
title Arch Linux (Hyprland)
|
title Arch Linux (Hyprland)
|
||||||
sort-key 0
|
sort-key 0
|
||||||
linux /arch-hyprland/vmlinuz-linux
|
linux /arch-1/vmlinuz-linux
|
||||||
initrd /arch-hyprland/amd-ucode.img
|
initrd /arch-1/amd-ucode.img
|
||||||
initrd /arch-hyprland/initramfs-linux.img
|
initrd /arch-1/initramfs-linux.img
|
||||||
options cryptdevice=LABEL=ARCH_ROOT1:cryptroot:allow-discards
|
options cryptdevice=LABEL=LINUXROOT:cryptroot:allow-discards
|
||||||
options root=/dev/mapper/cryptroot
|
options root=/dev/mapper/cryptroot
|
||||||
options rw loglevel=3
|
options rw loglevel=3
|
||||||
```
|
```
|
||||||
|
@ -347,6 +326,13 @@ auto-firmware yes
|
||||||
beep no
|
beep no
|
||||||
```
|
```
|
||||||
|
|
||||||
|
**Reboot**
|
||||||
|
|
||||||
|
```bash
|
||||||
|
exit # go back to live iso (exit chroot)
|
||||||
|
reboot
|
||||||
|
```
|
||||||
|
|
||||||
## Post-setup
|
## Post-setup
|
||||||
|
|
||||||
Enable Network Time Protocol (time synchronization)
|
Enable Network Time Protocol (time synchronization)
|
||||||
|
|
|
@ -60,7 +60,9 @@ install -m 700 -d ~/.local/share/gnupg
|
||||||
|
|
||||||
# Enable some basic services
|
# Enable some basic services
|
||||||
systemctl enable systemd-resolved
|
systemctl enable systemd-resolved
|
||||||
|
systemctl enable systemd-timesyncd
|
||||||
systemctl enable NetworkManager
|
systemctl enable NetworkManager
|
||||||
|
systemctl mask systemd-networkd # We have NetworkManager for this
|
||||||
systemctl enable paccache.timer
|
systemctl enable paccache.timer
|
||||||
systemctl enable reflector.timer
|
systemctl enable reflector.timer
|
||||||
systemctl enable pkgfile-update.timer
|
systemctl enable pkgfile-update.timer
|
||||||
|
|
|
@ -44,6 +44,9 @@ yay -S --noconfirm --needed \
|
||||||
yay -Y --gendb
|
yay -Y --gendb
|
||||||
yay -Y --devel --save
|
yay -Y --devel --save
|
||||||
|
|
||||||
|
# Install stable channel default rust toolchain
|
||||||
|
rustup default stable
|
||||||
|
|
||||||
# Copy over zsh configuration
|
# Copy over zsh configuration
|
||||||
# Note that this assumes you've ran install_root.sh, whcih created /etc/zsh/zshenv
|
# Note that this assumes you've ran install_root.sh, whcih created /etc/zsh/zshenv
|
||||||
# with $ZOOTDIR exported. If you haven't done that, you'll want to symlink the
|
# with $ZOOTDIR exported. If you haven't done that, you'll want to symlink the
|
||||||
|
@ -77,10 +80,12 @@ cp -ra home/.config/gtk-3.0 ~/.config
|
||||||
cp -ra home/.config/lf ~/.config
|
cp -ra home/.config/lf ~/.config
|
||||||
cp -ra home/.local/share/gnupg/gpg.conf ~/.local/share/gnupg
|
cp -ra home/.local/share/gnupg/gpg.conf ~/.local/share/gnupg
|
||||||
chmod 600 ~/.local/share/gnupg/gpg.conf
|
chmod 600 ~/.local/share/gnupg/gpg.conf
|
||||||
|
mkdir ~/.config/wakatime
|
||||||
|
|
||||||
# Install various python versions with pyenv
|
# Install various python versions with pyenv
|
||||||
# This might take a while
|
# This might take a while
|
||||||
# (note: if you don't need pyenv, remove ~/.config/shell/py-alias, and commment these lines)
|
# (note: if you don't need pyenv, remove ~/.config/shell/py-alias, and commment these lines)
|
||||||
|
pyenv install -l | cut -d' ' -f3 | grep -E '^3\.12\.[0-9]+$' | tail -n 1 | xargs -I {} pyenv install {}
|
||||||
pyenv install -l | cut -d' ' -f3 | grep -E '^3\.11\.[0-9]+$' | tail -n 1 | xargs -I {} pyenv install {}
|
pyenv install -l | cut -d' ' -f3 | grep -E '^3\.11\.[0-9]+$' | tail -n 1 | xargs -I {} pyenv install {}
|
||||||
pyenv install -l | cut -d' ' -f3 | grep -E '^3\.10\.[0-9]+$' | tail -n 1 | xargs -I {} pyenv install {}
|
pyenv install -l | cut -d' ' -f3 | grep -E '^3\.10\.[0-9]+$' | tail -n 1 | xargs -I {} pyenv install {}
|
||||||
pyenv install -l | cut -d' ' -f3 | grep -E '^3\.9\.[0-9]+$' | tail -n 1 | xargs -I {} pyenv install {}
|
pyenv install -l | cut -d' ' -f3 | grep -E '^3\.9\.[0-9]+$' | tail -n 1 | xargs -I {} pyenv install {}
|
||||||
|
|
Loading…
Reference in a new issue