Afterchroot bios update, fix

Afterchroot bios update
Bios and Efi pre-chroot separate
2024-06-28 11:43:11 +02:00 · 2024-06-28 11:38:27 +02:00 · 2024-06-28 11:19:29 +02:00 · 2024-06-28 11:00:50 +02:00 · 2024-06-27 16:15:53 +02:00 · 2024-06-27 16:11:04 +02:00
7 changed files with 86 additions and 18 deletions
--- a/Kun.txt
+++ b/Kun.txt
@@ -0,0 +1 @@
+Příliš žluťoučký kůň úpěl ďábelské ódy
--- a/artix_scripts/after-chroot.sh
+++ b/artix_scripts/after-chroot.sh
@@ -24,7 +24,12 @@ dd if=/dev/random of=/crypto_keyfile.bin bs=512 count=8 iflag=fullblock && \
 chmod 000 /crypto_keyfile.bin && \
 sed -i "s/FILES=(/FILES=(\/crypto_keyfile.bin/g" /etc/mkinitcpio.conf && \
 pacman -S lvm2 lvm2-openrc cryptsetup cryptsetup-openrc && \
-cryptsetup luksAddKey $DISK\2 /crypto_keyfile.bin && \
+if [ $BIOSorEFI == "EFI" ]; then
+    cryptsetup luksAddKey $DISK\2 /crypto_keyfile.bin
+else 
+    cryptsetup luksAddKey $DISK\1 /crypto_keyfile.bin
+fi
+
 mkinitcpio -p linux-hardened && \

 #passset
@@ -32,42 +37,54 @@ passwd && \

 #bootloader
 pacman -Sy && \
-yes a | pacman -S dosfstools freetype2 fuse2 gptfdisk libisoburn mtools os-prober grub efibootmgr && \
+pacman -S dosfstools freetype2 fuse2 gptfdisk libisoburn mtools os-prober grub efibootmgr && \
 sed -i "s/quiet/quiet resume=UUID=`blkid -s UUID -o value /dev/lvmSystem/volSwap`/g" /etc/default/grub && \
-sed -i "s/GRUB_CMDLINE_LINUX=\"\"/GRUB_CMDLINE_LINUX=\"cryptdevice=UUID=`blkid -s UUID -o value  $DISK\2`:lvm-system\"/g" /etc/default/grub && \ 
-sed -i "s/#GRUB_ENABLE_CRYPTODISK/GRUB_ENABLE_CRYPTODISK/g" /etc/default/grub && \
-grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=artix --recheck $DISK && \
-grub-mkconfig -o /boot/grub/grub.cfg
+if [ $BIOSorEFI == "EFI" ]; then
+    sed -i "s/GRUB_CMDLINE_LINUX=\"\"/GRUB_CMDLINE_LINUX=\"cryptdevice=UUID=`blkid -s UUID -o value  $DISK\2`:lvm-system\"/g" /etc/default/grub
+else 
+    sed -i "s/GRUB_CMDLINE_LINUX=\"\"/GRUB_CMDLINE_LINUX=\"cryptdevice=UUID=`blkid -s UUID -o value  $DISK\1`:lvm-system\"/g" /etc/default/grub
+fi
+sed -i "s/#GRUB_ENABLE_CRYPTODISK/GRUB_ENABLE_CRYPTODISK/g" /etc/default/grub
+if [ $BIOSorEFI == "EFI" ]; then
+    grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=artix --recheck $DISK
+else 
+    grub-install --target=i386-pc $DISK --bootloader-id=artix --recheck $DISK
+fi
+grub-mkconfig -o /boot/grub/grub.cfg && \

 #services
-yes | pacman -S haveged haveged-openrc && \
+pacman -S haveged haveged-openrc && \
 rc-update add haveged default && \
-yes | pacman -S cronie cronie-openrc && \
+pacman -S cronie cronie-openrc && \
 rc-update add cronie default && \

 #user
 useradd -m -G wheel -s /bin/bash $USERNAME && \
 passwd $USERNAME && \
-sed -i "s/# %wheel ALL=(ALL:ALL) NOPASSWD: ALL/%wheel ALL=(ALL:ALL) NOPASSWD: ALL/g" /etc/sudoers
+sed -i "s/# %wheel ALL=(ALL:ALL) NOPASSWD: ALL/%wheel ALL=(ALL:ALL) NOPASSWD: ALL/g" /etc/sudoers && \
+
+#Font set
+echo 'consolefont="eurlatgr"' > /etc/conf.d/consolefont && \
+rc-update add consolefont boot && \

 #network
-yes a | pacman -S networkmanager networkmanager-openrc networkmanager-openvpn network-manager-applet && \
+pacman -S networkmanager networkmanager-openrc networkmanager-openvpn network-manager-applet && \
 rc-update add NetworkManager default && \

 #ssh
-yes a | pacman -S openssh openssh-openrc && \
+pacman -S openssh openssh-openrc && \
 rc-update add sshd default && \

 #other deamons
-yes a | pacman -S ntp ntp-openrc acpid acpid-openrc syslog-ng syslog-ng-openrc && \
+pacman -S ntp ntp-openrc acpid acpid-openrc syslog-ng syslog-ng-openrc && \
 rc-update add ntpd default && \
 rc-update add acpid default && \
 rc-update add syslog-ng default && \

 #Usefull utils
 pacman -S vi artools bash-completion lsof strace && \
-yes a | pacman -S wget htop mc zip samba unrar p7zip unzip && \
-yes a | pacman -S hdparm smartmontools hwinfo dmidecode && \
+yes a | pacman -S wget htop mc zip samba unrar p7zip unzip less && \
+yes a | pacman -S hdparm smartmontools hwinfo dmidecode vim && \
 yes a | pacman -S whois rsync nmap tcpdump inetutils net-tools ndisc6


--- a/artix_scripts/env.sh
+++ b/artix_scripts/env.sh
@@ -7,4 +7,10 @@ CRYPT_N="lvm-system"
 LVM_N="lvmSystem"
 HOSTNAME="4rt1x"
 TIMEZONE="Europe/Prague"
-USERNAME="warezjoe"
+USERNAME="warezjoe"
+# BIOS or EFI
+if [ -f /sys/firmware/efi/fw_platform_size ]; then
+    BIOSorEFI="EFI"
+else
+    BIOSorEFI="BIOS"
+fi
--- a/artix_scripts/ip-sshd.sh
+++ b/artix_scripts/ip-sshd.sh
@@ -1,4 +1,9 @@
 #!/bin/bash

+# Plain
 ip a add 192.168.57.132/24 dev eth1 && \
-rc-service sshd start
+rc-service sshd start
+
+
+# NetworkManager
+nmcli con mod "Con name" ipv4.adress "192.168.57.132/24"
--- a/artix_scripts/pre-chroot-bios.sh
+++ b/artix_scripts/pre-chroot-bios.sh
@@ -0,0 +1,39 @@
+#!/bin/bash
+
+source env.sh
+
+#Parted
+pacman -Sy && \
+yes | pacman -S parted && \
+parted -s $DISK mklabel msdos && \
+parted -s -a optimal $DISK mkpart "primary" "ext4" "0%" "100%" && \
+parted -s $DISK set 1 boot on && \
+parted -s $DISK set 1 lvm on && \
+
+#Cryptosetup
+cryptsetup luksFormat --type=luks1 $DISK\1 && \
+cryptsetup open $DISK\1 lvm-system && \
+
+#Lvm setup
+pvcreate /dev/mapper/$CRYPT_N
+vgcreate $LVM_N /dev/mapper/$CRYPT_N
+
+lvcreate -L 2G  $LVM_N -n volSwap && \
+lvcreate -L 10G  $LVM_N -n volRoot && \
+lvcreate -L 2G  $LVM_N -n volHome && \
+
+#Filesystems and mount
+mkswap /dev/$LVM_N/volSwap && \
+mkfs.ext4 -L volRoot /dev/$LVM_N/volRoot && \
+mkfs.ext4 -L volHome /dev/$LVM_N/volHome && \
+swapon /dev/$LVM_N/volSwap && \
+mount /dev/$LVM_N/volRoot /mnt && \
+mkdir -p /mnt/home && \
+mount /dev/$LVM_N/volHome /mnt/home && \
+
+#basestrap, fstab, chroot
+basestrap /mnt base base-devel openrc elogind-openrc linux-hardened linux-hardened-headers linux-firmware  && \
+fstabgen -U /mnt >> /mnt/etc/fstab  && \
+echo "tmpfs	/tmp	tmpfs	rw,nosuid,noatime,nodev,size=4G,mode=1777	0 0" >> /mnt/etc/fstab  && \
+cp after-chroot.sh env.sh /mnt/root/ && \
+artix-chroot /mnt /bin/bash
--- a/artix_scripts/pre-chroot-efi.sh
+++ b/artix_scripts/pre-chroot-efi.sh
@@ -12,7 +12,7 @@ parted -s -a optimal $DISK mkpart "primary" "ext4" "512MiB" "100%" && \
 parted -s $DISK set 2 lvm on && \

 #Cryptosetup
-cryptsetup luksFormat  $DISK\2 && \
+cryptsetup luksFormat --type=luks1 $DISK\2 && \
 cryptsetup open $DISK\2 lvm-system && \

 #Lvm setup
--- a/artix_scripts/re-chroot.sh
+++ b/artix_scripts/re-chroot.sh
@@ -7,5 +7,5 @@ lvchange -ay $LVM_N/volHome  && \
 lvchange -ay $LVM_N/volRoot  && \
 mount /dev/$LVM_N/volRoot /mnt && \
 mount /dev/$LVM_N/volHome /mnt/home && \
-mount /dev/$DISK\1 /mnt/boot/efi && \
+mount $DISK\1 /mnt/boot/efi && \
 artix-chroot /mnt /bin/bash
Author	SHA1	Message	Date
git	5ded5b7dff	Afterchroot bios update, fix	2024-06-28 11:43:11 +02:00
git	d95c04f68c	Afterchroot bios update	2024-06-28 11:38:27 +02:00
git	33894187fd	Bios and Efi pre-chroot separate	2024-06-28 11:19:29 +02:00
git	e8cc6dafc3	Scrap idea about one script do all pre-chroot	2024-06-28 11:00:50 +02:00
git	1a52fa84a1	Bios or Efi, next fix 3	2024-06-27 16:15:53 +02:00
git	27db7ed863	Bios or Efi, next fix 2	2024-06-27 16:11:04 +02:00
git	e77444b682	Bios or Efi, next fix	2024-06-27 16:09:51 +02:00
git	159a1cecf5	Bios or Efi, next	2024-06-27 16:08:13 +02:00
git	e0492b0c19	Bios or Efi	2024-06-27 15:48:52 +02:00
git	6e6aedfb13	Kun	2024-06-11 17:48:41 +02:00
git	42f11e1ca7	pre-chroot.sh lusk1	2024-06-11 16:55:32 +02:00
git	f789963235	after-chroot.sh fix 3	2024-06-11 16:53:31 +02:00
git	7a3b8c56f9	after-chroot.sh fix 2	2024-06-11 16:53:14 +02:00
				`@@ -0,0 +1 @@`
				`Příliš žluťoučký kůň úpěl ďábelské ódy`