From 7e61e1d3a14251902aa242b71b72823cc54fb969 Mon Sep 17 00:00:00 2001 From: Conor Budworth Date: Sun, 9 Nov 2025 22:09:17 +0100 Subject: [PATCH] Update install.sh --- install.sh | 57 +++++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 48 insertions(+), 9 deletions(-) diff --git a/install.sh b/install.sh index 3369fc7..8dc5230 100644 --- a/install.sh +++ b/install.sh @@ -1,6 +1,10 @@ #!/usr/bin/env bash set -euo pipefail +# ============================================== +# Arch Secure Install - Stage 1 (Live ISO) +# ============================================== + # Load configuration if [[ ! -f .env ]]; then echo "Missing .env. Copy .env.template and edit it before running." @@ -10,9 +14,16 @@ source .env echo ">>> Arch Secure Install starting on ${DISK}" +# Basic sanity +[[ -b "${DISK}" ]] || { echo "Error: ${DISK} not found."; exit 1; } +[[ -n "${HOSTNAME:-}" ]] || { echo "Error: HOSTNAME not set."; exit 1; } + timedatectl set-ntp true -# Wipe and partition +# ---------------------------------------------- +# Partitioning +# ---------------------------------------------- +echo ">>> Partitioning ${DISK}" sgdisk --zap-all "${DISK}" sgdisk -n1:0:+512M -t1:EF00 -c1:"EFI System Partition" "${DISK}" sgdisk -n2:0:0 -t2:8309 -c2:"Linux LUKS" "${DISK}" @@ -21,6 +32,9 @@ partprobe "${DISK}" EFI="${DISK}p1" ROOT="${DISK}p2" +# ---------------------------------------------- +# Encryption setup +# ---------------------------------------------- echo ">>> Formatting EFI partition" mkfs.fat -F32 "${EFI}" @@ -28,39 +42,64 @@ echo ">>> Setting up LUKS2 on ${ROOT}" echo -n "${LUKS_PASSPHRASE}" | cryptsetup luksFormat --type luks2 "${ROOT}" - echo -n "${LUKS_PASSPHRASE}" | cryptsetup open "${ROOT}" "${LUKS_NAME}" - +# ---------------------------------------------- +# Btrfs setup +# ---------------------------------------------- echo ">>> Creating Btrfs filesystem" mkfs.btrfs /dev/mapper/"${LUKS_NAME}" +echo ">>> Creating Btrfs subvolumes" mount /dev/mapper/"${LUKS_NAME}" /mnt -for subvol in ${BTRFS_SUBVOLS}; do +IFS=' ' read -r -a SUBVOLS <<< "${BTRFS_SUBVOLS}" + +for subvol in "${SUBVOLS[@]}"; do + echo " -> creating ${subvol}" btrfs subvolume create "/mnt/${subvol}" done + +echo ">>> Subvolumes created:" +btrfs subvolume list /mnt || true umount /mnt -echo ">>> Mounting subvolumes" +# Mount structure +echo ">>> Mounting Btrfs subvolumes" mount -o subvol=@,${BTRFS_OPTS} /dev/mapper/"${LUKS_NAME}" /mnt mkdir -p /mnt/{boot,home,var/log,var/cache} -mount -o subvol=@home,${BTRFS_OPTS} /dev/mapper/"${LUKS_NAME}" /mnt/home -mount -o subvol=@log /dev/mapper/"${LUKS_NAME}" /mnt/var/log -mount -o subvol=@cache /dev/mapper/"${LUKS_NAME}" /mnt/var/cache +# Only mount if subvol exists +for subvol in @home @log @cache; do + if btrfs inspect-internal subvolid-map /dev/mapper/"${LUKS_NAME}" | grep -q "${subvol}"; then + case "${subvol}" in + @home) mount -o subvol=@home,${BTRFS_OPTS} /dev/mapper/"${LUKS_NAME}" /mnt/home ;; + @log) mount -o subvol=@log /dev/mapper/"${LUKS_NAME}" /mnt/var/log ;; + @cache) mount -o subvol=@cache /dev/mapper/"${LUKS_NAME}" /mnt/var/cache ;; + esac + fi +done + mount "${EFI}" /mnt/boot +# ---------------------------------------------- +# Base system installation +# ---------------------------------------------- echo ">>> Installing base system" pacstrap -K /mnt base linux linux-firmware btrfs-progs systemd-ukify systemd-bootctl +# ---------------------------------------------- +# fstab and chroot handoff +# ---------------------------------------------- echo ">>> Generating fstab" genfstab -U /mnt >> /mnt/etc/fstab -echo ">>> Copying configuration" +echo ">>> Copying configuration into target" mkdir -p /mnt/root/install cp .env /mnt/root/install/.env cp chroot_setup.sh /mnt/root/install/ cp firstboot.sh /mnt/root/install/ chmod +x /mnt/root/install/{chroot_setup.sh,firstboot.sh} -echo ">>> Chrooting into new system" +echo ">>> Entering chroot" arch-chroot /mnt /root/install/chroot_setup.sh -echo ">>> Installation complete. Reboot when ready." +echo ">>> Installation complete. You may now reboot."