Last active
January 3, 2024 05:43
-
-
Save Hexhu/6a0b477de0428c443a1bda5e8dd8711d to your computer and use it in GitHub Desktop.
curl -OL hu.fo/getarch; chmod +x getarch; ./getarch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/zsh | |
# Usage: | |
# Boot into archiso | |
# curl -OL hu.fo/getarch | |
# chmod +x getarch | |
# vim getarch | |
# ./getarch | |
export NEWUSER=hexhu | |
export HOSTNAME=archvm | |
export ROOT_DEV=vda | |
export ROOT_PART=vda1 | |
#export ROOT_DEV=nvme0n1 | |
#export ROOT_PART=nvme0n1p1 | |
export REGION=America | |
export CITY=Los_Angeles | |
#export REGION=Asia | |
#export CITY=Hong_Kong | |
#export CITY=Tokyo | |
timedatectl set-ntp true | |
umount -f /mnt | |
fdisk "/dev/${ROOT_DEV}" << EOFDISK | |
o | |
n | |
p | |
1 | |
w | |
EOFDISK | |
mkfs.ext4 -F "/dev/${ROOT_PART}" | |
mount "/dev/${ROOT_PART}" /mnt | |
echo 'Server = https://arch.hu.fo/archlinux/$repo/os/$arch' > /etc/pacman.d/mirrorlist | |
echo 'Server = https://mirrors.ocf.berkeley.edu/archlinux/$repo/os/$arch' >> /etc/pacman.d/mirrorlist | |
echo 'Server = http://mirrors.ocf.berkeley.edu/archlinux/$repo/os/$arch' >> /etc/pacman.d/mirrorlist | |
echo 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' >> /etc/pacman.d/mirrorlist | |
echo 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' >> /etc/pacman.d/mirrorlist | |
pacstrap /mnt base | |
arch-chroot /mnt << EOCHROOT1 | |
echo "$HOSTNAME" > /etc/hostname | |
ln -sf "/usr/share/zoneinfo/${REGION}/${CITY}" /etc/localtime | |
hwclock --systohc | |
pacman -Syu --noconfirm linux grub dhcpcd openssh haveged sudo vi vim screen pacman-contrib arch-install-scripts mtr ldns lldpd ethtool htop iotop iptraf-ng nethogs vnstat sysstat ncdu bash-completion zsh zsh-completions sshfs rsync nfs-utils arch-audit kernel-modules-hook | |
paccache -rk0 | |
grub-install "/dev/${ROOT_DEV}" --recheck | |
sed -i 's/GRUB_TIMEOUT=5/GRUB_TIMEOUT=1/' /etc/default/grub | |
grub-mkconfig -o /boot/grub/grub.cfg | |
systemctl enable dhcpcd | |
systemctl enable sshd | |
systemctl enable haveged | |
systemctl enable linux-modules-cleanup | |
systemctl enable vnstat | |
mkdir ~/.ssh | |
curl "https://github.com/${NEWUSER}.keys" > ~/.ssh/authorized_keys | |
useradd -m -s /bin/bash -G wheel,log,disk,proc "$NEWUSER" | |
su "$NEWUSER" | |
mkdir ~/.ssh | |
curl "https://github.com/${NEWUSER}.keys" > ~/.ssh/authorized_keys | |
exit | |
exit | |
EOCHROOT1 | |
chroot /mnt /bin/bash << EOCHROOT2 | |
passwd -d "$NEWUSER" # Use empty password | |
chage -d 0 "$NEWUSER" # Force changing that empty password at login | |
sed -i 's/^# %wheel ALL=(ALL:ALL) ALL\.*/%wheel ALL=(ALL:ALL) ALL/' /etc/sudoers | |
echo 'LANG=en_US.UTF-8' > /etc/locale.conf | |
sed -i 's/^#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen | |
locale-gen | |
sed -i 's/^#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config | |
sed -i 's/^#KbdInteractiveAuthentication yes/KbdInteractiveAuthentication no/' /etc/ssh/sshd_config | |
echo -e "\n#Suppress sshd log spamming\nLogLevel FATAL\nMatch User root,${NEWUSER}\n LogLevel INFO" >> /etc/ssh/sshd_config | |
sed -i 's/^#DefaultTimeoutStartSec=.*/DefaultTimeoutStartSec=20s/' /etc/systemd/system.conf | |
sed -i 's/^#DefaultTimeoutStopSec=.*/DefaultTimeoutStopSec=20s/' /etc/systemd/system.conf | |
sed -i 's/#SystemMaxUse=.*/SystemMaxUse=32M/' /etc/systemd/journald.conf | |
sed -i "s/ 'fallback'//" /etc/mkinitcpio.d/linux.preset | |
sed -i 's/#Color/Color/' /etc/pacman.conf | |
sed -i 's/#ParallelDownloads/ParallelDownloads/' /etc/pacman.conf | |
echo -e "net.core.default_qdisc=fq\nnet.ipv4.tcp_congestion_control=bbr" > /etc/sysctl.d/bbr.conf | |
exit | |
EOCHROOT2 | |
umount /mnt | |
sync | |
reboot |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment