rocka/arch_init.sh

## arch_init.sh
#!/bin/bash

USERNAME='rocka'
HOSTNAME='arch'
SS_PORTNO='1234'
SS_METHOD='aes-256-gcm'
SS_PASSWD='all-your-base-are-belong-to-us'

# pacman related config
sed -i 's/#Color/Color/g' /etc/pacman.conf
sed -i 's/#VerbosePkgLists/VerbosePkgLists/g' /etc/pacman.conf

# Repo
cat >> /etc/pacman.conf << EOF

[archlinuxcn]
Server = https://cdn.repo.archlinuxcn.org/\$arch
EOF

# packages
pacman -Syyu --noconfirm sudo inetutils mosh git vim fish nginx-mainline htop pacman-contrib pacutils docker docker-compose nodejs npm shadowsocks-libev simple-obfs shadowsocks-v2ray-plugin tmux rng-tools archlinuxcn-keyring

# hostname
echo $HOSTNAME > /etc/hostname

# Locale: timezone and language
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
echo LANG=en_US.UTF-8 > /etc/locale.conf
sed -i 's/#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/g' /etc/locale.gen
sed -i 's/#zh_CN.UTF-8 UTF-8/zh_CN.UTF-8 UTF-8/g' /etc/locale.gen
locale-gen

# Optmize tcp
cat > /etc/sysctl.d/tcp_fastopen.conf << EOF
# tcp_fastopen
net.ipv4.tcp_fastopen = 3
EOF

cat > /etc/modules-load.d/tcp_bbr.conf << EOF
tcp_bbr
EOF

cat > /etc/sysctl.d/tcp_bbr.conf << EOF
# tcp_bbr
net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
EOF

modprobe tcp_bbr
sysctl --system
# check
sysctl net.ipv4.tcp_available_congestion_control
sysctl net.ipv4.tcp_congestion_control

# User
useradd -mG wheel,docker $USERNAME -s /usr/bin/fish
echo '%wheel ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/wheel
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin no/g' /etc/ssh/sshd_config

# Entropy
systemctl enable --now rngd.service

# Nginx
systemctl enable --now nginx.service

# Docker
systemctl enable --now docker.service

# shadowsocks-libev-server
mkdir /etc/shadowsocks
cat > /etc/shadowsocks/config.json << EOF
{
    "server":      [ "0.0.0.0", "::0" ],
    "server_port":  ${SS_PORTNO},
    "method":      "${SS_METHOD}",
    "password":    "${SS_PASSWD}",
    "mode":        "tcp_and_udp",
    "timeout":      1800,
    "reuse_port":   true,
    "fast_open":    true,
    "no_delay":     true,
    "plugin":      "obfs-server",
    "plugin_opts": "obfs=tls;failover=127.0.0.1:443"
}
EOF
systemctl enable --now shadowsocks-libev-server@config.service

FISH_ALIAS="
alias ls='ls --color --classify --time-style=long-iso'
alias l='ls'
alias ll='ls -lh'
alias la='ls -alh'
alias qwq='uname -snrm; uptime'
"

# Root fish shell config
chsh -s /usr/bin/fish
mkdir -p /root/.config/fish
cat > /root/.config/fish/config.fish << EOF
function fish_greeting
    echo "You are now ROOT user!"
    echo "With great power, comes great responsibility."
end
$FISH_ALIAS
EOF

# simple vim config
cat > /root/.vimrc << EOF
unlet! skip_defaults_vim
source $VIMRUNTIME/defaults.vim

set nu
highlight LineNr ctermfg=lightgrey

set autoindent
set smartindent
set expandtab
set shiftwidth=4
set tabstop=4

set laststatus=2
set showtabline=2
EOF

# Config for user

# your .vimrc too
cp /root/.vimrc /home/$USERNAME/.vimrc

# Install fisher
curl https://git.io/fisher --create-dirs -sLo /home/$USERNAME/.config/fish/functions/fisher.fish

# greeting and alias
cat > /home/$USERNAME/.config/fish/config.fish << EOF
set PATH \$HOME/.local/bin \$PATH

function fish_greeting
    uname -snrm; uptime
end
$FISH_ALIAS
EOF

# npm global path
cat > /home/$USERNAME/.npmrc << EOF
prefix=/home/$USERNAME/.local
EOF

# Config dirs
mkdir -p /home/$USERNAME/.local/bin

chown -R $USERNAME:$USERNAME /home/$USERNAME

echo "
Almost done! You may also want to:
 - change password for user $USERNAME
 - install some AUR helper
 - instal package group 'base-devel' or 'meta-group-base-devel' on AUR
"
	#!/bin/bash

	USERNAME='rocka'
	HOSTNAME='arch'
	SS_PORTNO='1234'
	SS_METHOD='aes-256-gcm'
	SS_PASSWD='all-your-base-are-belong-to-us'

	# pacman related config
	sed -i 's/#Color/Color/g' /etc/pacman.conf
	sed -i 's/#VerbosePkgLists/VerbosePkgLists/g' /etc/pacman.conf

	# Repo
	cat >> /etc/pacman.conf << EOF

	[archlinuxcn]
	Server = https://cdn.repo.archlinuxcn.org/\$arch
	EOF

	# packages
	pacman -Syyu --noconfirm sudo inetutils mosh git vim fish nginx-mainline htop pacman-contrib pacutils docker docker-compose nodejs npm shadowsocks-libev simple-obfs shadowsocks-v2ray-plugin tmux rng-tools archlinuxcn-keyring

	# hostname
	echo $HOSTNAME > /etc/hostname

	# Locale: timezone and language
	ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
	echo LANG=en_US.UTF-8 > /etc/locale.conf
	sed -i 's/#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/g' /etc/locale.gen
	sed -i 's/#zh_CN.UTF-8 UTF-8/zh_CN.UTF-8 UTF-8/g' /etc/locale.gen
	locale-gen

	# Optmize tcp
	cat > /etc/sysctl.d/tcp_fastopen.conf << EOF
	# tcp_fastopen
	net.ipv4.tcp_fastopen = 3
	EOF

	cat > /etc/modules-load.d/tcp_bbr.conf << EOF
	tcp_bbr
	EOF

	cat > /etc/sysctl.d/tcp_bbr.conf << EOF
	# tcp_bbr
	net.core.default_qdisc = fq
	net.ipv4.tcp_congestion_control = bbr
	EOF

	modprobe tcp_bbr
	sysctl --system
	# check
	sysctl net.ipv4.tcp_available_congestion_control
	sysctl net.ipv4.tcp_congestion_control

	# User
	useradd -mG wheel,docker $USERNAME -s /usr/bin/fish
	echo '%wheel ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/wheel
	sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin no/g' /etc/ssh/sshd_config

	# Entropy
	systemctl enable --now rngd.service

	# Nginx
	systemctl enable --now nginx.service

	# Docker
	systemctl enable --now docker.service

	# shadowsocks-libev-server
	mkdir /etc/shadowsocks
	cat > /etc/shadowsocks/config.json << EOF
	{
	"server": [ "0.0.0.0", "::0" ],
	"server_port": ${SS_PORTNO},
	"method": "${SS_METHOD}",
	"password": "${SS_PASSWD}",
	"mode": "tcp_and_udp",
	"timeout": 1800,
	"reuse_port": true,
	"fast_open": true,
	"no_delay": true,
	"plugin": "obfs-server",
	"plugin_opts": "obfs=tls;failover=127.0.0.1:443"
	}
	EOF
	systemctl enable --now shadowsocks-libev-server@config.service

	FISH_ALIAS="
	alias ls='ls --color --classify --time-style=long-iso'
	alias l='ls'
	alias ll='ls -lh'
	alias la='ls -alh'
	alias qwq='uname -snrm; uptime'
	"

	# Root fish shell config
	chsh -s /usr/bin/fish
	mkdir -p /root/.config/fish
	cat > /root/.config/fish/config.fish << EOF
	function fish_greeting
	echo "You are now ROOT user!"
	echo "With great power, comes great responsibility."
	end
	$FISH_ALIAS
	EOF

	# simple vim config
	cat > /root/.vimrc << EOF
	unlet! skip_defaults_vim
	source $VIMRUNTIME/defaults.vim

	set nu
	highlight LineNr ctermfg=lightgrey

	set autoindent
	set smartindent
	set expandtab
	set shiftwidth=4
	set tabstop=4

	set laststatus=2
	set showtabline=2
	EOF

	# Config for user

	# your .vimrc too
	cp /root/.vimrc /home/$USERNAME/.vimrc

	# Install fisher
	curl https://git.io/fisher --create-dirs -sLo /home/$USERNAME/.config/fish/functions/fisher.fish

	# greeting and alias
	cat > /home/$USERNAME/.config/fish/config.fish << EOF
	set PATH \$HOME/.local/bin \$PATH

	function fish_greeting
	uname -snrm; uptime
	end
	$FISH_ALIAS
	EOF

	# npm global path
	cat > /home/$USERNAME/.npmrc << EOF
	prefix=/home/$USERNAME/.local
	EOF

	# Config dirs
	mkdir -p /home/$USERNAME/.local/bin

	chown -R $USERNAME:$USERNAME /home/$USERNAME

	echo "
	Almost done! You may also want to:
	- change password for user $USERNAME
	- install some AUR helper
	- instal package group 'base-devel' or 'meta-group-base-devel' on AUR
	"