Compare commits

...

2 Commits

Author SHA1 Message Date
Alex 8bdee3d2dc add back svlogtail and add artix2 install 2022-07-20 23:26:05 -05:00
Alex ef037c0e39 change startup for artix 2022-07-20 23:24:24 -05:00
10 changed files with 634 additions and 0 deletions

54
.local/bin/svlogtail Executable file
View File

@ -0,0 +1,54 @@
#!/bin/sh
#copied from: https://github.com/void-linux/socklog-void/blob/master/svlogtail
usage () {
cat <<-'EOF'
svlogtail [-f] [LOG...] - show svlogd logs conveniently
Without arguments, show current logs of all services, uniquely.
With arguments, show all logs of mentioned services
With -f, follow log output.
EOF
}
globexist() {
[ -f "$1" ]
}
IFS='
'
fflag=false
if [ "$1" = -f ]; then
shift
fflag=true
fi
if [ $# = 0 ]; then
cat /var/log/socklog/*/current | sort -u
if $fflag; then
tail -Fq -n0 /var/log/socklog/*/current | uniq
fi
else
old=
cur=
for log; do
case "$log" in
-*) usage; exit 1;;
esac
if [ -d /var/log/socklog/$log ]; then
if globexist /var/log/socklog/$log/*.[us]; then
old="$old$IFS/var/log/socklog/$log/*.[us]"
fi
cur="$cur$IFS/var/log/socklog/$log/current"
else
echo "no logs for $log" 1>&2
exit 1
fi
done
cat $old $cur | sort
if $fflag; then
tail -Fq -n0 $cur
fi
fi

View File

@ -1,2 +1,5 @@
gammastep-init.sh
udiskie
pipewire.sh
mako
mpd

View File

@ -0,0 +1,24 @@
had to remove some pkgs from base.list
only had to enable multilib in pacman.conf
was prompted to replace jack2 which caused base.list install to not work
removed grub update since using systemd boot
commented out runit setup
dont need to install: chronie, cronie?(systemd timers)
#Remember for next install
*make sure to enter in the kernel image names correctly (especially if using zen kernel)
*for systemd boot for PARTUUID get this from blkid
*remember to generate locales (locale-gen)
**ARTIX**
add back in code to enable all repos, need universe for arch repos now
think of way to setup ~/.local/init/setup which can work with systemd or artix

View File

@ -0,0 +1,306 @@
#!/bin/sh
. ./programs.sh
#$1 -> repo name to enable
#$2 -> mirror list file name in /etc/pacman.d/ (default: mirrorlist)
#ex: enable_repo lib32
#ex: enable_repo community mirrorlist-arch
enable_repo() {
REPO="$1"
MIRRORLIST="mirrorlist"
[ "$2" ] && MIRRORLIST="$2"
if [ $# -gt 0 ] && [ -z "$(grep "^\[$1" /etc/pacman.conf)" ]; then
sudo sh -c "echo "[$REPO]" >> /etc/pacman.conf"
sudo sh -c "echo "Include\ =\ /etc/pacman.d/$MIRRORLIST" >> /etc/pacman.conf"
sudo sh -c "echo "" >> /etc/pacman.conf"
fi
}
#TODO only needed to enable multilib for arch
enable_repos() {
sudo pacman -Sy
#commenting since this is done during archinstall
#enable multilib
#sudo sh -c "echo "[multilib]" >> /etc/pacman.conf"
#sudo sh -c "echo "Include\ =\ /etc/pacman.d/mirrorlist" >> /etc/pacman.conf"
#sudo sh -c "echo "" >> /etc/pacman.conf"
sudo pacman -Sy
#install yay for aur support
sudo pacman -S git fakeroot base-devel
mkdir -p ~/.local/src/
git clone https://aur.archlinux.org/yay.git ~/.local/src/yay/
cd ~/.local/src/yay || return
makepkg -si
cd -
}
init_setup() {
sudo timedatectl set-ntp true
#system services
#sudo systemctl enable connman.service
#sudo systemctl enable ufw.service
#sudo systemctl enable cronie.service
#sudo systemctl enable systemd-timesyncd.service
#sudo systemctl enable nix-daemon.service
sudo ln -s /etc/runit/sv/ufw /run/runit/service/
sudo ln -s /etc/runit/sv/cronie /run/runit/service/
sudo ln -s /etc/runit/sv/chrony /run/runit/service/
sudo ln -s /etc/runit/sv/socklog /run/runit/service/
#user services
#systemctl --user enable mako.service
#systemctl --user enable mpd.service
#systemctl --user enable pipewire.service
#systemctl --user enable pipewire-pulse.service
#systemctl --user enable wireplumber.service
}
wireless() {
sudo pacman -S tlp iwd bluez bluez-utils
sudo pacman -S tp_smapi smartmontools ethtool #opts for tlp
sudo pacman -S tlp-runit iwd-runit bluez-runit
sudo ln -s /etc/runit/sv/tlp /run/runit/service/
sudo ln -s /etc/runit/sv/iwd /run/runit/service/
sudo ln -s /etc/runit/sv/bluetoothd /run/runit/service/
}
harden() {
#install required programs
sudo pacman -S firejail apparmor
#enable apparmor service
sudo systemctl enable apparmor.service
sudo systemctl start apparmor.service
#configure apparmor to use firejail and configure firejail to automatically run for supported programs
sudo apparmor_parser -r /etc/apparmor.d/firejail-default
sudo firecfg
#add user to /etc/firejail/firejail.users if it is not already in the file
if [ -z "$(grep "$USER" /etc/firejail/firejail.users)" ]; then
sudo sh -c "echo '$USER' >> /etc/firejail/firejail.users"
fi
echo "============================================"
echo " Applying Hardening Configuration"
echo "============================================"
echo ""
echo "append this to your kernel params:"
echo " lsm=landlock,lockdown,yama,integrity,apparmor,bpf"
echo " systemd-boot: /boot/loader/entries/*.conf, append to end of line beginning with \"options\""
echo " grub: /etc/default/grub"
echo ""
echo " run this script with the --harden flag again after rebooting to ensure all settings are applied correctly."
echo " press enter to continue."
read input
}
configure() {
#setup home directories
mkdir ~/docs/
mkdir ~/dl/
mkdir ~/media/
mkdir -p ~/.local/share/gnupg/
mkdir -p ~/.config/mpd/playlists
mkdir -p ~/.local/share/desktop
mkdir .local/share/public
mkdir .local/share/templates
mkdir media/audio
mkdir media/video
#setup ufw
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow http
sudo ufw allow https
#sudo ufw allow ssh
sudo ufw allow ntp
sudo ufw allow 67:68/tcp
sudo ufw allow 53
#allow torrent client traffic
sudo ufw allow 56881:56889/tcp
#rules to allow steam
sudo ufw allow 27000:27036/udp
sudo ufw allow 27036:27037/tcp
sudo ufw allow 4380/udp
sudo ufw enable
#install zsh shell
chsh -s /bin/zsh "$USER"
#setup .zprofile and zsh history file
cd ~ || return
ln -s ~/.profile ~/.zprofile
mkdir -p ~/.cache/zsh
touch ~/.cache/zsh/history
#replace sudo with doas
echo "installing doas, symlinking to sudo, and UNINSTALLING SUDO. sudo is uninstalled using doas so permissions should be setup right if you are able to uninstall. (y/N)"
read input
if [ "$input" = "y" ]; then
echo "permit persist $USER as root" > ~/.cache/doas.conf
echo "permit nopass :wheel as root cmd /sbin/poweroff" >> ~/.cache/doas.conf
echo "permit nopass :wheel as root cmd /sbin/reboot" >> ~/.cache/doas.conf
sudo cp ~/.cache/doas.conf /etc/doas.conf
rm ~/.cache/doas.conf
doas pacman -R sudo && doas ln -s /bin/doas /bin/sudo #TODO ARCH SPECIFIC
fi
#set limits for esync
sudo sh -c "echo '$USER hard nofile 524288' >> /etc/security/limits.conf"
#set limits for monero
sudo sh -c "echo '$USER hard memlock 2048' >> /etc/security/limits.conf"
sudo sh -c "echo '$USER hard memlock 2048' >> /etc/security/limits.conf"
#fix issue with arduino ide and tiling wms
sudo sh -c 'echo "export _JAVA_AWT_WM_NONREPARENTING=1" >> /etc/profile.d/jre.sh'
#set console terminal font
sudo sh -c 'echo "FONT=Lat2-Terminus16" >> /etc/vconsole.conf'
#set grub theme
sudo sed -i 's/#GRUB_COLOR_NORMAL/GRUB_COLOR_NORMAL/g' /etc/default/grub
sudo sed -i 's/#GRUB_COLOR_HIGHLIGHT/GRUB_COLOR_HIGHLIGHT/g' /etc/default/grub
#nix configuration
#add user to nix-users group
sudo adduser -a -G nix-users "$USER"
#add nix unstable channel
nix-channel --add https://nixos.org/channels/nixpkgs-unstable
nix-channel --update
#download collapse OS
mkdir -p "$HOME"/.local/src/
cd "$HOME"/.local/src/
wget http://collapseos.org/files/collapseos-latest.tar.gz
cd -
#set wallpaper
ln -s ~/media/img/wallpapers/alena-aenami-eclipse-1k.jpg ~/.config/wall
#link Xresources for xwayland
ln -s ~/.config/Xresources ~/.Xdefaults
#set /tmp to tmpfs
if [ -z "$(grep "/tmp" /etc/fstab)" ]; then
sudo sh -c 'echo "tmpfs /tmp tmpfs rw,nodev,nosuid,size=2G 0 0" >> /etc/fstab'
fi
}
base() {
#enable repos (lib32, community, and universe) and install yay
enable_repos
#install all packages in $PKGS
sudo pacman --noconfirm --needed -S - < ./pkgs/base.list
#install all packages in $AUR_PKGS
yay --needed -S - < ./pkgs/aur.list
#setup local git repos defined in $GIT_REPOS to $GIT_REPOS_DIR
sh ~/.local/scripts/install.sh add-repos ./pkgs/repos.list
#link rofi themes directory so that theming works
mkdir -p "$HOME"/.local/share/rofi/
ln -s "$HOME"/.local/src/base16-rofi/themes/ "$HOME"/.local/share/rofi/themes
init_setup
#configure programs, directories, change shell, etc
configure
#install microcode for CPU
#echo "enter CPU type to install microcode for (amd intel)"
#read input
#if [ "$input" = "amd" ]; then
# sudo pacman -S amd-ucode
#elif [ "$input" = "intel" ]; then
# sudo pacman -S intel-ucode
#fi
#rebuild kernel after install for microcode
sudo mkinitcpio -P #rebuild kernel
#sudo grub-mkconfig -o /boot/grub/grub.cfg #update grub
echo "installation finished"
}
help() {
echo " artix-install.sh"
echo " --base perform basic install. Enable repos, install programs"
echo ""
echo " --gaming install steam and lutris. Use flags --amd, --nvidia, --intel to install"
echo " with corresponding graphics drivers. Otherwise you will be prompted"
echo ""
echo " --virt-manager install virt-manager"
echo ""
echo " --wireless install/setup programs for wifi/bluetooth"
echo ""
echo " --ungoogled-chromium install ungoogled-chromium. also installs chrome-web-store and ublock origin"
echo ""
echo " --harden enable extra security settings (apparmor, firejail), THIS NEEDS TO BE RUN"
echo " AGAIN AFTER INSTALL AND REBOOT, to ensure settings are applied correctly."
echo " make sure to follow on screen instructions to set kernel params"
}
BASE=""
GAMING=""
WIRELESS=""
UNGOOGLED_CHROMIUM=""
VIRT_MANAGER=""
HARDEN=""
for arg in "$@"
do
[ "$arg" = "--base" ] && BASE="true"
[ "$arg" = "--gaming" ] && GAMING="true"
[ "$arg" = "--virt-manager" ] && VIRTMGR="true"
[ "$arg" = "--wireless" ] && WIRELESS="true"
[ "$arg" = "--ungoogled-chromium" ] && UNGOOGLED_CHROMIUM="true"
[ "$arg" = "--harden" ] && HARDEN="true"
[ "$arg" = "--help" ] && help && exit
done
[ "$#" = "0" ] && help && exit
[ "$BASE" ] && base
[ "$GAMING" ] && gaming "$@"
[ "$WIRELESS" ] && wireless
[ "$UNGOOGLED_CHROMIUM" ] && ungoogled_chromium "$@"
[ "$VIRT_MANAGER" ] && virt_manager
[ "$HARDEN" ] && harden

View File

@ -0,0 +1,19 @@
lf
mutt-wizard
htim
jmtpfs
tremc-git
dashbinsh
pfetch
sysrq-enabler
wlr-randr
sfeed
kjv-apocrypha
yt-watch
yt-dlp-drop-in
udiskie
waylogout-git
ani-cli-git
rofi-lbonn-wayland-git
pipe-viewer-git
connman-gtk

View File

@ -0,0 +1,87 @@
pipewire
pipewire-alsa
pipewire-pulse
pipewire-jack
gst-plugin-pipewire
wireplumber
wireplumber-docs
alsa-utils
pacman-contrib
man-db
freetype2
gst-libav
xdg-utils
xdg-user-dirs
fuse
python-urwid
btrfs-progs
reiserfsprogs
ufw
wget
curl
zip
unzip
p7zip
dash
mesa
rsync
cronie
connman
fakeroot
python-pip
udisks2
pavucontrol
yt-dlp
transmission-cli
neovim
mpd
mpv
opendoas
zsh
clang
lynx
shellcheck
noto-fonts
noto-fonts-emoji
noto-fonts-cjk
lxappearance
qt5ct
imagemagick
ffmpegthumbnailer
python-pywal
pulsemixer
pamixer
papirus-icon-theme
python-pdftotext
viu
bat
imv
ncmpcpp
zathura
zathura-cb
zathura-djvu
zathura-pdf-mupdf
sway
swaybg
swayidle
swaylock
waybar
mako
wl-clipboard
grim
slurp
xorg-xwayland
alacritty
gammastep
openssh
aria2
libva-mesa-driver
bc
firefox
chromium
flatpak
chrony
ufw-runit
cronie-runit
chrony-runit
socklog

View File

@ -0,0 +1,3 @@
https://github.com/aarowill/base16-alacritty.git
https://github.com/rkubosz/base16-sway.git
https://gitlab.com/jordiorlando/base16-rofi.git

View File

@ -0,0 +1,106 @@
#!/bin/sh
##############################################################################
# This script provides functions to install/configure certain programs
# that are more complicated ( more than just pacman -S program ) to install/setup.
#
# These programs assume that yay, lib32, and arch's community repo has been enabled.
# If you get an error during installation try running ./artix-install.sh --base
##############################################################################
repo_check() {
if [ -z "$(grep "^\[multilib" /etc/pacman.conf)" ] ||
[ -z "$(grep "^\[community" /etc/pacman.conf)" ] ||
echo "repo check"
[ ! -f "/usr/bin/yay" ]; then
echo "either yay, or the lib32 or community repos have not been setup correctly. Exiting"
exit
fi
}
ungoogled_chromium() {
repo_check
echo "after repo check"
CMD=" -S "
[ "$1" = "-R" ] && CMD=" -Rs "
echo "ungoogled chromium install not working just installing chromium (press enter to continue)"
read input
sudo pacman -S chromium
#yay "$CMD" aur/ungoogled-chromium-binary
#yay "$CMD" aur/chromium-ublock-origin
#yay "$CMD" aur/chromium-extension-web-store
#yay "$CMD" aur/chromium-widevine
}
virt_manager() {
repo_check
echo "install virt-manager?(y/N)"
read -r input
if [ "$input" = "y" ] || [ "$input" = "Y" ]; then
sudo pacman -S --noconfirm sudo pacman -S libvirt qemu virt-manager lxsession
sudo pacman -S --noconfirm gst-plugins-good libvirt-runit
#TODO move this to runit_setup
sudo usermod -G libvirt -a "$USER"
fi
runit_setup --virt-manager
}
gaming() {
repo_check
CMD=" -S --noconfirm "
for arg in "$@"
do
if [ "$arg" = "--nvidia" ]; then
NVIDIA_GPU="TRUE"
elif [ "$arg" = "--amd" ]; then
AMD_GPU="TRUE"
elif [ "$arg" = "--intel" ]; then
INTEL_GPU="TRUE"
elif [ "$arg" = "-R" ]; then
CMD=" -Rs "
fi
done
if [ -z "$NVIDIA_GPU" ] && [ -z "$AMD_GPU" ] && [ -z "$INTEL_GPU" ]; then
echo "Enter GPU type (amd nvidia intel):"
read input
[ "$input" = "amd" ] && AMD_GPU="TRUE"
[ "$input" = "nvidia" ] && NVIDIA_GPU="TRUE"
[ "$input" = "intel" ] && INTEL_GPU="TRUE"
fi
echo "Installing with:"
[ "$AMD_GPU" = "TRUE" ] && echo "AMD GPU"
[ "$NVIDIA_GPU" = "TRUE" ] && echo "NVIDIA GPU"
[ "$INTEL_GPU" = "TRUE" ] && echo "INTEL GPU"
echo "press enter to continue."
read input
[ -z "$(grep "^\[lib32" /etc/pacman.conf)" ] && [ -z "$NVIDIA_GPU" ] && [ -z "$AMD_GPU" ] && [ -z "$INTEL_GPU" ] && help && exit
[ "$NVIDIA_GPU" = "TRUE" ] && sudo pacman $CMD nvidia-utils lib32-nvidia-utils
[ "$AMD_GPU" = "TRUE" ] && sudo pacman $CMD vulkan-radeon lib32-vulkan-radeon
[ "$INTEL_GPU" = "TRUE" ] && sudo pacman $CMD vulkan-intel lib32-vulkan-intel
sudo pacman $CMD vulkan-mesa-layers lib32-vulkan-mesa-layers
sudo pacman $CMD wine winetricks #wine-staging
sudo pacman $CMD giflib lib32-giflib libpng lib32-libpng libldap lib32-libldap gnutls lib32-gnutls mpg123 lib32-mpg123 openal lib32-openal v4l-utils lib32-v4l-utils libpulse lib32-libpulse alsa-plugins lib32-alsa-plugins alsa-lib lib32-alsa-lib libjpeg-turbo lib32-libjpeg-turbo libxcomposite lib32-libxcomposite libxinerama lib32-libxinerama ncurses lib32-ncurses opencl-icd-loader lib32-opencl-icd-loader libxslt lib32-libxslt libva lib32-libva gtk3 lib32-gtk3 gst-plugins-base-libs lib32-gst-plugins-base-libs vulkan-icd-loader lib32-vulkan-icd-loader cups samba dosbox
sudo pacman $CMD gamemode lib32-gamemode
sudo pacman $CMD lutris steam
}

View File

@ -0,0 +1,22 @@
[Unit]
Description=Connection service
DefaultDependencies=false
Conflicts=shutdown.target
RequiresMountsFor=/var/lib/connman
After=dbus.service network-pre.target systemd-sysusers.service iwd.service
Before=network.target multi-user.target shutdown.target
Wants=network.target
Requires=iwd.service
[Service]
Type=dbus
BusName=net.connman
Restart=on-failure
ExecStart=/usr/bin/connmand --wifi=iwd_agent -n
StandardOutput=null
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SYS_TIME CAP_SYS_MODULE
ProtectHome=true
ProtectSystem=true
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,10 @@
[Unit]
Description=Internet Wireless Daemon (IWD)
Before=network.target
Wants=network.target
[Service]
ExecStart=/usr/lib/iwd/iwd
[Install]
Alias=multi-user.target.wants/iwd.service