The_miro
/
Dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Autosetup: OK WE ONLY USE CAPS FROM NOW ON

main
The_miro 2025-11-29 03:55:05 +01:00
parent 63c7a288be
commit 94f45ae105
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
setup/arch-auto-install-new-cgpt.sh
View File

@ -8,7 +8,7 @@ read -rp "Type 'YES' to continue: " confirm
[[ "$confirm" == "YES" ]] || { echo "Aborted."; exit 1; } [[ "$confirm" == "YES" ]] || { echo "Aborted."; exit 1; }
# Ensure required packages # Ensure required packages
pacman -Sy --noconfirm parted cryptsetup libfido2 pam-u2f pacman -Sy --NOconfirm parted cryptsetup libfido2 pam-u2f
# Ask for drive # Ask for drive
lsblk lsblk
@ -42,7 +42,7 @@ mkswap "$SWAP_PART"
swapon "$SWAP_PART" swapon "$SWAP_PART"
# Ask if FIDO2 unlocking should be enabled for LUKS # Ask if FIDO2 unlocking should be enabled for LUKS
read -rp "Enable FIDO2 unlocking for root partition? (yes/no): " FIDO_ROOT read -rp "Enable FIDO2 unlocking for root partition? (YES/NO): " FIDO_ROOT
# Encrypt root partition # Encrypt root partition
echo "Encrypting root partition with LUKS..." echo "Encrypting root partition with LUKS..."
@ -51,7 +51,7 @@ cryptsetup open "$ROOT_PART" cryptroot
# Add multiple FIDO2 keys for LUKS # Add multiple FIDO2 keys for LUKS
if [[ "$FIDO_ROOT" == "yes" ]]; then if [[ "$FIDO_ROOT" == "YES" ]]; then
systemd-cryptenroll "$ROOT_PART" --fido2-device=auto systemd-cryptenroll "$ROOT_PART" --fido2-device=auto
# read -rp "How many FIDO2 keys for LUKS unlocking? " FIDO_LUKS_COUNT # read -rp "How many FIDO2 keys for LUKS unlocking? " FIDO_LUKS_COUNT
# for ((i=1; i<=FIDO_LUKS_COUNT; i++)); do # for ((i=1; i<=FIDO_LUKS_COUNT; i++)); do
@ -95,7 +95,7 @@ read -rsp "Enter password for $USERNAME: " USERPASS
echo echo
# Ask if FIDO2 should be enabled for user login # Ask if FIDO2 should be enabled for user login
read -rp "Enable FIDO2 authentication for user login? (yes/no): " FIDO_USER read -rp "Enable FIDO2 authentication for user login? (YES/NO): " FIDO_USER
# Install base system # Install base system
pacstrap /mnt base "$KERNEL" linux-firmware vim bash zsh git less btop fastfetch networkmanager grub cryptsetup libfido2 pam-u2f $GPU_PKGS pacstrap /mnt base "$KERNEL" linux-firmware vim bash zsh git less btop fastfetch networkmanager grub cryptsetup libfido2 pam-u2f $GPU_PKGS
@ -123,7 +123,7 @@ useradd -m -G wheel -s /bin/zsh "$USERNAME"
echo "$USERNAME:$USERPASS" | chpasswd echo "$USERNAME:$USERPASS" | chpasswd
echo "%wheel ALL=(ALL) ALL" >> /etc/sudoers echo "%wheel ALL=(ALL) ALL" >> /etc/sudoers
if [[ "$FIDO_ROOT" == "yes" ]]; then if [[ "$FIDO_ROOT" == "YES" ]]; then
# Initramfs hooks for LUKS + FIDO2 # Initramfs hooks for LUKS + FIDO2
sed -i 's/^HOOKS=.*/HOOKS=(base udev autodetect modconf block encrypt filesystems keyboard fsck)/' /etc/mkinitcpio.conf sed -i 's/^HOOKS=.*/HOOKS=(base udev autodetect modconf block encrypt filesystems keyboard fsck)/' /etc/mkinitcpio.conf
@ -137,7 +137,7 @@ grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=GRUB
grub-mkconfig -o /boot/grub/grub.cfg grub-mkconfig -o /boot/grub/grub.cfg
# FIDO2 for user login # FIDO2 for user login
if [[ "$FIDO_USER" == "yes" ]]; then if [[ "$FIDO_USER" == "YES" ]]; then
mkdir -p /home/$USERNAME/.config/Yubico mkdir -p /home/$USERNAME/.config/Yubico
read -rp "How many FIDO2 keys for user login? " FIDO_USER_COUNT read -rp "How many FIDO2 keys for user login? " FIDO_USER_COUNT
for ((i=1; i<=FIDO_USER_COUNT; i++)); do for ((i=1; i<=FIDO_USER_COUNT; i++)); do