From a56d27888c760053d304994f5056a48a8da84339 Mon Sep 17 00:00:00 2001
From: The_miro <amir@abdelbaki.eu>
Date: Tue, 12 May 2026 13:46:49 +0200
Subject: [PATCH] setup: add archiso profile and run tui-install inside chroot

- Add setup/archiso/ with build.sh, releng overlay, motd, and
  install-arch launcher command for the live ISO
- Fix cryptroot mapper name in arch-autoinstall.sh (was 'root',
  breaking all subsequent mounts)
- Add base-devel to pacstrap in both installers (required for yay/makepkg)
- Clone dotfiles inside chroot so tui-install.sh is available immediately
- After base install, offer to run tui-install.sh as the regular user
  inside the chroot via runuser, with a temporary NOPASSWD sudoers rule;
  skip option available for base-only installs

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 setup/arch-autoinstall.sh                     | 37 +++++++++++++-
 setup/archbaseos-guided-install.sh            | 34 ++++++++++++-
 setup/archiso/build.sh                        | 51 +++++++++++++++++++
 setup/archiso/overlay/airootfs/etc/motd       | 14 +++++
 setup/archiso/overlay/airootfs/root/launch.sh |  8 +++
 .../airootfs/usr/local/bin/install-arch       |  2 +
 setup/archiso/overlay/packages.extra          |  6 +++
 setup/archiso/overlay/profiledef.sh           | 24 +++++++++
 8 files changed, 172 insertions(+), 4 deletions(-)
 create mode 100644 setup/archiso/build.sh
 create mode 100644 setup/archiso/overlay/airootfs/etc/motd
 create mode 100644 setup/archiso/overlay/airootfs/root/launch.sh
 create mode 100644 setup/archiso/overlay/airootfs/usr/local/bin/install-arch
 create mode 100644 setup/archiso/overlay/packages.extra
 create mode 100644 setup/archiso/overlay/profiledef.sh

diff --git a/setup/arch-autoinstall.sh b/setup/arch-autoinstall.sh
index 35c2b64..4fd7d61 100755
--- a/setup/arch-autoinstall.sh
+++ b/setup/arch-autoinstall.sh
@@ -82,7 +82,7 @@ read -rp "Enable FIDO2 unlocking for root partition? (YES/NO): " FIDO_ROOT
 ############################################
 echo "Encrypting root partition..."
 cryptsetup -v luksFormat "$ROOT_PART"
-cryptsetup open "$ROOT_PART" root
+cryptsetup open "$ROOT_PART" cryptroot
 
 ############################################
 # OPTIONAL FIDO2 ENROLLMENT
@@ -135,7 +135,7 @@ read -rp "Enable FIDO2 authentication for user login? (YES/NO): " FIDO_USER
 ############################################
 # BASE INSTALL
 ############################################
-pacstrap -K /mnt base "$KERNEL" linux-firmware vim bash zsh git less btop fastfetch \
+pacstrap -K /mnt base base-devel "$KERNEL" linux-firmware vim bash zsh git less btop fastfetch \
     networkmanager grub cryptsetup libfido2 pam-u2f efibootmgr sudo btrfs-progs lvm2 $GPU_PKGS
 
 ############################################
@@ -211,8 +211,36 @@ if [[ "$FIDO_USER" == "YES" ]]; then
     echo "auth required pam_u2f.so" >> /etc/pam.d/system-local-login
 fi
 
+
+###################################################
+# CLONE DOTFILES FOR POST-INSTALL SETUP
+###################################################
+echo "Cloning dotfiles..."
+git clone https://git.abdelbaki.eu/The_miro/Dotfiles.git /home/$USERNAME/Dotfiles \
+    && chown -R $USERNAME:$USERNAME /home/$USERNAME/Dotfiles \
+    || echo "Warning: dotfiles clone failed — clone manually after first boot."
+
 EOF
 
+############################################
+# DOTFILES SETUP (in-chroot, optional)
+############################################
+echo
+read -rp "Run dotfiles TUI setup inside chroot now? [YES/no]: " _RUN_TUI
+_RUN_TUI="${_RUN_TUI:-YES}"
+
+if [[ "${_RUN_TUI^^}" == "YES" ]]; then
+    echo "${USERNAME} ALL=(ALL) NOPASSWD: ALL" \
+        | arch-chroot /mnt tee /etc/sudoers.d/99-setup-nopasswd > /dev/null
+
+    echo "Running tui-install.sh as ${USERNAME} inside chroot..."
+    arch-chroot /mnt runuser -u "${USERNAME}" -- \
+        bash "/home/${USERNAME}/Dotfiles/setup/tui-install.sh" \
+        || echo "Warning: tui-install exited with errors — check ~/dotfiles-install.log in the new system."
+
+    arch-chroot /mnt rm -f /etc/sudoers.d/99-setup-nopasswd
+fi
+
 ############################################
 # SUMMARY OUTPUT (NEW)
 ############################################
@@ -247,4 +275,9 @@ cp $LOGFILE /mnt/boot/
 # DONE
 ############################################
 echo "Installation complete! You can now unmount and reboot."
+echo
+if [[ "${_RUN_TUI^^}" != "YES" ]]; then
+    echo "After first boot, login as $USERNAME and run:"
+    echo "  ~/Dotfiles/setup/tui-install.sh"
+fi
 
diff --git a/setup/archbaseos-guided-install.sh b/setup/archbaseos-guided-install.sh
index a175ee5..757a6e4 100755
--- a/setup/archbaseos-guided-install.sh
+++ b/setup/archbaseos-guided-install.sh
@@ -130,7 +130,7 @@ read -rsp "Password for $USERNAME: " USERPASS; echo
 read -rp "Enable FIDO2 for user login? (YES/NO): " ENABLE_FIDO_USER
 
 pacstrap /mnt \
-    base "$KERNEL" linux-firmware vim zsh git networkmanager grub efibootmgr \
+    base base-devel "$KERNEL" linux-firmware vim zsh git networkmanager grub efibootmgr \
     btrfs-progs cryptsetup libfido2 pam-u2f sudo "$GPU_PKGS"
 
 genfstab -U /mnt >> /mnt/etc/fstab
@@ -196,7 +196,37 @@ if [[ "$ENABLE_FIDO_USER" == "YES" ]]; then
     sudo -u "$USERNAME" bash -c "pamu2fcfg >> /home/$USERNAME/.config/Yubico/u2f_keys"
     echo "auth required pam_u2f.so" >> /etc/pam.d/system-auth
 fi
+
+echo "Cloning dotfiles..."
+git clone https://git.abdelbaki.eu/The_miro/Dotfiles.git /home/$USERNAME/Dotfiles \
+    && chown -R $USERNAME:$USERNAME /home/$USERNAME/Dotfiles \
+    || echo "Warning: dotfiles clone failed — clone manually after first boot."
+
 EOF
 
+############################################
+#  DOTFILES SETUP (in-chroot, optional)
+############################################
+echo
+read -rp "Run dotfiles TUI setup inside chroot now? [YES/no]: " _RUN_TUI
+_RUN_TUI="${_RUN_TUI:-YES}"
+
+if [[ "${_RUN_TUI^^}" == "YES" ]]; then
+    echo "${USERNAME} ALL=(ALL) NOPASSWD: ALL" \
+        | arch-chroot /mnt tee /etc/sudoers.d/99-setup-nopasswd > /dev/null
+
+    echo "Running tui-install.sh as ${USERNAME} inside chroot..."
+    arch-chroot /mnt runuser -u "${USERNAME}" -- \
+        bash "/home/${USERNAME}/Dotfiles/setup/tui-install.sh" \
+        || echo "Warning: tui-install exited with errors — check ~/dotfiles-install.log in the new system."
+
+    arch-chroot /mnt rm -f /etc/sudoers.d/99-setup-nopasswd
+fi
+
 echo "Installation complete!"
-echo "Run: umount -R /mnt && reboot"
+echo "  umount -R /mnt && reboot"
+if [[ "${_RUN_TUI^^}" != "YES" ]]; then
+    echo
+    echo "After first boot, login as ${USERNAME} and run:"
+    echo "  ~/Dotfiles/setup/tui-install.sh"
+fi
diff --git a/setup/archiso/build.sh b/setup/archiso/build.sh
new file mode 100644
index 0000000..a057f78
--- /dev/null
+++ b/setup/archiso/build.sh
@@ -0,0 +1,51 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+DOTFILES_DIR="$(cd "$SCRIPT_DIR/../.." && pwd)"
+WORK_DIR="/tmp/m-archy-build"
+OUT_DIR="${1:-/tmp/m-archy-out}"
+PROFILE="$WORK_DIR/profile"
+RELENG="/usr/share/archiso/configs/releng"
+
+if ! command -v mkarchiso &>/dev/null; then
+    echo "Installing archiso..."
+    sudo pacman -S --noconfirm archiso
+fi
+
+[[ -d "$RELENG" ]] || { echo "ERROR: $RELENG not found — is archiso installed?"; exit 1; }
+
+rm -rf "$WORK_DIR"
+mkdir -p "$WORK_DIR" "$OUT_DIR"
+
+echo "Copying releng base profile..."
+cp -r "$RELENG" "$PROFILE"
+
+echo "Applying M-Archy overlay..."
+cp -r "$SCRIPT_DIR/overlay/airootfs/." "$PROFILE/airootfs/"
+
+echo "Replacing profiledef..."
+cp "$SCRIPT_DIR/overlay/profiledef.sh" "$PROFILE/profiledef.sh"
+
+echo "Adding extra packages..."
+while IFS= read -r pkg || [[ -n "$pkg" ]]; do
+    [[ -z "$pkg" || "$pkg" == \#* ]] && continue
+    grep -qxF "$pkg" "$PROFILE/packages.x86_64" || echo "$pkg" >> "$PROFILE/packages.x86_64"
+done < "$SCRIPT_DIR/overlay/packages.extra"
+
+echo "Embedding installer scripts..."
+mkdir -p "$PROFILE/airootfs/root/installer"
+cp "$DOTFILES_DIR/setup/archbaseos-guided-install.sh" "$PROFILE/airootfs/root/installer/"
+cp "$DOTFILES_DIR/setup/arch-autoinstall.sh"          "$PROFILE/airootfs/root/installer/"
+
+chmod 755 \
+    "$PROFILE/airootfs/root/launch.sh" \
+    "$PROFILE/airootfs/usr/local/bin/install-arch" \
+    "$PROFILE/airootfs/root/installer/"*.sh
+
+echo "Building ISO (this may take a while)..."
+sudo mkarchiso -v -w "$WORK_DIR/mkarchiso" -o "$OUT_DIR" "$PROFILE"
+
+echo
+echo "Done."
+ls -lh "$OUT_DIR/"*.iso 2>/dev/null || true
diff --git a/setup/archiso/overlay/airootfs/etc/motd b/setup/archiso/overlay/airootfs/etc/motd
new file mode 100644
index 0000000..6fe2ae6
--- /dev/null
+++ b/setup/archiso/overlay/airootfs/etc/motd
@@ -0,0 +1,14 @@
+
++-----------------------------------------------------+
+|         M-Archy -- Arch Linux Installer ISO         |
+|                    by The_miro                      |
++-----------------------------------------------------+
+
+  Commands:
+    install-arch          guided installer (recommended)
+    install-arch auto     automated installer (no prompts)
+
+  Scripts are also at: ~/installer/
+
+  Dotfiles: https://git.abdelbaki.eu/The_miro/Dotfiles
+
diff --git a/setup/archiso/overlay/airootfs/root/launch.sh b/setup/archiso/overlay/airootfs/root/launch.sh
new file mode 100644
index 0000000..f7eadeb
--- /dev/null
+++ b/setup/archiso/overlay/airootfs/root/launch.sh
@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+INSTALLER_DIR="$HOME/installer"
+case "${1:-guided}" in
+    auto)   exec bash "$INSTALLER_DIR/arch-autoinstall.sh" ;;
+    guided) exec bash "$INSTALLER_DIR/archbaseos-guided-install.sh" ;;
+    *)      exec bash "$INSTALLER_DIR/archbaseos-guided-install.sh" ;;
+esac
diff --git a/setup/archiso/overlay/airootfs/usr/local/bin/install-arch b/setup/archiso/overlay/airootfs/usr/local/bin/install-arch
new file mode 100644
index 0000000..45d2eda
--- /dev/null
+++ b/setup/archiso/overlay/airootfs/usr/local/bin/install-arch
@@ -0,0 +1,2 @@
+#!/usr/bin/env bash
+exec /root/launch.sh "$@"
diff --git a/setup/archiso/overlay/packages.extra b/setup/archiso/overlay/packages.extra
new file mode 100644
index 0000000..bad3ace
--- /dev/null
+++ b/setup/archiso/overlay/packages.extra
@@ -0,0 +1,6 @@
+# Extra packages on top of releng for M-Archy installer
+git
+jq
+pam-u2f
+btop
+fastfetch
diff --git a/setup/archiso/overlay/profiledef.sh b/setup/archiso/overlay/profiledef.sh
new file mode 100644
index 0000000..af84097
--- /dev/null
+++ b/setup/archiso/overlay/profiledef.sh
@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+# M-Archy archiso profile — based on releng
+iso_name="m-archy"
+iso_label="M_ARCHY_$(date --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%Y%m)"
+iso_publisher="The_miro <https://git.abdelbaki.eu/The_miro/Dotfiles>"
+iso_application="M-Archy Arch Linux Installer"
+iso_version="$(date --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%Y.%m.%d)"
+install_dir="arch"
+buildmodes=('iso')
+bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-ia32.grub.esp' 'uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito')
+arch="x86_64"
+pacman_conf="pacman.conf"
+airootfs_image_type="squashfs"
+airootfs_image_tool_options=('-comp' 'zstd' '-Xcompression-level' '15')
+bootstrap_tarball_compression=('zstd' '-c' '-T0' '--auto-threads=logical' '--long' '-19')
+file_permissions=(
+  ["/etc/shadow"]="0:0:400"
+  ["/root"]="0:0:750"
+  ["/root/.automated_script.sh"]="0:0:755"
+  ["/root/launch.sh"]="0:0:755"
+  ["/root/installer/archbaseos-guided-install.sh"]="0:0:755"
+  ["/root/installer/arch-autoinstall.sh"]="0:0:755"
+  ["/usr/local/bin/install-arch"]="0:0:755"
+)