arch-autoinstall.sh was missing the keymap handling added to the guided
installer in the previous two commits, so booting the ISO in auto mode
(answerfile embedded) never called loadkeys and left the installed system
with no /etc/vconsole.conf.
- Add the same KEYMAPS array + selection logic to arch-autoinstall.sh
(AF mode reads .keymap, interactive mode prompts)
- Call loadkeys and export KEYMAP into the chroot
- Write /etc/vconsole.conf inside the chroot
- Add keymap dialog to generate-answerfile.sh so the field is populated
- Document .keymap in the arch-autoinstall.sh answerfile field list
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Both the live-environment prompt and the installed-system prompt now
loop over a single KEYMAPS array, so adding a new layout is a
one-line change.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Prompts for us/de keymap interactively; reads .keymap from answerfile in unattended mode. Writes /etc/vconsole.conf in chroot.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
.zlogin execs .automated_script.sh on login, which checks for /answerfile.json;
if present it runs the auto installer (passing the path), otherwise launches the
guided installer directly — no manual invocation needed.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
pumvisible() checks the native Vim pum, which coc.nvim bypasses in
favour of its own popup — so the confirm never fired. Switch to
coc#pum#visible() / coc#pum#confirm() to match the Tab/S-Tab bindings.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace hyprctl dispatch with hyprctl eval using hl.dsp.* in all
three eww variants. Workspace switching uses hl.dsp.focus with r+/r-
relative prefixes; killactive becomes hl.dsp.window.close(); exec
uses hl.dsp.exec_cmd.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace hyprctl dispatch exec with direct daemon invocation in caffeine.sh,
and replace defunct \$LAPTOP_KB_ENABLED .conf variable with the actual
device key path in hyprland-toggle-touchpad.sh.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The cyberqueer style plugin only overrode polish(QPalette&) with colors
identical to those already in cyberqueer.conf. Qt failed to load the
plugin for apps after the first, falling back to Fusion Light entirely.
Switching to the built-in Fusion style with qt6ct's custom_palette
mechanism gives the same result reliably for every app.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Qt: replace QT_STYLE_OVERRIDE/QT_STYLE_SHEET env vars with QT_QPA_PLATFORMTHEME=qt6ct +
QT_QUICK_CONTROLS_STYLE=Fusion; add cyberqueer Qt6 style plugin (QProxyStyle wrapping
Fusion with hardcoded dark palette); enable custom_palette in qt6ct.conf so qt6ct applies
the dark QPalette directly for both Qt Widgets and Qt Quick apps.
GTK: fix dark mode not applying — set gtk-application-prefer-dark-theme=1 in GTK3
settings.ini; add gsettings color-scheme=prefer-dark to install script (required by
libadwaita apps which ignore gtk-theme-name); add index.theme so the theme is recognized
by GTK theme discovery.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Move settings.json out of the wrong vicinae/vicinae/ subdir so it deploys
to ~/.config/vicinae/settings.json where vicinae actually reads it, enabling
the cyberqueer theme. Add GTK_THEME=cyberqueer on launch for correct font
rendering. Add float=true to the launcher window rule so the cursor-position
move formula is applied.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Adds greggh/claude-code.nvim with plenary.nvim as a required dependency.
Provides :ClaudeCode toggle, continue/resume/verbose commands, and
<C-,> / <leader>cC keybinds out of the box.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
airline#themes#cyberqueer#palette was undefined because the theme file was
being copied under the wrong name (cyberqueer-airline.vim instead of
cyberqueer.vim). Fixed by adding the file at the proper rtp-relative path
nvim/autoload/airline/themes/cyberqueer.vim — picked up automatically via
the ~/.config/nvim symlink, no extra copy step needed. Removed the now-
redundant manual cp from shell-setup.sh.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Renames nvim/ → nvim.old/ (preserving init.vim + incomplete prior attempts)
and creates a fresh nvim/ with init.lua. All settings, keymaps, and plugin
declarations are converted from VimScript to Lua idioms. Plugin manager
migrated from vim-plug to lazy.nvim, which self-bootstraps on first launch.
shell-setup.sh updated to drop the vim-plug curl install; the symlink and
airline theme copy are retained (path updated for lazy's data directory).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Duplicates desktopenvs/hyprland/ as desktopenvs/hyprlua/ and converts all
Hyprland-specific configs (.conf) to Lua (.lua) using the 0.55+ hl.* API:
hyprland.lua, envvars.lua, monitors.lua, input.lua, autostart.lua,
windowrules.lua, binds.lua. Non-Hyprland tool configs (hyprpaper, hyprlock,
hypridle, hyprtoolkit) remain as .conf. Adds hyprlua.sh installer (user-side
.lua files install to ~/.config/hypr/ for require() resolution) and registers
HyprLua as the recommended DE option in tui-install.sh, marking the old
hyprlang-based Hyprland install as legacy.
Also consolidates hyprland (legacy) env vars into hypr-usr/envvars.conf,
removing duplicates from hyprland.conf and monitors.conf.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
9 Markdown pages covering installation, theming, Hyprland, editors,
modules, archiso, FreeIPA/Ansible, and utilities. md-to-html.sh
converts them to self-contained styled HTML using the live palette
from colors.conf with inline CyberQueer CSS.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
New playbook collect-luks-keys.yml connects to all enrolled FreeIPA
clients, checks for /_LUKS_BACKUP_KEY (placed there by the installer
when encryption is enabled), and fetches each key to the Ansible
controller as luks-keys/<HOSTNAME>_LUKS_BACKUP_KEY (mode 0400).
Hosts without the file are reported but not treated as errors.
The luks-keys/ store directory is created with mode 0700.
Usage:
ansible-playbook -i inventory collect-luks-keys.yml
Can be scheduled via cron on the controller for automatic collection.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
tui-install.sh:
- Reads /answerfile.json if present (ANSWERFILE_MODE)
- All dialog selections (components, DE, apps) sourced from file
- Hostname from answerfile gets MAC address suffix appended to
prevent conflicts when deploying one image to multiple machines
- Interactive hostname inputbox added to the normal TUI flow
- Colorway dialog added as final step; skipped if no colors differ
from defaults and no answerfile colors are set
- Answerfile mode: runs non-interactively, logs warnings on failure
generate-answerfile.sh (new):
- Dry-runs the full installer dialog flow (OS + dotfiles)
- Writes selections to ~/answerfile.json (or a given path)
- No software is installed; passwords are never written to the file
build.sh:
- New --preconf [FILE] flag embeds an answerfile into the ISO at
/answerfile.json; omitting the flag leaves the ISO clean
- Validates JSON with jq if available before embedding
- Reworked arg parsing to handle the new flag alongside OUT_DIR
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Both arch-autoinstall.sh and archbaseos-guided-install.sh now ask
whether to enable disk encryption. If skipped, btrfs is formatted
directly on the root partition with an appropriate plain GRUB cmdline
(root=UUID=... rootflags=subvol=@).
When encryption is chosen, a 64-byte random key is generated, enrolled
as a second LUKS keyslot, and written to /_LUKS_BACKUP_KEY inside the
new system (mode 400, root-owned, inside the encrypted container).
Also fixes: duplicate 'encrypt' hook in original mkinitcpio HOOKS
strings, missing KERNEL export into arch-autoinstall chroot heredoc.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
/tmp in WSL is a RAM-backed tmpfs that fills up during the build,
leaving xorriso with no room to write the ISO.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
New optional modules (browsers): chromium, firefox, zen-browser,
nyxt, librewolf, min-browser.
New optional modules (editors/IDEs): vscodium, zed, geany,
codeblocks, kate.
Add lynx to default core packages.
All 11 modules wired into both install-modules.sh and tui-install.sh
(the archiso-embedded installer) with consistent count_steps,
checklist, summary, and dispatch entries. Every module path verified
to exist; all scripts pass bash -n syntax check.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
/tmp fills up during large builds; allow redirecting both dirs without
editing the script (WORK_DIR=~/iso-work ./build.sh ~/iso-out).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace five deprecated boot mode names with the canonical 'bios.syslinux'
and 'uefi.systemd-boot', removing the ia32 grub mode that required grub
installed and conflicted with systemd-boot.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add bc, dmidecode, dosfstools, e2fsprogs, fzf, git, hdparm, lshw, lsof,
openbsd-netcat, parted, ripgrep, rsync, strace, sysstat, tmux, and whois —
utilities that ship by default on most distros or are now effectively standard.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Remove the 'de' checkbox from the component checklist and always show
the desktop environment menu as a dedicated step between component and
app selection. Choosing 'none' or pressing Esc skips DE installation.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Each script installs the DE meta-package, an appropriate display manager,
PipeWire audio, NetworkManager, Bluetooth, and Flatpak, then enables the
relevant services (sddm/gdm/lightdm/cosmic-greeter).
COSMIC falls back to sddm if cosmic-greeter is not installed.
tui-install.sh: DE menu expanded from 3 to 8 entries (height 20×70).
install-modules.sh: DEs added to checklist, summary, and dispatch so
they can be installed standalone on an existing system.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
IPA group naming: fp_install_org__mozilla__firefox (dots encoded as __)
Decoding: sed strips prefix, then s/__/./g restores the Flatpak app ID.
Single underscores in app IDs are preserved unambiguously.
ansipa-install-flatpaks.sh:
- kinit with host keytab, queries ipa group-find --pkey-only with awk $NF
- Validates decoded ID against reverse-domain regex before installing
- Ensures flathub system remote exists
- System-scope install (flatpak install --system) since service runs as root
- Timer offset to 4 min (after packages at 2 min) to avoid contention
deploy-ansipa-install.yml updated to deploy the Flatpak script, service,
and timer alongside the existing package installer.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Presents a Cyberqueer-themed menu after package install:
- Answerfile: prompts for path (defaults to FreeipaAnsible/freeipa-client-answerfile.json),
offers to create one with defaults if it doesn't exist
- Manual: dialog inputboxes for domain, realm, server, hostname, principal,
passwordbox for the admin password, yes/no for mkhomedir/sudo/dns/fido2
- Skip: prints post-install hints
Falls back to ipa-client-install directly if freeipa-client.sh is not
available (standalone install outside the dotfiles repo).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add freeipa-client module (sssd, cyrus-sasl-gssapi, freeipa-client AUR)
with post-install enrollment hints; wired into tui-install.sh and
install-modules.sh
- Add ansipa-install-modules.sh: reads IPA host groups named
ansipa-module-<name>, applies matching module scripts via a yay wrapper
that drops to ANSIPA_USER so AUR builds work from the root service
- Add ansipa-install-modules.service + .timer (boot + 30 min)
- Add deploy-ansipa-modules.yml Ansible playbook that deploys scripts,
writes /etc/ansipa-modules.conf, and enables the timer
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The previous proxmox-vm target (virt-customize + QCOW2) is replaced with
a proper Proxmox LXC CT template builder:
- Exports container rootfs as .tar.zst (same mechanism as the lxc target)
- Asks for CT ID, storage, bridge, memory, cores, disk size
- Generates pve-ct-<VMID>.conf with the required FreeIPA LXC options:
unprivileged: 0
lxc.apparmor.profile: unconfined
lxc.cap.drop:
lxc.mount.auto: proc:rw sys:rw cgroup:rw
lxc.cgroup2.devices.allow: a
- Generates proxmox-lxc-setup.txt with the full 6-step setup guide
(upload, pct create, apply LXC opts, set env vars, start, Keycloak)
- Optionally uploads template + conf to Proxmox host via SCP if a
host is provided
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The_miro