- Pin pamu2fcfg enrollment to the target hostname (-o/-i pam://$HOSTNAME)
so the credential origin matches pam_u2f.so at runtime; enrolling outside
the chroot previously used the live ISO hostname, causing auth to fail
- Add `cue` to the pam_u2f.so PAM line so ly prompts the user to touch
the key after password entry
- Add --needed to hyprlua AUR yay call to survive re-runs
- Degrade gracefully in lamco-rdp-server when no user D-Bus session is
active (systemctl --user enable would abort the module under set -e)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
nmtui is not available on the archiso live environment; direct users to
iwctl (WiFi) or ethernet instead, and pause for input before re-checking.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Rewrites simple-install.sh to use ANSI/read-based TUI primitives
(tui_msg, tui_yesno, tui_input, tui_checklist, tui_menu) instead of
dialog, removing the dialog dependency entirely.
Updates archbaseos-guided-install.sh to invoke simple-install.sh and
drops dialog from the archiso package list; error_handler now uses the
plain read-based croc prompt unconditionally.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
tui-install.sh: dialog height=40 apps checklist and height=24 confirm
dialog both exceeded the standard 24-row VT console, causing dialog to
exit with code 1 and silently skip all apps. Make both heights
terminal-adaptive via tput lines/cols. Also extend the EXIT trap to
reset the terminal so Ctrl-C during a dialog doesn't leave the console
in raw/no-echo mode.
arch-autoinstall.sh, archbaseos-guided-install.sh: add a ping 1.1.1.1
check early in both scripts. In interactive mode, launches nmtui if
offline, then re-checks; prompts to abort if still down. Answerfile
mode logs a warning and continues.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Remove -s flag from read so the password is visible while typing,
enabling piped input to work visibly on the ISO installer.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Inside the chroot the host's udev manages /dev/hidraw* with permissions
scoped to live-system groups; the new user has none of them, so pamu2fcfg
timed out with "No FIDO authenticator found". Move enrollment to after
CHROOT_EOF where it runs as root on the live system, then fix ownership
using the new system's UID/GID.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
On any ERR, both installers now trap the failure, log the line/exit
code, and pop a dialog yes/no asking whether to send the log to another
system via croc. Falls back to a plain read prompt if dialog is absent.
Added dialog and croc to packages.extra so they are present in the live ISO.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add full session logging (tee to logfile) to archbaseos-guided-install.sh,
matching the pattern already in arch-autoinstall.sh; copy log to /mnt/boot/
at the end so it survives into the new system
- Add part() helper to both installers so NVMe/eMMC drives use the correct
'p' separator (e.g. /dev/nvme0n1p1 instead of the broken /dev/nvme0n11)
- Add disk size guard to arch-autoinstall.sh: fail early with a clear message
if ROOT_GIB would be < 8GiB instead of passing a nonsense value to parted
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Keymap selection was unreachable because user input ran after pacman/partition
steps that could fail under set -e. Move the entire user input block (kernel,
hostname, username, encryption, keymap) to before lsblk and drive selection.
Also remove the redundant live-env keymap section (launch.sh handles that).
Drop exec from .zlogin so quitting the installer returns to a bash shell
instead of ending the session.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Both the live-environment prompt and the installed-system prompt now
loop over a single KEYMAPS array, so adding a new layout is a
one-line change.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Prompts for us/de keymap interactively; reads .keymap from answerfile in unattended mode. Writes /etc/vconsole.conf in chroot.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Both arch-autoinstall.sh and archbaseos-guided-install.sh now ask
whether to enable disk encryption. If skipped, btrfs is formatted
directly on the root partition with an appropriate plain GRUB cmdline
(root=UUID=... rootflags=subvol=@).
When encryption is chosen, a 64-byte random key is generated, enrolled
as a second LUKS keyslot, and written to /_LUKS_BACKUP_KEY inside the
new system (mode 400, root-owned, inside the encrypted container).
Also fixes: duplicate 'encrypt' hook in original mkinitcpio HOOKS
strings, missing KERNEL export into arch-autoinstall chroot heredoc.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- New optional modules: ssh-server (openssh, key auth hardened), docker
(+ compose, docker group), podman (rootless, buildah, skopeo, lingering),
cockpit (+ cockpit-machines, cockpit-podman, cockpit-navigator via AUR)
- openssh added to archiso packages.extra for live-env SSH access
- less added to pacstrap base install
- tui-install.sh wired up for all four new modules (checklist, count,
summary, run); dialog dimensions bumped to fit 17 items
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Populate /etc/skel with the Dotfiles repo and standard XDG directories
(Desktop, Documents, Downloads, Music, Pictures, Public, Templates, Videos)
before useradd -m, so the new user's home is fully set up at creation time.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add setup/archiso/ with build.sh, releng overlay, motd, and
install-arch launcher command for the live ISO
- Fix cryptroot mapper name in arch-autoinstall.sh (was 'root',
breaking all subsequent mounts)
- Add base-devel to pacstrap in both installers (required for yay/makepkg)
- Clone dotfiles inside chroot so tui-install.sh is available immediately
- After base install, offer to run tui-install.sh as the regular user
inside the chroot via runuser, with a temporary NOPASSWD sudoers rule;
skip option available for base-only installs
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
