Add setup-system.sh and bootstrap configs

bootstrap.sh

@@ -310,7 +310,7 @@ mkswap /mnt/swap/swapfile
 echo "/swap/swapfile none swap defaults 0 0" >> /mnt/etc/fstab
 
 # sudo
-sed -i 's/# \(%wheel ALL=(ALL:ALL) ALL\)/\1/' /mnt/etc/sudoers
+#sed -i 's/# \(%wheel ALL=(ALL:ALL) ALL\)/\1/' /mnt/etc/sudoers
 
 echo -e "\n### Creating user"
 arch-chroot /mnt useradd -m "$user"

etc/iwd/main.conf

@@ -0,0 +1,5 @@
+[General]
+EnableNetworkConfiguration=true
+
+[Network]
+EnableIPv6=true

etc/mkinitcpio.conf

@@ -0,0 +1,4 @@
+MODULES=(i915)
+BINARIES=(/usr/bin/btrfs)
+FILES=()
+HOOKS=(base consolefont udev autodetect keyboard keymap modconf block encrypt filesystems fsck shutdown)

etc/snap-pac.ini

@@ -0,0 +1,46 @@
+# snap-pac example configuration file
+# see snap-pac(8) for more details
+
+# Each section corresponds with a snapper configuration. Add additional sections to add
+# other configurations to be snapshotted. By default, only the root configuration is snapshotted.
+# Create a section named [DEFAULT] to have a setting apply for all snapper configurations
+
+## Uncomment to set parameters for snapper configuration named root
+#[root]
+
+## How many characters to limit the description for snapper.
+## Default is 72
+#desc_limit = 72
+
+## Whether or not to take snapshots of this snapper configuration
+## Default is True for root configuration and False for all other configurations
+#snapshot = True
+
+## What snapper cleanup algorithm to use
+## Default is number
+#cleanup_algorithm = number
+
+## Pre snapshot description.
+## Default is the pacman command that triggered the hook
+#pre_description = pacman pre snapshot
+
+## Post snapshot description.
+## Default is the list of packages involved in the pacman transaction
+#post_description = pacman post snapshot
+
+## Uncomment to add "important=yes" to userdata for snapshots referring to these packages
+## Default is []
+#important_packages = ["linux", "linux-lts"]
+
+## Uncomment to add "important=yes" to userdata for snapshots that were created with the following commands
+## Default is []
+#important_commands = ["pacman -Syu"]
+
+## Add custom userdata. Each key-value pair should be an item in the list
+## Default is []
+#userdata = ["key=value","foo=bar"]
+
+## Example for another snapper configuration named "home"
+# [home]
+## Default is False
+# snapshot = True

etc/snapper/configs/root

@@ -0,0 +1,63 @@
+
+# subvolume to snapshot
+SUBVOLUME="/"
+
+# filesystem type
+FSTYPE="btrfs"
+
+
+# btrfs qgroup for space aware cleanup algorithms
+QGROUP=""
+
+
+# fraction or absolute size of the filesystems space the snapshots may use
+SPACE_LIMIT="0.5"
+
+# fraction or absolute size of the filesystems space that should be free
+FREE_LIMIT="0.2"
+
+
+# users and groups allowed to work with config
+ALLOW_USERS=""
+ALLOW_GROUPS=""
+
+# sync users and groups from ALLOW_USERS and ALLOW_GROUPS to .snapshots
+# directory
+SYNC_ACL="no"
+
+
+# start comparing pre- and post-snapshot in background after creating
+# post-snapshot
+BACKGROUND_COMPARISON="yes"
+
+
+# run daily number cleanup
+NUMBER_CLEANUP="yes"
+
+# limit for number cleanup
+NUMBER_MIN_AGE="1800"
+NUMBER_LIMIT="50"
+NUMBER_LIMIT_IMPORTANT="10"
+
+
+# create hourly snapshots
+TIMELINE_CREATE="yes"
+
+# cleanup hourly snapshots after some time
+TIMELINE_CLEANUP="yes"
+
+# limits for timeline cleanup
+TIMELINE_MIN_AGE="1800"
+TIMELINE_LIMIT_HOURLY="10"
+TIMELINE_LIMIT_DAILY="10"
+TIMELINE_LIMIT_WEEKLY="4"
+TIMELINE_LIMIT_MONTHLY="6"
+TIMELINE_LIMIT_YEARLY="0"
+
+
+# cleanup empty pre-post-pairs
+EMPTY_PRE_POST_CLEANUP="yes"
+
+# limits for empty pre-post-pair cleanup
+EMPTY_PRE_POST_MIN_AGE="1800"
+

etc/sudoers.d/override

@@ -0,0 +1 @@
+%wheel ALL=(ALL:ALL) ALL

etc/systemd/network/20-wired.network

@@ -0,0 +1,13 @@
+[Match]
+Name=en*
+
+[Network]
+DHCP=yes
+
+[DHCPv4]
+RouteMetric=10
+UseDomains=true
+
+[IPv6AcceptRA]
+RouteMetric=10
+UseDomains=yes

etc/systemd/network/25-wireless.network

@@ -0,0 +1,13 @@
+[Match]
+Name=wl*
+
+[Network]
+DHCP=yes
+
+[DHCPv4]
+RouteMetric=20
+UseDomains=true
+
+[IPv6AcceptRA]
+RouteMetric=20
+UseDomains=yes

etc/systemd/system/getty@tty1.service.d/override.conf

@@ -0,0 +1,3 @@
+[Service]
+ExecStart=
+ExecStart=/usr/bin/agetty --autologin tobias --noclear %I $TERM

setup-system.sh

@@ -0,0 +1,174 @@
+#!/bin/bash
+
+set -e
+exec 2> >(while read line; do echo -e "\e[01;31m$line\e[0m"; done)
+
+script_name="$(basename "$0")"
+dotfiles_dir="$(
+    cd "$(dirname "$0")"
+    pwd
+)"
+cd "$dotfiles_dir"
+
+if (("$EUID")); then
+    sudo -s "$dotfiles_dir/$script_name" "$@"
+    exit 0
+fi
+
+if [ "$1" = "-r" ]; then
+    echo >&2 "Running in reverse mode!"
+    reverse=1
+fi
+
+copy() {
+    if [ -z "$reverse" ]; then
+        orig_file="$dotfiles_dir/$1"
+        dest_file="/$1"
+    else
+        orig_file="/$1"
+        dest_file="$dotfiles_dir/$1"
+    fi
+
+    mkdir -p "$(dirname "$orig_file")"
+    mkdir -p "$(dirname "$dest_file")"
+
+    rm -rf "$dest_file"
+
+    cp -R "$orig_file" "$dest_file"
+    if [ -z "$reverse" ]; then
+        [ -n "$2" ] && chmod "$2" "$dest_file"
+    else
+        chown -R tobias "$dest_file"
+    fi
+    echo "$dest_file <= $orig_file"
+}
+
+is_chroot() {
+    ! cmp -s /proc/1/mountinfo /proc/self/mountinfo
+}
+
+systemctl_enable() {
+    echo "systemctl enable "$1""
+    systemctl enable "$1"
+}
+
+systemctl_enable_start() {
+    echo "systemctl enable --now "$1""
+    systemctl enable "$1"
+    systemctl start "$1"
+}
+
+echo ""
+echo "=========================="
+echo "Setting up /etc configs..."
+echo "=========================="
+
+#copy "etc/aurutils/pacman-x86_64.conf"
+#copy "etc/bluetooth/main.conf"
+#copy "etc/conf.d/snapper"
+#copy "etc/default/earlyoom"
+#copy "etc/docker/daemon.json"
+#copy "etc/fwupd/uefi_capsule.conf"
+#copy "etc/modules-load.d/v4l2loopback.conf"
+#copy "etc/modprobe.d/v4l2loopback.conf"
+#copy "etc/nftables.conf"
+#copy "etc/pacman.conf"
+#copy "etc/pacman.d/hooks"
+#copy "etc/pam.d/polkit-1"
+#copy "etc/pam.d/sudo"
+copy "etc/snap-pac.ini"
+copy "etc/snapper/configs/root"
+#copy "etc/ssh/ssh_config"
+copy "etc/sudoers.d/override"
+#copy "etc/sysctl.d/99-sysctl.conf"
+#copy "etc/systemd/journald.conf.d/override.conf"
+#copy "etc/systemd/logind.conf.d/override.conf"
+copy "etc/systemd/network/20-wired.network"
+copy "etc/systemd/network/25-wireless.network"
+copy "etc/iwd/main.conf"
+copy "etc/mkinitcpio.conf"
+#copy "etc/systemd/resolved.conf.d/dnssec.conf"
+copy "etc/systemd/system/getty@tty1.service.d/override.conf"
+#copy "etc/systemd/system/usbguard.service.d/override.conf"
+#copy "etc/systemd/system/reflector.service"
+#copy "etc/systemd/system/reflector.timer"
+#copy "etc/systemd/system/system-dotfiles-sync.service"
+#copy "etc/systemd/system/system-dotfiles-sync.timer"
+#copy "etc/systemd/system.conf.d/kill-fast.conf"
+#copy "etc/usbguard/usbguard-daemon.conf" 600
+#copy "etc/systemd/system/backup-repo@pkgbuild"
+#copy "etc/systemd/system/backup-repo@.service"
+#copy "etc/systemd/system/backup-repo@.timer"
+
+(("$reverse")) && exit 0
+
+echo ""
+echo "================================="
+echo "Enabling and starting services..."
+echo "================================="
+
+sysctl --system > /dev/null
+
+systemctl daemon-reload
+#systemctl_enable_start "bluetooth.service"
+#systemctl_enable_start "btrfs-scrub@-.timer"
+#systemctl_enable_start "btrfs-scrub@mnt-btrfs\x2droot.timer"
+#systemctl_enable_start "btrfs-scrub@home.timer"
+#systemctl_enable_start "btrfs-scrub@var-cache-pacman.timer"
+#systemctl_enable_start "btrfs-scrub@var-log.timer"
+#systemctl_enable_start "btrfs-scrub@var-tmp.timer"
+#systemctl_enable_start "btrfs-scrub@\x2esnapshots.timer"
+#systemctl_enable_start "btrfs-scrub@var-lib-aurbuild.timer"
+#systemctl_enable_start "btrfs-scrub@var-lib-archbuild.timer"
+#systemctl_enable_start "btrfs-scrub@var-lib-docker.timer"
+#systemctl_enable_start "docker.socket"
+#systemctl_enable_start "earlyoom.service"
+#systemctl_enable_start "fstrim.timer"
+#systemctl_enable_start "iwd.service"
+#systemctl_enable_start "linux-modules-cleanup.service"
+#systemctl_enable_start "lenovo_fix.service"
+#systemctl_enable_start "nftables.service"
+#systemctl_enable_start "pcscd.socket"
+#systemctl_enable_start "reflector.timer"
+#systemctl_enable_start "snapper-cleanup.timer"
+#systemctl_enable_start "system-dotfiles-sync.timer"
+#systemctl_enable_start "systemd-networkd.socket"
+#systemctl_enable_start "systemd-resolved.service"
+#systemctl_enable_start "tlp.service"
+
+#if [ ! -s "/etc/usbguard/rules.conf" ]; then
+#    echo >&2 "=== Remember to set usbguard rules: usbguard generate-policy >! /etc/usbguard/rules.conf"
+#else
+#    chmod 600 /etc/usbguard/rules.conf
+#    systemctl_enable_start "usbguard.service"
+#    systemctl_enable_start "usbguard-dbus.service"
+#fi
+
+#systemctl_enable_start "backup-repo@pkgbuild.timer"
+
+#echo ""
+#echo "==============================="
+#echo "Creating top level Trash dir..."
+#echo "==============================="
+#mkdir --parent /.Trash
+#chmod a+rw /.Trash
+#chmod +t /.Trash
+#echo "Done"
+
+echo ""
+echo "======================================="
+echo "Finishing various user configuration..."
+echo "======================================="
+
+if is_chroot; then
+    echo >&2 "=== Running in chroot, skipping /etc/resolv.conf setup..."
+else
+    echo "Configuring /etc/resolv.conf"
+    ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
+fi
+
+echo "Configuring NTP"
+timedatectl set-ntp true
+
+#echo "Configuring aurutils"
+#ln -sf /etc/pacman.conf /etc/aurutils/pacman-maximbaz-local.conf