Arch Linux Installation
This script is designed to install arch linux interactively. Run the script:
bash <(curl -L sh.lihanzhang.cn/archinstall.sh)
This is the detail of the script below:
#!/bin/bash
curl https://info.lihanzhang.cn/send/Begin%20installing%20ArchLinux/lihanzhang
clear
# ------------------ Display Device ------------------
echo -e "\e[32m$(lsblk)\e[0m"
# ------------------ User Input ------------------
read -rp "Enter the disk to format (e.g. /dev/sda): " my_disk
read -rp "Enable Encryption? (YES/NO): " encrypt_disk
read -rp "Specify ROOT size?(YES/NO), otherwise remaining space be used: " root_size
read -rp "BOOT size in MB (e.g. 500): " fs_boot
read -rp "SWAP size in GB (e.g. 2): " fs_swap
# ------------------ Specify ROOT Size ------------------
if [[ $root_size == YES ]];then
read -rp "ROOT size in GB : " fs_root
fi
#List size of partitions
echo -e "\e[32mThe boot size is ${fs_boot}MB\e[0m"
echo -e "\e[32mThe swap size is ${fs_swap}GB\e[0m"
if [[ $root_size == YES ]];then
echo -e "\e[32mThe root size is ${fs_root}GB\e[0m"
else
echo -e "\e[32mThe root size is remaining space\e[0m"
fi
#Confirmation
read -rp "Are you sure?(YES/NO) " confirmation
if [[ $confirmation != YES ]];then
echo -e "\e[31mAborted...\e[0m"
exit 1
fi
# ------------------ Create boot partition ------------------
echo -e "\e[32mCreating boot partition...\e[0m"
printf "n\np\n\n\n+${fs_boot}M\nw\n" | fdisk "$my_disk" >/dev/null
sleep 3
# ------------------ Create partitions ------------------
#Whether Encrypt
if [[ $encrypt_disk == YES ]];then
#Specify ROOT Size
if [[ $root_size == YES ]];then
total=$((fs_swap + fs_root))
printf "n\np\n\n\n+${total}G\nw\n" | fdisk "$my_disk" >/dev/null
sleep 3 #Encryption Specified root
else
printf "n\np\n\n\n\nw\n" | fdisk "$my_disk" >/dev/null
sleep 3 #Encryption
fi
#Define encryption partition
echo -e "\e[32m$(lsblk)\e[0m"
read -rp "Enter the path of Partition which you want to encrypt: " encryption_path
read -rp "Enter the path of Partition which you want to format as boot: " boot_path
#Encrypt partition
echo -e "\e[32mEncrypting $encryption_path\e[0m"
cryptsetup luksFormat "$encryption_path" --type luks2 --pbkdf argon2id -s 512 -h sha512 --iter-time 10000 -c aes-xts-plain64
#Open encryption partition
echo -e "\e[32mOpening $encryption_path\e[0m"
cryptsetup luksOpen "$encryption_path" crypt_device
#Create logical volume and volume group
pvcreate /dev/mapper/crypt_device
vgcreate OS /dev/mapper/crypt_device
lvcreate -L "${fs_swap}G" OS -n SWAP
lvcreate -l 100%FREE OS -n ROOT
#Format partitions
mkfs.fat -F32 "$boot_path"
sleep 3
mkfs.ext4 -q /dev/mapper/OS-ROOT
sleep 3
mkswap /dev/mapper/OS-SWAP
sleep 3
#Mount partitions
mount /dev/mapper/OS-ROOT /mnt
mkdir -p /mnt/boot
mount "$boot_path" /mnt/boot
swapon /dev/mapper/OS-SWAP
else
#Specify ROOT Size
if [[ $root_size == YES ]];then
printf "n\np\n\n\n+${fs_swap}G\nw\n" | fdisk "$my_disk" >/dev/null #swap
printf "n\np\n\n\n+${fs_root}G\nw\n" | fdisk "$my_disk" >/dev/null #root
sleep 3
else
printf "n\np\n\n\n+${fs_swap}G\nw\n" | fdisk "$my_disk" >/dev/null #swap
printf "n\np\n\n\n\nw\n" | fdisk "$my_disk" >/dev/null #root
sleep 3
fi
#Define partitions of boot swap root
echo -e "\e[32m$(lsblk)\e[0m"
read -rp "Enter the path of Partition which you want to format as boot: " boot_path
read -rp "Enter the path of Partition which you want to format as swap: " swap_path
read -rp "Enter the path of Partition which you want to format as root: " root_path
#Format partitions
mkfs.fat -F32 "$boot_path"
sleep 3
mkfs.ext4 -q "$root_path"
sleep 3
mkswap "$swap_path"
sleep 3
#Mount partitions
mount "$root_path" /mnt
mkdir -p /mnt/boot
mount "$boot_path" /mnt/boot
swapon "$swap_path"
fi
#List partitioins infomation
echo -e "\e[32mFormat and mount successful\e[0m"
echo -e "\e[32m$(lsblk)\e[0m"
#Install software packages
echo -e "\e[32mThe following packages will be installed:\e[0m"
echo "base linux-lts linux-firmware grub efibootmgr networkmanager lvm2"
echo "openssh vim reflector unzip zip terminus-font nmap sudo"
echo "screen wget go git base-devel hexedit duf docker docker-compose docker-buildx"
echo "netcat nginx fail2ban hyfetch zsh zsh-autosuggestions zsh-syntax-highlighting zsh-completions"
#Ask for continue
read -rp 'Do you want to continue?(YES/NO) ' continue_install
if [[ $continue_install != "YES" ]]; then
echo -e "\e[32mAborted\e[0m"
exit 1
fi
#Change source
read -rp 'Do you want to change source using reflector?(YES/NO) ' arch_source
if [[ $arch_source == YES ]];then
reflector --sort rate -f 10 -c CN --save /etc/pacman.d/mirrorlist --verbose
fi
#Change my source
read -rp 'Do you want to change to my mirrorlist?(YES/NO) ' my_source
if [[ $my_source == YES ]];then
curl https://file.lihanzhang.cn/mirrorlist -o /etc/pacman.d/mirrorlist
fi
pacstrap -K /mnt base linux-lts linux-firmware grub efibootmgr networkmanager lvm2 openssh vim reflector unzip zip terminus-font nmap sudo screen wget go git base-devel hexedit duf docker docker-compose docker-buildx netcat nginx fail2ban hyfetch zsh zsh-autosuggestions zsh-syntax-highlighting zsh-completions
genfstab -U /mnt >> /mnt/etc/fstab
#Generate .profile .bashrc
mkdir -p /mnt/root/.local/bin
echo 'alias t="clear;exit"
cd /file
alias duf="duf --only local"
alias ls="ls --color=auto"
source /root/.local/bin/.bashrc
clear' >> /mnt/root/.profile
#arch environment
curl https://sh.lihanzhang.cn/arch/arch_config.sh -o /mnt/root/arch_config.sh
curl https://sh.lihanzhang.cn/profile -o /mnt/root/.local/bin/.bashrc
curl https://sh.lihanzhang.cn/zshrc -o /mnt/root/.zshrc
chmod +x /mnt/root/arch_config.sh
chmod +x /mnt/root/.local/bin/.bashrc
#Complete
echo -e "\e[32mAll software packages installed\e[0m"
echo -e "\e[32mGo arch-chroot\e[0m"
echo -e "\e[32mExecute /root/arch_config.sh\e[0m"
curl https://info.lihanzhang.cn/send/software%20packages%20installed/lihanzhang
Configuration:
#!/bin/bash
clear
#echo -e "\e[32m\e[0m]"
#--------------------Print current information--------------------
echo -e "\e[32m---------Check the previous information--------\e[0m"
#Detect encryption
if blkid | grep -q LUKS ;then
echo -e "\e[32mPartisions have been encrypted\e[0m"
root_UUID=$(blkid | grep LUKS)
ID=$(blkid | grep LUKS | grep -Po '.{8}-.{4}-.{4}-.{4}-.{12}' | head -1)
else
echo -e "\e[31mNo encryption\e[0m"
root_UUID=$(blkid | grep ext4)
ID=$(blkid | grep ext4 | grep -Po '.{8}-.{4}-.{4}-.{4}-.{12}' | head -1)
fi
#Print Informatioin
echo -e "The root partitioin is \e[32m$root_UUID\e[0m"
echo -e "The UUID is \e[32m$ID\e[0m"
if blkid | grep -q LUKS ;then
echo -e "The current HOOKS are \e[32m\"$(sed -n '55p' /etc/mkinitcpio.conf)\"\e[0m"
fi
echo -e "The current GRUB menu time is \e[32m\"$(sed -n '4p' /etc/default/grub)\"\e[0m"
echo -e "The current UUID is \e[32m$(sed -n '7p' /etc/default/grub)\e[0m"
echo -e "The current SSH permissioin is \e[32m\"$(sed -n '33p' /etc/ssh/sshd_config)\"\e[0m"
echo -e "The current sudoers file is \e[32m$(sed -n '125p' /etc/sudoers)\e[0m"
#--------------------Ask for changing--------------------
#Ask Servername
read -p 'Enter hostname: ' servername
#Ask continue
read -p 'Do you want to change these?(YES/NO) ' ask_continue
if [[ $ask_continue != YES ]]; then
echo -e "\e[31mAborted ...\e[0m"
exit 1
fi
#--------------------Change current information--------------------
#Change HOOKS
if blkid | grep -q LUKS ;then
sed -i '55d' /etc/mkinitcpio.conf
sed -i '55i HOOKS=(base udev autodetect microcode modconf kms keyboard keymap consolefont block encrypt lvm2 filesystems fsck)' /etc/mkinitcpio.conf
fi
#Change menu time of grub
sed -i '4d' /etc/default/grub
sed -i '4i GRUB_TIMEOUT=0' /etc/default/grub
#Change UUID of grub
if blkid | grep -q LUKS ;then
sed -i '7d' /etc/default/grub
sed -i "7i GRUB_CMDLINE_LINUX=cryptdevice=UUID=$ID:SYSTEM root=/dev/mapper/os-root" /etc/default/grub
fi
#Change SSH
sed -i '33d' /etc/ssh/sshd_config
sed -i '33i PermitRootLogin yes' /etc/ssh/sshd_config
#Change issue
echo Welcome back > /etc/issue
#Change hostname
echo $servername > /etc/hostname
#Change time
ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
#Change font
echo 'FONT=ter-v28b' > /etc/vconsole.conf
#Change sudoers file
sed -i '125d' /etc/sudoers
sed -i '125i %wheel ALL=(ALL:ALL) ALL' /etc/sudoers
#enable ssh networkmanager
systemctl enable sshd >/dev/null 2>&1
systemctl enable NetworkManager >/dev/null 2>&1
systemctl enable docker >/dev/null 2>&1
systemctl enable fail2ban >/dev/null 2>&1
systemctl enable nginx >/dev/null 2>&1
#Create my folder
mkdir /root/.ssh
mkdir /file
mkdir /www
mkdir /frp
#Create nginx configs
mkdir /etc/nginx/conf.d
sed -i '22a \ \ \ \ include /etc/nginx/conf.d/*.conf;' /etc/nginx/nginx.conf
#Configure fail2ban
echo '[sshd]
enabled = yes
bandtime = 10m
maxretry = 3
findtime = 10m' > /etc/fail2ban/jail.conf
#Change shell
chsh -s /bin/zsh
#Add my key
bash <(curl -sL sh.lihanzhang.cn/pub)
#--------------------Print changed information--------------------
echo -e "\e[31m---------Print changed information---------\e[0m"
if blkid | grep -q LUKS ;then
echo -e "The changed HOOKS are \e[31m\"$(sed -n '55p' /etc/mkinitcpio.conf)\"\e[0m"
fi
echo -e "The changed GRUB menu time is \e[31m\"$(sed -n '4p' /etc/default/grub)\"\e[0m"
echo -e "The changed UUID is \e[31m$(sed -n '7p' /etc/default/grub)\e[0m"
echo -e "The changed SSH permissioin is \e[31m\"$(sed -n '33p' /etc/ssh/sshd_config)\"\e[0m"
echo -e "The changed issue file is \e[31m\"$(cat /etc/issue)\"\e[0m"
echo -e "The changed hostname is \e[31m\"$(cat /etc/hostname)\"\e[0m"
echo -e "The changed time is \e[31m\"$(date)\"\e[0m"
echo -e "The changed FONT is \e[31m\"$(cat /etc/vconsole.conf)\"\e[0m"
echo -e "The current sudoers file is \e[31m$(sed -n '125p' /etc/sudoers)\e[0m"
echo ''
echo -e "\e[32mContinuing......\e[0m"
echo ''
mkinitcpio -p linux-lts
read -p "What BOOT did you use? (1.UEFI/2.BIOS): " boot_up
if [[ $boot_up == 1 ]]; then
grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=GRUB
echo -e "\e[32mgrub installed\e[0m"
grub-mkconfig -o /boot/grub/grub.cfg
echo -e "\e[32mgrub.cfg installed\e[0m"
else
grub-install --target=i386-pc /dev/vda
echo -e "\e[32mgrub installed\e[0m"
grub-mkconfig -o /boot/grub/grub.cfg
echo -e "\e[32mgrub.cfg installed\e[0m"
fi
ln -s /bin/vim /bin/vi
rm -rf /root/arch_config.sh
echo -e "\e[32m------Please change password------\e[0m"
curl https://info.lihanzhang.cn/send/Archlinux%20installation%20completed/lihanzhang