diff options
| -rw-r--r-- | .github/copilot-instructions.md | 4 | ||||
| -rw-r--r-- | README.md | 7 | ||||
| -rwxr-xr-x | bootstrap.sh | 7 | ||||
| -rwxr-xr-x | dot_local/bin/executable_create-efi | 55 | ||||
| -rw-r--r-- | etc/kernel/cmdline | 1 | ||||
| -rw-r--r-- | etc/mkinitcpio.d/linux.preset | 8 |
6 files changed, 16 insertions, 66 deletions
diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md index e7e3b7d..0f384aa 100644 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -17,8 +17,8 @@ The repo root is a chezmoi source directory. Files targeting `$HOME` use chezmoi - `meta/` contains plain text package lists for Arch Linux (one package per line, `#` comments). Each `.txt` file represents a group (e.g. `base.txt`, `dev.txt`, `wayland.txt`). Install with `just pkg-apply base dev` or `just pkg-apply` (all groups). Detect drift with `just pkg-status` (or `just status` for the aggregate). - `systemd-units/` contains plain text systemd unit lists paired by name with `meta/` groups (e.g. `systemd-units/base.txt` ↔ `meta/base.txt`). Units listed here are enabled by `just unit-apply` (run automatically by `just init`). Inspect with `just unit-list`, detect drift with `just unit-status`. - `firefox/` contains Firefox/LibreWolf hardening overrides (`user-overrides.js`) and custom CSS (`chrome/userChrome.css`). Deployed by `run_onchange_after_deploy-firefox.sh.tmpl`. -- `dot_local/bin/executable_create-efi` is an interactive EFI boot entry creation script using `efibootmgr` (deployed to `~/.local/bin/create-efi`). -- `bootstrap.sh` at the repo root is a POSIX shell script that takes a fresh minimal Arch install (only `base`) to a fully deployed state. It installs prerequisites, enables `%wheel` sudoers, bootstraps `paru-bin` from the AUR, clones the repo, runs `just init`, and optionally invokes `create-efi`. Designed to be curlable: `curl -fsSL .../bootstrap.sh | sh`. +- `dot_local/bin/executable_doasedit` (deployed to `~/.local/bin/doasedit`) is a small wrapper that emulates `sudoedit` for `doas`. +- `bootstrap.sh` at the repo root is a POSIX shell script that takes a fresh minimal Arch install (only `base`) to a fully deployed state. It installs prerequisites, enables `%wheel` sudoers, bootstraps `paru-bin` from the AUR, clones the repo, and runs `just init`. On EFI systems missing an Arch boot entry it prints the `efibootmgr` command to register the UKI. Designed to be curlable: `curl -fsSL .../bootstrap.sh | sh`. - `.chezmoiignore` excludes non-home files (`etc/`, `meta/`, `systemd-units/`, `firefox/`, docs) from deployment to `$HOME`. - `.githooks/` contains git hooks: `pre-commit` runs `just check` as a code quality gate (bypass with `--no-verify`); `post-commit` runs `chezmoi apply`. Activated by `just init`. - `justfile` uses a `DOMAIN-VERB` scheme across four domains (`dotfiles`, `etc`, `pkg`, `unit`) with chezmoi-aligned verbs (`add`, `forget`, `re-add`, `apply`, `diff`, `merge`, `status`). Top-level dispatchers (`add`, `forget`, `re-add`, `diff`, `merge`) sniff argument shape and delegate: args containing `/` → path (prefix `/?etc` → etc, else dotfiles); args ending in `.service`/`.timer`/`.socket`/`.mount`/`.target`/`.path` → unit; otherwise bare words → pkg. Full list: `init`, `sync`, `apply`, top-level `add`/`forget`/`re-add`/`diff`/`merge`/`status`; `dotfiles-add`/`forget`/`re-add`/`diff`/`merge`/`status`; `etc-add`/`forget`/`re-add`/`diff`/`merge`/`status`/`reset`/`restore`/`untrack`/`upstream-diff`; `pkg-add`/`forget`/`apply`/`fix`/`list`/`status` + `undeclared`; `unit-add`/`forget`/`apply`/`list`/`status`; `fmt`, `check-fmt`, `lint`, `check`, `doctor`. Run `just` or `just --list` for the menu. @@ -58,9 +58,10 @@ The script installs pacman prerequisites, enables `%wheel` in sudoers, builds `paru-bin` from the AUR, clones this repo to `~/dotfiles`, runs `just init`, enables recommended systemd units (fstrim, timesyncd, resolved, reflector, paccache, pkgstats, acpid, cpupower, iwd, plus tlp -on laptops), refreshes the pacman mirrorlist, creates XDG user -directories, and — on EFI systems missing an Arch boot entry — -launches `create-efi`. +on laptops), refreshes the pacman mirrorlist, and creates XDG user +directories. On EFI systems missing an Arch boot entry, it prints the +`efibootmgr` command to register the UKI (run after your first +`mkinitcpio -P`). ## Setup on an existing system diff --git a/bootstrap.sh b/bootstrap.sh index cbd10a3..dbc49a9 100755 --- a/bootstrap.sh +++ b/bootstrap.sh @@ -88,8 +88,11 @@ fi # 8. optional: create an Arch EFI boot entry if none exists if [ -d /sys/firmware/efi ]; then if ! sudo efibootmgr 2>/dev/null | grep -iq arch; then - log 'no Arch Linux EFI boot entry found; launching create-efi' - "$HOME/.local/bin/create-efi" + warn 'no Arch Linux EFI boot entry found' + warn 'after first kernel install, run: sudo mkinitcpio -P' + warn 'then register the UKI with efibootmgr, for example:' + warn " sudo efibootmgr --create --disk /dev/nvme0n1 --part 1 \\" + warn " --label 'Arch UKI' --loader '\\EFI\\Linux\\arch-linux.efi'" fi fi diff --git a/dot_local/bin/executable_create-efi b/dot_local/bin/executable_create-efi deleted file mode 100755 index 70cf1cc..0000000 --- a/dot_local/bin/executable_create-efi +++ /dev/null @@ -1,55 +0,0 @@ -#!/usr/bin/env sh -set -e - -lsblk - -printf "Boot disk [sda]: " && read -r boot_disk -if [ -z "$boot_disk" ]; then - boot_disk='sda' -fi - -printf "Boot partition number [1]: " && read -r boot_partition_number -if [ -z "$boot_partition_number" ]; then - boot_partition_number='1' -fi - -printf "Root partition [sda2]: " && read -r root_partition -if [ -z "$root_partition" ]; then - root_partition='sda2' -fi -root_uuid="UUID=$(blkid -s UUID -o value /dev/"$root_partition")" - -printf "Kernel name [linux]: " && read -r kernel_name -if [ -z "$kernel_name" ]; then - kernel_name='linux' -fi - -printf "CPU vendor (intel/amd) [intel]: " && read -r cpu_vendor -if [ -z "$cpu_vendor" ]; then - cpu_vendor='intel' -fi - -printf "ESP (boot/efi) [boot]: " && read -r esp -if [ -z "$esp" ]; then - esp='boot' -fi - -printf "extra kernel parameters (e.g. mitigations=off): " && read -r extra_kernel_params - -printf "label [archlinux]: " && read -r label -if [ -z "$label" ]; then - label='archlinux' -fi -rel_path="" -rel_path2="" -if [ "$esp" = "efi" ]; then - rel_path='\EFI\arch' - rel_path2="/EFI/arch" -fi - -unicode_arg="cryptdevice=$root_uuid:root root=/dev/mapper/root rw initrd=$rel_path\\$cpu_vendor-ucode.img initrd=$rel_path\\initramfs-$kernel_name.img quiet $extra_kernel_params" - -set -x -pacman -S --needed "$cpu_vendor"-ucode -pacman -S --asdeps --needed efibootmgr -efibootmgr --disk /dev/"$boot_disk" --part "$boot_partition_number" --create --label "$label" --loader "$rel_path2"/vmlinuz-"$kernel_name" --unicode "$unicode_arg" diff --git a/etc/kernel/cmdline b/etc/kernel/cmdline new file mode 100644 index 0000000..d396f1e --- /dev/null +++ b/etc/kernel/cmdline @@ -0,0 +1 @@ +cryptdevice=UUID=81520bbc-1e7a-45e6-9465-cfc2e8b18945:root root=/dev/mapper/root rw quiet diff --git a/etc/mkinitcpio.d/linux.preset b/etc/mkinitcpio.d/linux.preset index d129cf6..c6e8929 100644 --- a/etc/mkinitcpio.d/linux.preset +++ b/etc/mkinitcpio.d/linux.preset @@ -7,11 +7,11 @@ ALL_kver="/boot/vmlinuz-linux" PRESETS=('default' 'fallback') #default_config="/etc/mkinitcpio.conf" -default_image="/boot/initramfs-linux.img" -#default_uki="/efi/EFI/Linux/arch-linux.efi" +#default_image="/boot/initramfs-linux.img" +default_uki="/boot/EFI/Linux/arch-linux.efi" #default_options="--splash /usr/share/systemd/bootctl/splash-arch.bmp" #fallback_config="/etc/mkinitcpio.conf" -fallback_image="/boot/initramfs-linux-fallback.img" -#fallback_uki="/efi/EFI/Linux/arch-linux-fallback.efi" +#fallback_image="/boot/initramfs-linux-fallback.img" +fallback_uki="/boot/EFI/Linux/arch-linux-fallback.efi" fallback_options="-S autodetect" |