Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/pbrisbin/arch-setup

Personal setup script for Arch install on T-series
https://github.com/pbrisbin/arch-setup

Last synced: 4 months ago
JSON representation

Personal setup script for Arch install on T-series

Awesome Lists containing this project

README 

        
# Arch Setup Script



This script was drafted the last time I installed Arch on a new laptop. It was

then polished up and debugged in VirtualBox. It aims to bring me from a new

machine to my complete, usual environment with as little interaction as

possible.



## Usage



1. Create an installation flashdrive from [Downloads][]:



   Assuming the drive is at `/dev/sdb`:



   ```

   sudo dd bs=4M if=archlinux-...-dual.iso of=/dev/sdb status=progress

   sync

   ```



   [downloads]: https://www.archlinux.org/download/



1. Reboot your system from the flashdrive



1. Connect networking



   ```

   iwctl

   [iwd]# station wlan0 connect 

   ```



1. Run `archinstall`:



   ```console

   archinstall \

     --config https://raw.githubusercontent.com/pbrisbin/arch-setup/main/files/config.json \

     --mount-point /mnt

   ```



   You will need tweak some things:



   1. Adjust Hostname, if desired

   1. Set disk configuration and encryption

   1. Set root password

   1. Add user named `patrick` with `sudo`



1. Run this post-install script



   ```

   curl -L https://raw.githubusercontent.com/pbrisbin/arch-setup/main/install | sh

   ```



   This adds a bunch of system configuration files, adjust networking, and

   install my personal dotfiles, which takes care of some more user-level setup.



Once comfortably in X, there are a few more manual steps, as documented below

for my own reference.



## Wifi



```console

sudo wifi-menu

```



## SSH



```console

ssh-keygen -t rsa -b 4096

curl -F'[email protected]/id_rsa.pub' https://0x0.st

```



Install it in GitHub and GitLab.



Test it out by fixing our `~/.dotfiles` remote:



```console

cd ~/.dotfiles

git remote set-url origin [email protected]:pbrisbin/dotfiles.git

git fetch

git pull

```



## `pass(1)`



This is part of the post-up hook, so:



```console

rcup

```



## GPG



Create a local encryption key, just for `pass(1)`



```sh

gpg --full-generate-key

gpg --export --armor ... > here.key

```



Using my physical master GPG set, re-encrypt my passwords to include it and

generate a new signing subkey. This should be in its own terminal.



```sh

sudo cryptsetup open /dev/sdb1 --type=tcrypt flashdrive

sudo mkdir -p /mnt/flashdrive

sudo mount /dev/mapper/flashdrive /mnt/flashdrive

export GNUPGHOME=/mnt/flashdrive/gnupg



gpg --import here.key

gpg --edit-key {THAT}

> trust



vim ~/.password-store/.gpg-id

...



pass init $(< ~/.password-store/.gpg-id)

pass git push



gpg --edit-key [email protected]

> addkey



gpg --list-keys --keyid-format SHORT [email protected]

gpg --output secret-subkeys --export-secret-subkey {SUBKEY}!



gpg --send-keys [email protected]

gpg --export --armor [email protected] > public.key



sudo umount /mnt/flashdrive

sudo cryptsetup close flashdrive

```



Import the new signing key



```sh

gpg --import < secret-subkeys

gpg -K

```



At this point, you should be able to:



- Make Git commits

- Read passwords



Delete and re-add the public key in GitHub, and re-push it to S3 once you have

AWS access back.