changes made in this commit:

- mv scripts/{cp-dotfiles,doas-pratham}.sh - change 'zpool' PATH - SSH hardening - edit /etc/libvirt/qemu.conf and /etc/firewalld/firewalld.conf for pratham - add a path to PRUNEPATHS in /etc/updatedb.conf - fix typo where I used /mnt in the path of nvidia.hook file - remove some echo texts like "RUNNING DOTFILES SCRIPT" - enable gnome's dark theme
2023-01-12 22:14:42 +05:30 · 2023-01-12 22:14:42 +05:30 · f768e09f64
parent 05caf7c8ae
commit f768e09f64
3 changed files with 45 additions and 10 deletions
--- a/install-archlinux.sh
+++ b/install-archlinux.sh
@ -210,7 +210,7 @@ genfstab -U /mnt >> /mnt/etc/fstab
 # chroot setup
 mkdir -p /mnt/chroot-scripts
 cp scripts/chroot-setup.sh /mnt/chroot-scripts/
-cp scripts/cp-dotfiles.sh /mnt/chroot-scripts/
+cp scripts/doas-pratham.sh /mnt/chroot-scripts/
 arch-chroot /mnt bash /chroot-scripts/chroot-setup.sh "$CPU_VENDOR_NAME" "$ROOT_PARTITION"
 rm -rf /mnt/chroot-scripts
 if [[ $? -ne 0 ]]; then
--- a/scripts/chroot-setup.sh
+++ b/scripts/chroot-setup.sh
@ -13,7 +13,7 @@ ROOT_CRONTAB="# remove cache every 2 hours and update local db
 0 */6 * * * updatedb >/dev/null 2>&1

 # zfs scrub
-0 0 1,15 * * /usr/sbin/zpool scrub
+0 0 1,15 * * /usr/bin/zpool scrub
 "
 ################################################################################

@ -84,7 +84,7 @@ echo "permit persist keepenv pratham" | tee -a /etc/doas.conf
 echo "${ROOT_CRONTAB}" | crontab -

 # copy dotfiles
-sudo -u pratham /chroot-scripts/cp-dotfiles.sh
+sudo -u pratham /chroot-scripts/doas-pratham.sh


 ################################################################################
@ -100,11 +100,42 @@ Type=Application
 EOF


+################################################################################
+# SSH SETUP
+################################################################################
+
+sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
+sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin no/g' /etc/ssh/sshd_config
+sed -i 's/#PermitEmptyPasswords no/PermitEmptyPasswords no/g' /etc/ssh/sshd_config
+sed -i 's/#ClientAliveInterval 0/ClientAliveInterval 300/g' /etc/ssh/sshd_config
+sed -i 's/#ClientAliveCountMax 3/ClientAliveCountMax 2/g' /etc/ssh/sshd_config
+sed -i 's/#X11Forwarding no/X11Forwarding no/g' /etc/ssh/sshd_config
+
+
+################################################################################
+# LIBVIRT/KVM/QEMU SETUP
+################################################################################
+
+sed -i 's/FirewallBackend=nftables/FirewallBackend=iptables/g' /etc/firewalld/firewalld.conf
+sed -i 's/#user = "libvirt-qemu"/user = "pratham"/g' /etc/libvirt/qemu.conf
+sed -i 's/#group = "libvirt-qemu"/group = "pratham"/g' /etc/libvirt/qemu.conf
+
+
+################################################################################
+# LOCATEDB SETUP
+################################################################################
+
+sed -i 's@PRUNEPATHS = "@&/heathen_disk/personal/media/camera_roll @g' /etc/updatedb.conf
+
 ################################################################################
 # NVIDIA SETUP
 ################################################################################

-cat <<EOF > /mnt/etc/pacman.d/hooks/nvidia.hook
+systemctl unmask nvidia-suspend nvidia-hibernate nvidia-resume
+systemctl enable nvidia-suspend nvidia-hibernate nvidia-resume
+
+mkdir -p /etc/pacman.d/hooks
+cat <<EOF > /etc/pacman.d/hooks/nvidia.hook
 [Trigger]
 Operation=Install
 Operation=Upgrade
@ -112,6 +143,7 @@ Operation=Remove
 Type=Package
 Target=nvidia-lts
 Target=linux-lts
+Target=linux-lts-headers

 [Action]
 Description=Update NVIDIA module in initcpio
--- a/scripts/doas-pratham.sh
+++ b/scripts/doas-pratham.sh
@ -1,15 +1,11 @@
 #!/usr/bin/env bash

-echo "################################################################################"
-echo "                            RUNNING DOTFILES SCRIPT                             "
-echo "################################################################################"
-
 pushd /home/pratham
 mkdir my-git-repos
 pushd my-git-repos

+# dotfiles
 git clone --depth 1 https://git.thefossguy.com/thefossguy/dotfiles.git
-
 pushd dotfiles
 tput -x clear
 rsync \
@ -20,10 +16,17 @@ rsync \
    ../dotfiles/ ~/
 popd
 rm -rf dotfiles
-
 popd
+
+# neovim plugins
 sh -c 'curl -fLo "${XDG_DATA_HOME:-$HOME/.local/share}"/nvim/site/autoload/plug.vim --create-dirs \
       https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim'
 nvim +'PlugInstall' +'q' +'q'
+
+# alacritty
 sed -i 's@#  - ~/.config/alacritty/load_linux.yml@  - ~/.config/alacritty/load_linux.yml@g' /home/pratham/.config/alacritty/alacritty.yml
+
+# gtk dark theme
+gsettings set org.gnome.desktop.interface color-scheme prefer-dark
+
 popd