diff options
Diffstat (limited to 'static')
| -rw-r--r-- | static/progs.csv | 7 | ||||
| -rwxr-xr-x | static/thesiah.sh | 70 |
2 files changed, 59 insertions, 18 deletions
diff --git a/static/progs.csv b/static/progs.csv index e28ce53..de53e35 100644 --- a/static/progs.csv +++ b/static/progs.csv @@ -16,6 +16,7 @@ A,abook,is an offline addressbook usable by neomutt. A,arkenfox-user.js,provides hardened security settings for Firefox and Librewolf to avoid Mozilla spyware and general web fingerprinting. ,atool,manages and gives information about archives. ,atuin,replaces the existing shell history with a SQLite database. +,bash-completion,is a programmable completion for the bash shell. ,bat,can highlight code output and display files and is used to generate previews in the file browser. ,bc,is a mathematics language used for the dropdown calculator. ,bluez,is a tool for bluetooth control command line. @@ -66,6 +67,8 @@ A,mutt-wizard-git,is a light-weight terminal-based email system. ,npm,npm for tmuxinator that manages tmux sessions. ,nsxiv,is a minimalist image viewer. ,ntfs-3g,allows accessing NTFS partitions. +,openvpn,is an open source VPN daemon. +,networkmanager-openvpn,is a VPN plugin for OpenVPN. A,pam-gnupg,auto unlocks when log-in. ,pass,manages passwords. ,pipewire-jack,is a low-latency audio/video router and processor - JACK replacement. @@ -80,6 +83,7 @@ P,pynvim,is for lsp in neovim. ,ruby,is an interpreted scripting language. R,samba,"is a program for the server daemon that provides Active Directory, filesharing, and printing services." A,sc-im,is an Excel-like terminal spreadsheet manager. +,shellcheck-bin,is a shell script analysis tool. A,simple-mtpfs,enables the mounting of cell phones. ,socat,is a utility which establishes two byte streams and transfers data between them. P,stig,is a TUI and CLI client for the transmission daemon. @@ -94,7 +98,8 @@ R,tlp,applies power saving settings manually and controls battery care features. R,ufw,is a tool for firewall. ,unclutter,hides an inactive mouse. ,unzip,unzips zips. -,urlview,enables to view url in a terminal. +,urlscan,is an url selector for Mutt and termial. +A,urlview,enables to view url in a terminal. ,wireplumber,is the audio system. ,x11-ssh-askpass,is an X11-based pass-phrase dialog for use with OpenSSH. ,xcompmgr,is for transparency and removing screen-tearing. diff --git a/static/thesiah.sh b/static/thesiah.sh index ab8817d..7a49c66 100755 --- a/static/thesiah.sh +++ b/static/thesiah.sh @@ -76,7 +76,7 @@ adduserandpass() { # Adds user `$name` with password $pass1. whiptail --infobox "Adding user \"$name\"..." 7 50 useradd -m -g wheel -s /bin/zsh "$name" >/dev/null 2>&1 || - usermod -a -G wheel "$name" && mkdir -p /home/"$name"/{.config,Documents,Downloads,Music,Pictures,Videos} /home/"$name"/Media/{personal,sda,sdb,sdc,sdd,ssd,storage} /home/"$name"/Torrents/{complete,incomplete} /home/"$name"/.local/{bin,share,src,state} && chown "$name":wheel /home/"$name" + usermod -a -G wheel "$name" && mkdir -p /home/"$name"/{.config,Documents,Downloads,Music,Pictures,Videos,Media} /home/"$name"/Torrents/{complete,incomplete} /home/"$name"/.local/{bin,share,src,state} /media/{flash,hdd,ssd} /mnt/extra/{backup,vid,win10} && chown "$name":wheel /home/"$name" export repodir="/home/$name/.local/src" mkdir -p "$repodir" chown -R "$name":wheel "$(dirname "$repodir")" @@ -299,9 +299,17 @@ pamgnupg() { echo "session optional pam_gnupg.so " >>/etc/pam.d/system-login >/dev/null 2>&1 } +ecryptfssetup() { + [ -d /home/"$name"/Media ] || mkdir -p /home/"$name"/Media && chown "$name":wheel /home/"$name"/Media + # Create an ecrypted folder + printf '\nyes\nyes\n' | mount -t ecryptfs Media Media -o passphrase_passwd="$epass1",ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_enable_filename_crypto=y,ecryptfs_passthrough=n >/dev/null 2>&1 || exit 1 + umount /home/"$name"/Media >/dev/null 2>&1 +} + ufwsetup() { whiptail --infobox "Setting service ufw..." 7 50 - [ -x "$(command -v "ufw")" ] || installpkg ufw && install ufw-"$initsys" + [ -x "$(command -v "ufw")" ] || installpkg ufw + pacman -Qq ufw-"$initsys" >/dev/null 2>&1 || install ufw-"$initsys" ufw default deny incoming >/dev/null 2>&1 ufw allow 80 >/dev/null 2>&1 ufw allow 443 >/dev/null 2>&1 @@ -336,7 +344,8 @@ ufwsetup() { sambasetup() { whiptail --infobox "Setting service samba..." 7 50 - [ -x "$(command -v "samba")" ] || installpkg samba && installpkg samba-"$initsys" + [ -x "$(command -v "samba")" ] || installpkg samba + pacman -Qq samba-"$initsys" >/dev/null 2>&1 || installpkg samba-"$initsys" ufw allow 137/tcp >/dev/null 2>&1 ufw allow 137/udp >/dev/null 2>&1 ufw allow 138/tcp >/dev/null 2>&1 @@ -344,7 +353,7 @@ sambasetup() { ufw allow 139/tcp >/dev/null 2>&1 ufw allow 445/tcp >/dev/null 2>&1 ufw reload >/dev/null 2>&1 - $pass1 | smbpasswd -a $name >/dev/null 2>&1 + $pass1 | smbpasswd -a "$name" >/dev/null 2>&1 case "$initsys" in "runit") ln -s /etc/runit/sv/smbd /run/runit/service/ >/dev/null 2>&1 @@ -367,11 +376,10 @@ sambasetup() { tlpsetup() { whiptail --infobox "Setting service tlp..." 7 50 - [ -x "$(command -v "tlp")" ] || installpkg tlp && installpkg tlp-"$initsys" - sed -Ei "s/^#(CPU_ENERGY_PERF_POLICY_ON_AC=).*/\1balance_power/" /etc/tlp.conf >/dev/null 2>&1 - sed -Ei "s/^#(CPU_ENERGY_PERF_POLICY_ON_BAT=).*/\1poewr/" /etc/tlp.conf >/dev/null 2>&1 - sed -Ei "s/^#(PLATFORM_PROFILE_ON_AC=).*/\1balanced/" /etc/tlp.conf >/dev/null 2>&1 - sed -Ei "s/^#(PLATFORM_PROFILE_ON_BAT=).*/\1low-power/" /etc/tlp.conf >/dev/null 2>&1 + [ -x "$(command -v "tlp")" ] || installpkg tlp + pacman -Qq tlp-"$initsys" >/dev/null 2>&1 || installpkg tlp-"$initsys" + sed -Ei "s/^#(CPU_ENERGY_PERF_POLICY_ON_AC=).*/\1balance_performance/" /etc/tlp.conf >/dev/null 2>&1 + sed -Ei "s/^#(CPU_ENERGY_PERF_POLICY_ON_BAT=).*/\1balance_poewr/" /etc/tlp.conf >/dev/null 2>&1 sed -Ei "s/^#(START_CHARGE_THRESH_BAT0=).*/\150/" /etc/tlp.conf >/dev/null 2>&1 sed -Ei "s/^#(STOP_CHARGE_THRESH_BAT0=).*/\175/" /etc/tlp.conf >/dev/null 2>&1 sed -Ei "s/^#(START_CHARGE_THRESH_BAT1=).*/\150/" /etc/tlp.conf >/dev/null 2>&1 @@ -395,7 +403,8 @@ tlpsetup() { cronsetup() { whiptail --infobox "Setting service cronjob..." 7 50 - [ -x "$(command -v "cronie")" ] || installpkg cronie && installpkg cronie-"$initsys" + [ -x "$(command -v "cronie")" ] || installpkg cronie + pacman -Qq cronie-"$initsys" >/dev/null 2>&1 || installpkg cronie-"$initsys" case "$initsys" in "runit") ln -s /etc/runit/sv/cronie /run/runit/service/ >/dev/null 2>&1 @@ -412,6 +421,32 @@ cronsetup() { esac } +vpnsetup() { + whiptail --infobox "Setting service vpn..." 7 50 + [ -x "$(command -v "openvpn")" ] || installpkg openvpn + pacman -Qq openvpn-"$initsys" >/dev/null 2>&1 || installpkg openvpn-"$initsys" + pacman -Qq networkmanager-openvpn >/dev/null 2>&1 || installpkg networkmanager-openvpn + nmcli connection import type openvpn file /home/"$name"/.dotfiles/.config/openvpn/thesiah.ovpn >/dev/null 2>&1 +} + + +dashsetup() { + whiptail --infobox "Setting shell to dash..." 7 50 + [ -x "$(command -v "dash")" ] || installpkg dash + printf '[Trigger] +Type = Package +Operation = Install +Operation = Upgrade +Target = bash + +[Action] +Description = Re-pointing /bin/sh symlink to dash... +When = PostTransaction +Exec = /usr/bin/ln -sfT dash /usr/bin/sh +Depends = dash' > /usr/share/libalpm/hooks/relinking-dash.hook + ln -sfT dash /usr/bin/sh +} + finalize() { # Farewell whiptail --title "All done!" \ @@ -574,12 +609,10 @@ pkill -u "$name" librewolf addsudo # Set pam-gnupg -pamgnupg || exit 1 +pamgnupg || error "Failed to set up pam-gnupg" -# Create an ecrypted folder -[ -d /home/"$name"/Media ] || mkdir -p /home/"$name"/Media && chown "$name":wheel /home/"$name"/Media -printf '\nyes\nyes\n' | mount -t ecryptfs Media Media -o passphrase_passwd="$epass1",ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_enable_filename_crypto=y,ecryptfs_passthrough=n >/dev/null 2>&1 || exit 1 -umount /home/"$name"/Media >/dev/null 2>&1 +# ecryptfs set up +ecryptfssetup || error "Failed to set up ecryptfs rules." # ufw set up ufwsetup || error "Failed to set up ufw rules." @@ -593,8 +626,11 @@ tlpsetup || error "Failed to set up tlp" # cronjob set up cronsetup || error "Failed to set up cron" -# Change /bin/sh from bash to dash -ln -sf dash /bin/sh +# vpn set up +vpnsetup || error "Failed to set up vpn" + +# dash set up +dashsetup || error "Failed to set up dash" # Last message! Install complete! finalize |