| Age | Commit message (Collapse) | Author |
|---|
|
Build time too long for limited utility.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
|
- Split error() into error_warn() and error_fatal() for clarity
- Add retry_install() helper to eliminate DRY violation
- Make repo URLs configurable via config file
- Add section headers for better code organization:
- Output & Logging, Installation Helpers, System Detection,
System Configuration
- Standardize function definition style (no space before parens)
- Clean up display() function (remove semicolons, fix spacing)
- Remove legacy error() wrapper
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
|
|
|
Remove overlapping/unused packages:
- librewolf-bin (commented out)
- the_silver_searcher (ripgrep is faster)
- dfc (duf is better)
- p7zip (7zip is newer)
- neovim (use emacs)
- boxbuddy (just GUI for distrobox)
- tageditor (commented out, build issues)
|
|
Remove packages that aren't actively used:
- pycharm-community-edition (use emacs for Python)
- mcomix (comic book reader)
- figlet, figlet-fonts (ASCII art text)
- ledger (CLI accounting)
|
|
- Add is_btrfs_root() function
- Only install timeshift-autosnap and grub-btrfs on btrfs systems
- Skip snapshot tools on ext4/other filesystems
|
|
- Add --config-file PATH CLI flag
- Add load_config() function to source config variables
- Support USERNAME, PASSWORD, AUTOLOGIN, NO_GPU_DRIVERS config options
- Create archsetup.conf.example with documented options
Follows same pattern as archzfs project for consistency.
|
|
texlive-meta was replaced with smaller texlive packages, and topgrade
should always be installed. The flag is no longer needed.
|
|
- Install desktop-file-utils before calling update-desktop-database
- Simplify firewall warning to terse message in error summary
- Clean up package failure messages to show just package name and source
|
|
Configure /etc/pam.d/login to pass login password to gnome-keyring-daemon,
enabling automatic keyring unlock on console login + startx workflow.
|
|
Add gst-plugins-bad, gst-plugins-ugly, and gst-libav for broader
multimedia format support including AAC, MP3, x264, and FFmpeg codecs.
|
|
Remove unused packages:
- jdk-openjdk and openjdk-doc (Java)
- racket (Scheme)
- foliate (epub reader)
|
|
texlive-meta installs 2GB of packages including games, music notation,
and humanities packages that aren't needed. Replace with minimal set
(~335MB) that provides core LaTeX, latexmk, and standard fonts.
|
|
systemctl --user requires an active D-Bus user session bus, which
doesn't exist during installation. Create the enable symlink directly
in ~/.config/systemd/user/default.target.wants/ instead.
|
|
dbus-broker can start before systemd-sysusers completes, causing it to
fail user validation when parsing service files that reference system
users like geoclue. Add a drop-in to ensure sysusers runs first.
|
|
systemctl start ufw.service only runs ufw-init which checks if
ENABLED=yes in /etc/ufw/ufw.conf. Without running 'ufw enable' first,
the firewall remains inactive. Added 'ufw --force enable' to actually
activate the firewall rules.
|
|
lspci parsing missed GPUs that report as "Display controller" instead
of "VGA" (e.g., AMD Strix Halo). Modalias-based detection checks vendor
IDs directly from /sys, which is more reliable and matches how the
kernel itself identifies hardware.
|
|
- Enable chrony service and create /etc/sysconfig/chronyd to suppress warning
- Configure wireless regulatory domain (US) for full WiFi capabilities
- Configure paccache to retain 3 package versions
- Pre-create gnome-keyring with 'login' default (auto-unlocks at login)
- Add rtkit package for pipewire realtime scheduling
- Add validation test for gnome-keyring setup
- Add system action .desktop files (logout, shutdown, reboot, suspend, lock)
|
|
Register custom .desktop files in desktop database after stow links
them into place.
|
|
- Verify ufw is active after setup completes
- Display critical security warning in outro if firewall not active
- Include manual fix commands in warning message
|
|
Configure en_US.UTF-8 locale early in Environment Configuration
section to prevent "cannot change locale" errors during package
installs.
|
|
- Replace deprecated ntp with chrony for time sync
- Add opus codec (all music in opus format)
- Add iperf3 and net-tools for network diagnostics
- Add lexend-fonts-git font
- Fix rmmod pcspkr error when module not loaded
- Remove duplicate mediainfo entry (kept in Emacs section)
|
|
Native install to ~/.local/bin allows auto-updates without sudo.
|
|
- GRUB_TIMEOUT 0→2 seconds for menu access
- Syncthing: system service → user service with lingering to prevent lock conflicts
- Update airplanemodetoggle for user service
- Update validation to check lingering instead of system service
|
|
- Skip udev→systemd hook change on ZFS systems (ZFS hook is busybox-based)
- Add nvme to MODULES for NVMe systems (ensures devices ready for ZFS import)
- Add random.trust_cpu=off to suppress AMD RDSEED warnings
- Add has_nvme_drives() detection function
New validation tests:
- validate_terminus_font: check package installed via pacman
- validate_mkinitcpio_hooks: verify ZFS uses udev not systemd
- validate_initramfs_consolefont: check font in initramfs
- validate_nvme_module: check nvme in MODULES for NVMe systems
|
|
Remove ports for services not installed:
- 80,443,8080/tcp (no web server)
- 9040,9050,9051,9053,9119/tcp (Tor relay - only client installed)
- 443/tcp limit (no HTTPS service)
Add inline comments documenting each port's purpose.
|
|
Detect if avahi-daemon.service is active and skip install/config.
Supports archzfs installs that pre-configure avahi for mDNS on first boot.
|
|
Locking root prevents console access after reboot, making recovery
impossible without reinstalling.
|
|
Move redirect outside subshell so mkdir and git clone output
goes to logfile instead of stdout.
|
|
- Run npm install -g as root (global install requires root perms)
- Add wireless-regdb to prerequisites (prevents kernel regulatory warnings)
|
|
The stub-resolv.conf file only exists when systemd-resolved is running.
|
|
Creates /etc/docker/daemon.json with storage-driver: zfs when running
on a ZFS root filesystem. This provides better performance and enables
Docker to leverage ZFS snapshots.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
|
Installs @anthropic-ai/claude-code via npm after npm is installed.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
|
- tailscale-bin no longer exists in AUR; tailscale is now in official repos
- torbrowser-launcher (official repo) is more reliable than tor-browser-bin
(AUR) which has GPG key verification issues
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
|
- ZFS scrub timer: use template unit with pool name (zfs-scrub-weekly@pool.timer)
- Emacs config: handle existing .emacs.d dir with git pull instead of failing
|
|
|
|
|
|
|
|
- Bootstrap DNS symlink in create_user() before AUR/git operations
- Add git safe.directory config before git restore (root on user repo)
|
|
When run via curl|bash, archsetup_dir resolves to /root with no files.
Now clones from git.cjennings.net instead of copying local files.
|
|
- Fixed permission bug where source_dir tmpfs was owned by root
- Remove zfssnapshot and zfsrollback (now in archzfs ISO)
|
|
- Add --autologin and --no-autologin CLI flags
- Add is_encrypted_root() to detect LUKS and ZFS encryption
- Prompt user on encrypted systems (default yes)
- Configure getty@tty1 drop-in for passwordless login after decryption
|
|
- wireguard-tools from pacman (dotfiles have helper functions ready)
- tailscale-bin from AUR (prebuilt, fast install)
- Enable tailscaled service (run 'tailscale up' to authenticate)
|
|
|
|
- Configure systemd-resolved with DoT using Cloudflare + Quad9
- Enable DNSSEC validation
- Integrate with NetworkManager
- Fix conflict: keep systemd-resolved for DNS, avahi for mDNS
|
|
|
|
|
|
|
|
Root is locked last so it remains available for recovery if script fails earlier.
Users must use sudo for privileged operations after successful install.
|
|
|
