diff --git a/lib/desktop/drivers.sh b/lib/desktop/drivers.sh index 8a5014a..9920699 100644 --- a/lib/desktop/drivers.sh +++ b/lib/desktop/drivers.sh @@ -33,32 +33,19 @@ NVIDIA_PACKAGES=( libva-nvidia-driver ) -# Install Intel graphics drivers -install_intel_graphics() { - print "Installing Intel graphics drivers..." - chroot_install "${INTEL_PACKAGES[@]}" -} - -# Install NVIDIA graphics drivers -install_nvidia_graphics() { - print "Installing NVIDIA graphics drivers..." - chroot_install "${NVIDIA_PACKAGES[@]}" -} - # Prompt user for graphics driver selection and install prompt_install_graphics() { - print "Would you like to install graphics drivers? Type 'intel' exactly for Intel graphics drivers, 'nvidia' for NVIDIA graphics drivers, or anything else to skip." - read -r driver + prompt_menu "Would you like to install graphics drivers?" "Intel" "NVIDIA" "Skip" - case "$driver" in - "intel") - install_intel_graphics + case "$MENU_SELECTION" in + 1) + print "Installing Intel graphics drivers..." + chroot_pacman_install "${INTEL_PACKAGES[@]}" ;; - "nvidia") - install_nvidia_graphics - ;; - *) - print "Skipping graphics driver installation." + 2) + print "Installing NVIDIA graphics drivers..." + chroot_pacman_install "${NVIDIA_PACKAGES[@]}" ;; + *) print "Skipping graphics driver installation." ;; esac } diff --git a/lib/desktop/xfce.sh b/lib/desktop/xfce.sh index 58c0173..d5c1598 100644 --- a/lib/desktop/xfce.sh +++ b/lib/desktop/xfce.sh @@ -61,12 +61,7 @@ XFCE_PACKAGES=( # Install XFCE base packages install_xfce_packages() { - chroot_install "${XFCE_PACKAGES[@]}" -} - -# Enable LightDM display manager -enable_lightdm() { - chroot_enable lightdm.service + chroot_pacman_install "${XFCE_PACKAGES[@]}" } # Configure LightDM greeter @@ -109,7 +104,7 @@ install_xfce() { local username="$1" install_xfce_packages - enable_lightdm + chroot_systemd_enable lightdm.service configure_lightdm copy_xfce_config "$username" } diff --git a/lib/disk/luks.sh b/lib/disk/luks.sh index 962a217..847f635 100644 --- a/lib/disk/luks.sh +++ b/lib/disk/luks.sh @@ -98,24 +98,9 @@ close_luks_container() { # Returns: # 0 on success, 1 on mismatch prompt_encryption_password() { - local password - local password_confirm - - print "Please enter your desired encryption passphrase." - read -rs password - echo - - print "Please confirm your encryption passphrase." - read -rs password_confirm - echo - - if [ "$password" != "$password_confirm" ]; then - print_error "Passphrases do not match." + if ! prompt_password "Please enter your desired encryption passphrase." ENCRYPTION_PASSWORD; then return 1 fi - - ENCRYPTION_PASSWORD="$password" - unset password password_confirm return 0 } diff --git a/lib/system/base.sh b/lib/system/base.sh index 4d0c005..1df7ad3 100644 --- a/lib/system/base.sh +++ b/lib/system/base.sh @@ -30,17 +30,20 @@ chroot_run() { arch-chroot "${MOUNT_POINT}" "$@" } -# Install packages in the chroot environment +# Install packages in the chroot environment using pacman # Arguments: # $@ - package names -chroot_install() { +chroot_pacman_install() { run_visible_cmd chroot_run pacman --noconfirm -S "$@" } -# Enable a systemd service in the chroot environment +# Enable systemd units in the chroot environment # Arguments: -# $@ - service names -chroot_enable() { +# $@ - unit names (services, timers, etc.) +chroot_systemd_enable() { + for unit in "$@"; do + print "Enabling ${unit}..." + done run_visible_cmd chroot_run systemctl enable "$@" } @@ -80,10 +83,10 @@ install_microcode() { case "$vendor" in "intel") - chroot_install intel-ucode + chroot_pacman_install intel-ucode ;; "amd") - chroot_install amd-ucode + chroot_pacman_install amd-ucode ;; *) print_warning "Unknown CPU vendor: ${vendor}. Please install microcode manually after installation, if available." diff --git a/lib/system/network.sh b/lib/system/network.sh index 03116f0..088f46b 100644 --- a/lib/system/network.sh +++ b/lib/system/network.sh @@ -55,41 +55,24 @@ configure_mirrorlist() { echo "Server = ${MIRROR_URL}" > /etc/pacman.d/mirrorlist } -# Enable systemd-resolved +# Enable systemd-resolved and configure resolv.conf symlink enable_resolved() { - print "Enabling systemd-resolved..." - - chroot_enable systemd-resolved.service + chroot_systemd_enable systemd-resolved.service ln -sf ../run/systemd/resolve/stub-resolv.conf "${MOUNT_POINT}/etc/resolv.conf" } -# Enable systemd-networkd -enable_networkd() { - print "Enabling systemd-networkd..." - chroot_enable systemd-networkd.service -} - -# Enable systemd-timesyncd -enable_timesyncd() { - print "Enabling systemd-timesyncd..." - chroot_enable systemd-timesyncd.service -} - # Prompt and install iwd for Wi-Fi support prompt_install_wifi() { - print "Would you like to install iwd for Wi-Fi support? Enter 'y' exactly for yes, otherwise anything else to skip." - read -r install_iwd - - if [ "$install_iwd" = "y" ]; then + if confirm "Would you like to install iwd for Wi-Fi support?"; then print "Installing iwd..." - chroot_install iwd - chroot_enable iwd.service + chroot_pacman_install iwd + chroot_systemd_enable iwd.service fi } # Full network setup setup_network() { enable_resolved - enable_networkd - enable_timesyncd + chroot_systemd_enable systemd-networkd.service + chroot_systemd_enable systemd-timesyncd.service } diff --git a/lib/system/security.sh b/lib/system/security.sh index af34b03..559be68 100644 --- a/lib/system/security.sh +++ b/lib/system/security.sh @@ -36,21 +36,14 @@ configure_initramfs() { run_visible_cmd chroot_run mkinitcpio -P } -# Enable fstrim timer for SSD maintenance -enable_fstrim() { - print "Enabling fstrim timer..." - chroot_enable fstrim.timer -} - -# Enable BTRFS scrub timer +# Enable BTRFS scrub timer if using BTRFS filesystem # Arguments: # $1 - filesystem type enable_btrfs_scrub() { local filesystem="$1" if [ "$filesystem" = "btrfs" ] || [ "$filesystem" = "btrfs-dup" ]; then - print "Enabling btrfs scrub timer..." - chroot_enable btrfs-scrub@-.timer + chroot_systemd_enable btrfs-scrub@-.timer fi } @@ -66,18 +59,6 @@ disable_root() { chroot_run passwd -l root } -# Enable nftables firewall -enable_firewall() { - print "Enabling nftables firewall..." - chroot_enable nftables.service -} - -# Enable smartd for drive monitoring -enable_smartd() { - print "Enabling smartd..." - chroot_enable smartd.service -} - # Configure SSH server # Arguments: # $1 - username to allow SSH access @@ -88,7 +69,7 @@ configure_ssh() { chroot_run sed -i "s|PLACEHOLDER|${username}|" /etc/ssh/sshd_config run_visible_cmd chroot_run ssh-keygen -t ed25519 -C "" -N "" -f /etc/ssh/ssh_host_ed25519_key - chroot_enable sshd.service + chroot_systemd_enable sshd.service } # Display SSH host key fingerprint @@ -113,7 +94,7 @@ configure_usbguard() { read -r chroot_run sh -c "usbguard generate-policy > /etc/usbguard/rules.conf" - chroot_enable usbguard.service + chroot_systemd_enable usbguard.service } # Full security setup @@ -124,8 +105,8 @@ setup_security() { configure_sudo disable_root - enable_firewall - enable_smartd - enable_fstrim + chroot_systemd_enable nftables.service + chroot_systemd_enable smartd.service + chroot_systemd_enable fstrim.timer enable_btrfs_scrub "$filesystem" } diff --git a/lib/system/user.sh b/lib/system/user.sh index 6a06b66..59e142c 100644 --- a/lib/system/user.sh +++ b/lib/system/user.sh @@ -22,14 +22,10 @@ # Sets: # USERNAME - the entered username prompt_username() { - local username - while true; do - print "Please enter the username you'd like to use for your account:" - read -r username + prompt "Please enter the username you'd like to use for your account:" USERNAME - if validate_username "$username"; then - USERNAME="$username" + if validate_username "$USERNAME"; then return 0 fi diff --git a/profiles/registry.sh b/profiles/registry.sh index 927f9b7..5a69868 100644 --- a/profiles/registry.sh +++ b/profiles/registry.sh @@ -153,14 +153,14 @@ install_profile() { packages=$(get_profile_packages "$profile") if [ -n "$packages" ]; then # shellcheck disable=SC2086 - chroot_install $packages + chroot_pacman_install $packages fi # Enable profile services services=$(get_profile_services "$profile") if [ -n "$services" ]; then # shellcheck disable=SC2086 - chroot_enable $services + chroot_systemd_enable $services fi }