blob: fda2cd4fc83d083cbfc2d3edcd117c684c1b4ca7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
#!/bin/sh
#
# ALPINE LINUX POST SETUP
#
if [ ! "$(id -u)" -eq 0 ]; then
echo "Script must be run as root";
exit 1
fi
# CONFIG
user="blake"
# Install additional packages
apk add linux-stable git curl bash bash-completion \
vim vimdiff tmux colordiff \
iwd openresolv impala \
ncurses acpi kbd xdg-user-dirs \
shellcheck fastfetch btop eza \
mandoc mandoc-apropos docs \
ufw iproute2 drill \
pipewire pipewire-pulse pipewire-jack wireplumber \
wayland-pipewire-idle-inhibit \
bluez pipewire-spa-bluez bluetuith \
mako libnotify wlsunset wev grimshot \
waybar font-hack-nerd font-terminus-nerd adwaita-icon-theme \
mpv zathura-pdf-mupdf swayimg-full nwg-launchers-grid \
flatpak xdg-desktop-portal xdg-desktop-portal-wlr \
syncthing syncthing-openrc \
lnav pass
# WIFI: Switch wpa_supplicant to iwd
# requires: iwd openresolv
sed 's/#\[General\]/\[General\]/;
s/#EnableNetworkConfiguration/EnableNetworkConfiguration/;
s/#\[Network\]/\[Network\]/;
s/#NameResolvingService/NameResolvingService/' \
-i /etc/iwd/main.conf
resolvconf -u
rc-service wpa_supplicant stop
rc-service iwd start
rc-update del networking boot
rc-update del wpa_supplicant boot
rc-update add iwd boot
# Set Caps key to CTRL
# requires: kbd
keymap=caps-ctrl.bmap
if [ ! -f "/etc/keymap/$keymap" ]; then
(dumpkeys | grep keymaps; echo keycode 58 = Control) | loadkeys
dumpkmap > $keymap && gzip $keymap
mv $keymap.gz /etc/keymap \
&& sed "s/gb.bmap.gz/$keymap.gz/" -i /etc/conf.d/loadkmap
fi
# Set GRUB boot screen resolution
if ! grep "GRUB_GFXMODE=*" /etc/default/grub >/dev/null; then
echo "GRUB_GFXMODE=1024x768,auto" >> /etc/default/grub
update-grub
fi
# Setup bluetooth
# requires: bluez pipewire-spa-bluez
modprobe btusb
adduser $user lp
sed 's/#AutoEnable.*/AutoEnable=false/' -i /etc/bluetooth/main.conf
#sed 's/#Experimental.*/Experimental = false/' -i /etc/bluetooth/main.conf
rc-service bluetooth start
rc-update add bluetooth default
# Setup firewall
# requires: ufw
subnet=192.168.1.0/24
ufw enable
ufw default deny incoming
ufw default allow outgoing
ufw allow from $subnet to any port 22/tcp comment 'Allow incoming SSH via subnet'
# Podman
# requires: podman
apk add crun podman podman-tui
rc-update add cgroups
rc-service cgroups start
# for rootless/user run podman
modprobe tun
grep "^tun" /etc/modules || echo tun >> /etc/modules
echo "$user:100000:65536" > /etc/subuid
echo "$user:100000:65536" > /etc/subgid
# Incus
apk add incus incus-client \
incus-user incus-user-openrc incus-vm
# XDG user directories
# requires: xdg-user-dirs
mkdir /home/$user/desktop >/dev/null 2>&1
mkdir /home/$user/downloads >/dev/null 2>&1
mkdir /home/$user/templates >/dev/null 2>&1
mkdir /home/$user/shared >/dev/null 2>&1
mkdir /home/$user/documents >/dev/null 2>&1
mkdir /home/$user/audio >/dev/null 2>&1
mkdir /home/$user/images >/dev/null 2>&1
mkdir /home/$user/video >/dev/null 2>&1
mkdir /home/$user/.config >/dev/null 2>&1
cat <<EOF > /home/$user/.config/user-dirs.dirs
XDG_DOWNLOAD_DIR="/home/$user/downloads"
XDG_DESKTOP_DIR="/home/$user/desktop"
XDG_TEMPLATES_DIR="/home/$user/templates"
XDG_PUBLICSHARE_DIR="/home/$user/shared"
XDG_DOCUMENTS_DIR="/home/$user/documents"
XDG_MUSIC_DIR="/home/$user/audio"
XDG_PICTURES_DIR="/home/$user/images"
XDG_VIDEOS_DIR="/home/$user/videos"
EOF
# Setup flatpak
# requires: flatpak
url="https://dl.flathub.org/repo/flathub.flatpakrepo"
su -l "$user" -c "flatpak remote-add --user --if-not-exists flathub $url"
su -l "$user" -c "flatpak install --noninteractive flatseal"
|
