rakor · February 8, 2025 09:47
diff --git a/archinstall_btrfs.sh b/archinstall_btrfs.sh
 #!/bin/sh

 # You really would want to configure those variables
 HAVEYOUCONFIGUREDTHESCRIPT="NO"
 USERNAME=rakor
 HDD=/dev/vda
 MYHOSTNAME=archlinux
 SWAPGB=1
 EFIGB=1
 ROOT=root
 INTELMICROCODE="YES"

 # You might want to configure those variables
 ADDITIONALPACKETS="man-pages-de man-db syncthing ufw restic git fish unzip gnome gnome-extra"
 ENABLESERVICES="NetworkManager ufw gdm"

 # Filename holding the status of the script
 STATUSFILE=~/archinstallservice.txt

 # Put in additional commands to run as root after the installation has
 # finished inside the new environment
 additionalCommands(){
    # enable ufw and allow syncthing
    ufw enable
    ufw allow syncthing

    # set fish as defaultshell for user
    chsh -s /usr/bin/fish $USERNAME	
    
    #Install restic-backup-scripts and cron-backup
    curl -L -s https://github.com/rakor/resticbackupscript/archive/master.zip -o /root/backupscript.zip
    unzip backupscript.zip
    rm backupscript.zip
    sh resticbackupscript-master/install.sh
    sed -e "s[^\s*RESTIC=.*\$[RESTIC=/usr/bin/restic[" resticbackupscript-master/resticrc_debian > /root/.resticrc
    rm -rf resticbackupscript-master
    echo "[Unit]"                                       >> /etc/systemd/system/resticbackup.service
    echo "Description=create a restic-backup"           >> /etc/systemd/system/resticbackup.service
    echo "[Service]"                                    >> /etc/systemd/system/resticbackup.service
    echo "Type=oneshot"                                 >> /etc/systemd/system/resticbackup.service
    echo "Environment=\"HOME=/root\""                   >> /etc/systemd/system/resticbackup.service
    echo "ExecStart=/usr/local/bin/resticbackup --rc /root/.resticrc cron"   >> /etc/systemd/system/resticbackup.service
    echo "[Unit]"                                       >> /etc/systemd/system/resticbackup.timer
    echo "Description=Start a restic-backup every hour" >> /etc/systemd/system/resticbackup.timer
    echo "[Timer]"                                      >> /etc/systemd/system/resticbackup.timer
    echo "OnBootSec=10min"                              >> /etc/systemd/system/resticbackup.timer
    echo "OnUnitActiveSec=1h"                           >> /etc/systemd/system/resticbackup.timer
    echo "[Install]"                                    >> /etc/systemd/system/resticbackup.timer
    echo "WantedBy=timers.target"                       >> /etc/systemd/system/resticbackup.timer

    ####
    # Install vimrc and colors
    curl -s https://raw.githubusercontent.com/rakor/config/master/home/.vimrc -o /root/.vimrc
    chown root:root /root/.vimrc
    chmod 644 /root/.vimrc
    curl -s https://raw.githubusercontent.com/rakor/config/master/home/.vimrc -o /home/$USERNAME/.vimrc
    chown $USERNAME:$USERNAME /home/$USERNAME/.vimrc
    chmod 644 /home/$USERNAME/.vimrc
    mkdir -p /root/.vim/colors
    mkdir -p /home/$USERNAME/.vim/colors
    curl -s https://raw.githubusercontent.com/tomasr/molokai/master/colors/molokai.vim -o /home/$USERNAME/.vim/colors/molokai.vim
    cp /home/$USERNAME/.vim/colors/molokai.vim /root/.vim/colors/molokai.vim
    chown $USERNAME:$USERNAME -R /home/$USERNAME/.vim

    echo;echo
    echo " /!\\ ADDITIONAL INFORMATION /!\\"
    echo
    echo "RESTIC"
    echo "======"
    echo "Please don't forget to set repository and password for the restic-backups in /root/.resticrc."
    echo "Then you have to 'resticcmd init' the repository if it is a new one."	
    echo
    echo "After having setup the resticrc, enable the service with"
    echo "  systemctl enable resticbackup.timer"
    echo;echo 
    echo "Syncthing"
    echo "========="
    echo "If you want to start syncthing automatically at logon of your"
    echo "user run as user $USERNAME:"
    echo "  systemctl --user enable syncthing.service"
    echo "  systemctl --user start syncthing.service"
    echo "Syncthing will be listening on Port 8384 for the Webinterface"
    echo "If you also want to allow external access to the Syncthing web GUI, run:"
    echo "  ufw allow syncthing-gui"
    echo "Allowing external access is not necessary for a typical installation."
 }

 installintelmicrocode(){
    # MIGHT NOT BE NECESSARY
 #    pacman -S --noconfirm intel-ucode
 #    mkdir -p /etc/pacman.d/hooks
 #	echo "[Trigger]"                                        >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo "Type = Package"                                   >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo "Operation = Install"                              >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo "Operation = Upgrade"                              >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo "Target = linux"                                   >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo ""                                                 >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo "[Trigger]"                                        >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo "Type = Package"                                   >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo "Operation = Install"                              >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo "Operation = Upgrade"                              >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo "Target = intel-ucode"                             >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo ""                                                 >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo "[Action]"                                         >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo "Description = Adding microcode to boot image..."  >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo "When = PostTransaction"                           >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #	echo "Exec = /usr/bin/sh -c 'cat /boot/intel-ucode.img /boot/initramfs-linux.img > /boot/initramfs-linux-mc.img && ln -Tf /boot/vmlinuz-linux /boot/vmlinuz-linux-mc'" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
 #    /usr/bin/sh -c 'cat /boot/intel-ucode.img /boot/initramfs-linux.img > /boot/initramfs-linux-mc.img && ln -Tf /boot/vmlinuz-linux /boot/vmlinuz-linux-mc'
 }

 nextstep(){
    STEP=$(($STEP+1))
    echo "STEP=$STEP" > $STATUSFILE
 }

 step1(){
 	#German keyboardlayout
    loadkeys de-latin1

 	# Test network
    timedatectl status

 	# Partitioning
 	# Create a GPT-layout and inside an efs-partition, swap, and root-pool
    sgdisk     -n1:1M:+${EFIGB}G   -t1:EF00 -c1:"efi-part"  $HDD
    sgdisk     -n2:0:+${SWAPGB}G   -t2:8200 -c2:"swap" $HDD    # SWAP
    sgdisk     -n3:0:0             -t3:8300 -c3:"root-part" $HDD    # ROOT

    mkswap /dev/disk/by-partlabel/swap

    mkfs.fat -F 32 /dev/disk/by-partlabel/efi-part

 # Setup of luks and btrfs
    cryptsetup luksFormat -c aes-xts-plain64 -s 512 -h sha256 /dev/disk/by-partlabel/root-part
    cryptsetup luksOpen /dev/disk/by-partlabel/root-part cryptroot
    mkfs.btrfs -L ROOT /dev/mapper/cryptroot
    mount /dev/mapper/cryptroot /mnt
    btrfs subvolume create /mnt/@
    btrfs subvolume create /mnt/@home
    btrfs subvolume create /mnt/@tmp
    btrfs subvolume create /mnt/@pkg
    btrfs subvolume create /mnt/@log
    umount /mnt
    mount -o compress=zstd,subvol=@ /dev/mapper/cryptroot /mnt
    mkdir /mnt/home
    mkdir /mnt/tmp
    mkdir /mnt/boot
    mkdir -p /mnt/var/cache/pacman/pkg
    mkdir -p /mnt/var/log
    mount -o compress=zstd,subvol=@home /dev/mapper/cryptroot /mnt/home
    mount -o compress=zstd,subvol=@tmp /dev/mapper/cryptroot /mnt/tmp
    mount -o compress=zstd,subvol=@log /dev/mapper/cryptroot /mnt/var/log
    mount -o compress=zstd,subvol=@pkg /dev/mapper/cryptroot /mnt/var/cache/pacman/pkg



 	# installation of arch-linux
    mount /dev/disk/by-partlabel/efi-part /mnt/boot
    swapon /dev/disk/by-partlabel/swap
    pacstrap -K /mnt base linux linux-firmware vim networkmanager btrfs-progs man-pages-de
    genfstab -U /mnt >> /mnt/etc/fstab

    nextstep
    cp $0 /mnt/root/
    cp $STATUSFILE /mnt/root
    chmod 777 /mnt/root/$0

    echo;echo
    echo "Type 'arch-chroot /mnt' to switch into the new installation"
    echo "Then change directory to /root and start the script another time"

    nextstep
    exit
 }

 step2(){
 	# basesettings
    ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
    hwclock --systohc

 	# prepare locale.gen to get german an us and set language-settings
    sed -i -e 's%^#s*\(\(en_US\|de_DE\)\.UTF-8\)%\1%' /etc/locale.gen
    locale-gen
    echo LANG=de_DE.UTF-8 >> /etc/locale.conf
    echo KEYMAP=de-latin1 >> /etc/vconsole.conf
    echo $MYHOSTNAME >> /etc/hostname

 	# prepare mkinitcpio
    sed -i -e 's|^\s*\(HOOKS=.*\)\(filesystems.*\)|\1 encrypt \2|' /etc/mkinitcpio.conf
    mkinitcpio -P

 # Install Grub
    pacman -S --noconfirm grub efibootmgr
    grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=GRUB
    LUKSUUID=$(blkid -s UUID -o value "/dev/disk/by-partlabel/root-part")
    sed -i -e 's%^GRUB_CMDLINE_LINUX.*$%GRUB_CMDLINE_LINUX="cryptdevice=UUID=${LUKSUUID}:cryptroot root=/dev/mapper/cryptroot"%' /etc/default/grub

 	# Set password for root
    echo;echo
    echo "Please set password for 'root'"
    passwd
    mv /root/.bashrc /root/.bashrc_old
    curl -s  https://raw.githubusercontent.com/rakor/config/master/root/.bashrc -o /root/.bashrc

 	# last steps to prepare the installation

 	# Create user and its datasets
    echo;echo
    echo "Creating user $USERNAME"
    useradd -m -G wheel $USERNAME
    echo "Please give the password to set for user $USERNAME"
    passwd $USERNAME

 	# set permissions
    cp -r /etc/skel/.[^.]* /home/$USERNAME
    cp -r /etc/skel/* /home/$USERNAME
    chown -R $USERNAME:$USERNAME /home/$USERNAME
    chmod 700 /root
    chmod 1777 /tmp
    chmod 700 /home/$USERNAME

    chmod 700 /boot
    chmod 600 /boot/*
    chmod 700 /boot/efi

 	#install additional packages
    pacman -S --noconfirm $ADDITIONALPACKETS

 	#enable services
    for i in $ENABLESERVICES; do 
        systemctl enable $i.service

    done

    if [ $INTELMICROCODE = "YES" ]; then
        installintelmicrocode
    fi

    ######  Insert backup of packagelist
    echo "[Unit]"                                               >> /etc/systemd/system/mkpackagelist.service
    echo "Description=Create a list of all installed packages"  >> /etc/systemd/system/mkpackagelist.service
    echo "[Service]"                                            >> /etc/systemd/system/mkpackagelist.service
    echo "Type=oneshot"                                         >> /etc/systemd/system/mkpackagelist.service
    echo "ExecStart=sh -c 'pacman -Qe > /root/packagelist.txt'" >> /etc/systemd/system/mkpackagelist.service

    echo "[Unit]"                                       >> /etc/systemd/system/mkpackagelist.timer
    echo "Description=Create a daily packagelist"       >> /etc/systemd/system/mkpackagelist.timer
    echo "[Timer]"                                      >> /etc/systemd/system/mkpackagelist.timer
    echo "OnBootSec=5min"                               >> /etc/systemd/system/mkpackagelist.timer
    echo "OnUnitActiveSec=1d"                           >> /etc/systemd/system/mkpackagelist.timer
    echo "[Install]"                                    >> /etc/systemd/system/mkpackagelist.timer
    echo "WantedBy=timers.target"                       >> /etc/systemd/system/mkpackagelist.timer

    # Enable the periodic packagelist
    systemctl daemon-reload
    systemctl enable mkpackagelist.timer


    # Check vor virtualisation and install spice-vdagent
    if [ `systemd-detect-virt` = "kvm" ] || [ `systemd-detect-virt` = "qemu" ]; then
        echo "You are running in a virtual environment"
        if dmesg | grep -q -i qxl ; then
            echo "You use qxl for your video. We'll install spice-vdagent"
            pacman -S --noconfirm spice-vdagent
        fi
    fi

    echo;echo
    echo "You can now leave the chroot. Please do the following:"
    echo 
    echo "  umount /boot/efi"
    echo "  exit"
    echo "  zfs umount -a"
    echo "  zpool export ${ROOTPOOL}"
    echo "  reboot"
    echo
    echo "After the first reboot run this script a last time..."

    nextstep
 	# We should somehow install the microcode-updates...
        exit
 }

 step3(){
    # run additional commands set up on top.
    additionalCommands
    rm /root/$STATUSFILE
    echo "Now your installation has finished... Have fun..."
 }

 #you should have configured the script
 if [ $HAVEYOUCONFIGUREDTHESCRIPT = "NO" ]; then
    echo "You really should configure the script first..."
    echo "Open the script in your favorite editor and configure the variables on the top."
    echo "exiting..."
    exit
 fi

 if [ -e $STATUSFILE ]; then
  . $STATUSFILE
 else
    STEP=1
 fi

 if [ $STEP = 1 ]; then
    step1
 elif [ $STEP = 2 ]; then
    step2
 elif [ $STEP = 3 ]; then
    step3
 fi
	#!/bin/sh

	# You really would want to configure those variables
	HAVEYOUCONFIGUREDTHESCRIPT="NO"
	USERNAME=rakor
	HDD=/dev/vda
	MYHOSTNAME=archlinux
	SWAPGB=1
	EFIGB=1
	ROOT=root
	INTELMICROCODE="YES"

	# You might want to configure those variables
	ADDITIONALPACKETS="man-pages-de man-db syncthing ufw restic git fish unzip gnome gnome-extra"
	ENABLESERVICES="NetworkManager ufw gdm"

	# Filename holding the status of the script
	STATUSFILE=~/archinstallservice.txt

	# Put in additional commands to run as root after the installation has
	# finished inside the new environment
	additionalCommands(){
	# enable ufw and allow syncthing
	ufw enable
	ufw allow syncthing

	# set fish as defaultshell for user
	chsh -s /usr/bin/fish $USERNAME

	#Install restic-backup-scripts and cron-backup
	curl -L -s https://github.com/rakor/resticbackupscript/archive/master.zip -o /root/backupscript.zip
	unzip backupscript.zip
	rm backupscript.zip
	sh resticbackupscript-master/install.sh
	sed -e "s[^\sRESTIC=.\$[RESTIC=/usr/bin/restic[" resticbackupscript-master/resticrc_debian > /root/.resticrc
	rm -rf resticbackupscript-master
	echo "[Unit]" >> /etc/systemd/system/resticbackup.service
	echo "Description=create a restic-backup" >> /etc/systemd/system/resticbackup.service
	echo "[Service]" >> /etc/systemd/system/resticbackup.service
	echo "Type=oneshot" >> /etc/systemd/system/resticbackup.service
	echo "Environment=\"HOME=/root\"" >> /etc/systemd/system/resticbackup.service
	echo "ExecStart=/usr/local/bin/resticbackup --rc /root/.resticrc cron" >> /etc/systemd/system/resticbackup.service
	echo "[Unit]" >> /etc/systemd/system/resticbackup.timer
	echo "Description=Start a restic-backup every hour" >> /etc/systemd/system/resticbackup.timer
	echo "[Timer]" >> /etc/systemd/system/resticbackup.timer
	echo "OnBootSec=10min" >> /etc/systemd/system/resticbackup.timer
	echo "OnUnitActiveSec=1h" >> /etc/systemd/system/resticbackup.timer
	echo "[Install]" >> /etc/systemd/system/resticbackup.timer
	echo "WantedBy=timers.target" >> /etc/systemd/system/resticbackup.timer

	####
	# Install vimrc and colors
	curl -s https://raw.githubusercontent.com/rakor/config/master/home/.vimrc -o /root/.vimrc
	chown root:root /root/.vimrc
	chmod 644 /root/.vimrc
	curl -s https://raw.githubusercontent.com/rakor/config/master/home/.vimrc -o /home/$USERNAME/.vimrc
	chown $USERNAME:$USERNAME /home/$USERNAME/.vimrc
	chmod 644 /home/$USERNAME/.vimrc
	mkdir -p /root/.vim/colors
	mkdir -p /home/$USERNAME/.vim/colors
	curl -s https://raw.githubusercontent.com/tomasr/molokai/master/colors/molokai.vim -o /home/$USERNAME/.vim/colors/molokai.vim
	cp /home/$USERNAME/.vim/colors/molokai.vim /root/.vim/colors/molokai.vim
	chown $USERNAME:$USERNAME -R /home/$USERNAME/.vim

	echo;echo
	echo " /!\\ ADDITIONAL INFORMATION /!\\"
	echo
	echo "RESTIC"
	echo "======"
	echo "Please don't forget to set repository and password for the restic-backups in /root/.resticrc."
	echo "Then you have to 'resticcmd init' the repository if it is a new one."
	echo
	echo "After having setup the resticrc, enable the service with"
	echo " systemctl enable resticbackup.timer"
	echo;echo
	echo "Syncthing"
	echo "========="
	echo "If you want to start syncthing automatically at logon of your"
	echo "user run as user $USERNAME:"
	echo " systemctl --user enable syncthing.service"
	echo " systemctl --user start syncthing.service"
	echo "Syncthing will be listening on Port 8384 for the Webinterface"
	echo "If you also want to allow external access to the Syncthing web GUI, run:"
	echo " ufw allow syncthing-gui"
	echo "Allowing external access is not necessary for a typical installation."
	}

	installintelmicrocode(){
	# MIGHT NOT BE NECESSARY
	# pacman -S --noconfirm intel-ucode
	# mkdir -p /etc/pacman.d/hooks
	# echo "[Trigger]" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "Type = Package" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "Operation = Install" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "Operation = Upgrade" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "Target = linux" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "[Trigger]" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "Type = Package" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "Operation = Install" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "Operation = Upgrade" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "Target = intel-ucode" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "[Action]" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "Description = Adding microcode to boot image..." >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "When = PostTransaction" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# echo "Exec = /usr/bin/sh -c 'cat /boot/intel-ucode.img /boot/initramfs-linux.img > /boot/initramfs-linux-mc.img && ln -Tf /boot/vmlinuz-linux /boot/vmlinuz-linux-mc'" >> /etc/pacman.d/hooks/01-zbm_microcode.hook
	# /usr/bin/sh -c 'cat /boot/intel-ucode.img /boot/initramfs-linux.img > /boot/initramfs-linux-mc.img && ln -Tf /boot/vmlinuz-linux /boot/vmlinuz-linux-mc'
	}

	nextstep(){
	STEP=$(($STEP+1))
	echo "STEP=$STEP" > $STATUSFILE
	}

	step1(){
	#German keyboardlayout
	loadkeys de-latin1

	# Test network
	timedatectl status

	# Partitioning
	# Create a GPT-layout and inside an efs-partition, swap, and root-pool
	sgdisk -n1:1M:+${EFIGB}G -t1:EF00 -c1:"efi-part" $HDD
	sgdisk -n2:0:+${SWAPGB}G -t2:8200 -c2:"swap" $HDD # SWAP
	sgdisk -n3:0:0 -t3:8300 -c3:"root-part" $HDD # ROOT

	mkswap /dev/disk/by-partlabel/swap

	mkfs.fat -F 32 /dev/disk/by-partlabel/efi-part

	# Setup of luks and btrfs
	cryptsetup luksFormat -c aes-xts-plain64 -s 512 -h sha256 /dev/disk/by-partlabel/root-part
	cryptsetup luksOpen /dev/disk/by-partlabel/root-part cryptroot
	mkfs.btrfs -L ROOT /dev/mapper/cryptroot
	mount /dev/mapper/cryptroot /mnt
	btrfs subvolume create /mnt/@
	btrfs subvolume create /mnt/@home
	btrfs subvolume create /mnt/@tmp
	btrfs subvolume create /mnt/@pkg
	btrfs subvolume create /mnt/@log
	umount /mnt
	mount -o compress=zstd,subvol=@ /dev/mapper/cryptroot /mnt
	mkdir /mnt/home
	mkdir /mnt/tmp
	mkdir /mnt/boot
	mkdir -p /mnt/var/cache/pacman/pkg
	mkdir -p /mnt/var/log
	mount -o compress=zstd,subvol=@home /dev/mapper/cryptroot /mnt/home
	mount -o compress=zstd,subvol=@tmp /dev/mapper/cryptroot /mnt/tmp
	mount -o compress=zstd,subvol=@log /dev/mapper/cryptroot /mnt/var/log
	mount -o compress=zstd,subvol=@pkg /dev/mapper/cryptroot /mnt/var/cache/pacman/pkg



	# installation of arch-linux
	mount /dev/disk/by-partlabel/efi-part /mnt/boot
	swapon /dev/disk/by-partlabel/swap
	pacstrap -K /mnt base linux linux-firmware vim networkmanager btrfs-progs man-pages-de
	genfstab -U /mnt >> /mnt/etc/fstab

	nextstep
	cp $0 /mnt/root/
	cp $STATUSFILE /mnt/root
	chmod 777 /mnt/root/$0

	echo;echo
	echo "Type 'arch-chroot /mnt' to switch into the new installation"
	echo "Then change directory to /root and start the script another time"

	nextstep
	exit
	}

	step2(){
	# basesettings
	ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
	hwclock --systohc

	# prepare locale.gen to get german an us and set language-settings
	sed -i -e 's%^#s*\(\(en_US\\|de_DE\)\.UTF-8\)%\1%' /etc/locale.gen
	locale-gen
	echo LANG=de_DE.UTF-8 >> /etc/locale.conf
	echo KEYMAP=de-latin1 >> /etc/vconsole.conf
	echo $MYHOSTNAME >> /etc/hostname

	# prepare mkinitcpio
	sed -i -e 's\|^\s\(HOOKS=.\)\(filesystems.*\)\|\1 encrypt \2\|' /etc/mkinitcpio.conf
	mkinitcpio -P

	# Install Grub
	pacman -S --noconfirm grub efibootmgr
	grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=GRUB
	LUKSUUID=$(blkid -s UUID -o value "/dev/disk/by-partlabel/root-part")
	sed -i -e 's%^GRUB_CMDLINE_LINUX.*$%GRUB_CMDLINE_LINUX="cryptdevice=UUID=${LUKSUUID}:cryptroot root=/dev/mapper/cryptroot"%' /etc/default/grub

	# Set password for root
	echo;echo
	echo "Please set password for 'root'"
	passwd
	mv /root/.bashrc /root/.bashrc_old
	curl -s https://raw.githubusercontent.com/rakor/config/master/root/.bashrc -o /root/.bashrc

	# last steps to prepare the installation

	# Create user and its datasets
	echo;echo
	echo "Creating user $USERNAME"
	useradd -m -G wheel $USERNAME
	echo "Please give the password to set for user $USERNAME"
	passwd $USERNAME

	# set permissions
	cp -r /etc/skel/.[^.]* /home/$USERNAME
	cp -r /etc/skel/* /home/$USERNAME
	chown -R $USERNAME:$USERNAME /home/$USERNAME
	chmod 700 /root
	chmod 1777 /tmp
	chmod 700 /home/$USERNAME

	chmod 700 /boot
	chmod 600 /boot/*
	chmod 700 /boot/efi

	#install additional packages
	pacman -S --noconfirm $ADDITIONALPACKETS

	#enable services
	for i in $ENABLESERVICES; do
	systemctl enable $i.service

	done

	if [ $INTELMICROCODE = "YES" ]; then
	installintelmicrocode
	fi

	###### Insert backup of packagelist
	echo "[Unit]" >> /etc/systemd/system/mkpackagelist.service
	echo "Description=Create a list of all installed packages" >> /etc/systemd/system/mkpackagelist.service
	echo "[Service]" >> /etc/systemd/system/mkpackagelist.service
	echo "Type=oneshot" >> /etc/systemd/system/mkpackagelist.service
	echo "ExecStart=sh -c 'pacman -Qe > /root/packagelist.txt'" >> /etc/systemd/system/mkpackagelist.service

	echo "[Unit]" >> /etc/systemd/system/mkpackagelist.timer
	echo "Description=Create a daily packagelist" >> /etc/systemd/system/mkpackagelist.timer
	echo "[Timer]" >> /etc/systemd/system/mkpackagelist.timer
	echo "OnBootSec=5min" >> /etc/systemd/system/mkpackagelist.timer
	echo "OnUnitActiveSec=1d" >> /etc/systemd/system/mkpackagelist.timer
	echo "[Install]" >> /etc/systemd/system/mkpackagelist.timer
	echo "WantedBy=timers.target" >> /etc/systemd/system/mkpackagelist.timer

	# Enable the periodic packagelist
	systemctl daemon-reload
	systemctl enable mkpackagelist.timer


	# Check vor virtualisation and install spice-vdagent
	if [ `systemd-detect-virt` = "kvm" ] \|\| [ `systemd-detect-virt` = "qemu" ]; then
	echo "You are running in a virtual environment"
	if dmesg \| grep -q -i qxl ; then
	echo "You use qxl for your video. We'll install spice-vdagent"
	pacman -S --noconfirm spice-vdagent
	fi
	fi

	echo;echo
	echo "You can now leave the chroot. Please do the following:"
	echo
	echo " umount /boot/efi"
	echo " exit"
	echo " zfs umount -a"
	echo " zpool export ${ROOTPOOL}"
	echo " reboot"
	echo
	echo "After the first reboot run this script a last time..."

	nextstep
	# We should somehow install the microcode-updates...
	exit
	}

	step3(){
	# run additional commands set up on top.
	additionalCommands
	rm /root/$STATUSFILE
	echo "Now your installation has finished... Have fun..."
	}

	#you should have configured the script
	if [ $HAVEYOUCONFIGUREDTHESCRIPT = "NO" ]; then
	echo "You really should configure the script first..."
	echo "Open the script in your favorite editor and configure the variables on the top."
	echo "exiting..."
	exit
	fi

	if [ -e $STATUSFILE ]; then
	. $STATUSFILE
	else
	STEP=1
	fi

	if [ $STEP = 1 ]; then
	step1
	elif [ $STEP = 2 ]; then
	step2
	elif [ $STEP = 3 ]; then
	step3
	fi