arch/gentoo.sh

#!/usr/bin/bash
########################
# What this script is:
#
# An automatic installer for Gentoo Stable with the following features:
# 1. KDE with SystemD
# 2. Full Disk Encryption or Regular Install
# 3. Encrypted Boot
# 4. The ability to build a custom and deployable image onto any machine
# 5. Easily create a bootable USB drive
# 6. Automatic Partitioning
# 7. Steam/Wine/Lutris Install
#
# INSTRUCTIONS
#
# For new disk installs, initialize the disk to setup partitions from the main menu.
#
# Before running the install, ensure that you have Internet access.
#
# Please be sure to change USER,USER_PASSWORD, DISK_PASSWORD, and ROOT_PASSWORD strings in this file
#
# To install a new OS to a disk, run gentoo.sh and choose option 1 from the main menu
#
########################
#Configure this section
########################
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
TARGET='/tmp/install'
mkdir $TARGET
######################################
echo
HARD_DISK=$2
######################################
USER="user"
USER_PASSWORD="123456"
ROOT_PASSWORD="123456"
WIRELESS_PASSWORD='123456'
SSID='123456'
WIRELESS_INTERFACE='wlan0'
COMPRESSION='compress=zstd:10'
#Full Disk Encryption Settings
FULL_DISK_ENCRYPTION="True"
AUTO_DECRYPT='False'
DISK_PASSWORD='123456'
##############################
FLATPAKS+=()
SERVICES+=(cronie libvirtd smartd cronie cups NetworkManager dev-zram0.swap)
MAKEOPTS="-j$(cat /proc/cpuinfo | grep -i processor | grep -vi 'model' | wc -l)"
ROOT_PARTITION_SIZE="30GB"
FEATURES="-pid-sandbox getbinpkg -binpkg-request-signature"
EMERGE_DEFAULT_OPTS="--getbinpkg "
#USEFLAG CONFIGURATION
USE_FLAGS="systemd-boot dist-kernel postscript webchannel qml -gpm plasma luks cryptsetup kernel-install boot proprietary-codecs libei gdk-pixbuf kernel-install gles2 pulseaudio keeshare gtk vpx bluray libaom libdrm libilbc libplacebo libsoxr libv4l libxml2 lv2 openh264 encode iconv ladspa libass libcaca mp3 openal opus theora v4l vorbis xvid x264 gstreamer   networkmanager tray appindicator wayland alsa X sound-server screencast systemd firmware btrfs policykit networkmanager zlib pipewire minizip network browser "
VIDEO_CARDS="amdgpu radeon radeonsi"
#
#PACKAGE CONFIGURATION
BASE_PACKAGES=" sys-power/acpid app-arch/zip dev-python/virtualenv sys-apps/flatpak net-misc/nyx app-emulation/virt-manager sys-power/powertop net-vpn/tor app-shells/bash-completion sys-apps/fwupd sys-power/cpupower net-misc/nextcloud-client media-libs/gexiv2 app-vim/airline mail-mta/postfix app-admin/sysstat sys-apps/smartmontools sys-process/cronie net-fs/nfs-utils net-firewall/nftables dev-python/pip sys-fs/inotify-tools net-analyzer/nmap app-misc/screen app-portage/gentoolkit sys-fs/dosfstools app-admin/sudo sys-apps/systemd sys-apps/zram-generator app-eselect/eselect-repository dev-vcs/git sys-block/parted sys-block/zram-init sys-process/btop net-vpn/wireguard-tools app-editors/vim app-misc/fastfetch net-misc/yt-dlp sys-fs/btrfs-progs net-print/cups "
#FIX=" dev-libs/libappindicator"
DESKTOP_APPS=" kde-apps/kcalc kde-apps/ark kde-frameworks/karchive net-im/signal-desktop-bin kde-apps/okular kde-apps/spectacle kde-apps/dolphin konsole kde-plasma/plasma-meta firefox-bin app-office/libreoffice-bin gui-libs/xdg-desktop-portal-wlr  sys-apps/xdg-desktop-portal dev-util/android-tools media-video/obs-studio media-video/handbrake xfce-base/thunar app-editors/vscodium media-video/vlc app-admin/keepassxc media-fonts/fontawesome media-gfx/krita "
#
PACKAGES="$BASE_PACKAGES $DESKTOP_APPS"
TMPFS_SIZE="32G"
CPU_TYPE="x86-64"

#Add Masked Packages to the Array
MASKED_PACKAGES+=( media-video/obs-studio net-misc/nyx net-libs/stem sys-libs/libudev-compat dev-libs/nss dev-libs/libappindicator media-video/ffmpeg games-util/game-device-udev-rules games-util/steam-launcher net-im/telegram-desktop-bin)

partitionDetection() {
	#This is used for the installer to do script-based actions
	#/usr/sbin/blkid -p /dev/$HARD_DISK
	EFI=$(blkid | grep $HARD_DISK | sort | cut -d ":" -f1 | head -1 | tail -1)
	BTRFS=$(blkid | grep $HARD_DISK | sort | cut -d ":" -f1 | head -2 | tail -1)
	SWAP=$(blkid | grep $HARD_DISK | sort | cut -d ":" -f1 | head -3 | tail -1)
	if [[ $FULL_DISK_ENCRYPTION = *True* ]]; then
		ROOT_MAPPER_NAME="/dev/mapper/luks-$(/sbin/blkid -s UUID -o value ${BTRFS})"
	else
		ROOT_MAPPER_NAME="$(blkid | grep $HARD_DISK | sort | cut -d ":" -f1 | head -2 | tail -1)"
	fi
}

partitionDetection

torConfig() {
	echo "Configuring TOR"
	echo
	echo "EntryNodes {us}" >/etc/tor/torrc
	echo "ExitNodes {us}" >>/etc/tor/torrc
	echo "AvoidDiskWrites 1" >>/etc/tor/torrc
	echo "HardwareAccel 1" >>/etc/tor/torrc
	echo "NumCPUs 4" >>/etc/tor/torrc
}

decryptBoot() {
	KEYFILE='keyfile.key'
	echo
	echo "Setting LUKS to use Keyfile for password entry"

	echo
	echo "Clearing Old Keys"
	echo
	for i in 1 2 3 4 5 6; do
		printf "$DISK_PASSWORD" | cryptsetup luksKillSlot $1 $i
	done
	dd if=/dev/urandom of=/boot/$KEYFILE bs=1024 count=4
	chown root:root /boot/$KEYFILE
	chmod 0400 /boot/$KEYFILE
	echo
	echo "Adding new key......"
	echo
	printf "$DISK_PASSWORD" | cryptsetup luksAddKey $1 /boot/$KEYFILE
	echo "install_items+=\" /boot/unlock.sh /boot/$KEYFILE \"" >>/etc/dracut.conf
	sed -i "s/none/luks,\/boot\/$KEYFILE,keyscript=\/boot\/unlock.sh/" /etc/crypttab
	echo "#!/bin/bash" >/boot/unlock.sh
	echo "cryptsetup open UUID=$(/sbin/blkid -s UUID -o value ${BTRFS}) --key-file=/boot/$KEYFILE $ROOT_MAPPER_NAME" >>/boot/unlock.sh
	chmod +x /boot/unlock.sh
}

autoLogin() {
	#GETTY_DIR="$TARGET/etc/systemd/system/getty@tty1.service.d"
	#GETTY="$GETTY_DIR/override.conf"
	#mkdir -p $GETTY_DIR
	#echo "[Service]" >$GETTY
	#echo "ExecStart=" >>$GETTY
	#echo "ExecStart=-/sbin/agetty --autologin $USER --noclear %I /usr/bin/bash" >>$GETTY
	chroot $TARGET /usr/bin/systemctl enable sddm
}

systemMounts() {
	echo
	echo "[Checking for BTRFS Partition]"

	if [[ -e "$BTRFS" ]]; then
		partitions
		echo "BTRFS device found"
		echo
		echo "Mounting Boot,EFI,HOME"
		echo
		mount $ROOT_MAPPER_NAME $TARGET
		mount $BTRFS $TARGET
		btrfs_filesytem
		mkdir -p $TARGET/boot/EFI
		mount $EFI $TARGET/boot
		#CONFIGURE DATA DIRS (HOME)
		mkdir $TARGET/home
		mount -o subvol=@home $ROOT_MAPPER_NAME $TARGET/home
		mkdir $TARGET/home/$USER

		mkdir $TARGET/run
		mkdir $TARGET/dev
		mkdir $TARGET/proc
		mkdir $TARGET/sys
		mkdir -p $TARGET/var/tmp/portage

		mount --types proc /proc $TARGET/proc
		mount --rbind /sys $TARGET/sys
		mount --make-rslave $TARGET/sys
		mount --rbind /dev $TARGET/dev
		mount --make-rslave $TARGET/dev
		mount --bind /run $TARGET/run
		mount --make-slave $TARGET/run
		mount -t efivarfs none $TARGET/sys/firmware/efi/efivars
		mount -t tmpfs -o size=$TMPFS_SIZE tmpfs $TARGET/var/tmp/portage
	else
		echo
		echo "Aborting Install, $BTRFS not found!"
		echo
		echo
		exit 1
	fi
}

unmaskPackages() {
	mkdir -p /etc/portage/package.use
	echo ">=dev-qt/qtmultimedia-5.0.0  -qml -openal" >/etc/portage/package.use/qtmultimedia

	for i in "${MASKED_PACKAGES[@]}"; do
		echo "$i ~amd64" >>/etc/portage/package.accept_keywords
	done

}

installNvidia() {
	ACCEPT_KEYWORDS="~amd64" emerge x11-drivers/nvidia-drivers nvidia-cuda-toolkit www-apps/jellyfin net-im/coturn --autounmask-write
	etc-update -q --automode -5
	ACCEPT_KEYWORDS="~amd64" emerge x11-drivers/nvidia-drivers nvidia-cuda-toolkit www-apps/jellyfin net-im/coturn
}

configurePortage() {

	sed -i "s/-O2/-march=$CPU_TYPE -O2/i" $TARGET/etc/portage/make.conf
	echo 'ACCEPT_KEYWORDS="amd64"' >>$TARGET/etc/portage/make.conf
	echo "FEATURES=\"$FEATURES\"" >>$TARGET/etc/portage/make.conf
	echo "EMERGE_DEFAULT_OPTS=\"$EMERGE_DEFAULT_OPTS\"" >>$TARGET/etc/portage/make.conf
	echo "L10N=\"en en-US\"" >>$TARGET/etc/portage/make.conf
	echo 'EXTRA_ECONF="--disable-bootstrap"' >>$TARGET/etc/portage/make.conf
	mkdir -p $TARGET/var/tmp/portage
	mkdir -p $TARGET/etc/portage/env
	
	echo 'EXTRA_ECONF="--disable-bootstrap"'> $TARGET/etc/portage/env/gcc.conf
	echo "sys-devel/gcc gcc.conf" > $TARGET/etc/portage/package.env
	echo "sys-devel/llvm gcc.conf" >> $TARGET/etc/portage/package.env

	if [ -f "./repos.conf" ]; then
		echo
		echo "Found Local Gentoo Repo"
		mkdir -p $TARGET/etc/portage/repos.conf
		mkdir -p $TARGET/etc/portage/binrepos.conf
		cp -f repos.conf $TARGET/etc/portage/repos.conf/
		cp -f gentoobinhost.conf $TARGET/etc/portage/binrepos.conf/gentoobinhost.conf
		echo "GENTOO_MIRRORS=\"https://mirrors.poster.place/\"" >>$TARGET/etc/portage/make.conf
		echo
		echo
	fi

	chroot $TARGET /usr/bin/emerge --sync

	echo
	echo "Configuring Binary Package GPG keys"
	echo
	chroot $TARGET /usr/bin/getuto

	echo "USE=\"$USE_FLAGS\"" >>$TARGET/etc/portage/make.conf

	echo "MAKEOPTS=\"$MAKEOPTS\"" >>$TARGET/etc/portage/make.conf

	echo
	echo
	echo
	echo "[Configuring Profiles]"
	echo
	echo
	echo
	GENTOO_PROFILE=$(
		chroot $TARGET /usr/bin/eselect profile list | grep -i 'plasma' | grep systemd | grep -i stable | head -1 | cut -d '[' -f2 | cut -d ']' -f1
	)
	chroot $TARGET /usr/bin/eselect profile set $GENTOO_PROFILE

	mkdir -p $TARGET/etc/portage/package.license
	echo "*/*  *" >$TARGET/etc/portage/package.license/license
	rm -rf $TARGET/etc/portage/package.accept_keywords
	mkdir -p $TARGET/etc/portage/package.mask
	echo "dev-lang/rust" >$TARGET/etc/portage/package.mask/rust
}

buildGentoo() {

	echo "[Install Base System]"
	echo
	echo

	echo
	echo
	echo
	echo "[Building Base System]"
	echo
	echo
	chroot $TARGET /usr/bin/emerge --update --deep --newuse @world --autounmask-write
	chroot $TARGET etc-update -q --automode -5
	chroot $TARGET /usr/bin/emerge --update --deep --newuse @world
	locale

	chroot $TARGET /usr/sbin/systemd-machine-id-setup

	echo
	echo
	echo
	echo "[Installing Kernel]"
	echo
	echo
	chroot $TARGET /usr/bin/emerge -uDN dracut sys-kernel/gentoo-kernel-bin sys-kernel/linux-firmware --autounmask-write
	chroot $TARGET etc-update -q --automode -5
	chroot $TARGET /usr/bin/emerge -uDN dracut sys-kernel/gentoo-kernel-bin sys-kernel/linux-firmware
	chroot $TARGET /usr/bin/eselect kernel set 1

	echo
	echo
	echo
	echo "[Installing Packages]"
	echo
	echo
	cp -f gentoo.sh $TARGET/usr/bin/gentoo.sh
	chroot $TARGET /usr/bin/bash /usr/bin/gentoo.sh install-packages

	echo
	echo
	echo
	echo "[Installing the Boot Loader]"
	echo
	echo
	cp -f /tmp/disk $TARGET/tmp/
	chroot $TARGET /usr/bin/bash /usr/bin/gentoo.sh bootloader

	echo
	echo
	echo "[Configuring Accounts and post-setup tasks]"
	echo
	echo

	echo 'bash /usr/bin/gentoo.sh accounts' >>$TARGET/setup.sh
	echo 'bash /usr/bin/gentoo.sh desktop' >>$TARGET/setup.sh
	echo 'bash /usr/bin/gentoo.sh btrfs-tweaks' >>$TARGET/setup.sh
	echo 'bash /usr/bin/gentoo.sh hibernate' >>$TARGET/setup.sh
	autoLogin
	chmod +x $TARGET/usr/bin/gentoo.sh
	chmod +x $TARGET/setup.sh
	chroot $TARGET /setup.sh
	rm -f $TARGET/setup.sh
}

installPackages() {
	unmaskPackages
	/usr/bin/emerge -uDN $PACKAGES --autounmask-write
	/usr/sbin/etc-update -q --automode -5
	/usr/bin/emerge -uDN $PACKAGES
	torConfig
}

snapshots() {
	echo
	echo "Creating Snapshots....."
	echo
	DATE=$(echo $(date +%Y-%m-%d-%H-%M-%S))
	CURRENT_ROOT=$(cat /proc/cmdline | cut -d '@' -f2 | cut -d ' ' -f1)
	if [[ "$CURRENT_ROOT" == *"previous"* ]]; then
		echo "Already booted in Previous"
	else
		echo "Removing Previous Snapshot"
		btrfs sub del /.snapshots/previous
		btrfs sub snapshot / /.snapshots/previous
	fi
}

btrfsTweaks() {
	DISABLE_COW=("/var/lib/docker" "/var/lib/containers" "/volumes" "/var/lib/mysql" "/var/lib/libvirt")

	for i in "${DISABLE_COW[@]}"; do
		chattr -R +C $i
	done
}

liveOSrestore() {
	clear
	mkdir /tmp/live
	SCRIPT=$(pwd)
	INSTALL_TYPE=$(mount | grep ' / ')
	if [[ $INSTALL_TYPE = *mapper* ]]; then
		LIVE_OS_DM="/dev/mapper/$(mount | grep -i ' / ' | cut -d '/' -f4 | cut -d ' ' -f1)"
		LIVE_OS_SUBVOL="@$(mount | grep -i ' / ' | cut -d '@' -f2 | sed 's/)//g')"
	else
		LIVE_OS_DM="$(mount | grep ' / ' | cut -d ' ' -f1)"
		LIVE_OS_SUBVOL="@$(mount | grep -i ' / ' | cut -d '@' -f2 | sed 's/)//g')"
	fi

	partitions
	systemMounts
	clear

	echo "[Transferring Currenting Running OS from $LIVE_OS_DM to $HARD_DISK ]"
	echo
	mount $LIVE_OS_DM /tmp/live

	cd /tmp/live/$LIVE_OS_SUBVOL
	rsync -a --delete . --exclude=/var/lib/docker --exclude=/var/db/repos/* --exclude=/var/lib/systemd/coredump/* --exclude=/var/cache/* --exclude=home/* --exclude=.snapshots/* --exclude=sys/* --exclude=dev/* --exclude=proc/* --exclude=run/* $TARGET/
	fstab
	cp -f $SCRIPT/gentoo.sh $TARGET/usr/bin/
	echo "[Copying Boot Files ]"
	echo
	rm -f $TARGET/boot/*
	rsync -av --delete /boot/ $TARGET/boot/

	cp -f /tmp/disk $TARGET/tmp/
	echo "bash /usr/bin/gentoo.sh bootloader" >$TARGET/setup.sh
	echo 'bash /usr/bin/gentoo.sh accounts' >>$TARGET/setup.sh
	echo 'bash /usr/bin/gentoo.sh btrfs-tweaks' >>$TARGET/setup.sh
	echo 'bash /usr/bin/gentoo.sh hibernate' >>$TARGET/setup.sh

	chmod +x $TARGET/usr/bin/gentoo.sh
	chmod +x $TARGET/setup.sh
	chroot $TARGET bash /setup.sh
	rm -f $TARGET/setup.sh

	read -p 'Would you like to run your UserTweaks: ' -e -i 'y' user_tweaks

	autoLogin

	if [[ $user_tweaks = *y* ]]; then
		userTweaks
	else
		echo
		echo "Skipping User Tweaks"
	fi
	chown -R $USER:$USER $TARGET/home/$USER
	cd
	umount /tmp/live
	#unmount
}

flatpaks() {
	echo
	echo "Installing Flatpaks......"
	echo
	flatpak remote-add --user --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
	for i in "${FLATPAKS[@]}"; do
		echo $i
		flatpak install --user $i -y
	done
}

btrfs_filesytem() {
	btrfs sub create $TARGET/@$ROOT_NAME
	btrfs sub create $TARGET/@.snapshots
	btrfs sub create $TARGET/@libvirt
	btrfs sub create $TARGET/@home
	btrfs sub create $TARGET/@root
	btrfs sub create $TARGET/@containers
	btrfs sub create $TARGET/@flatpak
	echo
	echo "Binding BTRFS Root"
	echo
	umount $TARGET
	echo mount -o $COMPRESSION,subvol=@$ROOT_NAME $ROOT_MAPPER_NAME $TARGET
	mount -o $COMPRESSION,subvol=@$ROOT_NAME $ROOT_MAPPER_NAME $TARGET
}

userTweaks() {
	mkdir $TARGET/home/$USER/.mozilla
	mkdir -p $TARGET/home/$USER/Documents/keys/keepass
	mkdir -p $TARGET/home/$USER/dotfiles
	mkdir -p $TARGET/home/$USER/server
	mkdir -p $TARGET/home/$USER/.config/Exodus
	mkdir -p $TARGET/home/$USER/.local/share/fonts
	$TARGET/home/$USER/.local/share/fonts/

	cp -f /home/$USER/.bash* $TARGET/home/$USER/

	rsync -av --delete /home/$USER/server/ $TARGET/home/$USER/server/
	rsync -av --delete /home/$USER/.local/share/fonts/ $TARGET/home/$USER/.local/share/fonts/
	rsync -av --delete /home/$USER/.config/Exodus/ $TARGET/home/$USER/.config/Exodus/
	rsync -av --delete /home/$USER/.mozilla/ $TARGET/home/$USER/.mozilla/
	rsync -av --delete /home/$USER/.config/autostart/ $TARGET/home/$USER/.config/autostart/
	rsync -av --delete /home/$USER/Documents/keys/keepass/ $TARGET/home/$USER/Documents/keys/keepass/
	rsync -av --delete /home/$USER/dotfiles/ $TARGET/home/$USER/dotfiles/
	rsync -av --delete /home/$USER/.config/keepassxc/ $TARGET/home/$USER/.config/keepassxc/
	chmod +x $TARGET/home/$USER/dotfiles/scripts/keepass.sh
	chroot $TARGET /usr/bin/systemctl disable libvirtd libvirtd.socket firewall.service
}

services() {
	echo '[zram0]' >/etc/systemd/zram-generator.conf
	echo 'zram-size = ram * 2' >>/etc/systemd/zram-generator.conf

	for i in "${SERVICES[@]}"; do
		systemctl enable --now $i
	done

	#Required for Audio to work
	systemctl --user enable --now pipewire.socket pipewire-pulse.socket wireplumber.service
	systemctl --user enable --now pipewire.service
}

desktop() {
	services
}

installSteam() {
	eselect repository enable steam-overlay
	emerge --sync steam-overlay
	emerge -uDN games-util/steam-launcher app-emulation/wine-vanilla --autounmask-write
	etc-update -q --automode -5
	emerge -uDN @world
	emerge -uDN games-util/steam-launcher app-emulation/wine-vanilla
}

locale() {
	echo "ln -sf /usr/share/zoneinfo/US/Mountain /etc/localtime" >>$TARGET/setup.sh
	echo "hwclock --systohc" >>$TARGET/setup.sh
	echo "en_US.UTF-8 UTF-8" >$TARGET/etc/locale.gen
	echo "locale-gen" >>$TARGET/setup.sh
}

fstab() {
	mkdir $TARGET/etc
	echo "UUID=$(/sbin/blkid -s UUID -o value $EFI)  /boot vfat defaults,fmask=0077,dmask=0077 0 1" >$TARGET/etc/fstab
	echo "UUID=$(/sbin/blkid -s UUID -o value $ROOT_MAPPER_NAME) / btrfs noatime,nodiratime,autodefrag,$COMPRESSION,subvol=@$ROOT_NAME 0 1" >>$TARGET/etc/fstab
	echo "UUID=$(/sbin/blkid -s UUID -o value $ROOT_MAPPER_NAME) /.snapshots btrfs noatime,nodiratime,autodefrag,$COMPRESSION,subvol=@.snapshots 0 1" >>$TARGET/etc/fstab
	echo "UUID=$(/sbin/blkid -s UUID -o value $ROOT_MAPPER_NAME) /var/lib/libvirt btrfs noatime,nodiratime,autodefrag,$COMPRESSION,subvol=@libvirt 0 1" >>$TARGET/etc/fstab
	echo "UUID=$(/sbin/blkid -s UUID -o value $ROOT_MAPPER_NAME) /var/lib/flatpak btrfs noatime,nodiratime,autodefrag,$COMPRESSION,subvol=@flatpak 0 1" >>$TARGET/etc/fstab
	echo "tmpfs /var/log tmpfs defaults,dev,exec 0 0" >>$TARGET/etc/fstab
	echo "tmpfs /tmp tmpfs defaults 0 0" >>$TARGET/etc/fstab
	echo "tmpfs /var/tmp/portage tmpfs defaults 0 0" >>$TARGET/etc/fstab
	echo "tmpfs /home/${USER}/.cache tmpfs rw,user,exec 0 0" >>$TARGET/etc/fstab
	echo "tmpfs /home/${USER}/Downloads tmpfs rw,user,exec 0 0" >>$TARGET/etc/fstab
	echo "UUID=$(/sbin/blkid -s UUID -o value $ROOT_MAPPER_NAME) /home btrfs noatime,nodiratime,autodefrag,$COMPRESSION,subvol=@home 0 1" >>$TARGET/etc/fstab
	echo "UUID=$(/sbin/blkid -s UUID -o value $ROOT_MAPPER_NAME) /root btrfs noatime,nodiratime,autodefrag,$COMPRESSION,subvol=@root 0 1" >>$TARGET/etc/fstab
	echo "UUID=$(/sbin/blkid -s UUID -o value $ROOT_MAPPER_NAME) /var/lib/containers btrfs noatime,nodiratime,autodefrag,$COMPRESSION,subvol=@containers 0 1" >>$TARGET/etc/fstab
	if [[ $SWAP_CHOICE = *y* ]]; then
		echo "$SWAP none swap 0 0" >>$TARGET/etc/fstab
	fi
}

accounts() {
	echo
	echo "Set Password for $USER"
	useradd -m -s /bin/bash $USER
	echo "$USER:$USER_PASSWORD" | chpasswd
	gpasswd -a $USER wheel
	gpasswd -a $USER network
	gpasswd -a $USER video
	gpasswd -a $USER libvirt
	gpasswd -a $USER netdev
	gpasswd -a $USER adm
	gpasswd -a $USER video
	echo "$USER ALL=(ALL) ALL" >/etc/sudoers
	echo "root ALL=(ALL) ALL" >>/etc/sudoers
	echo
	echo "Setting ROOT Password:"
	echo "root:$ROOT_PASSWORD" | chpasswd
	/usr/bin/hostnamectl set-hostname $ROOT_NAME
}

btrfs-tweaks() {
	DISABLE_COW=("/var/lib/docker" "/volumes" "/var/lib/mysql" "/var/lib/libvirt")

	for i in "${DISABLE_COW[@]}"; do
		chattr -R +C $i
	done
}

initializeDisk() {
	clear
	echo
	echo "[Gentoo Installer - Initialize Device]"
	echo

	parted /dev/$HARD_DISK mklabel gpt
	parted -a optimal /dev/$HARD_DISK mkpart primary fat32 1MiB 2024MiB
	parted -a optimal /dev/$HARD_DISK set 1 esp on

	if [[ $SWAP_CHOICE = *y* ]]; then
		parted -a optimal /dev/$HARD_DISK mkpart P2 ext3 2024MiB 98%
		parted -a optimal /dev/$HARD_DISK mkpart P2 ext3 98% 100%
	else
		parted -a optimal /dev/$HARD_DISK mkpart P2 ext3 2024MiB 100%
	fi
	partitionDetection
	if [[ $FULL_DISK_ENCRYPTION = *True* ]]; then
		printf "$DISK_PASSWORD\n$DISK_PASSWORD" | cryptsetup luksFormat ${BTRFS}
		printf "$DISK_PASSWORD" | cryptsetup open ${BTRFS} $(echo $ROOT_MAPPER_NAME | sed 's/\/dev\/mapper\///')
	fi

	echo
	echo "Formatting....."
	echo "mkfs.btrfs $ROOT_MAPPER_NAME -f"
	echo y | mkfs.btrfs $ROOT_MAPPER_NAME -f
	echo
	echo "Formatting $EFI"
	echo
	echo y | mkfs.vfat $EFI

	if [[ $SWAP_CHOICE = *y* ]]; then
		mkswap -f $SWAP
	fi
	echo "Initialize Complete. Please reboot your machine to avoid any issues"
	echo
	cryptsetup close $ROOT_MAPPER_NAME
	rm -f /tmp/disk
}

wifi() {
	iwctl --passphrase $WIRELESS_PASSWORD station $WIRELESS_INTERFACE connect $SSID
}

show-help() {
	clear
	echo
	echo "[gentoo.sh arguments]"
	echo
	echo "./gentoo.sh wifi"
	echo "./gentoo.sh bootloader [disk] [ROOT_NAME] [ROOT_MAPPER_NAME]"
	echo "./gentoo.sh initialize"
	echo "./gentoo.sh tar [device name] [location]"
	echo "./gentoo.sh snapshot"
	echo "./gentoo.sh reomve-snapshot"
	echo "./gentoo.sh btrfs-tweaks"
	echo
}

tweaks() {
	clear
	echo
	echo "Gentoo Installer System Tweaks]"
	echo
	echo "[1] Reinstall Bootloader"
	echo "[2] Chroot into existing OS"
	echo "[3] Compile the Kernel"
	echo "[4] Upgrade gentoo.sh"
	echo "[5] Enable/Disable Disk Password at Boot"
	echo
	read -p 'Your Choice: ' choice
	if [[ $choice = 1 ]]; then
		setDevices
		bootloader
	elif [[ $choice = 2 ]]; then
		setDevices
		systemMounts
		/usr/bin/chroot $TARGET /bin/bash
	elif [[ $choice = 3 ]]; then
		compile-kernel
	elif [[ $choice = 4 ]]; then
		rm -f gentoo.sh
		rm -f repos.conf
		rm -f gentoobinhost.conf
		rm -f /tmp/latest-stage3-amd64-desktop-systemd.txt
		wget https://git.poster.place/verita84/sway/raw/branch/main/gentoo.sh
	elif [[ $choice = 5 ]]; then
		clear
		echo "[Password Protection at Boot]"
		echo
		echo
		setDevices
		read -p 'Unlock Disk without password at boot time? ' -e -i "y" pass_change
		if [[ $pass_change = *n* ]]; then
			AUTO_DECRYPT="False"
			bootloader "$HARD_DISK" "$ROOT_NAME" "$ROOT_MAPPER_NAME"
		else
			AUTO_DECRYPT="True"
			bootloader "$HARD_DISK" "$ROOT_NAME" "$ROOT_MAPPER_NAME"
		fi
	else
		tweaks
	fi
}

download-setup() {
	clear
	echo "[Choose Deployment Type]"
	echo
	echo
	setDevices
	STAGE3_URL=$(curl https://www.gentoo.org/downloads/ | grep -i stage3-amd64-systemd | head -1 | cut -d '"' -f2-3 | cut -d '"' -f1)
	STAGE3_FILE="/tmp/stage3.tar.xz"
	if [ -f "$STAGE3_FILE" ]; then
		echo
		echo "Stage 3 already downloaded....."
		echo
	else
		wget -O /tmp/stage3.tar.xz "$STAGE3_URL"
	fi

	if [ -f "$STAGE3_FILE" ]; then
		echo
		echo
		echo "Extracting Tar File.........."
		echo
		echo
		systemMounts
		echo
		echo "Extracting $STAGE3_FILE"
		echo
		tar xf $STAGE3_FILE -C $TARGET/
		fstab
		cp -f /etc/resolv.conf $TARGET/etc/
		configurePortage
		cp -f gentoo.sh $TARGET/usr/bin/
	fi
}

menu() {
	clear
	echo
	echo "[Welcome to the Poster.place Gentoo Installer System]"
	echo
	echo "[1] Setup Disk"
	echo "[2] Download Gentoo Installation Files"
	echo "[3] Install System"
	echo "[4] Automatic Install"
	echo "[5] Backup/Restore Live OS to/from removable media"
	echo "[6] Tools and Tweaks"
	echo "[7] Initialize Disk"
	echo
	read -p 'Your Choice: ' choice

	if [[ $choice = 1 ]]; then
		setDevices
		read -p "Press enter key to Continue"
		menu
	elif [[ $choice = 2 ]]; then
		download-setup
		read -p "Press enter key to Continue"
		menu
	elif [[ $choice = 3 ]]; then
		setDevices
		buildGentoo
		read -p "Press enter key to Continue"
		menu
	elif [[ $choice = 4 ]]; then
		setDevices
		download-setup
		buildGentoo
		exit 1
	elif [[ $choice = 5 ]]; then
		clear
		setDevices
		setDevices
		liveOSrestore "$HARD_DISK" $ROOT_MAPPER_NAME "none" "none" "$ROOT_NAME"
	elif [[ $choice = 6 ]]; then
		tweaks
	elif [[ $choice = 7 ]]; then
		clear
		echo "[Initialize Disk]"
		echo
		echo
		setDevices
		partitionDetection
		initializeDisk
		read -p "Press enter key to Continue"
		menu
	else
		menu
	fi
}

partitions() {
	echo
	echo "Setting Up Partitions....."
	if [[ $FULL_DISK_ENCRYPTION = *True* ]]; then
		printf "$DISK_PASSWORD" | cryptsetup open ${BTRFS} $(echo $ROOT_MAPPER_NAME | sed 's/\/dev\/mapper\///')
	fi

	if [[ -e "$ROOT_MAPPER_NAME" ]]; then
		fstab
	else
		echo
		echo "Aborting Install, $ROOT_MAPPER_NAME not found!"
		echo
		echo
		exit 1
	fi
}

setDevices() {
	if [ -f "/tmp/disk" ]; then
		HARD_DISK=$(cat /tmp/disk | head -1)
		ROOT_NAME=$(cat /tmp/disk | tail -3 | head -1)
		SWAP_CHOICE=$(cat /tmp/disk | tail -1 | head -1)
		partitionDetection
		echo
		echo "Configuration Settings:"
		echo
		echo "Disk: $HARD_DISK"
		echo "Root Name: $ROOT_NAME"
		echo "Root Mapper Name: $ROOT_MAPPER_NAME"
		echo "Swap Choice: $SWAP_CHOICE"
		echo
		echo
	else
		i=0
		while [ $i != "n" ]; do
			clear
			echo
			echo "Disks and Partitions:"
			echo
			cat /proc/partitions
			echo
			echo "Erase the line and press enter to skip to the next detected disk"
			echo
			i=$(expr $i + 1)
			read -p 'Disk Device to Use: ' -e -i $(lsblk | grep -i disk | grep -Evi 'swap' | cut -d ' ' -f1 | head -$i | tail -1) device
			if [[ ! -z $device ]]; then
				i="n"
			fi
		done

		read -p 'BTRFS Root Volume name:  ' -e -i "gentoo" root_name
		read -p 'LUKS Device Mapper Name:  ' -e -i "root" device_mapper_name
		read -p 'Swap Partition for hibernation? (y/n): ' -e -i "y" SWAP_CHOICE
		HARD_DISK=$device
		echo $HARD_DISK >/tmp/disk
		echo $root_name >>/tmp/disk
		echo $device_mapper_name >>/tmp/disk
		echo $SWAP_CHOICE >>/tmp/disk
		setDevices
	fi
	partitionDetection
}

hibernateSetup() {
	echo "[Sleep]" >/etc/systemd/sleep.conf
	echo "AllowSuspend=yes" >>/etc/systemd/sleep.conf
	echo "AllowHibernation=yes" >>/etc/systemd/sleep.conf
	echo "AllowSuspendThenHibernate=yes" >>/etc/systemd/sleep.conf
	echo "HibernateState=disk" >>/etc/systemd/sleep.conf
	echo "HibernateMode=platform" >>/etc/systemd/sleep.conf
	echo "HibernateDelaySec=1800" >>/etc/systemd/sleep.conf
	echo "HandleLidSwitch=suspend-then-hibernate" >>/etc/systemd/logind.conf
	echo "HandleLidSwitchExternalPower=suspend-then-hibernate" >>/etc/systemd/logind.conf
	unlink /usr/lib/systemd/system/systemd-suspend.service
	rm -f /usr/lib/systemd/system/systemd-suspend.service
	ln -s /usr/lib/systemd/system/systemd-suspend-then-hibernate.service /usr/lib/systemd/system/systemd-suspend.service
}

bootloader() {
	chmod -R 740 /boot/EFI
	rm -rf /boot/loader/entries/*
	#find /boot -type f -name initrd.\* -exec rm -f {} \;
	#find /boot/* -type d -exec rm -rf {} \;
	bootctl install
	MACHINE_ID=$(cat /etc/machine-id)
	KERNEL="kernel-$(ls /boot | grep kernel | cut -d '-' -f2-4 | head -1)"
	KERNEL_VERSION=$(echo $KERNEL | cut -d '-' -f2-4)
	LOADER_FILE="/boot/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf"
	PREVIOUS_LOADER_FILE="/boot/loader/entries/previous.conf"
	clear
	KERNEL_COMMAND_LINE="mitigations=off root=UUID=$(/sbin/blkid -s UUID -o value $ROOT_MAPPER_NAME) rootflags=subvol=@$ROOT_NAME rw "
	rm -f /etc/crypttab
	echo >/etc/dracut.conf
	mkdir -p /boot/$MACHINE_ID/$KERNEL_VERSION

	if [[ $SWAP_CHOICE = *y* ]]; then
		KERNEL_COMMAND_LINE="$KERNEL_COMMAND_LINE resume=UUID=$(/sbin/blkid -s UUID -o value $SWAP) "
	fi

	if [[ $FULL_DISK_ENCRYPTION = *True* ]]; then
		KERNEL_COMMAND_LINE="$KERNEL_COMMAND_LINE: rd.luks.uuid=$(/sbin/blkid -s UUID -o value ${BTRFS})"
		echo "add_dracutmodules+=\" crypt systemd-cryptsetup dm rootfs-block \"" >/etc/dracut.conf
		echo "kernel_cmdline+=\" $KERNEL_COMMAND_LINE \" " >>/etc/dracut.conf

		if [ "$AUTO_DECRYPT" == "True" ]; then
			echo "$(echo $ROOT_MAPPER_NAME | sed 's/\/dev\/mapper\///') UUID=$(/sbin/blkid -s UUID -o value ${BTRFS})  none" >/etc/crypttab
			decryptBoot "${BTRFS}"
		else
			echo "$(echo $ROOT_MAPPER_NAME | sed 's/\/dev\/mapper\///') UUID=$(/sbin/blkid -s UUID -o value ${BTRFS})  none luks" >/etc/crypttab
		fi
	fi

	mkdir -p /boot/$MACHINE_ID/$KERNEL_VERSION
	plymouth-set-default-theme solar
	dracut --regenerate-all -f

	echo "MachineID=$MACHINE_ID"
	echo "KERNEL IS $KERNEL"
	echo "Root_Name=$ROOT_NAME"
	echo "BTRFS=$BTRFS"
	echo "UEFI Kernel: $KERNEL_VERSION"

	echo "default $MACHINE_ID" >/boot/loader/loader.conf
	echo "timeout 1" >>/boot/loader/loader.conf

	#Generate Main Boot Entry
	echo "title Current" >$LOADER_FILE
	echo "version $KERNEL_VERSION" >>$LOADER_FILE
	echo "options $KERNEL_COMMAND_LINE " >>$LOADER_FILE
	echo "machine-id $MACHINE_ID" >>$LOADER_FILE
	echo "linux /$KERNEL" >>$LOADER_FILE
	echo "initrd /$MACHINE_ID/$KERNEL_VERSION/initrd" >>$LOADER_FILE

	#Generate Previous Boot Entry
	#cp -f $LOADER_FILE $PREVIOUS_LOADER_FILE
	#sed -i "s/@${ROOT_NAME}/@.snapshots/previous/" $PREVIOUS_LOADER_FILE
	#sed -i "s/Current/Previous/" $PREVIOUS_LOADER_FILE
	#bootctl set-default $MACHINE_ID-$KERNEL_VERSION.conf

	#bootctl list
}

compile-kernel() {
	cd /usr/src/linux
	time make -j50 CC="distcc gcc"
	make -j50 CC="distcc gcc" modules_install
	make install
}

fixBase() {
	sudo emerge libudev libcap glibc go sys-apps/acl sys-apps/util-linux

}

if [ "$1" = "desktop" ]; then
	desktop
elif [ "$1" = "upgrade-system" ]; then
	upgrade-system
elif [ "$1" = "fstab" ]; then
	setDevices
	export TARGET=/
	fstab
elif [ "$1" = "wifi" ]; then
	wifi
elif [ "$1" = "accounts" ]; then
	accounts
elif [ "$1" = "hibernate" ]; then
	hibernateSetup
elif [ "$1" = "flatpaks" ]; then
	flatpaks
elif [ "$1" = "bootloader" ]; then
	setDevices
	partitionDetection
	bootloader
elif [ "$1" = "snapshot" ]; then
	snapshots
elif [ "$1" = "steam" ]; then
	installSteam
elif [ "$1" = "install-packages" ]; then
	installPackages
elif [ "$1" = "btrfs-tweaks" ]; then
	btrfsTweaks
elif [ "$1" = "compile-kernel" ]; then
	compile-kernel
elif [ "$1" = "remove-snapshot" ]; then
	remove-snapshots
elif [ "$1" = "fix-base" ]; then
	fixBase
elif [ "$1" = "help" ]; then
	show-help
else
	menu
fi