#!/bin/bash ######################## # What this script is: # # An automatic installer for Debian Stable with the following features: # 1. BTRFS with Grub Snapshots # 2. Full-disk-encryption # 3. Hibernation # 4. Hyprland, GNOME or KDE Desktop # 5. The ability to build a custom and deployable image onto any machine # 6. Easily create a bootable USB drive # 7. Automatic Partitioning # 8. Bypass entering encrypted disk password at boot time if desired # 9. Copy Live OS to another Disk to boot. # # INSTRUCTIONS # # For new disk installs, initialize the disk to setup Encryption and partitions from the main menu. # # Before running the install, ensure that you have Internet access. # # Please be sure to change USER,USER_PASSWORD,DISK_PASSWORD, and ROOT_PASSWORD strings in this file # # To install a new OS to a disk, run debian.sh and choose option 1 from the main menu # ######################## #Configure this section ######################## PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin export DEBIAN_FRONTEND=noninteractive TARGET='/install' SCRIPT=$(pwd) mkdir $TARGET ###################################### echo HARD_DISK=$2 ###################################### USER="user" USER_PASSWORD="123456" ROOT_PASSWORD="123456" WIRELESS_PASSWORD='123456' SSID='123456' WIRELESS_INTERFACE='wlan0' DISK_PASSWORD='123456' COMPRESSION='compress=zstd:10' AUTO_DECRYPT='False' DESKTOP="GNOME" BROWSER="librewolf" #Packages BASE_PACKAGES=" nyx syncthing tor firmware-realtek screenfetch linux-image-amd64 grub-efi efibootmgr plymouth plymouth-themes duperemove btrfs-compsize btrfs-progs cryptsetup-initramfs linux-headers-amd64 firmware-iwlwifi firmware-linux firmware-linux-nonfree packagekit cockpit-packagekit cockpit-storaged shfmt aardvark-dns power-profiles-daemon resolvconf wireguard wireguard-tools nmap libsecret-tools libglu1-mesa preload powertop acpi btop inotify-tools debootstrap cups apt-transport-https samba samba-common nfs-common nfs-kernel-server linux-cpupower locales zram-tools acpid ghostscript cifs-utils ntp vim-airline rsync screen base udev git network-manager cryptsetup network-manager-openvpn ntp screen docbook-xsl alsa-utils sysstat fuse3 build-essential unzip bash-completion parted dosfstools wget curl " KDE_DESKTOP_ENV=" krita libdbus-glib-1-2 korganizer print-manager kwin-addons kde-standard konsole dolphin kde-spectacle " GNOME_DESKTOP_ENV=" gnome-calendar xournalpp gnome-core gdm3 gnome-shell-extension-tiling-assistant gnome-tweaks synaptic " HYPRLAND_DESKTOP_ENV=" wl-clipboard grim slurp hyprpaper network-manager-gnome pavucontrol wofi kitty thunar waybar swayidle xdg-desktop-portal-gtk wlogout " SWAY_DESKTOP_ENV=" sway xwayland xdg-desktop-portal-wlr wl-clipboard grim slurp network-manager-gnome pavucontrol wofi thunar waybar swayidle xdg-desktop-portal-gtk wlogout " SHARED_DESKTOP_APPS=" krita obs-studio keepassxc telegram-desktop handbrake vlc yt-dlp " VIRTUALIZATION=" virt-manager qemu-system libvirt-daemon-system ovmf cockpit-machines" PACKAGES="" TAR_EXCLUDES=" --exclude=/media --exclude=/.snapshots --exclude=/snapshots --exclude=/var/backups --exclude=/volumes/* --exclude=/mnt/* --exclude=/var/tmp/* --exclude=/tmp/* --exclude=/raid/* --exclude=/root/* --exclude=/var/cache/apt/archives/* --exclude=/proc/* --exclude=/.snapshots/* --exclude=/var/lib/libvirt/* --exclude=/dev/* --exclude=/sys/* --exclude=/home/* --exclude=/var/lib/postgresql --exclude=/var/lib/containers " SWAP_CHOICE="" partitionDetection() { #This is used for the installer to do script-based actions /usr/sbin/blkid -p /dev/$HARD_DISK EFI=$(blkid | grep $HARD_DISK | sort | cut -d ":" -f1 | head -1 | tail -1) BOOT=$(blkid | grep $HARD_DISK | sort | cut -d ":" -f1 | head -2 | tail -1) BTRFS=$(blkid | grep $HARD_DISK | sort | cut -d ":" -f1 | head -3 | tail -1) SWAP=$(blkid | grep $HARD_DISK | sort | cut -d ":" -f1 | head -4 | tail -1) } partitionDetection buildHyprland() { DEPS=( build-essential cmake cmake-extras curl gawk gettext gir1.2-graphene-1.0 git glslang-tools gobject-introspection golang hwdata jq libavcodec-dev libavformat-dev libavutil-dev libcairo2-dev libdeflate-dev libdisplay-info-dev libdrm-dev libegl1-mesa-dev libgbm-dev libgdk-pixbuf-2.0-dev libgdk-pixbuf2.0-bin libgirepository1.0-dev libgl1-mesa-dev libgraphene-1.0-0 libgraphene-1.0-dev libgtk-3-dev libgulkan-0.15-0t64 libgulkan-dev libinih-dev libinput-dev libjbig-dev libjpeg-dev libjpeg62-turbo-dev liblerc-dev libliftoff-dev liblzma-dev libnotify-bin libpam0g-dev libpango1.0-dev libpipewire-0.3-dev libqt6svg6 libseat-dev libstartup-notification0-dev libswresample-dev libsystemd-dev libtiff-dev libtiffxx6 libtomlplusplus-dev libudev-dev libvkfft-dev libvulkan-dev libvulkan-volk-dev libwayland-dev libwebp-dev libxcb-composite0-dev libxcb-cursor-dev libxcb-dri3-dev libxcb-ewmh-dev libxcb-icccm4-dev libxcb-present-dev libxcb-render-util0-dev libxcb-res0-dev libxcb-util-dev libxcb-xinerama0-dev libxcb-xinput-dev libxcb-xkb-dev libxkbcommon-dev libxkbcommon-x11-dev libxkbregistry-dev libxml2-dev libxxhash-dev meson ninja-build openssl psmisc python3-mako python3-markdown python3-markupsafe python3-yaml python3-pyquery qt6-base-dev scdoc seatd spirv-tools vulkan-validationlayers vulkan-utility-libraries-dev wayland-protocols xdg-desktop-portal xwayland libsdbus-c++-dev libzip-dev librsvg2-dev libpugixml-dev libxcb-errors-dev bison flex pandoc doxygen cppcheck libmpdclient-dev libnl-3-dev libasound2-dev ) for i in "${DEPS[@]}"; do apt install -y $i done cd /tmp git clone https://github.com/hyprwm/hyprutils.git --depth=1 cd hyprutils/ cmake --no-warn-unused-cli -DCMAKE_BUILD_TYPE:STRING=Release -DCMAKE_INSTALL_PREFIX:PATH=/usr -S . -B ./build cmake --build ./build --config Release --target all -j$(nproc 2>/dev/null || getconf _NPROCESSORS_CONF) cmake --install build cd /tmp git clone https://github.com/hyprwm/hyprlang.git --depth=1 cd hyprlang/ cmake --no-warn-unused-cli -DCMAKE_BUILD_TYPE:STRING=Release -DCMAKE_INSTALL_PREFIX:PATH=/usr -S . -B ./build cmake --build ./build --config Release --target hyprlang -j$(nproc 2>/dev/null || getconf _NPROCESSORS_CONF) cmake --install build cd /tmp git clone https://github.com/hyprwm/hyprcursor.git --depth=1 cd hyprcursor cmake --no-warn-unused-cli -DCMAKE_BUILD_TYPE:STRING=Release -DCMAKE_INSTALL_PREFIX:PATH=/usr -S . -B ./build cmake --build ./build --config Release --target all -j$(nproc 2>/dev/null || getconf _NPROCESSORS_CONF) cmake --install build cd /tmp git clone https://github.com/hyprwm/hyprwayland-scanner.git --depth=1 cd hyprwayland-scanner cmake -DCMAKE_INSTALL_PREFIX=/usr -B build cmake --build build -j $(nproc) cmake --install build cd /tmp git clone https://github.com/hyprwm/aquamarine.git --depth=1 cd aquamarine cmake --no-warn-unused-cli -DCMAKE_BUILD_TYPE:STRING=Release -DCMAKE_INSTALL_PREFIX:PATH=/usr -S . -B ./build cmake --build ./build --config Release --target all -j$(nproc 2>/dev/null || getconf _NPROCESSORS_CONF) cmake --install build cd /tmp git clone --recursive https://github.com/hyprwm/Hyprland.git --depth=1 cd Hyprland make all -j$(nproc 2>/dev/null || getconf _NPROCESSORS_CONF) make install -j$(nproc 2>/dev/null || getconf _NPROCESSORS_CONF) cd /tmp git clone --recursive https://github.com/hyprwm/xdg-desktop-portal-hyprland --depth=1 cd xdg-desktop-portal-hyprland/ sudo sed -i '8,9 s/^/#/'./src/shared/ScreencopyShared.hpp cmake -DCMAKE_INSTALL_LIBEXECDIR=/usr/lib -DCMAKE_INSTALL_PREFIX=/usr -B build cmake --build build cmake --install build cd /tmp git clone https://github.com/lbonn/rofi.git --depth=1 cd rofi meson setup build ninja -C build ninja -C build install } torConfig() { echo "Configuring TOR" echo echo "EntryNodes {us}" >/etc/tor/torrc echo "ExitNodes {us}" >>/etc/tor/torrc echo "AvoidDiskWrites 1" >>/etc/tor/torrc echo "HardwareAccel 1" >>/etc/tor/torrc echo "NumCPUs 4" >>/etc/tor/torrc chown -R debian-tor:debian-tor /etc/tor } autoLoginGetty() { GETTY_DIR="$TARGET/etc/systemd/system/getty@tty1.service.d" GETTY="$GETTY_DIR/override.conf" mkdir -p $GETTY_DIR echo "[Service]" >$GETTY echo "ExecStart=" >>$GETTY echo "ExecStart=-/sbin/agetty --autologin $USER --noclear %I /usr/bin/bash" >>$GETTY } auto_login() { if [ -f "$TARGET/usr/bin/sddm" ]; then mkdir -p $TARGET/etc/sddm.conf.d echo "[Autologin]" >$TARGET/etc/sddm.conf.d/autologin echo "User=$USER" >>$TARGET/etc/sddm.conf.d/autologin echo "Session=plasma.desktop" >>$TARGET/etc/sddm.conf.d/autologin echo "Relogin=false" >>$TARGET/etc/sddm.conf.d/autologin fi if [ -f "$TARGET/usr/bin/hyprland" ]; then autoLoginGetty fi if [ -f "$TARGET/usr/bin/sway" ]; then autoLoginGetty fi if [ -f "$TARGET/usr/sbin/gdm3" ]; then sed -i '/daemon/a AutomaticLoginEnable=True' $TARGET/etc/gdm3/daemon.conf sed -i "/daemon/a AutomaticLogin = $USER" $TARGET/etc/gdm3/daemon.conf fi } hibernation() { echo "[Sleep]" >/etc/systemd/sleep.conf echo "AllowSuspend=yes" >>/etc/systemd/sleep.conf echo "AllowHibernation=yes" >>/etc/systemd/sleep.conf echo "AllowSuspendThenHibernate=yes" >>/etc/systemd/sleep.conf echo "HibernateState=disk" >>/etc/systemd/sleep.conf echo "HibernateMode=platform" >>/etc/systemd/sleep.conf echo "HibernateDelaySec=1800" >>/etc/systemd/sleep.conf echo "HandleLidSwitch=suspend-then-hibernate" >>/etc/systemd/logind.conf echo "HandleLidSwitchExternalPower=suspend-then-hibernate" >>/etc/systemd/logind.conf unlink /usr/lib/systemd/system/systemd-suspend.service rm -f /usr/lib/systemd/system/systemd-suspend.service ln -s /usr/lib/systemd/system/systemd-suspend-then-hibernate.service /usr/lib/systemd/system/systemd-suspend.service } osSnapshots() { echo mkdir $2 echo "[Creating new OS snapshot to $2/$3.tgz]" echo echo NEW_TAR_EXCLUDES="$TAR_EXCLUDES --exclude=/minio --exclude=$TARGET/* --exclude=/var/lib/docker " echo rm -f $2/$3.tgz time tar cpzvf $2/$3.tgz $NEW_TAR_EXCLUDES / chown $USER:$USER $2/$3.tgz } homeBackup() { echo echo "[Copying USER data from /home to $TARGET/@home]" echo rsync -a --delete /home/ --exclude=.cache --exclude=.local/share/flatpak --exclude=.local/share/containers $TARGET/\@home/ } osBackup() { umount $TARGET printf "$DISK_PASSWORD" | cryptsetup open ${BTRFS} $ROOT_MAPPER_NAME if [[ -e "/dev/mapper/$ROOT_MAPPER_NAME" ]]; then echo echo "[Mounting.....]" echo mount -o $COMPRESSION /dev/mapper/$ROOT_MAPPER_NAME $TARGET if [[ -e "$TARGET/@$ROOT_NAME/usr/bin/bash" ]]; then if [ "$1" = "home" ]; then homeBackup fi osSnapshots "$1" "$2" "$3" else echo echo "Aborting Install, $TARGET/@$ROOT_MAPPER_NAME/usr/bin/bash not found!" echo echo exit 1 fi else echo echo "Aborting Install, /dev/mapper/$ROOT_MAPPER_NAME not found!" echo echo exit 1 fi ls $TARGET/ umount $TARGET cryptsetup close $ROOT_MAPPER_NAME } liveOSrestore() { clear mkdir /tmp/live LIVE_OS_DM="/dev/mapper/$(mount | grep -i ' / ' | cut -d '/' -f4 | cut -d ' ' -f1)" LIVE_OS_SUBVOL="@$(mount | grep -i ' / ' | cut -d '@' -f2 | sed 's/)//g')" partitions clear echo "[Transferring Currenting Running OS from $LIVE_OS_DM to $HARD_DISK ]" echo LIVE_OS_DM="/dev/mapper/$(mount | grep -i ' / ' | cut -d '/' -f4 | cut -d ' ' -f1)" LIVE_OS_SUBVOL="@$(mount | grep -i ' / ' | cut -d '@' -f2 | sed 's/)//g')" mount $LIVE_OS_DM /tmp/live cd /tmp/live/$LIVE_OS_SUBVOL rsync -a --delete . --exclude=home/* --exclude=sys/* --exclude=dev/* --exclude=proc/* --exclude=run/* $TARGET/ fstab cp -f $SCRIPT/debian.sh $TARGET/usr/bin/ systemMounts echo "[Copying Boot Files ]" echo rm -f $TARGET/boot/* rsync -av --delete /boot/ $TARGET/boot/ echo "bash /usr/bin/debian.sh bootloader $1 $5 $2" >$TARGET/setup.sh echo 'bash /usr/bin/debian.sh accounts' >>$TARGET/setup.sh echo 'bash /usr/bin/debian.sh btrfsTweaks' >>$TARGET/setup.sh chmod +x $TARGET/usr/bin/debian.sh chmod +x $TARGET/setup.sh chroot $TARGET /setup.sh rm -f $TARGET/setup.sh read -p 'Would you like to run your UserTweaks: ' -e -i 'y' user_tweaks if [[ $user_tweaks = *y* ]]; then userTweaks else echo echo "Skipping User Tweaks" fi chown -R $USER:$USER $TARGET/home/$USER auto_login cd umount /tmp/live #unmount } userTweaks() { mkdir $TARGET/home/$USER/.librewolf mkdir -p $TARGET/home/$USER/.config/waybar mkdir -p $TARGET/home/$USER/.config/sway mkdir -p $TARGET/home/$USER/.config/autostart mkdir -p $TARGET/home/$USER/.config/hypr mkdir -p $TARGET/home/$USER/.config/rofi mkdir -p $TARGET/home/$USER/Documents/keys/keepass mkdir -p $TARGET/home/$USER/dotfiles mkdir -p $TARGET/home/$USER/server mkdir -p $TARGET/home/$USER/.config/Exodus mkdir -p $TARGET/home/$USER/.config/evolution mkdir -p $TARGET/home/$USER/.config/goa-1.0 mkdir -p $TARGET/home/$USER/.local/share/fonts $TARGET/home/$USER/.local/share/fonts/ cp -f /home/$USER/.bash* $TARGET/home/$USER/ rsync -av --delete /home/$USER/server/ $TARGET/home/$USER/server/ rsync -av --delete /home/$USER/.local/share/fonts/ $TARGET/home/$USER/.local/share/fonts/ rsync -av --delete /home/$USER/.config/hypr/ $TARGET/home/$USER/.config/hypr/ rsync -av --delete /home/$USER/.config/sway/ $TARGET/home/$USER/.config/sway/ rsync -av --delete /home/$USER/.config/waybar/ $TARGET/home/$USER/.config/waybar/ rsync -av --delete /home/$USER/.config/rofi/ $TARGET/home/$USER/.config/rofi/ rsync -av --delete /home/$USER/.config/Exodus/ $TARGET/home/$USER/.config/Exodus/ rsync -av --delete /home/$USER/.config/evolution/ $TARGET/home/$USER/.config/evolution/ rsync -av --delete /home/$USER/.config/goa-1.0/ $TARGET/home/$USER/.config/goa-1.0/ rsync -av --delete /home/$USER/.librewolf/ $TARGET/home/$USER/.librewolf/ rsync -av --delete /home/$USER/.config/autostart/ $TARGET/home/$USER/.config/autostart/ rsync -av --delete /home/$USER/Documents/keys/keepass/ $TARGET/home/$USER/Documents/keys/keepass/ rsync -av --delete /home/$USER/dotfiles/ $TARGET/home/$USER/dotfiles/ rsync -av --delete /home/$USER/.config/keepassxc/ $TARGET/home/$USER/.config/keepassxc/ chmod +x $TARGET/home/$USER/dotfiles/scripts/keepass.sh chroot $TARGET /usr/bin/systemctl disable libvirtd libvirtd.socket firewall.service } osRestore() { partitions rm -rf $TARGET/usr $TARGET/sbin $TARGET/lib32 $TARGET/libx32 $TARGET/lib $TARGET/vmlinuz* $TARGET/initrd* $TARGET/bin $TARGET/var $TARGET/root $TARGET/opt $TARGET/etc $TARGET/run clear echo "[Restoring OS tarfile from $4/$2.tgz]" echo tar xfp $4/$2.tgz -C $TARGET/ if [ "$3" = "home" ]; then echo "[Restoring /home]" echo rsync -a --delete /home/ $TARGET/home/ fi fstab cp -f debian.sh $TARGET/ systemMounts chmod +x $TARGET/debian.sh chroot $TARGET /debian.sh bootloader $1 $2 $5 chroot $TARGET /debian.sh btrfsTweaks chroot $TARGET /debian.sh accounts chown -R $USER:$USER $TARGET/home/$USER auto_login rm -f $TARGET/debian.sh #unmount } systemMounts() { mount -o rbind /dev $TARGET/dev mount -o rbind /dev/pts $TARGET/dev/pts mount -o rbind /proc $TARGET/proc mount -o rbind /sys $TARGET/sys mount -t efivarfs none $TARGET/sys/firmware/efi/efivars } decryptBoot() { KEYFILE='keyfile.key' echo echo "Setting LUKS to use Keyfile for password entry" echo echo "Clearing Old Keys" echo for i in 1 2 3 4 5 6; do printf "$DISK_PASSWORD" | cryptsetup luksKillSlot $1 $i done dd if=/dev/urandom of=/etc/$KEYFILE bs=1024 count=4 chown root:root /etc/$KEYFILE chmod 0400 /etc/$KEYFILE echo echo "Adding new key......" echo printf "$DISK_PASSWORD" | cryptsetup luksAddKey $1 /etc/$KEYFILE sed -i "s/none/\/etc\/$KEYFILE/" /etc/crypttab echo "KEYFILE_PATTERN=\"/etc/*.key\"" >/etc/cryptsetup-initramfs/conf-hook } configureRepository() { echo 'force-unsafe-io' >$TARGET/etc/dpkg/dpkg.cfg.d/docker-apt-speedup echo "deb https://deb.debian.org/debian $DEBIAN_RELEASE main contrib non-free non-free-firmware" >$TARGET/etc/apt/sources.list echo "deb https://deb.debian.org/debian-security $DEBIAN_RELEASE-security main" >>$TARGET/etc/apt/sources.list echo "deb https://deb.debian.org/debian $DEBIAN_RELEASE-updates main " >>$TARGET/etc/apt/sources.list echo "deb https://deb.debian.org/debian $DEBIAN_RELEASE-backports main contrib non-free-firmware" >>$TARGET/etc/apt/sources.list chroot $TARGET /usr/bin/apt update chroot $TARGET /usr/bin/bash -c "export DEBIAN_FRONTEND=noninteractive;/usr/bin/apt install -y $PACKAGES " chroot $TARGET /usr/bin/bash -c "export DEBIAN_FRONTEND=noninteractive;/usr/bin/apt dist-upgrade -y -t $DEBIAN_RELEASE-backports" chroot $TARGET /usr/bin/bash -c "export DEBIAN_FRONTEND=noninteractive;/usr/bin/apt install -y $TROUBLESOME_PACKAGES" chroot $TARGET /usr/bin/bash -c "export DEBIAN_FRONTEND=noninteractive;/usr/bin/apt auto-remove -y" } makeImage() { umount $TARGET mount -t tmpfs tmpfs -o size=15G,dev,exec $TARGET debootstrap --arch amd64 $DEBIAN_RELEASE $TARGET https://deb.debian.org/debian configureRepository locale custom_service_files rm -rf $TARGET/var/lib/flatpak cp -f debian.sh $TARGET/usr/bin/ echo 'bash /usr/bin/debian.sh hibernate' >>$TARGET/setup.sh echo "bash /usr/bin/debian.sh bootloader $1 $ROOT_NAME $ROOT_MAPPER_NAME" >>$TARGET/setup.sh echo 'bash /usr/bin/debian.sh grubSnapshotss' >>$TARGET/setup.sh echo 'bash /usr/bin/debian.sh desktop' >>$TARGET/setup.sh if [[ $DESKTOP = *Hyprland* ]]; then echo 'bash /usr/bin/debian.sh buildHyprland' >>$TARGET/setup.sh fi echo '/usr/bin/apt clean all' >>$TARGET/setup.sh chmod +x $TARGET/usr/bin/debian.sh chmod +x $TARGET/setup.sh chroot $TARGET /setup.sh rm -f $TARGET/setup.sh echo -e "ALGO=zstd\nPERCENT=60" | tee -a $TARGET/etc/default/zramswap cd $TARGET echo "[Creating new OS image to $1/$ROOT_NAME.tgz]" time tar cpzf $1/$ROOT_NAME.tgz --exclude=proc/* . cd $1 du -h $1/$ROOT_NAME.tgz | tail -1 #unmount } install() { partitions sed -i '/^SigLevel/s/^\(.*\)$/#\1\n/' /etc/pacman.conf sed -i '/#SigLevel/a SigLevel = Never' /etc/pacman.conf pacman -Sy archlinux-keyring debootstrap --noconfirm apt update apt install debootstrap -y rm -rf /debootstrap debootstrap --arch amd64 $DEBIAN_RELEASE $TARGET https://deb.debian.org/debian systemMounts cp -f /etc/resolv.conf $TARGET/etc/ echo "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" >$TARGET/setup.sh configureRepository locale auto_login custom_service_files setupScript "$1" echo -e "ALGO=zstd\nPERCENT=60" | tee -a $TARGET/etc/default/zramswap echo 'DPkg::Post-Invoke {"/usr/bin/debian.sh snapshot";};' >$TARGET/etc/apt/apt.conf #unmount } installPython() { clear VERSION="3.10.6" sudo apt update sudo apt install -y liblzma-dev libbz2-dev wget build-essential libreadline-dev libncursesw5-dev libssl-dev libsqlite3-dev tk-dev libgdbm-dev libc6-dev libbz2-dev libffi-dev zlib1g-dev cd /tmp wget https://www.python.org/ftp/python/$VERSION/Python-$VERSION.tgz tar xf Python-$VERSION.tgz cd Python-$VERSION ./configure --enable-optimizations make -j12 make install } stableDiffusion() { clear VERSION="3.10.6" STABLE_VERSION="1.10.0-RC" installPython cd /home/$USER wget https://github.com/AUTOMATIC1111/stable-diffusion-webui/archive/refs/tags/v$STABLE_VERSION.zip unzip "v$STABLE_VERSION.zip" cd /home/$USER/stable-diffusion-webui-$STABLE_VERSION /usr/local/bin/python3.10 -m venv venv chown -R root:root /home/$USER/stable-diffusion-webui-$STABLE_VERSION . venv/bin/activate } desktop() { OS_SERVICES=("pmcd" "pmie" "pmlogger" "pmproxy" "exim4" "cockpit.socket" "apparmor" "nfs-server" "smbd" "rpbind" "rpcbind.socket" "avahi-daemon" "bluetooth") for i in "${OS_SERVICES[@]}"; do systemctl disable --now $i done if [ -f "/usr/bin/sddm" ]; then echo echo "Performing KDE Bloat Removal" echo BLOAT_APPS=(dragonplayer akregator kate konqueror kdeconnect) for i in "${BLOAT_APPS[@]}"; do echo "Removing: $i" apt remove --purge -y $i apt autoremove -y done fi if [ -f "/usr/sbin/gdm3" ]; then echo echo "Performing GNOME Bloat Removal" echo chmod -x /usr/lib/evolution/evolution-calendar-factory chmod -x /usr/lib/evolution/evolution-source-registry chmod -x /usr/lib/evolution/evolution-addressbook-factory chmod -x /usr/libexec/evolution-data-server/evolution-alarm-notify mv /usr/lib/evolution-data-server /usr/lib/evolution-data-server-disabled mv /usr/lib/evolution /usr/lib/evolution-disabled BLOAT_APPS=(evolution four-in-a-row iagno aisleriot gnome-mahjongg gnome-software lightsoff zutty gnome-taquin gnome-tetravex simple-scan gnome-text-editor gnome-chess gnome-contacts gnome-clocks unattended-upgrades apparmor gnome-sound-recorder hitori shotwell quadrapassel quadrapassel gnome-sudoku swell-foop gnome-maps transmission-gtk cheese libgnome-games-support-common chromium chromium-common chromium-sandbox epiphany-browser epiphany-browser-data) for i in "${BLOAT_APPS[@]}"; do echo "Removing: $i" apt remove --purge -y $i apt autoremove -y done fi installLibreWolf installCodium installSteam torConfig if [[ $SWAP_CHOICE = *y* ]]; then hibernation fi apt autoremove -y } snapshots() { echo echo "Creating Snapshots....." echo DATE=$(echo $(date +%Y-%m-%d-%H-%M-%S)) btrfs sub snapshot / /.snapshots/root-${DATE} #update-grub } removeSnapshots() { btrfs sub delete /.snapshots/* rm -f /boot/loader/entries/root-* } flatpaks() { echo echo "Installing Flatpaks......" echo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo for i in "${FLATPAKS[@]}"; do echo $i flatpak install --system $i -y done } grubSnapshotss() { cd /opt git clone https://github.com/Antynea/grub-btrfs.git cd /opt/grub-btrfs make make install systemctl enable --now grub-btrfsd.service } bootloader() { if [ -z "$1" ]; then echo echo "Error: No Disk specified!" echo else ROOT_MAPPER_NAME="$3" ROOT_NAME="$2" #plymouth-set-default-theme -r /sbin/plymouth-set-default-theme solar --rebuild-initrd echo "$ROOT_MAPPER_NAME UUID=$(/sbin/blkid | grep $BTRFS | cut -d '"' -f2) none luks" >/etc/crypttab if [ "$AUTO_DECRYPT" == "True" ]; then decryptBoot "${BTRFS}" fi /sbin/update-initramfs -c -k all echo "GRUB_CMDLINE_LINUX_DEFAULT=\"quiet splash mitigations=off\"" >/etc/default/grub if [[ $SWAP_CHOICE = *y* ]]; then echo "GRUB_CMDLINE_LINUX=resume=UUID=$(/sbin/blkid | grep $SWAP | cut -d '"' -f2) cryptdevice=UUID=$(/sbin/blkid | grep $BTRFS | cut -d '"' -f2):$ROOT_MAPPER_NAME root=UUID=$(/sbin/blkid | grep $ROOT_MAPPER_NAME | cut -d '"' -f4) rootflags=subvol@${ROOT_NAME} " >>/etc/default/grub else echo "GRUB_CMDLINE_LINUX=cryptdevice=UUID=$(/sbin/blkid | grep $BTRFS | cut -d '"' -f2):$ROOT_MAPPER_NAME root=UUID=$(/sbin/blkid | grep $ROOT_MAPPER_NAME | cut -d '"' -f4) rootflags=subvol@${ROOT_NAME} " >>/etc/default/grub fi echo "GRUB_ENABLE_CRYPTODISK=n" >>/etc/default/grub echo "GRUB_DISABLE_OS_PROBER=true" >>/etc/default/grub echo "GRUB_TIMEOUT=1" >>/etc/default/grub echo echo read -p 'Install GRUB to a removable DRIVE: ' -e -i "n" REMOVEABLE if [[ $REMOVEABLE = *y* ]]; then /sbin/grub-install --removable --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=debian else /sbin/grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=debian fi /sbin/update-grub fi } setupScript() { cp -f debian.sh $TARGET/usr/bin/ #sed -i 's/most/dep/i' $TARGET/etc/initramfs-tools/initramfs.conf echo 'bash /usr/bin/debian.sh hibernate' >>$TARGET/setup.sh echo "bash /usr/bin/debian.sh bootloader $1 $ROOT_NAME $ROOT_MAPPER_NAME" >>$TARGET/setup.sh echo 'bash /usr/bin/debian.sh grubSnapshotss' >>$TARGET/setup.sh echo 'bash /usr/bin/debian.sh accounts' >>$TARGET/setup.sh echo 'bash /usr/bin/debian.sh desktop' >>$TARGET/setup.sh if [[ $DESKTOP = *Hyprland* ]]; then echo 'bash /usr/bin/debian.sh buildHyprland' >>$TARGET/setup.sh fi echo 'bash /usr/bin/debian.sh btrfsTweaks' >>$TARGET/setup.sh chmod +x $TARGET/usr/bin/debian.sh chmod +x $TARGET/setup.sh chroot $TARGET /setup.sh rm -f $TARGET/setup.sh } btrfs_filesytem() { btrfs sub create $TARGET/@$ROOT_NAME btrfs sub create $TARGET/@.snapshots btrfs sub create $TARGET/@libvirt btrfs sub create $TARGET/@home btrfs sub create $TARGET/@root btrfs sub create $TARGET/@containers btrfs sub create $TARGET/@flatpak echo echo "Binding BTRFS Root" echo umount $TARGET mount -o $COMPRESSION,subvol=@$ROOT_NAME /dev/mapper/$ROOT_MAPPER_NAME $TARGET } installCodium() { curl -fSsL https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg | gpg --dearmor | tee /usr/share/keyrings/vscodium.gpg >/dev/null echo "deb [arch=amd64 signed-by=/usr/share/keyrings/vscodium.gpg] https://download.vscodium.com/debs vscodium main" | tee /etc/apt/sources.list.d/vscodium.list apt update apt install codium -y } installLibreWolf() { distro=$(if echo " una bookworm vanessa focal jammy bullseye vera uma " | grep -q " $(lsb_release -sc) "; then lsb_release -sc; else echo focal; fi) wget -O- https://deb.librewolf.net/keyring.gpg | gpg --dearmor -o /usr/share/keyrings/librewolf.gpg tee /etc/apt/sources.list.d/librewolf.sources </dev/null Types: deb URIs: https://deb.librewolf.net Suites: $distro Components: main Architectures: amd64 Signed-By: /usr/share/keyrings/librewolf.gpg EOF apt update apt install -y librewolf apt remove firefox-esr -y } installSteam() { dpkg --add-architecture i386 apt update apt install libc6:amd64 libc6:i386 libegl1:amd64 libegl1:i386 libgbm1:amd64 libgbm1:i386 libgl1-mesa-dri:amd64 libgl1-mesa-dri:i386 libgl1:amd64 libgl1:i386 steam-libs-amd64:amd64 steam-libs-i386:i386 xterm libgl1-mesa-dri:i386 mesa-vulkan-drivers:i386 -t stable-backports -y cd /tmp wget https://steamcdn-a.akamaihd.net/client/installer/steam.deb apt install -y /tmp/steam.deb apt install lutris -y } mounts() { echo echo "Mounting......." mount /dev/mapper/$ROOT_MAPPER_NAME $TARGET btrfs_filesytem mkdir -p $TARGET/boot mount -t ext4 $BOOT $TARGET/boot mkdir -p $TARGET/boot/efi mount $EFI $TARGET/boot/efi #CONFIGURE DATA DIRS (HOME) mkdir $TARGET/home mount -o subvol=@home /dev/mapper/$ROOT_MAPPER_NAME $TARGET/home } unmount() { echo echo "Unmounting....." umount $TARGET/proc umount $TARGET/dev umount $TARGET/sys umount $TARGET/boot umount $TARGET/home umount -lR $TARGET/* umount -R $TARGET umount -R $TARGET cryptsetup close $ROOT_MAPPER_NAME } locale() { echo "ln -sf /usr/share/zoneinfo/US/Mountain /etc/localtime" >>$TARGET/setup.sh echo "hwclock --systohc" >>$TARGET/setup.sh echo "en_US.UTF-8 UTF-8" >$TARGET/etc/locale.gen echo "locale-gen" >>$TARGET/setup.sh } partitions() { echo echo "Setting Up Partitions....." printf "$DISK_PASSWORD" | cryptsetup open ${BTRFS} $ROOT_MAPPER_NAME if [[ -e "/dev/mapper/$ROOT_MAPPER_NAME" ]]; then mounts fstab else echo echo "Aborting Install, /dev/mapper/$ROOT_MAPPER_NAME not found!" echo echo exit 1 fi } fstab() { mkdir $TARGET/etc echo "UUID=$(/sbin/blkid | grep ${BOOT} | cut -d '"' -f2) /boot ext4 defaults 0 1" >$TARGET/etc/fstab echo "UUID=$(/sbin/blkid | grep ${EFI} | cut -d '"' -f4) /boot/efi vfat umask=0077 0 1" >>$TARGET/etc/fstab echo "/dev/mapper/$ROOT_MAPPER_NAME / btrfs noatime,nodiratime,autodefrag,$COMPRESSION,subvol=@$ROOT_NAME 0 1" >>$TARGET/etc/fstab echo "/dev/mapper/$ROOT_MAPPER_NAME /.snapshots btrfs noatime,nodiratime,autodefrag,$COMPRESSION,subvol=@.snapshots 0 1" >>$TARGET/etc/fstab echo "/dev/mapper/$ROOT_MAPPER_NAME /var/lib/libvirt btrfs noatime,nodiratime,autodefrag,$COMPRESSION,subvol=@libvirt 0 1" >>$TARGET/etc/fstab echo "/dev/mapper/$ROOT_MAPPER_NAME /var/lib/flatpak btrfs noatime,nodiratime,autodefrag,$COMPRESSION,subvol=@flatpak 0 1" >>$TARGET/etc/fstab echo "tmpfs /var/log tmpfs defaults,dev,exec 0 0" >>$TARGET/etc/fstab echo "tmpfs /tmp tmpfs defaults 0 0" >>$TARGET/etc/fstab echo "tmpfs /home/${USER}/.cache tmpfs rw,user,exec 0 0" >>$TARGET/etc/fstab echo "tmpfs /home/${USER}/Downloads tmpfs rw,user,exec 0 0" >>$TARGET/etc/fstab echo "/dev/mapper/$ROOT_MAPPER_NAME /home btrfs noatime,nodiratime,autodefrag,$COMPRESSION,subvol=@home 0 1" >>$TARGET/etc/fstab echo "/dev/mapper/$ROOT_MAPPER_NAME /root btrfs noatime,nodiratime,autodefrag,$COMPRESSION,subvol=@root 0 1" >>$TARGET/etc/fstab echo "/dev/mapper/$ROOT_MAPPER_NAME /var/lib/containers btrfs noatime,nodiratime,autodefrag,$COMPRESSION,subvol=@containers 0 1" >>$TARGET/etc/fstab if [[ $SWAP_CHOICE = *y* ]]; then echo "$SWAP none swap 0 0" >>$TARGET/etc/fstab fi } accounts() { echo echo "Set Password for $USER" useradd -m -s /bin/bash $USER mkdir /home/$USER chown root:users /home chown -R $USER:$USER /home/$USER echo "$USER:$USER_PASSWORD" | chpasswd gpasswd -a $USER wheel gpasswd -a $USER network gpasswd -a $USER video gpasswd -a $USER libvirt gpasswd -a $USER netdev gpasswd -a $USER adm gpasswd -a $USER debian-tor echo "$USER ALL=(ALL) ALL" >/etc/sudoers echo "root ALL=(ALL) ALL" >>/etc/sudoers echo echo "Setting ROOT Password:" echo "root:$ROOT_PASSWORD" | chpasswd /usr/bin/hostnamectl set-hostname $ROOT_NAME } btrfsTweaks() { DISABLE_COW=("/var/lib/docker" "/var/lib/containers" "/volumes" "/var/lib/mysql" "/var/lib/libvirt") for i in "${DISABLE_COW[@]}"; do chattr -R +C $i done } custom_service_files() { echo "systemctl set-default graphical.target" >>$TARGET/setup.sh echo "[Unit]" >$TARGET/etc/systemd/system/powertop.service echo "Description=Powertop tunings" >>$TARGET/etc/systemd/system/powertop.service echo "[Service]" >>$TARGET/etc/systemd/system/powertop.service echo "Type=oneshot" >>$TARGET/etc/systemd/system/powertop.service echo "ExecStart=/usr/sbin/powertop --auto-tune" >>$TARGET/etc/systemd/system/powertop.service echo "[Install]" >>$TARGET/etc/systemd/system/powertop.service echo "WantedBy=multi-user.target" >>$TARGET/etc/systemd/system/powertop.service } gnomeUnmounter() { umount /media/*/* -R /sbin/cryptsetup close /dev/mapper/luks-* } legacyEFIresize() { clear echo echo "[Debian Installer - Resize EFI]" echo cp -rf /boot /tmp umount /boot/efi umount /boot parted -a optimal /dev/$HARD_DISK rm 1 parted -a optimal /dev/$HARD_DISK rm 2 parted -a optimal /dev/$HARD_DISK mkpart primary fat32 1MiB 10MiB parted -a optimal /dev/$HARD_DISK mkpart primary ext3 10MiB 700MiB parted -a optimal /dev/$HARD_DISK set 1 esp on echo "Formatting $EFI" echo echo y | mkfs.vfat $EFI echo "Formatting $BOOT" echo y | mkfs.ext4 $BOOT mount -t ext4 $BOOT /boot mount $EFI /boot/efi rsync -av /tmp/boot/ /boot/ partitionDetection TARGET=/ fstab echo echo "Complete. Restart Debian Installer and choose the Menu option to reinstall the bootloader" echo } initializeDisk() { clear echo echo "[Debian Installer - Initialize Device]" echo parted /dev/$HARD_DISK mklabel gpt parted -a optimal /dev/$HARD_DISK mkpart primary fat32 1MiB 200MiB parted -a optimal /dev/$HARD_DISK mkpart primary ext3 200MiB 1GiB parted -a optimal /dev/$HARD_DISK set 1 esp on if [[ $SWAP_CHOICE = *y* ]]; then parted -a optimal /dev/$HARD_DISK mkpart P2 ext3 1GiB 98% parted -a optimal /dev/$HARD_DISK mkpart P2 ext3 98% 100% else parted -a optimal /dev/$HARD_DISK mkpart P2 ext3 1GiB 100% fi partitionDetection printf "$DISK_PASSWORD\n$DISK_PASSWORD" | cryptsetup luksFormat ${BTRFS} printf "$DISK_PASSWORD" | cryptsetup open ${BTRFS} $ROOT_MAPPER_NAME echo echo "Formatting....." echo y | mkfs.btrfs /dev/mapper/$ROOT_MAPPER_NAME -f echo echo "Formatting $EFI" echo echo y | mkfs.vfat $EFI echo "Formatting $BOOT" echo y | mkfs.ext4 $BOOT if [[ $SWAP_CHOICE = *y* ]]; then mkswap -f $SWAP fi echo "Initialize Complete. Please reboot your machine to avoid any issues" echo } wifi() { iwctl --passphrase $WIRELESS_PASSWORD station $WIRELESS_INTERFACE connect $SSID } showHelp() { clear echo echo "[debian.sh arguments]" echo echo "./debian.sh wifi" echo "./debian.sh bootloader [disk] [ROOT_NAME] [ROOT_MAPPER_NAME]" echo "./debian.sh initialize" echo "./debian.sh tar [device name] [location]" echo "./debian.sh snapshot" echo "./debian.sh reomve-snapshot" echo "./debian.sh btrfsTweaks" echo } tweaks() { clear echo echo "[Debian Installer System Tweaks]" echo echo "[1] Enable/Disable Disk Password at Boot" echo "[2] Create a deployable System Image" echo "[3] Reinstall Bootloader" echo "[4] Chroot into existing OS" echo "[5] *Danger* Resize /boot and /boot/efi [Run on booted OS only!]" echo "[6] Restore Current Running OS to Another Drive" echo read -p 'Your Choice: ' choice if [[ $choice = 1 ]]; then clear echo "[Password Protection at Boot]" echo echo setDevices read -p 'Unlock Disk without password at boot time? ' -e -i "y" pass_change if [[ $pass_change = *n* ]]; then AUTO_DECRYPT="False" bootloader "$HARD_DISK" "$ROOT_NAME" "$ROOT_MAPPER_NAME" else AUTO_DECRYPT="True" bootloader "$HARD_DISK" "$ROOT_NAME" "$ROOT_MAPPER_NAME" fi elif [[ $choice = 2 ]]; then clear echo echo "[Create Debian Image]" echo read -p 'Location to Store Image: ' -e -i "/home/$USER" image_directory read -p 'Image File Name: ' -e -i "debian" ROOT_NAME read -p 'Debian Version: ' -e -i "stable" DEBIAN_RELEASE read -p 'Sway, Hyprland, KDE, or GNOME: ' -e -i "sway" DESKTOP if [[ $DESKTOP = *KDE* ]]; then PACKAGES=$BASE_PACKAGES$SHARED_DESKTOP_APPS$KDE_DESKTOP_ENV$VIRTUALIZATION elif [[ $DESKTOP = *sway* ]]; then PACKAGES=$BASE_PACKAGES$SHARED_DESKTOP_APPS$SWAY_DESKTOP_ENV$VIRTUALIZATION elif [[ $DESKTOP = *Hyprland* ]]; then PACKAGES=$BASE_PACKAGES$SHARED_DESKTOP_APPS$HYPRLAND_DESKTOP_ENV$VIRTUALIZATION else PACKAGES=$BASE_PACKAGES$SHARED_DESKTOP_APPS$GNOME_DESKTOP_ENV$VIRTUALIZATION fi ROOT_MAPPER_NAME="/dev/foo" makeImage "$image_directory" elif [[ $choice = 3 ]]; then setDevices bootloader $HARD_DISK $ROOT_NAME $ROOT_MAPPER_NAME elif [[ $choice = 4 ]]; then setDevices partitions systemMounts if [[ -e "$TARGET/usr/bin/bash" ]]; then /usr/sbin/chroot $TARGET /usr/bin/bash else echo echo "error: Bash not found!" echo fi #unmount elif [[ $choice = 5 ]]; then rm -f /tmp/disk setDevices legacyEFIresize elif [[ $choice = 6 ]]; then setDevices liveOSrestore "$HARD_DISK" $ROOT_MAPPER_NAME "none" "none" "$ROOT_NAME" fi } menu() { clear echo echo "[Welcome to Verita84's Debian Installer System]" echo echo "[1] Install" echo "[2] Backup" echo "[3] Restore" echo "[4] Tools and Tweaks" echo "[5] Initialize Disk" echo read -p 'Your Choice: ' choice if [[ $choice = 1 ]]; then clear echo "[Install OS]" echo echo read -p 'Debian Version: ' -e -i "stable" DEBIAN_RELEASE read -p 'Sway, Hyprland, KDE, or GNOME: ' -e -i "sway" DESKTOP if [[ $DESKTOP = *KDE* ]]; then PACKAGES=$BASE_PACKAGES$SHARED_DESKTOP_APPS$KDE_DESKTOP_ENV$VIRTUALIZATION elif [[ $DESKTOP = *sway* ]]; then PACKAGES=$BASE_PACKAGES$SHARED_DESKTOP_APPS$SWAY_DESKTOP_ENV$VIRTUALIZATION elif [[ $DESKTOP = *Hyprland* ]]; then PACKAGES=$BASE_PACKAGES$SHARED_DESKTOP_APPS$HYPRLAND_DESKTOP_ENV$VIRTUALIZATION else PACKAGES=$BASE_PACKAGES$SHARED_DESKTOP_APPS$GNOME_DESKTOP_ENV$VIRTUALIZATION fi setDevices install "$HARD_DISK" elif [[ $choice = 2 ]]; then clear echo "[Backup OS]" echo setDevices read -p 'Backup Home Directory? : ' -e -i 'n' home_backup read -p 'OS Backup Directory Location : ' -e -i "/install/@$ROOT_NAME" backup_directory if [[ $home_backup = *n* ]]; then osBackup "none" "$backup_directory" "$ROOT_NAME" else osBackup "home" "$backup_directory" "$ROOT_NAME" fi elif [[ $choice = 3 ]]; then clear echo "[Restore from Backup]" echo echo setDevices read -p 'Restore Directory Image Source: ' -e -i "/mnt" restore_directory read -p 'Restore Home Directory? : ' -e -i 'n' home_restore read -p 'Backup file name to restore: ' -e -i 'debian' backup_name if [[ $home_restore = *n* ]]; then osRestore "$HARD_DISK" "$backup_name" "none" "$restore_directory" "$ROOT_MAPPER_NAME" else osRestore "$HARD_DISK" "$backup_name" "home" "$restore_directory" "$ROOT_MAPPER_NAME" fi elif [[ $choice = 4 ]]; then tweaks elif [[ $choice = 5 ]]; then clear echo "[Initialize Disk]" echo echo rm -f /tmp/disk setDevices initializeDisk else menu fi } setDevices() { if [ -f "/tmp/disk" ]; then HARD_DISK=$(cat /tmp/disk | head -1) ROOT_NAME=$(cat /tmp/disk | tail -3 | head -1) ROOT_MAPPER_NAME=$(cat /tmp/disk | tail -2 | head -1) SWAP_CHOICE=$(cat /tmp/disk | tail -1 | head -1) else i=0 while [ $i != "n" ]; do clear echo echo "Disks and Partitions:" echo cat /proc/partitions echo echo "Erase the line and press enter to skip to the next detected disk" echo i=$(expr $i + 1) read -p 'Disk Device to Use: ' -e -i $(lsblk | grep -i disk | grep -Evi 'swap' | cut -d ' ' -f1 | head -$i | tail -1) device if [[ ! -z $device ]]; then i="n" fi done read -p 'BTRFS Root Volume name: ' -e -i "debian" root_name read -p 'LUKS Device Mapper Name: ' -e -i "root" device_mapper_name read -p 'Swap Partition for hibernation? (y/n): ' -e -i "y" SWAP_CHOICE HARD_DISK=$device echo $HARD_DISK >/tmp/disk echo $root_name >>/tmp/disk echo $device_mapper_name >>/tmp/disk echo $SWAP_CHOICE >>/tmp/disk setDevices fi partitionDetection } gnomeUnmounter if [ "$1" = "desktop" ]; then desktop elif [ "$1" = "tar" ]; then osSnapshots "null" "$3" "$2" elif [ "$1" = "upgrade-system" ]; then upgrade-system elif [ "$1" = "wifi" ]; then wifi elif [ "$1" = "stable-diffusion" ]; then stableDiffusion elif [ "$1" = "accounts" ]; then accounts elif [ "$1" = "hibernate" ]; then hibernation elif [ "$1" = "flatpaks" ]; then flatpaks elif [ "$1" = "bootloader" ]; then bootloader "$2" "$3" "$4" elif [ "$1" = "buildHyprland" ]; then buildHyprland elif [ "$1" = "snapshot" ]; then snapshots elif [ "$1" = "grubSnapshotss" ]; then grubSnapshotss elif [ "$1" = "btrfsTweaks" ]; then btrfsTweaks elif [ "$1" = "tor" ]; then torConfig elif [ "$1" = "remove-snapshot" ]; then removeSnapshots elif [ "$1" = "help" ]; then showHelp else menu fi