#!/bin/sh set -e drive=/dev/nvme1n1 bs=512 sgdisk --zap-all ${drive} sgdisk -o ${drive} sgdisk -a ${bs} -n 1:0:+1G --typecode=1:ef00 ${drive} sgdisk -a ${bs} -n 2:0:+8G --typecode=2:8200 ${drive} sgdisk -a ${bs} --largest-new=3 --typecode=3:8300 ${drive} mkfs.vfat ${drive}p1 mkswap --force ${drive}p2 mkfs.xfs -f ${drive}p3 mount ${drive}p3 /mnt mkdir /mnt/{boot,dev,sys,proc,run} mkdir /mnt/boot/efi mount ${drive}p1 /mnt/boot/efi mount --bind /dev /mnt/dev mount --bind /sys /mnt/sys mount --bind /proc /mnt/proc mount --bind /run /mnt/run # echo 'fastestmirror=1' >> /etc/dnf/dnf.conf dnf -y update fedora-gpg-keys # curl https://fedoraproject.org/fedora.gpg | gpg --import dnf -y --installroot=/mnt --releasever=39 group install standard core \ hardware-support development-libs development-tools dnf -y --installroot=/mnt --releasever=39 install gpart gdisk rsync nano tcpdump \ tcsh net-tools bind-utils sysstat xfsprogs atop chrony ntpstat \ tree git git-all mc wpa_supplicant glibc-langpack-ru dnf -y --installroot=/mnt --releasever=39 install kernel efibootmgr shim \ grub2-efi-x64 grub2-efi-x64-modules \ grub2-tools-efi grub2-tools-extra \ grub2-breeze-theme cat < /mnt/etc/default/grub GRUB_TIMEOUT=30 GRUB_DEFAULT=saved GRUB_SAVEDEFAULT=false GRUB_TERMINAL_INPUT="console" GRUB_TERMINAL_OUTPUT="gfxterm" GRUB_ENABLE_BLSCFG=true GRUB_CMDLINE_LINUX="nomodeset rhgb pci=noaer i8042.debug=1 i8042.noaux=1" EOF chroot /mnt grub2-mkconfig -o /boot/grub2/grub.cfg blkid --output export ${drive}p3 | grep ^UUID= | xargs -I '{}' echo {} / xfs defaults 0 1 > /mnt/etc/fstab blkid --output export ${drive}p2 | grep ^UUID= | xargs -I '{}' echo {} none swap defaults 0 0 >> /mnt/etc/fstab blkid --output export ${drive}p1 | grep ^UUID= | xargs -I '{}' echo {} /boot/efi vfat defaults 0 2 >> /mnt/etc/fstab chroot /mnt systemctl disable NetworkManager chroot /mnt systemctl disable firewalld chroot /mnt systemctl enable systemd-networkd chroot /mnt systemctl enable nftables setenforce 0 echo 'root:123' | chpasswd --root /mnt #groupadd --root /mnt admin #useradd --root /mnt -m -d /home/admin -s /bin/bash -g admin -m admin #echo 'admin:admin' | chpasswd --root /mnt # SElinux to mode Permissive sed -i s/^SELINUX=.*$/SELINUX=permissive/ /mnt/etc/selinux/config sed -i -r 's/^.?PermitRootLogin.*/PermitRootLogin\ yes/g' /mnt/etc/ssh/sshd_config sed -i -r 's/^.?UseDNS no/UseDNS no/g' /mnt/etc/ssh/sshd_config sed -i -r 's/^.?UseDNS yes/UseDNS no/g' /mnt/etc/ssh/sshd_config mkdir /mnt/root/.ssh touch /mnt/root/.ssh/authorized_keys chmod 0700 /mnt/root/.ssh chmod 0600 /mnt/root/.ssh/authorized_keys sed -i -r 's/^.*history-search-backward.*/"\\e[A": history-search-backward/g' /mnt/etc/inputrc sed -i -r 's/^.*history-search-forward.*/"\\e[B": history-search-forward/g' /mnt/etc/inputrc umount /mnt/run umount /mnt/dev umount /mnt/sys umount /mnt/proc umount /mnt/boot/efi umount /mnt