24 files changed, 80 insertions, 40 deletions

diff --git a/airootfs/etc/locale.conf b/airootfs/etc/locale.conf
new file mode 100644
index 0000000..f9c983c
--- /dev/null
+++ b/airootfs/etc/locale.conf
@@ -0,0 +1 @@
+LANG=C.UTF-8
diff --git a/airootfs/etc/mkinitcpio.conf b/airootfs/etc/mkinitcpio.conf
index 4b7b7fb..34b1a06 100644
--- a/airootfs/etc/mkinitcpio.conf
+++ b/airootfs/etc/mkinitcpio.conf
@@ -1,6 +1,3 @@
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-
 # vim:set ft=sh
 # MODULES
 # The following modules are loaded before any boot hooks are
diff --git a/airootfs/etc/mkinitcpio.d/linux.preset b/airootfs/etc/mkinitcpio.d/linux.preset
index d35f137..9f67184 100644
--- a/airootfs/etc/mkinitcpio.d/linux.preset
+++ b/airootfs/etc/mkinitcpio.d/linux.preset
@@ -1,6 +1,3 @@
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-
 # mkinitcpio preset file for the 'linux' package on archiso
 
 PRESETS=('archiso')
diff --git a/airootfs/etc/ssh/sshd_config b/airootfs/etc/ssh/sshd_config
index 8ef1758..93f7d63 100644
--- a/airootfs/etc/ssh/sshd_config
+++ b/airootfs/etc/ssh/sshd_config
@@ -1,4 +1,4 @@
-#	$OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
+#	$OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $
 
 # This is the sshd server system-wide configuration file.  See
 # sshd_config(5) for more information.
@@ -58,7 +58,7 @@ AuthorizedKeysFile	.ssh/authorized_keys
 #PermitEmptyPasswords no
 
 # Change to no to disable s/key passwords
-ChallengeResponseAuthentication no
+#KbdInteractiveAuthentication yes
 
 # Kerberos options
 #KerberosAuthentication no
@@ -72,13 +72,13 @@ ChallengeResponseAuthentication no
 
 # Set this to 'yes' to enable PAM authentication, account processing,
 # and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
+# be allowed through the KbdInteractiveAuthentication and
 # PasswordAuthentication.  Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
+# PAM authentication via KbdInteractiveAuthentication may bypass
 # the setting of "PermitRootLogin without-password".
 # If you just want the PAM account and session checks to run without
 # PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
+# and KbdInteractiveAuthentication to 'no'.
 UsePAM yes
 
 #AllowAgentForwarding yes
diff --git a/airootfs/etc/systemd/network/20-ethernet.network b/airootfs/etc/systemd/network/20-ethernet.network
index efa309c..4b6a2ab 100644
--- a/airootfs/etc/systemd/network/20-ethernet.network
+++ b/airootfs/etc/systemd/network/20-ethernet.network
@@ -1,13 +1,10 @@
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-
 [Match]
+# Matching with "Type=ether" causes issues with containers because it also matches virtual Ethernet interfaces (veth*).
+# See https://bugs.archlinux.org/task/70892
+# Instead match by globbing the network interface name.
 Name=en*
 Name=eth*
 
 [Network]
 DHCP=yes
 IPv6PrivacyExtensions=yes
-
-[DHCP]
-RouteMetric=512
diff --git a/airootfs/etc/systemd/system-generators/systemd-gpt-auto-generator b/airootfs/etc/systemd/system-generators/systemd-gpt-auto-generator
new file mode 120000
index 0000000..dc1dc0c
--- /dev/null
+++ b/airootfs/etc/systemd/system-generators/systemd-gpt-auto-generator
@@ -0,0 +1 @@
+/dev/null
\ No newline at end of file
diff --git a/airootfs/etc/systemd/system/multi-user.target.wants/hv_fcopy_daemon.service b/airootfs/etc/systemd/system/multi-user.target.wants/hv_fcopy_daemon.service
new file mode 120000
index 0000000..20ac7b2
--- /dev/null
+++ b/airootfs/etc/systemd/system/multi-user.target.wants/hv_fcopy_daemon.service
@@ -0,0 +1 @@
+/usr/lib/systemd/system/hv_fcopy_daemon.service
\ No newline at end of file
diff --git a/airootfs/etc/systemd/system/multi-user.target.wants/hv_kvp_daemon.service b/airootfs/etc/systemd/system/multi-user.target.wants/hv_kvp_daemon.service
new file mode 120000
index 0000000..a7eac4a
--- /dev/null
+++ b/airootfs/etc/systemd/system/multi-user.target.wants/hv_kvp_daemon.service
@@ -0,0 +1 @@
+/usr/lib/systemd/system/hv_kvp_daemon.service
\ No newline at end of file
diff --git a/airootfs/etc/systemd/system/multi-user.target.wants/hv_vss_daemon.service b/airootfs/etc/systemd/system/multi-user.target.wants/hv_vss_daemon.service
new file mode 120000
index 0000000..eae19ef
--- /dev/null
+++ b/airootfs/etc/systemd/system/multi-user.target.wants/hv_vss_daemon.service
@@ -0,0 +1 @@
+/usr/lib/systemd/system/hv_vss_daemon.service
\ No newline at end of file
diff --git a/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service b/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service
new file mode 120000
index 0000000..cb2d560
--- /dev/null
+++ b/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service
@@ -0,0 +1 @@
+/usr/lib/systemd/system/vboxservice.service
\ No newline at end of file
diff --git a/airootfs/etc/systemd/system/multi-user.target.wants/vmtoolsd.service b/airootfs/etc/systemd/system/multi-user.target.wants/vmtoolsd.service
new file mode 120000
index 0000000..e0a11a7
--- /dev/null
+++ b/airootfs/etc/systemd/system/multi-user.target.wants/vmtoolsd.service
@@ -0,0 +1 @@
+/usr/lib/systemd/system/vmtoolsd.service
\ No newline at end of file
diff --git a/airootfs/etc/systemd/system/multi-user.target.wants/vmware-vmblock-fuse.service b/airootfs/etc/systemd/system/multi-user.target.wants/vmware-vmblock-fuse.service
new file mode 120000
index 0000000..173f306
--- /dev/null
+++ b/airootfs/etc/systemd/system/multi-user.target.wants/vmware-vmblock-fuse.service
@@ -0,0 +1 @@
+/usr/lib/systemd/system/vmware-vmblock-fuse.service
\ No newline at end of file
diff --git a/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf b/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf
index a4d7442..c9f9bce 100644
--- a/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf
+++ b/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf
@@ -1,5 +1,6 @@
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-
+# Allow systemd-networkd-wait-online to succeed with one interface, otherwise, if multiple network interfaces exist,
+# network-online.target gets needlessly delayed.
+# See https://wiki.archlinux.org/title/systemd-networkd#systemd-networkd-wait-online
 [Service]
+ExecStart=
 ExecStart=/usr/lib/systemd/systemd-networkd-wait-online --any
diff --git a/airootfs/root/.loader b/airootfs/root/.loader
index 2daeab8..763bae2 100755
--- a/airootfs/root/.loader
+++ b/airootfs/root/.loader
@@ -1,5 +1,5 @@
 #!/bin/bash
-set -e
+set -eux
 
 dd if=/dev/zero of=/swapfile bs=1M count=512 status=progress
 chmod 0600 /swapfile
diff --git a/airootfs/root/bootstrap b/airootfs/root/bootstrap
index dcd3d3f..5bfcf11 100755
--- a/airootfs/root/bootstrap
+++ b/airootfs/root/bootstrap
@@ -1,5 +1,5 @@
 #!/bin/bash
-set -e
+set -eux
 
 if ! timeout 1 curl -Is tombarrett.xyz | grep "200 OK" > /dev/null; then
     echo "Please first connect to the internet."
diff --git a/bootstrap_packages.x86_64 b/bootstrap_packages.x86_64
new file mode 100644
index 0000000..64966d0
--- /dev/null
+++ b/bootstrap_packages.x86_64
@@ -0,0 +1,2 @@
+arch-install-scripts
+base
diff --git a/efiboot/loader/entries/01-archiso-x86_64-linux.conf b/efiboot/loader/entries/01-archiso-x86_64-linux.conf
new file mode 100644
index 0000000..11624b6
--- /dev/null
+++ b/efiboot/loader/entries/01-archiso-x86_64-linux.conf
@@ -0,0 +1,4 @@
+title   Arch Linux (x86_64, UEFI)
+linux   /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux
+initrd  /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img
+options archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL%
diff --git a/efiboot/loader/loader.conf b/efiboot/loader/loader.conf
index 1ea5ce5..17110fa 100644
--- a/efiboot/loader/loader.conf
+++ b/efiboot/loader/loader.conf
@@ -1,5 +1,2 @@
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-
 timeout 3
-default archiso-x86_64-linux.conf
+default 01-archiso-x86_64-linux.conf
diff --git a/grub/grub.cfg b/grub/grub.cfg
new file mode 100644
index 0000000..d2aa4ab
--- /dev/null
+++ b/grub/grub.cfg
@@ -0,0 +1,36 @@
+# Load partition table and file system modules
+insmod part_gpt
+insmod part_msdos
+insmod fat
+insmod iso9660
+
+# Use graphics-mode output
+insmod all_video
+insmod font
+if loadfont "${prefix}/fonts/unicode.pf2" ; then
+    insmod gfxterm
+    set gfxmode="auto"
+    terminal_input console
+    terminal_output gfxterm
+fi
+
+# Enable serial console
+if serial --unit=0 --speed=115200; then
+    terminal_input --append serial
+    terminal_output --append serial
+fi
+
+# Set default menu entry
+default=archlinux
+timeout=15
+timeout_style=menu
+
+
+# Menu entries
+
+menuentry "Arch Linux (x86_64, UEFI)" --class arch --class gnu-linux --class gnu --class os --id 'archlinux' {
+    set gfxpayload=keep
+    search --no-floppy --set=root --label %ARCHISO_LABEL%
+    linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL%
+    initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img
+}
diff --git a/packages.x86_64 b/packages.x86_64
index 1dad073..5939168 100644
--- a/packages.x86_64
+++ b/packages.x86_64
@@ -6,6 +6,7 @@ clevis
 cloud-init
 dosfstools
 htop
+hyperv
 linux
 linux-firmware
 lvm2
@@ -16,8 +17,10 @@ neovim
 networkmanager
 nmap
 openssh
+open-vm-tools
 parted
 pv
+qemu-guest-agent
 ranger
 rsync
 smartmontools
@@ -25,6 +28,7 @@ syslinux
 tmux
 tpm2-tools
 vim
+virtualbox-guest-utils-nox
 wget
 zsh
 zsh-autosuggestions
diff --git a/pacman.conf b/pacman.conf
index 9d895e9..5ee6c1e 100644
--- a/pacman.conf
+++ b/pacman.conf
@@ -2,8 +2,6 @@
 # /etc/pacman.conf
 #
 # See the pacman.conf(5) manpage for option and repository directives
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
 
 #
 # GENERAL OPTIONS
@@ -33,10 +31,11 @@ Architecture = auto
 # Misc options
 #UseSyslog
 #Color
-#TotalDownload
+#NoProgressBar
 # We cannot check disk space from within a chroot environment
 #CheckSpace
 #VerbosePkgLists
+ParallelDownloads = 5
 
 # By default, pacman accepts packages signed by keys that its local keyring
 # trusts (see pacman-key and its man page), as well as unsigned packages.
diff --git a/profiledef.sh b/profiledef.sh
index fd65beb..b1204d7 100644
--- a/profiledef.sh
+++ b/profiledef.sh
@@ -2,16 +2,19 @@
 # shellcheck disable=SC2034
 
 iso_name="toms_arch"
-iso_label="_$(date +%Y%m)"
-iso_publisher="Tom Barrett <https://tombarrett.xyz>"
+iso_label="TA_$(date +%Y%m)"
+iso_publisher="tom barrett <https://tombarrett.xyz>"
 iso_application="toms archlinux installer"
 iso_version="$(date +%Y.%m.%d)"
 install_dir="arch"
-bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito')
+buildmodes=('iso')
+bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito'
+           'uefi-ia32.grub.esp' 'uefi-x64.grub.esp'
+           'uefi-ia32.grub.eltorito' 'uefi-x64.grub.eltorito')
 arch="x86_64"
 pacman_conf="pacman.conf"
-airootfs_image_type="squashfs"
-airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M')
+airootfs_image_type="erofs"
+airootfs_image_tool_options=('-zlzma,9' -E ztailpacking)
 file_permissions=(
   ["/etc/shadow"]="0:0:400"
   ["/root/bootstrap"]="0:0:700"
diff --git a/syslinux/syslinux-linux.cfg b/syslinux/syslinux-linux.cfg
index 867d815..0311f29 100644
--- a/syslinux/syslinux-linux.cfg
+++ b/syslinux/syslinux-linux.cfg
@@ -1,6 +1,3 @@
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-
 LABEL arch
 MENU LABEL Arch Linux (x86_64, BIOS)
 LINUX /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux
diff --git a/syslinux/syslinux.cfg b/syslinux/syslinux.cfg
index 88a36ea..561ac7c 100644
--- a/syslinux/syslinux.cfg
+++ b/syslinux/syslinux.cfg
@@ -1,6 +1,4 @@
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-
+SERIAL 0 115200
 UI menu.c32
 MENU TITLE Arch Linux
 MENU CLEAR