Initial commit

airootfs/etc/hostname

@@ -0,0 +1 @@
+archiso

airootfs/etc/locale.conf

@@ -0,0 +1 @@
+LANG=ru_RU.utf8

airootfs/etc/localtime

@@ -0,0 +1 @@
+/usr/share/zoneinfo/UTC

airootfs/etc/mkinitcpio.conf

@@ -0,0 +1,67 @@
+# vim:set ft=sh
+# MODULES
+# The following modules are loaded before any boot hooks are
+# run.  Advanced users may wish to specify all system modules
+# in this array.  For instance:
+#     MODULES=(piix ide_disk reiserfs)
+MODULES=()
+
+# BINARIES
+# This setting includes any additional binaries a given user may
+# wish into the CPIO image.  This is run last, so it may be used to
+# override the actual binaries included by a given hook
+# BINARIES are dependency parsed, so you may safely ignore libraries
+BINARIES=()
+
+# FILES
+# This setting is similar to BINARIES above, however, files are added
+# as-is and are not parsed in any way.  This is useful for config files.
+FILES=()
+
+# HOOKS
+# This is the most important setting in this file.  The HOOKS control the
+# modules and scripts added to the image, and what happens at boot time.
+# Order is important, and it is recommended that you do not change the
+# order in which HOOKS are added.  Run 'mkinitcpio -H <hook name>' for
+# help on a given hook.
+# 'base' is _required_ unless you know precisely what you are doing.
+# 'udev' is _required_ in order to automatically load modules
+# 'filesystems' is _required_ unless you specify your fs modules in MODULES
+# Examples:
+##   This setup specifies all modules in the MODULES setting above.
+##   No raid, lvm2, or encrypted root is needed.
+#    HOOKS=(base)
+#
+##   This setup will autodetect all modules for your system and should
+##   work as a sane default
+#    HOOKS=(base udev autodetect block filesystems)
+#
+##   This setup will generate a 'full' image which supports most systems.
+##   No autodetection is done.
+#    HOOKS=(base udev block filesystems)
+#
+##   This setup assembles a pata mdadm array with an encrypted root FS.
+##   Note: See 'mkinitcpio -H mdadm' for more information on raid devices.
+#    HOOKS=(base udev block mdadm encrypt filesystems)
+#
+##   This setup loads an lvm2 volume group on a usb device.
+#    HOOKS=(base udev block lvm2 filesystems)
+#
+##   NOTE: If you have /usr on a separate partition, you MUST include the
+#    usr, fsck and shutdown hooks.
+HOOKS=(base udev modconf memdisk archiso_shutdown archiso archiso_loop_mnt archiso_pxe_common archiso_pxe_nbd archiso_pxe_http archiso_pxe_nfs archiso_kms block filesystems keyboard)
+
+# COMPRESSION
+# Use this to compress the initramfs image. By default, gzip compression
+# is used. Use 'cat' to create an uncompressed image.
+#COMPRESSION="gzip"
+#COMPRESSION="bzip2"
+#COMPRESSION="lzma"
+COMPRESSION="xz"
+#COMPRESSION="lzop"
+#COMPRESSION="lz4"
+#COMPRESSION="zstd"
+
+# COMPRESSION_OPTIONS
+# Additional options for the compressor
+#COMPRESSION_OPTIONS=()

airootfs/etc/mkinitcpio.d/linux.preset

@@ -0,0 +1,8 @@
+# mkinitcpio preset file for the 'linux' package on archiso
+
+PRESETS=('archiso')
+
+ALL_kver='/boot/vmlinuz-linux'
+ALL_config='/etc/mkinitcpio.conf'
+
+archiso_image="/boot/initramfs-linux.img"

airootfs/etc/modprobe.d/broadcom-wl.conf

@@ -0,0 +1,7 @@
+# The broadcom-wl package requires some modules to be disabled in order to use
+# wl. Since the ISO image needs to cover many hardware cases, this file
+# overrides the default blacklist in /usr/lib/modprobe.d/
+#
+# If you need to use wl, you may need to delete this file, then `rmmod` any
+# already-loaded modules that are now blacklisted before proceeding to modprobe
+# wl itself.

airootfs/etc/motd

@@ -0,0 +1,10 @@
+To install Arch Linux follow the installation guide:
+https://wiki.archlinux.org/title/Installation_guide
+
+For Wi-Fi, authenticate to the wireless network using the iwctl utility.
+For mobile broadband (WWAN) modems, connect with the mmcli utility.
+Ethernet, WLAN and WWAN interfaces using DHCP should work automatically.
+
+After connecting to the internet, the installation guide can be accessed
+via the convenience script Installation_guide.
+

airootfs/etc/pacman.d/hooks/40-locale-gen.hook

@@ -0,0 +1,13 @@
+# remove from airootfs!
+[Trigger]
+Operation = Install
+Type = Package
+Target = glibc
+
+[Action]
+Description = Uncommenting en_US.UTF-8 and ru_RU.UTF-8 locales and running locale-gen...
+When = PostTransaction
+Depends = glibc
+Depends = sed
+Depends = sh
+Exec = /bin/sh -c "sed -i 's/#\(en_US\.UTF-8\)/\1/' /etc/locale.gen && sed -i 's/#\(ru_RU\.UTF-8\)/\1/' /etc/locale.gen && locale-gen"

airootfs/etc/pacman.d/hooks/uncomment-mirrors.hook

@@ -0,0 +1,13 @@
+# remove from airootfs!
+[Trigger]
+Operation = Install
+Operation = Upgrade
+Type = Package
+Target = pacman-mirrorlist
+
+[Action]
+Description = Uncommenting all mirrors in /etc/pacman.d/mirrorlist...
+When = PostTransaction
+Depends = pacman-mirrorlist
+Depends = sed
+Exec = /usr/bin/sed -i "s/#Server/Server/g" /etc/pacman.d/mirrorlist

airootfs/etc/pacman.d/hooks/zzzz99-remove-custom-hooks-from-airootfs.hook

@@ -0,0 +1,18 @@
+# remove from airootfs!
+# As a workaround for https://bugs.archlinux.org/task/49347 , remove pacman hooks specific to the ISO build process.
+# If not, they would be used when pacstrap is run in the live environment.
+
+[Trigger]
+Operation = Install
+Operation = Upgrade
+Operation = Remove
+Type = Package
+Target = *
+
+[Action]
+Description = Work around FS#49347 by removing custom pacman hooks that are only required during ISO build...
+When = PostTransaction
+Depends = sh
+Depends = coreutils
+Depends = grep
+Exec = /bin/sh -c "rm -- $(grep -Frl 'remove from airootfs' /etc/pacman.d/hooks/)"

airootfs/etc/passwd

@@ -0,0 +1 @@
+root:x:0:0:root:/root:/usr/bin/zsh

airootfs/etc/resolv.conf

@@ -0,0 +1 @@
+/run/systemd/resolve/stub-resolv.conf

airootfs/etc/shadow

@@ -0,0 +1 @@
+root::14871::::::

airootfs/etc/ssh/sshd_config

@@ -0,0 +1,116 @@
+#	$OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $
+
+# This is the sshd server system-wide configuration file.  See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented.  Uncommented options override the
+# default value.
+
+#Port 22
+#AddressFamily any
+#ListenAddress 0.0.0.0
+#ListenAddress ::
+
+#HostKey /etc/ssh/ssh_host_rsa_key
+#HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ed25519_key
+
+# Ciphers and keying
+#RekeyLimit default none
+
+# Logging
+#SyslogFacility AUTH
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2m
+PermitRootLogin yes
+#StrictModes yes
+#MaxAuthTries 6
+#MaxSessions 10
+
+#PubkeyAuthentication yes
+
+# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
+# but this is overridden so installations will only check .ssh/authorized_keys
+AuthorizedKeysFile	.ssh/authorized_keys
+
+#AuthorizedPrincipalsFile none
+
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandUser nobody
+
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+#IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+#PasswordAuthentication yes
+#PermitEmptyPasswords no
+
+# Change to no to disable s/key passwords
+#KbdInteractiveAuthentication yes
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the KbdInteractiveAuthentication and
+# PasswordAuthentication.  Depending on your PAM configuration,
+# PAM authentication via KbdInteractiveAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and KbdInteractiveAuthentication to 'no'.
+UsePAM yes
+
+#AllowAgentForwarding yes
+#AllowTcpForwarding yes
+#GatewayPorts no
+#X11Forwarding no
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+#PermitTTY yes
+PrintMotd no # pam does that
+#PrintLastLog yes
+#TCPKeepAlive yes
+#PermitUserEnvironment no
+#Compression delayed
+#ClientAliveInterval 0
+#ClientAliveCountMax 3
+#UseDNS no
+#PidFile /run/sshd.pid
+#MaxStartups 10:30:100
+#PermitTunnel no
+#ChrootDirectory none
+#VersionAddendum none
+
+# no default banner path
+#Banner none
+
+# override default of no subsystems
+Subsystem	sftp	/usr/lib/ssh/sftp-server
+
+# Example of overriding settings on a per-user basis
+#Match User anoncvs
+#	X11Forwarding no
+#	AllowTcpForwarding no
+#	PermitTTY no
+#	ForceCommand cvs server

airootfs/etc/systemd/journald.conf.d/volatile-storage.conf

@@ -0,0 +1,2 @@
+[Journal]
+Storage=volatile

airootfs/etc/systemd/logind.conf.d/do-not-suspend.conf

@@ -0,0 +1,4 @@
+[Login]
+HandleSuspendKey=ignore
+HandleHibernateKey=ignore
+HandleLidSwitch=ignore

airootfs/etc/systemd/network/20-ethernet.network

@@ -0,0 +1,18 @@
+[Match]
+Name=en*
+Name=eth*
+
+[Network]
+DHCP=yes
+IPv6PrivacyExtensions=yes
+
+# systemd-networkd does not set per-interface-type default route metrics
+# https://github.com/systemd/systemd/issues/17698
+# Explicitly set route metric, so that Ethernet is preferred over Wi-Fi and Wi-Fi is preferred over mobile broadband.
+# Use values from NetworkManager. From nm_device_get_route_metric_default in
+# https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/src/core/devices/nm-device.c
+[DHCPv4]
+RouteMetric=100
+
+[IPv6AcceptRA]
+RouteMetric=100

airootfs/etc/systemd/network/20-wlan.network

@@ -0,0 +1,17 @@
+[Match]
+Name=wl*
+
+[Network]
+DHCP=yes
+IPv6PrivacyExtensions=yes
+
+# systemd-networkd does not set per-interface-type default route metrics
+# https://github.com/systemd/systemd/issues/17698
+# Explicitly set route metric, so that Ethernet is preferred over Wi-Fi and Wi-Fi is preferred over mobile broadband.
+# Use values from NetworkManager. From nm_device_get_route_metric_default in
+# https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/src/core/devices/nm-device.c
+[DHCPv4]
+RouteMetric=600
+
+[IPv6AcceptRA]
+RouteMetric=600

airootfs/etc/systemd/network/20-wwan.network

@@ -0,0 +1,17 @@
+[Match]
+Name=ww*
+
+[Network]
+DHCP=yes
+IPv6PrivacyExtensions=yes
+
+# systemd-networkd does not set per-interface-type default route metrics
+# https://github.com/systemd/systemd/issues/17698
+# Explicitly set route metric, so that Ethernet is preferred over Wi-Fi and Wi-Fi is preferred over mobile broadband.
+# Use values from NetworkManager. From nm_device_get_route_metric_default in
+# https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/src/core/devices/nm-device.c
+[DHCPv4]
+RouteMetric=700
+
+[IPv6AcceptRA]
+RouteMetric=700

airootfs/etc/systemd/system/choose-mirror.service

@@ -0,0 +1,10 @@
+[Unit]
+Description=Choose mirror from the kernel command line
+ConditionKernelCommandLine=mirror
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/choose-mirror
+
+[Install]
+WantedBy=multi-user.target

airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/cloud-config.service

airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/cloud-final.service

airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/cloud-init-local.service

airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/cloud-init.service

airootfs/etc/systemd/system/dbus-org.freedesktop.ModemManager1.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/ModemManager.service

airootfs/etc/systemd/system/dbus-org.freedesktop.network1.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/systemd-networkd.service

airootfs/etc/systemd/system/dbus-org.freedesktop.resolve1.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/systemd-resolved.service

airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount

@@ -0,0 +1,8 @@
+[Unit]
+Description=Temporary /etc/pacman.d/gnupg directory
+
+[Mount]
+What=tmpfs
+Where=/etc/pacman.d/gnupg
+Type=tmpfs
+Options=mode=0755

airootfs/etc/systemd/system/getty@tty1.service.d/autologin.conf

@@ -0,0 +1,3 @@
+[Service]
+ExecStart=
+ExecStart=-/sbin/agetty --autologin root --noclear %I 38400 linux

airootfs/etc/systemd/system/livecd-alsa-unmuter.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=Unmute All Sound Card Controls For Use With The Live Arch Environment
+# This needs to run after the audio device becomes available.
+Wants=systemd-udev-settle.service
+After=systemd-udev-settle.service sound.target
+ConditionKernelCommandLine=accessibility=on
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/livecd-sound -u
+
+[Install]
+WantedBy=sound.target

airootfs/etc/systemd/system/livecd-talk.service

@@ -0,0 +1,20 @@
+[Unit]
+Description=Screen reader service
+After=livecd-alsa-unmuter.service
+Before=getty@tty1.service
+ConditionKernelCommandLine=accessibility=on
+
+[Service]
+Type=oneshot
+TTYPath=/dev/tty13
+ExecStartPre=/usr/bin/chvt 13
+ExecStart=/usr/local/bin/livecd-sound -p
+ExecStartPost=/usr/bin/chvt 1
+ExecStartPost=systemctl start espeakup.service
+StandardInput=tty
+TTYVHangup=yes
+TTYVTDisallocate=yes
+RemainAfterExit=true
+
+[Install]
+WantedBy=multi-user.target

airootfs/etc/systemd/system/multi-user.target.wants/ModemManager.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/ModemManager.service

airootfs/etc/systemd/system/multi-user.target.wants/choose-mirror.service

@@ -0,0 +1 @@
+../choose-mirror.service

airootfs/etc/systemd/system/multi-user.target.wants/iwd.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/iwd.service

airootfs/etc/systemd/system/multi-user.target.wants/livecd-talk.service

@@ -0,0 +1 @@
+/etc/systemd/system/livecd-talk.service

airootfs/etc/systemd/system/multi-user.target.wants/pacman-init.service

@@ -0,0 +1 @@
+../pacman-init.service

airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/qemu-guest-agent.service

airootfs/etc/systemd/system/multi-user.target.wants/reflector.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/reflector.service

airootfs/etc/systemd/system/multi-user.target.wants/sshd.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/sshd.service

airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/systemd-networkd.service

airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/systemd-resolved.service

airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/vboxservice.service

airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/systemd-networkd-wait-online.service

airootfs/etc/systemd/system/pacman-init.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=Initializes Pacman keyring
+Requires=etc-pacman.d-gnupg.mount
+After=etc-pacman.d-gnupg.mount
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/bin/pacman-key --init
+ExecStart=/usr/bin/pacman-key --populate
+
+[Install]
+WantedBy=multi-user.target

airootfs/etc/systemd/system/reflector.service.d/archiso.conf

@@ -0,0 +1,6 @@
+[Unit]
+ConditionKernelCommandLine=!mirror
+
+[Service]
+Restart=on-failure
+RestartSec=10

airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket

@@ -0,0 +1 @@
+/usr/lib/systemd/system/systemd-networkd.socket

airootfs/etc/systemd/system/sound.target.wants/livecd-alsa-unmuter.service

@@ -0,0 +1 @@
+../livecd-alsa-unmuter.service

airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf

@@ -0,0 +1,6 @@
+# Allow systemd-networkd-wait-online to succeed with one interface, otherwise, if multiple network interfaces exist,
+# network-online.target gets needlessly delayed.
+# See https://wiki.archlinux.org/title/systemd-networkd#systemd-networkd-wait-online
+[Service]
+ExecStart=
+ExecStart=/usr/lib/systemd/systemd-networkd-wait-online --any

airootfs/etc/vconsole.conf

@@ -0,0 +1,2 @@
+KEYMAP=ru
+FONT=ter-u16n

airootfs/etc/xdg/reflector/reflector.conf

@@ -0,0 +1,6 @@
+# Reflector configuration file for the systemd service.
+
+--save /etc/pacman.d/mirrorlist
+--protocol https
+--latest 20
+--sort rate