Загрузить файлы в «/»

README.md

@@ -1,2 +1,83 @@
-# voidlinux_V2_2024.03_noatime_trim-SSD
+# VOID INSTALL
 
+    cfdisk /dev/sda  
+    mkfs -t ext2 /dev/sda1
+    mkfs -t ext4 /dev/sda2
+    mkfs -t ext4 /dev/sda3
+    mkswap /dev/sda4
+    swapon /dev/sda4
+
+    mount /dev/sda2 /mnt
+    mkdir /mnt/boot
+    mkdir /mnt/home
+    mount /dev/sda1 /mnt/boot
+    mount /dev/sda3 /mnt/home  
+  
+    REPO=https://repo-default.voidlinux.org/current  
+    ARCH=x86_64  
+    mkdir -p /mnt/var/db/xbps/keys  
+    cp /var/db/xbps/keys/* /mnt/var/db/xbps/keys/  
+  
+    XBPS_ARCH=$ARCH xbps-install -S -r /mnt -R "$REPO" base-system  
+  
+    mount --rbind /sys /mnt/sys && mount --make-rslave /mnt/sys  
+    mount --rbind /dev /mnt/dev && mount --make-rslave /mnt/dev  
+    mount --rbind /proc /mnt/proc && mount --make-rslave /mnt/proc  
+  
+    cp /etc/resolv.conf /mnt/etc/  
+  
+    xchroot /mnt /bin/bash  
+  
+    xbps-install nano  
+    nano /etc/default/libc-locales  
+    xbps-reconfigure -f glibc-locales  
+  
+    ln -sf /usr/share/zoneinfo/Europa/Minsk /etc/localtime  
+   
+    useradd -m -g users -G wheel -s /bin/bash admin
+    passwd admin
+
+    useradd -m -g users -G audio -s /bin/bash user  
+    passwd user  
+
+    gpasswd -a user disk
+    gpasswd -a user input
+    gpasswd -a user lp
+    gpasswd -a user optical
+    gpasswd -a user scanner
+    gpasswd -a user storage
+    gpasswd -a user kvm
+    gpasswd -a user video
+
+    groups user
+
+    EDITOR=nano visudo
+--
+    admin ALL=(ALL:ALL) ALL  
+--
+
+    cp /proc/mounts /etc/fstab  
+  
+    xbps-install grub  
+    grub-install /dev/sda  
+  
+    xbps-install git opendoas
+
+
+    xbps-reconfigure -fa  
+    exit  
+    reboot  
+
+    sudo ln-s /etc/sv/dhcpcd /var/service
+    sudo sv up dhcpcd
+
+    AUTOLOGIN & AUTOSTART
+
+    sudo nano  /etc/sv/agetty-tty1/conf  
+    GETTY_ARGS="-a username --noclear"  
+  
+    nano .bash_profile  
+    [ -f $HOME/.bashrc ] && . $HOME/.bashrc  
+    if [[ -z $DISPLAY ]] && [[ $(tty) = /dev/tty1 ]]; then  
+    exec startx  
+    fi

doas

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+
+xbps-install opendoas \
+cp doas.conf /etc/
+chown -c root:root /etc/doas.conf
+chmod -c 0400 /etc/doas.conf
+cd ..
+rm -Rfv voidlinux

doas.conf

@@ -0,0 +1,28 @@
+## doas configuration file.
+##
+## See the doas man page for the details on how to write a configuration file.
+##
+
+## Allow members of group wheel to execute any command
+permit persist :wheel
+
+## Same thing without a password
+#permit nopass :wheel
+
+## Allow tedu to run procmap as root without a password
+#permit nopass tedu as root cmd /usr/sbin/procmap
+
+## Allow members of group power to execute power commands
+permit nopass :power cmd openrc-shutdown
+permit nopass :power cmd runit-halt
+permit nopass :power cmd runit-shutdown
+permit nopass :power cmd halt
+permit nopass :power cmd poweroff
+permit nopass :power cmd reboot
+permit nopass :power cmd shutdown
+
+permit nopass user as root cmd reboot
+permit nopass user as root cmd poweroff
+
+## Allow root user to execute any command
+permit nopass root

nftables

@@ -0,0 +1,14 @@
+#!/bin/bash
+nft flush ruleset
+nft add table ip filter
+nft add chain ip filter INPUT { type filter hook input priority 0 \; policy accept \;   }
+nft add chain ip filter FORWARD { type filter hook forward priority 0 \; policy accept \;   }
+nft add chain ip filter OUTPUT { type filter hook output priority 0 \; policy accept \;   }
+#---------------------Type filter INPUT Chain (for ipv4)-----------------------------------------
+nft add rule ip filter INPUT iifname "lo" counter accept
+nft add rule ip filter INPUT ct state invalid counter drop
+nft add rule ip filter INPUT ct state {established, related} counter accept
+nft add rule ip filter INPUT iifname "ens33" ip saddr 192.168.8.235/24 tcp dport { 80,443} counter accept
+nft add rule ip filter INPUT iifname "ens33" ip saddr 192.168.8.235/24 udp dport 53 counter accept
+nft add rule ip filter INPUT ip protocol icmp counter drop
+nft add rule ip filter INPUT counter drop