Scripts Overview
All scripts live in the scripts/ directory of the repository. They are numbered to indicate the recommended run order.
Run Order
| Script | Purpose | Run As |
|---|---|---|
00-setup-vault.sh | First-time LUKS2 encrypted vault creation | bash |
01-thermal-setup.sh | Critical — fix fan/thermal control | sudo bash |
02-wifi-firmware.sh | Wi-Fi & Bluetooth firmware management | bash |
03-optimise.sh | System-wide post-install optimisation | sudo bash |
04-bootloader.sh | Limine management & rEFInd dual-boot | sudo bash |
05-mount-vault.sh | Unlock and mount the code vault | bash |
06-unmount-vault.sh | Lock and unmount the code vault | bash |
Design Principles
All scripts follow these conventions:
#!/usr/bin/env bash— always run under bash, never rely on the calling shellset -euo pipefail— exit on error, undefined variables, or pipe failuresfindinstead of globs — glob patterns (applesmc.*) fail in fish shell when called viasudo bash; all path discovery usesfind- No
sudo -ufor AUR helpers —paru/yaymust run as the normal user; calling them viasudo -uinside a sudo session hangs indefinitely - Idempotent — safe to run multiple times; existing configs are backed up, not overwritten blindly
- Colour output — consistent
[OK],[INFO],[WARN],[ERROR]prefixes
Shell Compatibility Note
Scripts are invoked with sudo bash scripts/01-thermal-setup.sh — always specify bash explicitly. If you use fish shell and run sudo scripts/01-thermal-setup.sh without the bash, fish will try to execute it directly and glob patterns may still cause issues even with the shebang present.