# Miasma OS Installer

Opinionated Arch Linux installer built with Go and Bubble Tea TUI framework.
This installer creates a security-hardened, immutable Miasma OS with Cosmic Desktop.

## Features

- **Filesystem**: btrfs with optimized subvolume layout and snapshots
- **Desktop**: Cosmic Desktop (Rust-based, memory-safe)
- **Kernel**: linux-hardened for security
- **Encryption**: LUKS2 by default (optional)
- **Boot**: UEFI only (systemd-boot) with Secure Boot support
- **Configuration**: Generates archinstall-compatible JSON configuration files
- **Security**: 
  - OpenDoas instead of sudo
  - Firejail and AppArmor for application containerization
  - nftables firewall with restrictive defaults
  - hardened-malloc from GrapheneOS
  - XWayland-Satellite for better X11 app isolation
- **Additional Features**:
  - Chromium with Wayland support
  - Neovim with LazyVim configuration
  - Kanagawa Dragon theme everywhere
  - Alacritty terminal emulator
  - Zsh shell with Oh My Zsh

## Quick Install

Boot into Arch Linux installation media and run:

```bash
curl -fsSL https://install.miasma-os.com | sh
```

Or manually:

```bash
# Download and run installer
curl -fsSL https://git.miasma-os.com/miasma/miasma-installer/releases/latest/download/miasma-installer -o miasma-installer
chmod +x miasma-installer
sudo ./miasma-installer
```

## Configuration Files

The installer generates archinstall-compatible configuration files:
- `user_configuration.json` - System configuration (disk layout, packages, services, etc.)
- `user_credentials.json` - User credentials (passwords, encryption keys)

These files are saved to `/var/log/archinstall/` on the installed system for reference and reproducibility.

## Development

### Prerequisites

- Go 1.25.2 or later
- Arch Linux (for testing)

### Building

```bash
# Build binary
make build

# Build release binary (stripped, static)
make release

# Install to /usr/local/bin
make install

# Run directly
make run
```

### Testing

```bash
# Run all tests
make test

# Format code
make fmt

# Lint
make vet
```

## Project Structure

```
.
├── config/          # Installation configuration and archinstall JSON generation
├── scripts/         # Post-install shell scripts
├── overlay/         # System overlays (Arkdep-like approach)
├── tui/
│   ├── model.go     # Root state machine
│   ├── steps/       # Installation step models
│   └── styles/      # Shared UI styles
├── install.sh       # Bootstrap script for curl | sh installation
└── main.go          # Entry point
```

## Post-Install Scripts

Custom shell scripts in `scripts/` run after archinstall completes:

- `01-cosmic-setup.sh` - Cosmic Desktop configuration
- `02-hardening.sh` - System hardening tweaks
- `03-miasma-features.sh` - Additional Miasma OS features

Scripts execute in alphabetical order.

## License

MIT