7. Non-Root User

useradd -m -G wheel -s /bin/bash david && \
chmod u=rwx,og= /home/david && \
echo -e 'alias cp="cp -i"\nalias mv="mv -i"\nalias rm="rm -i"' >> /home/david/.bash_aliases && \
chown david:david /home/david/.bash_aliases && \
echo 'source "${HOME}/.bash_aliases"' >> /home/david/.bashrc && \
passwd david

echo "app-admin/sudo -sendmail" >> /etc/portage/package.use/main && \
emerge app-admin/sudo && \
{ [[ -d /etc/sudoers.d ]] || mkdir -m u=rwx,g=rx,o= /etc/sudoers.d; } && \
echo "%wheel ALL=(ALL) ALL" | EDITOR="tee" visudo -f /etc/sudoers.d/wheel && \
echo -e "\e[1;32mSUCCESS\e[0m"

mkdir -m 0700 /home/david/.ssh && \
echo "AddKeysToAgent no
HashKnownHosts no
StrictHostKeyChecking ask
VisualHostKey yes" > /home/david/.ssh/config && \
chown -R david:david /home/david/.ssh && \
echo -e "\e[1;32mSUCCESS\e[0m"

echo '
# Use fish in place of bash
# keep this line at the bottom of ~/.bashrc
if [[ -z ${chrooted} ]]; then
    if [[ -x /bin/fish ]]; then
        SHELL=/bin/fish exec /bin/fish
    fi
elif [[ -z ${chrooted_su} ]]; then
    export chrooted_su=true
    source /etc/profile && su --login --whitelist-environment=chrooted,chrooted_su
else
    env-update && source /etc/profile && export PS1="(chroot) $PS1"
fi' >> /root/.bashrc

emerge -at app-editors/vim app-vim/molokai && \
rsync -a /etc/portage/make.conf /etc/portage/._cfg0000_make.conf && \
sed -i 's/^USE="\([^"]*\)"$/USE="\1 vim-syntax"/' /etc/portage/._cfg0000_make.conf && \
echo "filetype plugin on
filetype indent on
set number
set paste
syntax on
colorscheme molokai

if &diff
  colorscheme murphy
endif" | tee -a /root/.vimrc >> /home/david/.vimrc  && \
chown david:david /home/david/.vimrc && \
eselect editor set vi && \
eselect vi set vim && \
env-update && source /etc/profile && export PS1="(chroot) $PS1" && \
echo -e "\e[1;32mSUCCESS\e[0m"

# If you have sufficient ressources and time, you may want to execute "emerge --oneshot dev-lang/rust" beforehand.
echo "app-shells/starship ~amd64" >> /etc/portage/package.accept_keywords/main && \
emerge app-shells/starship && \
{ [[ -d /home/david/.config ]] || mkdir --mode=0700 /home/david/.config; } && \
{ [[ -d /root/.config ]] || mkdir --mode=0700 /root/.config; } && \
touch /home/david/.config/starship.toml && \
chown -R david:david /home/david/.config && \
starship preset nerd-font-symbols | tee /root/.config/starship.toml > /home/david/.config/starship.toml && \
sed -i -e '/^\[hostname\]$/a format = "\[$hostname\](bold red) "' -e '/^\[hostname\]$/a ssh_only = false' /root/.config/starship.toml /home/david/.config/starship.toml && \
echo -e "\e[1;32mSUCCESS\e[0m"

echo "=dev-libs/libpcre2-$(qatom -F "%{PVR}" "$(portageq best_visible / dev-libs/libpcre2)") pcre32" >> /etc/portage/package.use/main && \
echo "app-shells/fish ~amd64" >> /etc/portage/package.accept_keywords/main && \
emerge app-shells/fish && \
rsync -a /etc/portage/make.conf /etc/portage/._cfg0000_make.conf && \
sed -i 's/^USE="\([^"]*\)"$/USE="\1 fish-completion"/' /etc/portage/._cfg0000_make.conf && \
echo '
# Use fish in place of bash
# keep this line at the bottom of ~/.bashrc
if [[ -x /bin/fish ]]; then
    SHELL=/bin/fish exec /bin/fish
fi' >> /home/david/.bashrc && \
echo -e "\e[1;32mSUCCESS\e[0m"

emerge media-libs/fontconfig && \
su -l david -c "curl --proto '=https' --tlsv1.3 -fsSL -o /tmp/FiraCode.tar.xz https://github.com/ryanoasis/nerd-fonts/releases/download/v3.1.1/FiraCode.tar.xz" && \
b2sum -c <<<"34357792d6ca682eed0a70ffe7d7dc95a74ef7bdbb44ab6067f0bfe0fcff90d7517008bb043097ec389aca5875a18040b6472b29259baf5c2cf2e01c6ec6b8b9  /tmp/FiraCode.tar.xz" && \
mkdir /tmp/FiraCode && \
tar -C /tmp/FiraCode/ -xf /tmp/FiraCode.tar.xz && \
mkdir /usr/share/fonts/nerd-firacode && \
rsync -a --chown=0:0 --chmod=a=r /tmp/FiraCode/*.ttf /usr/share/fonts/nerd-firacode/ && \
echo -e "\e[1;32mSUCCESS\e[0m"