diff --git a/elfLaptop.sh b/elfLaptop.sh
index ba7294c..8fab2e4 100644
--- a/elfLaptop.sh
+++ b/elfLaptop.sh
@@ -18,6 +18,18 @@ function run(){
 
 echo "" >install.log
 
+echo -n "disk encryption password: "
+read -s PASS
+echo
+echo -n "retype password: "
+read -s PASSRE
+echo
+
+if [ "$PASS" != "$PASSRE" ]; then
+  echo "password do not match"
+  exit
+fi
+
 echo
 echo === setup localisation
 echo
@@ -30,46 +42,29 @@ echo === setup partitions
 echo
 
 run "applly partion table"        "sfdisk $DISK <./elfLaptop.sfdisk"	
-
-#echo -n "disk encryption password: "
-#read -s PASS
-#echo
-#echo -n "retype password: "
-#read -s PASSRE
-#echo
-
-#if [ "$PASS" != "$PASSRE" ]; then
-#  echo "password do not match"
-#  exit
-#fi
-#echo
-
 run "format boot partition"       "mkfs.fat -F 32 ${DISK}1"
 run "format swap partition"       "mkswap ${DISK}2"
-#echo -n "$PASS" >keyfile.luks
-#run "encrypt root partition"      "cryptsetup luksFormat --batch-mode --key-file keyfile.luks ${DISK}3"     "rm keyfile.luks"
-#run "map root partitaion"         "cryptsetup open --batch-mode --key-file keyfile.luks ${DISK}3 cryptroot" "rm keyfile.luks"
-#rm keyfile.luks
-#run "format root partition"       "mkfs.btrfs /dev/mapper/cryptroot"
-run "format root partition"       "mkfs.ext4 ${DISK}3"
+echo -n "$PASS" >keyfile.luks
+run "encrypt root partition"      "cryptsetup luksFormat --batch-mode --key-file keyfile.luks ${DISK}3"     "rm keyfile.luks"
+run "map root partitaion"         "cryptsetup open --batch-mode --key-file keyfile.luks ${DISK}3 cryptroot" "rm keyfile.luks"
+rm keyfile.luks
+run "format root partition"       "mkfs.btrfs /dev/mapper/cryptroot"
 
-#run "mount root partition"        "mount /dev/mapper/cryptroot /mnt"
-#run "create root btrfs subvolume" "btrfs subvolume create /mnt/@"
-#run "create home btrfs subvolume" "btrfs subvolume create /mnt/@home"
-#run "unmount btrfs"               "umount /mnt"
-#run "mount root subvolume"        "mount -o subvol=@ /dev/mapper/cryptroot /mnt"
-run "mount root partition"        "mount ${DISK}3 /mnt"
+run "mount root partition"        "mount /dev/mapper/cryptroot /mnt"
+run "create root btrfs subvolume" "btrfs subvolume create /mnt/@"
+run "create home btrfs subvolume" "btrfs subvolume create /mnt/@home"
+run "unmount btrfs"               "umount /mnt"
+run "mount root subvolume"        "mount -o subvol=@ /dev/mapper/cryptroot /mnt"
 run "mount boot partition"        "mount --mkdir ${DISK}1 /mnt/boot"
-#run "mount home subvolume"        "mount --mkdir -o subvol=@home /dev/mapper/cryptroot /mnt/home"
+run "mount home subvolume"        "mount --mkdir -o subvol=@home /dev/mapper/cryptroot /mnt/home"
 run "enable swap"                 "swapon ${DISK}2"
 
 echo
 echo === install arch
 echo
 
-#run "install base of arch"        "pacstrap /mnt base linux linux-firmware grub efibootmgr"
 run "install base of arch"        "pacstrap /mnt base linux linux-firmware"
-#run "intall utitlities"           "pacstrap /mnt btrfs-progs man vim"
+run "intall utitlities"           "pacstrap /mnt btrfs-progs man vim sudo"
 run "generate fstab"              "genfstab -U /mnt >>/mnt/etc/fstab"
 run "copy in-root script"         "cp in-root.sh /mnt/root"
 
@@ -77,4 +72,11 @@ echo
 echo === chroot config
 echo
 
-arch-chroot /mnt bash /root/in-root.sh "$HOSTNAME" "$DISK"
+arch-chroot /mnt bash /root/in-root.sh "$HOSTNAME" "$DISK" || exit
+
+run "umount drives"               "umount -R /mnt"
+run "close cryptroot"             "cryptsetup close cryptroot"
+run "reboot"                      "shutdown -r now"
+
+
+
diff --git a/in-root.sh b/in-root.sh
index dc9e937..d1a2209 100644
--- a/in-root.sh
+++ b/in-root.sh
@@ -18,6 +18,18 @@ function run(){
 
 echo >install.log
 
+echo -n "password for freenen: "
+read -s PASS
+echo
+echo -n "retype password: "
+read -s PASSRE
+echo
+
+if [ "$PASS" != "$PASSRE" ]; then
+  echo "password do not match"
+  exit
+fi
+echo
 
 run "set timezone"                "ln -sf /usr/share/zoneinfo/Europe/Amsterdam /etc/localtime"
 run "set hwclock to UTC"          "hwclock --systohc"
@@ -33,12 +45,33 @@ run "config initramfs"            "sed --in-place -e 's/HOOKS=(.*)/HOOKS=(base u
 run "generate initramfs"          "mkinitcpio -P"
 
 DISKUUID=$(blkid --output export ${DISK}3 | grep '^UUID' | sed 's/UUID=//')
-run "run grub-install"            "grub-install --target=x86_64-efi --bootloader-id=GRUB --efi-directory=/boot"
-run "grub: enable crypt disk"     "sed --in-place -E -e 's/#?GRUB_ENABLE_CRYPTODISK=(.*)/GRUB_ENABLE_CRYPTODISK=y/' /etc/default/grub"
-run "grub: crypt disk map"        "sed --in-place -E -e 's/#?GRUB_CMDLINE_LINUX=\"(.*)\"/GRUB_CMDLINE_LINUX=\"\/dev\/disk\/by-uuid\/${DISKUUID}:cryptroot \1\"/' /etc/default/grub"
-run "make grub config"            "grub-mkconfig -o /boot/grub/grub.cfg"
+run "install systemd-boot"        "bootctl install"
+run "create boot config for main"  "cat >/boot/loader/entries/arch.conf <<EOF
+title      Elf OS
+linux      /vmlinuz-linux
+initrd     /initramfs-linux.img
+options    cryptdevice=UUID=$DISKUUID:cryptroot:allow-discards root=/dev/mapper/cryptroot rootflags=subvol=@ rd.luks.options=discard rw
+EOF
+"
+run "create boot config for fallback" "cat >/boot/loader/entries/arch-fallback.conf <<EOF
+title      Elf OS fallback
+linux      /vmlinuz-linux
+initrd     /initramfs-linux-fallback.img
+options    cryptdevice=UUID=$DISKUUID:cryptroot:allow-discards root=/dev/mapper/cryptroot rootflags=subvol=@ rd.luks.options=discard rw
+EOF
+"
+run "create main boot config"     "cat >/boot/loader/loader.conf <<EOF
+default      arch.conf
+timeout      4
+console-mode max
+editor       no
+EOF
+"
 
 run "add .ssh dir to skel"        "mkdir /etc/skel/.ssh"
-run "create user"                 "useradd --home-dir /home/mreenen --create-home --skel /etc/skel mreenen"
-run "touch authoized keys"        "touch /home/mreenen/.ssh/authorized_keys"
-run "add sshkeys for new user"    "curl -o /home/mreenen/.ssh/authorized_keys https://github.com/MReenen.keys"
+run "create user"                 "useradd --home-dir /home/freenen --create-home --skel /etc/skel freenen"
+run "set password for user"       "echo \"freenen:$PASS\" | chpasswd" 
+run "add user to sudoers"         "echo \"freenen ALL=(ALL:ALL) ALL\" >>/etc/sudoers"
+run "touch authoized keys"        "touch /home/freenen/.ssh/authorized_keys"
+run "add sshkeys for new user"    "curl -o /home/freenen/.ssh/authorized_keys https://github.com/FReenen.keys"
+