Gentoo > Install with kernel from git and encrypted root

• Specs
  • fdisk
  • blkid
• Partitioning
• Setup encrypted partition
• make.conf packages
• chroot
• Merge packages
• Locales
• Kernel
• Install refind
• fstab
• systemd shenanigans
• Profit!

Specs

fdisk

# fdisk -l
Disk /dev/vda: 50 GiB, 53687091200 bytes, 104857600 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: FEF7635E-09CE-432D-8B9F-AE5CCC15BAEC

Device       Start       End   Sectors  Size Type
/dev/vda1     2048   1048575   1046528  511M EFI System
/dev/vda2  1048576 104855551 103806976 49.5G Linux filesystem


Disk /dev/mapper/root: 49.48 GiB, 53132394496 bytes, 103774208 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes

blkid

# blkid
/dev/sr0: BLOCK_SIZE="2048" UUID="2023-10-29-18-19-52-00" LABEL="ISOIMAGE" TYPE="iso9660" PTTYPE="PMBR"
/dev/mapper/root: UUID="ac341127-d5e9-4d46-89a2-53fae8d3a8ea" BLOCK_SIZE="4096" TYPE="ext4"
/dev/vda2: UUID="b430ed15-fa47-4161-ba3d-61414cecf6bc" TYPE="crypto_LUKS" PARTLABEL="rootfs" PARTUUID="460033e7-1091-4641-aff4-6f170d39513f"
/dev/vda1: UUID="549E-9AD9" BLOCK_SIZE="512" TYPE="vfat" PARTLABEL="efi" PARTUUID="1321cd87-1b99-459a-aa86-bf3afd520854"

Partitioning

parted -a optimal --script /dev/vda -- \
mklabel gpt \
unit mib \
mkpart primary 1 512 \
name 1 efi \
set 1 boot on \
mkpart primary 512 -1 \
name 2 rootfs

Setup encrypted partition

cryptsetup luksFormat /dev/vda2
cryptsetup luksOpen /dev/vda2 root

mkfs.fat -F 32 /dev/vda1
mkfs.ext4 /dev/mapper/root

mkdir -p /mnt/gentoo
mount /dev/mapper/root /mnt/gentoo
mount /dev/vda1 /mnt/gentoo/boot

cd /mnt/gentoo
curl -O "http://ftp.halifax.rwth-aachen.de/gentoo/releases/amd64/autobuilds/$(curl -sSf "http://ftp.halifax.rwth-aachen.de/gentoo/releases/amd64/autobuilds/latest-stage3.txt" | grep "stage3-amd64-systemd-mergedusr" | cut -d " " -f 1)"
tar xpvf stage3-*.tar.xz --xattrs-include='*.*' --numeric-owner

make.conf packages

vi /mnt/gentoo/etc/portage/make.conf

COMMON_FLAGS="-march=alderlake -O2 -pipe"
VIDEO_CARDS="intel"
GENTOO_MIRRORS="https://ftp.uni-hannover.de/gentoo/"
ACCEPT_LICENSE="*"
MAKEOPTS="-j24"

mkdir --parents /mnt/gentoo/etc/portage/repos.conf
cp /mnt/gentoo/usr/share/portage/config/repos.conf /mnt/gentoo/etc/portage/repos.conf/gentoo.conf
cp --dereference /etc/resolv.conf /mnt/gentoo/etc/

chroot

mount --types proc /proc /mnt/gentoo/proc
mount --rbind /sys /mnt/gentoo/sys
mount --make-rslave /mnt/gentoo/sys
mount --rbind /dev /mnt/gentoo/dev
mount --make-rslave /mnt/gentoo/dev
chroot /mnt/gentoo /bin/bash

source /etc/profile
export PS1="(chroot) ${PS1}"
```sh

```sh
passwd

Merge packages

emerge-webrsync
eselect news read

echo "sys-apps/systemd cryptsetup" > /etc/portage/package.use/crypt
echo "sys-fs/lvm2rlvm" >> /etc/portage/package.use/crypt

emerge --ask --verbose --update --deep --newuse --quiet-build @world
emerge --ask -n -j2 sys-kernel/linux-firmware eix vim dev-vcs/git refind efibootmgr lvm2 cryptsetup dracut virtual/libelf

Locales

vi /etc/locale.gen

en_US.UTF-8 UTF-8
de_DE.UTF-8 UTF-8

locale-gen

Kernel

cd ~
git clone https://codeberg.org/desolatorxxl/kernel-configs.git
git clone git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
cd linux
git checkout v6.6
~/kernel-config/workstation.sh

Install refind

refind-install

vi /boot/EFI/refind/refind.conf

textonly

vim /boot/refind_linux.conf

"Default" "rd.luks.name=b430ed15-fa47-4161-ba3d-61414cecf6bc=root root=/dev/mapper/root loglevel=3"

fstab

vi /etc/fstab

UUID=ac341127-d5e9-4d46-89a2-53fae8d3a8ea /     ext4 noatime  0 1
UUID="549E-9AD9"                          /boot vfat defaults 0 2

systemd shenanigans

systemctl preset-all --preset-mode=enable-only
systemd-machine-id-setup

Profit!

exit
umount -l /mnt/gentoo/dev{/shm,/pts,}
umount -R /mnt/gentoo
reboot

18:00 07.11.2023