finish_gentoo_deployment_systemd

#here a gentoo install from ubuntu live system in a kvm VM.

sudo su
export DEBIAN_FRONTEND=noninteractive
setxkbmap de

#maybe it destroy too much.
blkdiscard /dev/vda
sgdisk --zap-all /dev/vda

sgdisk -n1:0:+100M -c 1:"EFI System Partition" -t 1:ef00 /dev/vda
sgdisk -n2:0:+2G -c 2:"Swap Partition" -t 2:8200 /dev/vda
sgdisk -n3:0:0 -c 3:"Linux /" -t 3:8300 /dev/vda

mkfs.vfat -F 32 /dev/vda1
mkswap /dev/vda2
swapon /dev/vda2
mkfs.xfs /dev/vda3

mkdir --parents /mnt/gentoo
mount /dev/vda3 /mnt/gentoo
mkdir -p /mnt/gentoo/tmp
chmod 1777 /mnt/gentoo/tmp

#IMPORTANT - need to check the file as required! maybe URL is outdated.
wget -c https://mirror.leaseweb.com/gentoo/releases/amd64/autobuilds/current-stage3-amd64-systemd/stage3-amd64-desktop-systemd-20230723T170155Z.tar.xz -O /root/stage3.tar.xz
tar --numeric-owner --xattrs -xvJpf /root/stage3.tar.xz -C /mnt/gentoo

rm /root/stage3.tar.xz

cat > /mnt/gentoo/etc/portage/make.conf << MAKECONF
COMMON_FLAGS="-march=native -O2 -pipe"
CFLAGS="${COMMON_FLAGS}"
CXXFLAGS="${COMMON_FLAGS}"
FCFLAGS="${COMMON_FLAGS}"
FFLAGS="${COMMON_FLAGS}"

### PORTAGE OPTS ###
MAKEOPTS="-j2 -l2"
PORTAGE_NICENESS="1"
EMERGE_DEFAULT_OPTS="--jobs=2 --with-bdeps y --complete-graph-if-new-use y"
FEATURES="candy fixlafiles unmerge-orphans parallel-fetch parallel-install"

USE="systemd kvm qemu spice iscsi ssh fuse acl networkmanager dbus script tools pkcs11 mount -elogind"

ACCEPT_LICENSE="*"

PORTDIR="/var/db/repos/gentoo"
DISTDIR="/var/cache/distfiles"
PKGDIR="/var/cache/binpkgs"

LC_MESSAGES=C

GRUB_PLATFORMS="emu efi-32 efi-64 pc"
#GRUB_PLATFORMS="efi-64"
MAKECONF

echo "DESKTOP-`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 9 | head -n 1`" > /mnt/gentoo/etc/hostname

cat > /mnt/gentoo/etc/resolv.conf << NETWORK
nameserver 127.0.0.53
options edns0 trust-ad
search martin.ads
NETWORK

mount --types proc /proc /mnt/gentoo/proc
mount --rbind /sys /mnt/gentoo/sys
mount --make-rslave /mnt/gentoo/sys
mount --rbind /dev /mnt/gentoo/dev
mount --make-rslave /mnt/gentoo/dev
mount --bind /run /mnt/gentoo/run
mount --make-slave /mnt/gentoo/run

test -L /dev/shm && rm /dev/shm && mkdir /dev/shm
mount --types tmpfs --options nosuid,nodev,noexec shm /dev/shm
chmod 1777 /dev/shm /run/shm

chroot /mnt/gentoo /bin/env -i TERM=$TERM /bin/bash

source /etc/profile
export PS1="(chroot) $PS1"

mount /dev/vda1 /boot


emerge-webrsync

## IMPORTANT! need to double check here. Profile 21 is default/linux/amd64/17.1/systemd (stable)
#eselect profile list
#eselect profile set 21

prof=`eselect profile list|grep systemd|grep stable|grep -v desktop|awk -F" " '{print $1}'|sed 's/\[//'|sed 's/\]//'|head -n 1`
eselect profile set "$prof"


##QEMU / KVM SETUP

cat > /etc/portage/package.use/qemu-kvm << QEMU
app-emulation/qemu QEMU_SOFTMMU_TARGETS: arm x86_64 sparc QEMU_USER_TARGETS: x86_64
app-emulation/qemu usbredir
app-emulation/libvirt pcap virt-network numa fuse macvtap vepa qemu
QEMU


emerge  --verbose --update --deep --newuse @world


emerge -v --autounmask-write --ask --newuse --deep \
app-portage/cpuid2cpuflags sys-boot/grub app-editors/vim net-misc/wget net-wireless/wpa_supplicant app-emulation/libvirt \
sys-kernel/linux-firmware sys-kernel/gentoo-sources sys-kernel/genkernel sys-fs/e2fsprogs sys-fs/dosfstools net-dns/dnsmasq \
sys-apps/pciutils sys-fs/xfsprogs app-arch/dump sys-fs/xfsdump net-misc/networkmanager sys-apps/mlocate sys-boot/grub sys-boot/os-prober


#dispatch-conf on error and repeat

echo "*/* $(cpuid2cpuflags)" > /etc/portage/package.use/00cpu-flags

ln -sf ../usr/share/zoneinfo/Europe/Brussels /etc/localtime

cat > /etc/locale.gen << LANGGEN
en_US ISO-8859-1
en_US.UTF-8 UTF-8
de_DE ISO-8859-1
de_DE.UTF-8 UTF-8
LANGGEN

locale-gen

qcat > /etc/env.d/02locale << LANGGENB
LANG="de_DE.UTF-8"
LC_COLLATE="C.UTF-8"
LANGGENB

eselect locale set 6

cat >> /etc/conf.d/keymaps << KEYM
keymap="de"
extended_keymaps=""
windowkeys= "YES"
dumpkeys_charset=""
fix_euro="NO"
KEYM

env-update && source /etc/profile && export PS1="(chroot) ${PS1}"


eselect kernel set 1


##Gentoo - systemd specifics
ln -sf /proc/self/mounts /etc/mtab

mkdir -p /etc/modules-load.d

genkernel --virtio --install --loglevel 5 --module-rebuild all

emerge --ask --changed-use --deep @world

echo /dev/disk/by-uuid/$(blkid -s UUID -o value /dev/vda1) /boot vfat defaults,noatime 0 2 > /etc/fstab
echo /dev/disk/by-uuid/$(blkid -s UUID -o value /dev/vda2) none swap sw 0 0 >> /etc/fstab
echo /dev/disk/by-uuid/$(blkid -s UUID -o value /dev/vda3) / xfs noatime 0 1 >> /etc/fstab


cat >> /etc/conf.d/net << NETWORKB
dns_domain_lo="WORKGROUP"
NETWORKB

#emerge  net-misc/dhcpcd
#systemctl enable dhcpcd
#systemctl start dhcpcd

#on error maybe "dispatch-conf"

systemctl enable NetworkManager

#enable weak passwords
cat >  /etc/security/passwdqc.conf  << PASS
#min=disabled,24,11,8,7
#passphrase=3
#match=4
#similar=deny
#enforce=everyone

min=1,1,1,1,1
max=72
passphrase=0
match=0
similar=permit
random=47
enforce=none
retry=3
PASS

echo 'root:p@ssw0rd'|chpasswd
useradd -m -G users,wheel,kvm,video,audio -s /bin/bash serveradmin
echo 'serveradmin:p@ssw0rd'|chpasswd


systemctl enable sshd

#cat >> /etc/inittab << INITFILE
# SERIAL CONSOLES
#s0:12345:respawn:/sbin/agetty 9600 ttyS0 vt100
#s1:12345:respawn:/sbin/agetty 9600 ttyS1 vt100
#INITFILE

systemctl enable getty@tty1.service

cat > /etc/libvirt/libvirtd.conf << LIBVIRT
auth_unix_ro = "none"
auth_unix_rw = "none"
unix_sock_group = "wheel"
unix_sock_ro_perms = "0777"
unix_sock_rw_perms = "0770"
LIBVIRT


mkdir -p /etc/tools/


cat > /etc/tools/update << UPDATESCRIPT
emerge --sync
emerge -avDuU @world
glsa-check -t affected
UPDATESCRIPT

chmod +x /etc/tools/update
ln -sfn /etc/tools/update /bin/update


grub-install --target=x86_64-efi --efi-directory=/boot --removable


grub-mkconfig -o /boot/grub/grub.cfg

#more systemd specifics
systemd-firstboot --prompt --setup-machine-id

emerge -avDuN @world
emerge --depclean


exit
cd
umount -l /mnt/gentoo/dev{/shm,/pts,}
mount -R /mnt/gentoo
reboot