Encrypted Gentoo Install (LVM,LUKS,Plymouth)

1. ## MoJo's Gentoo install with LUKS, LVM and EFI
2.  
3. Video Tutorial: https://youtu.be/IzUf-wFEirQ
4.  
5. ### Disk Preparation ###
6.  
7. fdisk -l
8. parted -a optimal /dev/sda
9. rm (all)
10. create:
11. 2M bios_grub
12. set bios_grub on
13. 512M bootable
14. set BOOT on
15. Fill rest with LVM
16. set lvm on
17. Exit
18.  
19. mkfs.fat -F32 /dev/sda1
20.  
21. ### LVM setup ###
22.  
23. cryptsetup -v -y -c aes-xts-plain64 -s 512 -h sha512 -i 5000 --use-random luksFormat /dev/sda3
24. type YES
25. Enter: passphrase
26. Verify
27.  
28. cryptsetup lucksDump /dev/sda3
29.  
30. cryptsetup luksOpen /dev/sda3 GentooPC
31. Enter passphrase
32.  
33. lvmdiskscan
34.  
35. pvcreate /dev/mapper/GentooPC
36.  
37. pvdisplay
38.  
39. vgcreate gentoo /dev/mapper/GentoPC
40.  
41. vgdisplay
42.  
43. lvcreate -C y -L 8G gentoo -n swap
44.  
45. lvcreate -L 50GB gentoo -n root
46.  
47. lvcreate -l +100%FREE gentoo -n home
48.  
49. lvdisplay
50.  
51. vgscan (may say running but disabled)
52.  
53. vgchange -ay (should say active now)
54.  
55. mkswap /dev/mapper/gentoo-swap
56. mkfs.ext4 /dev/mapper/gentoo-root
57. mkfs.ext4 /dev/mapper/gentoo-home
58.  
59. swapon /dev/mapper/gentoo-swap
60. mount /dev/mapper/gentoo-root /mnt/gentoo
61. mkdir /mnt/gentoo/boot
62. mkdir /mnt/gentoo/home
63. mount /dev/sda1 /mnt/boot
64. mount /dev/mapper/gentoo-home /mnt/gentoo/home
65.  
66. lsblk /dev/sda
67. Should print out schematic of lvm
68.  
69. ### Install Base System ###
70.  
71. cd /mnt/gentoo
72. links gentoo.org/main/en/mirrors.xml
73. download Stage3 tarball
74.  
75. tar xvjpf stage3...
76.  
77. nano -w /mnt/gentoo/etc/portage/make.conf
78. Set
79. CFLAGS="-march=native..."
80. ACCEPT_KEYWORDS="amd64"
81. MAKE_OPTS="jXX"
82.  
83. USE="cryptsetup crypt pulseaudio python icu networkmanager branding png jpeg bindist"
84.  
85. VIDEO_CARDS=""
86. ALSA_CARDS=""
87.  
88. PORTAGE_NICENESS=10
89.  
90. INPUT_DEVICES="evdev keyboard mouse"
91.  
92. mirrorselect -i -o >> /mnt/gentoo/etc/portage/make.conf
93.  
94. mkdir /mnt/gentoo/etc/portage/repos.conf
95. cp /mnt/gento/usr/share/portage/config/repos.conf /mnt/gentoo/etc/portage/repos.conf/gentoo.conf
96.  
97. cp -L /etc/resolve.conf /mnt/gentoo/etc/
98.  
99. mount -t proc none /mnt/gentoo/proc
100. mount --rbind /sys /mnt/gentoo/sys
101. mount --rbind /dev /mnt/gentoo/dev
102. mount --make-rslave /mnt/gentoo/sys
103. mount --make-rslave /mnt/gentoo/dev
104.  
105. ## Prepare chroot environment with lvmetad service (needed for grub-mkconfig when using lvm)
106. mkdir /mnt/gentoo/hostrun
107. mount --bind /run /mnt/gentoo/hostrun/
108.  
109. chroot /mnt/gentoo /bin/bash
110.  
111. source /etc/profile
112. export PS1="(chroot) $PS1"
113.  
114. # Now mount lvmetad service for grub-mkconfig
115. mkdir /run/lvm
116. mount --bind /hostrun /run/lvm/
117.  
118. emerge-webrsync
119.  
120. emerge --sync
121.  
122. emerge profile list
123. emerge profile set X
124.  
125. emerge -av vim terminus-font
126.  
127. setfont ter-v24b
128.  
129. emerge -av gentoo-sources genkernel-next plymouth
130.  
131. vim /etc/fstab
132. /dev/sda1 /boot ext2 noatime 0 2
133. /dev/mapper/gentoo-root / ext4 rw,relatime,data=ordered 0 1
134. /dev/mapper/gentoo-home /home ext4 rw,relatime,data=ordered 0 2
135. /dev/mapper/gentoo-swap none swap defaults 0 0
136.  
137. genkernel --makeopts=-j9 --menuconfig --lvm --luks all
138. lvm requirements
139. luks requirements (sha512,AES)
140.  
141. echo "sys-boot/grub mount device-mapper" > /etc/portage/package.use/grub
142.  
143. emerge -av grub gentoolkit
144.  
145. nano /etc/default/grub
146. GRUB_PRELOAD_MODULES=lvm
147. GRUB_ENABLE_CRYPTODISK=y
148. GRUB_DEVICE=/dev/ram0
149. GRUB_CMDLINE_LINUX="crypt_root=/dev/sda3 real_root=/dev/mapper/gentoo-root rootfstype=ext4 dolvm quiet splash"
150.  
151. grub-install --modules="linux crypto search_fs_uuid luks lvm" --recheck /dev/sda
152.  
153. if "could not prepare Boot variable: Read-only file system
154. mount | grep efivars
155. if ro,...
156. mount efivars /sys/firmware/efi/efivars -o remount,rw
157.  
158. grub-mkconfig -o /boot/grub/grub.cfg
159.  
160. passwd
161.  
162. useradd -m -G users,wheel,audio,video -s /bin/bash msjche
163. passwd msjche
164.  
165. rm stage...
166.  
167. echo "4n4rch14" > /etc/hostname
168. vim /etc/hosts
169. 4n4rchia localhost
170. ""
171.  
172. emerge -av syslog-ng cronie dhcpcd
173. rc-update add syslog-ng default
174. rc-update add cronie default
175. rc-update add sshd default
176. rc-update add lvm boot
177.  
178. # Networking
179.  
180. emerge -av wireless-tools linux-firmware net-tools app-text/tree
181.  
182. tree /sys/class/net
183.  
184. zgrep 'IWLWIFI\|IWLDVM\|IWLMVM' /proc/config.gz
185. * iwlwifi
186. M iwldvm
187. M iwlmvm
188.  
189. exit
190.  
191. umount -l /mnt/gentoo/dev{/shm,/pts,}
192. umount -R /mnt/gentoo
193.  
194. reboot
195.  
196. should see "Enter passphrase for /dev/sda2"
197.  
198. echo "SOLARIZED=TRUE" > /etc/eixrc/99-color
199. SOLARIZED=true
200.  
201. ## Updating Plymouth Theme
202.  
203. plymouth-set-default-theme --list
204. plymouth-set-default-theme set X
205.  
206. genkernel --luks --lvm initramfs
207. grub-mkconfig -o /boot/grub/grub.cfg