Hello gentoomen, I am transitioning from Arch to Gentoo on my new rig and with the combination of systemd + LUKS/LVM, and being my first time, I knew this would get confusing so I spent some time trying to plan it out.
Now I ask of you to peer review it and help me ascend on my glorious journey, any suggestions or recommendations are welcome. Thank you.
___________________________________________________________________________
This is for: UEFI, Ethernet, Luks on LVM, and systemd.
Hardware:- Intel i7-6700k
- Nvidia GTX 980TI
- 16Gb RAM
- Samsung 500Gb SSD
- Western Digital 2Tb HDD
___________________________________________________________________________
Here is my game plan:
Device Graph
Mount Graph
*Slightly different from pics (eg. /boot/efi)
- Encrypted LVM vgs w/ keyfiles
- SSH (or VNC)
- Decrease boot time
- Mail Server
- Gaming Rig
- Bitcoin mining
- WM ricing
___________________________________________________________________________
Parts that I know are wrong and I need guidance for:
- saving keyfiles
- Installing systemd instead of OpenRC.
Edit: After adding in the systemd componenets I am 100 uncomfortable with how this is set as it feels mangled.
___________________________________________________________________________
Check Connection:
Code:
# ping -c 3 gentoo.com
Check UEFI:
Code:
# ls /sys/firmware/efi/efivars
Partitioning:
Code:
# parted /dev/sda
# (parted) mklabel gpt
# (parted) mkpart ESP fat32 1MiB 513MiB
# (parted) set 1 boot on
# (parted) mkpart primary ext4 513MiB 100
# parted /dev/sdb
# (parted) mkpart primary ext4 1MiB 100%
LVM:
Code:
# vgcreate /dev/sda2 ssd
# vgcreate /dev/sdb1 hdd
# lvcreate -n virtualmachines -L 240G ssd
# lvcreate -n games -l 100%FREE ssd
# lvcreate -n root -L 5G hdd
# lvcreate -n usr -L 15G hdd
# lvcreate -n var -L 20G hdd
# lvcreate -n swap -L 8G hdd
# lvcreate -n home -l 100%FREE hdd
# dd if=/dev/urandom bs=32 count=4098 of=./home.key
# !!- of=./virtualmachines.key
# !!- of=./games.key
# !!- of=./swap.key
# !!- of=./usr.key
# !!- of=./var.key
# cryptsetup luksFormat --cipher=serpent-xts-plain64:sha512 --hash=whirlpool --key-size=512 --key-file=./virtualmachines.key /dev/mapper/ssd-virtualmachines
# cryptsetup luksFormat --cipher=serpent-xts-plain64:sha512 --hash=whirlpool --key-size=512 --key-file=./home.key /dev/mapper/hdd-home
# cryptsetup luksFormat --cipher=serpent-xts-plain64:sha512 --hash=whirlpool --key-size=512 --key-file=./games.key /dev/mapper/ssd-games
# cryptsetup luksFormat --cipher=serpent-xts-plain64:sha512 --hash=whirlpool --key-size=512 /dev/mapper/hdd-root
# cryptsetup luksFormat --cipher=serpent-xts-plain64:sha512 --hash=whirlpool --key-size=512 --key-file=./swap.key /dev/mapper/hdd-swap
# cryptsetup luksFormat --cipher=serpent-xts-plain64:sha512 --hash=whirlpool --key-size=512 --key-file=./usr.key /dev/mapper/hdd-usr
# cryptsetup luksFormat --cipher=serpent-xts-plain64:sha512 --hash=whirlpool --key-size=512 --key-file=./var.key /dev/mapper/hdd-var
Unlock:
Code:
# cryptsetup luksOpen --key-file=./virtualmachines.key /dev/mapper/ssd-virtualmachines virtualmachines
# cryptsetup luksOpen --key-file=./home.key /dev/mapper/hdd-home home
# cryptsetup luksOpen --key-file=./games.key /dev/mapper/ssd-games games
# cryptsetup luksOpen /dev/mapper/hdd-root root
# cryptsetup luksOpen --key-file=./swap.key /dev/mapper/hdd-swap swap
# cryptsetup luksOpen --key-file=./usr.key /dev/mapper/hdd-usr usr
# cryptsetup luksOpen --key-file=./var.key /dev/mapper/hdd-var var
// Dont know how and where keyfiles should be saved.
Format:
Code:
# dd if=/dev/zero of=/dev/sda1 bs=1M
# mkfs.fat -F32 /dev/sda1
# mkfs.btrfs /dev/mapper/{root,usr,var}
# mkfs.xfs /dev/mapper/{games,home,virtualmachines}
# mkswap /dev/mapper/swap
# swapon /dev/mapper/swap
// Not sure at what point /tmp should come in and be formatted as /tmpfs
Mount:
Code:
# mount /dev/mapper/root /mnt/gentoo
# mkdir -p /mnt/gentoo/boot; mount /dev/sda1 /mnt/gentoo/boot
# mkdir -p /mnt/gentoo/usr; mount /dev/mapper/usr /mnt/gentoo/usr
# mkdir -p /mnt/gentoo/var; mount /dev/mapper/var /mnt/gentoo/var
# mkdir -p /mnt/gentoo/home/; mount /dev/mapper/home /mnt/gentoo/home
# mkdir -p /mnt/gentoo/home/artificial/{virtualmachines,games}
# mount /dev/mapper/virtualmachines /mnt/gentoo/home/artificial/VMs
# mount /dev/mapper/games /mnt/gentoo/home/artificial/Games
Setting time and date:
Downloading the stage tarball:
Code:
# cd /mnt/gentoo
# links https://www.gentoo.org/downloads/mirrors/
// D to download tarball, Q to quit
Unpacking the stage tarball:
Code:
# tar xvjpf stage3*.tar.bz2 -xattrs
Configure compile options:
Code:
# nano -w /mnt/gentoo/etc/portage/make.conf
> CFLAGS=-march=native -O2 -pipe
> CXXFLAGS=${CFLAGS}
> MAKEOPTS="-j9"
> VIDEO_CARDS="intel nvidia"
Selecting mirrors:
Code:
# mirrorselect -i -o >> /mnt/gentoo/etc/portage/make.conf
# mkdir /mnt/gentoo/etc/portage/repos.conf
# cp /mnt/gentoo/usr/share/portage/config/repos.conf /mnt/gentoo/etc/portage/repos.conf/gentoo.conf
# cat /mnt/gentoo/etc/portage/repos.conf/gentoo.conf
> [gentoo]
> location = /usr/portage
> sync-type = rsync
> sync-uri = rsync://rsync.gentoo.org/gentoo-portage
> auto-sync = yes
Copy DNS info:
Code:
# cp -L /etc/resolv.conf /mnt/gentoo/etc
Mounting the necessary filesystems:
Code:
# mount -t proc proc /mnt/gentoo/proc
# mount --rbind /sys /mnt/gentoo/sys
# mount --make-rslave /mnt/gentoo/sys
# mount --rbind /dev /mnt/gentoo/dev
# mount --make-rslave /mnt/gentoo/dev
Entering the new environment:
Code:
# chroot /mnt/gentoo /bin/bash
# source /etc/profile
# export PS1=(chroot) $PS1
Installing a portage snapshot:
Code:
# emerge-webrsync
# emerge --sync
Reading news items:
Code:
# eselect news list
# eselect news read
# eselect news purge
Choosing the right profile:
Code:
# eselect profile list
# eselect profile set <insert # here>
// At this point it tells me to look at the systemd page, but its not a continuation of this guide so it confuses me somewhat.
Time:
Code:
# echo America/Los_Angeles > /etc/timezone
# emerge --config sys-libs/timezone-data
Locale:
Code:
# nano -w /etc/locale.gen
# locale-gen
# locale -a
# eselect locale list
# eselect locale set <insert # here>
# env-update && source /etc/profile && export PS1=(chroot) $PS1
Installing the sources:
Code:
# emerge --ask sys-kernel/gentoo-sources
# ls -l /usr/src/linux
// I decided against the hardened kernel as it causes too many problems with Steam.
Intro to manual kernal configuration:
Code:
# emerge --ask sys-apps/pciutils
# cd /usr/src/linux
# make menuconfig
Required options:
http://i.imgur.com/uTpSmdW.png
Architecture specific kernel configuration:
http://i.imgur.com/TwGDoM9.png
Systemd required kernel configuration:
http://i.imgur.com/jfE5l4b.png
http://cgit.freedesktop.org/systemd/...ree/README#n36
Compiling and installing:
Code:
# make -j9 && make modules_install -j9
# make install
# mkdir -p /boot/efi/boot
# cp /boot/vmlinuz-* /boot/efi/bootx64.efi
The /etc/mtab:
Code:
# ln -sf /proc/self/mounts /etc/mtab
Initramfs:
Code:
# emerge --ask sys-kernel/genkernel-next
# nano /etc/genkernel.conf
> UDEV="yes"
# genkernel --install initramfs
# genkernel --install all
# genkernel --udev --lvm --luks --disklabel initramfs
**// systemd page says 'genkernel --install all', but is that necessary?**
Configuring the modules:
Code:
// Replace <kernel version> w/ version.
# find /lib/modules/<kernel version>/ -type f -iname *.o -or -iname *.ko | less
# nano -w /etc/conf.d/modules
*modules=<insert necessary module here>*
# emerge ask sys-kernel/linux-firmware
Starting lvmetad daemon:
Code:
# nano /etc/lvm/lvm.conf
> use_lvmetad = 1
Systemd installation:
Code:
# eselect profile list
# emerge -avDN @world
# emerge --deselect sys-fs/udev
Fstab:
Code:
# blkid
// Any reccomended options?
# nano -w /etc/fstab
Fstab table.
Code:
//Again not sure about /tmp, doesnt have partuuid what do I do?
Homenamectl:
Code:
# hostnamectl set-hostname tundra
The hosts file:
Code:
# nano -w /etc/hosts
127.0.0.1 tundra.localhost tundra localhost
Systemd-networkd:
Code:
# nano /etc/systemd/network/50-dhcp.network
> [Match]
> Name=enp0s31f6
>
> [Network]
> DHCP=yes
# ln -snf /run/systemd/resolve/resolve.conf /etc/resolv.conf
# systemctl enable systemd-resolved.service
# systemctl start systemd-resolved.service
Root password:
File indexing:
Code:
# emerge --ask sys-apps/mlocate
Filesystem tools:
Code:
# emerge --ask sys-fs/e2fsprogs sys-fs/xfsprogs sys-fs/dosfstools
Networking tools:
Code:
# emerge ask net-misc/dhcpcd
Installing GRUB2:
Code:
# echo GRUB_PLATFORMS=efi-64 >> /etc/portage/make.conf
# emerge --ask sys-boot/grub
Configuring GRUB2:
Code:
# grub2-install --target=x86_64-efi efi-directory=/boot
# grub2-mkconfig -o /boot/grub/grub.cfg
// Output must say that at least one Linux image is found.
# nano /etc/default/grub
> GRUB_CMDLINE_LINUX="init=/usr/lib/systemd/systemd"
Crypttab:
Code:
# nano /etc/crypttab
Crypttab table.
Rebooting the system:
Code:
# exit
# cd
# umount -l /mnt/gentoo/dev{/shm,/pts,}
# umount /mnt/gentoo{/boot,/sys,/proc,}
# reboot
# pray
User administration:
Code:
# useradd -m -G users,wheel,audio,games,portage,usb,video,wheel -s /bin/bash artificial
# passwd artificial
Disk cleanup:
Code:
# rm /stage3-*.tar.bz2
Activating lvm
Code:
# systemctl enable lvm2-monitor.service
___________________________________________________________________________
Edit: Added tmp to fstab, added systemd kernel config, changed initramfs, added LVM daemon, added systemd to GRUB2 config, added root & user passwd, added hostnamectl commands, added systemd installation, added systemd-networkd, removed /tmp as systemd automatically sets it, added Activating lvm, added updated systemd requirements, added VIDEO_CARDS variable to make.conf, removed init & boot config, system loggers, and cron daemon sections, switched the hostname for hostnamectl commands, switched networking config commands.
