gentoo-install/README.md

## About gentoo-install

This is an installer for gentoo with a simple configuration TUI inspired by menuconfig.
The configurator is only used to generate a `gentoo.conf` file, which can also be
edited by hand, or reused later if desired. An example configuration is provided with the repository.

The installer supports the most common disk layouts, different file systems like ext4, ZFS and btrfs as well
as additional layers such as LUKS or mdraid. It also supports both EFI (recommended) and BIOS boot,
and can be used with systemd or OpenRC as the init system.

![](contrib/screenshot_configure.png)

## Quick start

First, boot into a live environment of your choice. I recommend using an [Arch Linux](https://www.archlinux.org/download/) live iso,
as the installer will then be able to automatically download required programs or setup zfs support on the fly. After that,
proceed with the following steps:

1. Either clone this repo or download and extract a copy
1. Run `./configure` and save your desired configuration
1. Begin installation using `./install`

Every option is explained in detail in `gentoo.conf.example` and in the help menu popups in the configurator.
When installing, you will be asked to review the partitioning before anything critical is done.

## Overview

The system will use `sys-kernel/gentoo-kernel-bin`, which should be suitable
to boot most systems out of the box. It is strongly recommend to replace this kernel
with a custom built one, when the system is functional.

The installer should be able to run without any user supervision after partitioning, but depending
on the current state of the gentoo repository you might need to intervene in case a package fails
to emerge. The critical commands will ask you what to do in case of a failure.

Here is an outline of the steps that are carried out:

1. Partition disks (supports gpt, raid, luks)
1. Download and cryptographically verify the newest stage3 tarball
1. Extract the stage3 tarball
1. Sync portage tree
1. Configure portage (create zz-autounmask files, configure `make.conf`)
1. Select the fastest gentoo mirrors if desired
1. Configure the base system (timezone, keymap, locales, ...)
1. Install git and other required tools (e.g. zfs if you have used zfs)
1. Install `sys-kernel/gentoo-kernel-bin` (until you can compile your own)
1. Generate an initramfs with dracut
1. Create efibootmgr entry or install syslinux depending on whether your system uses EFI or BIOS
1. Generate fstab
1. (Optional components from below)
1. Asks if a root password should be set

Also, optionally the following will be done:

* Install sshd with secure config
* Install dhcpcd (only for OpenRC)
* Install additional packages provided in config

Anything else is probably out of scope for this script, but you can obviously do
anything later on when the system is booted. Here are some things that you probably
want to consider doing after the base system installation is finished:

* Read the news with `eselect news read`.
* Compile a custom kernel and remove `gentoo-kernel-bin`
* Adjust `/etc/portage/make.conf`
  - Set `CFLAGS` to `-O2 -pipe -march=native` for native builds
  - Set `CPU_FLAGS_X86` using the `cpuid2cpuflags` tool
  - Set `FEATURES="buildpkg"` if you want to build binary packages
* Use a safe umask like `umask 0077`

If you are looking for a way to detect and manage your kernel configuration, have a look at [autokernel](https://github.com/oddlama/autokernel).

### (Optional) sshd

The script can provide a fully configured ssh daemon with reasonably good security settings.
It will by default only allow ed25519 keys, restrict key exchange
algorithms to a reasonable subset, disable any password based authentication,
and only allow root to login.

You can provide keys that will be written to root's `.ssh/authorized_keys` file. This will allow
you to directly continue your setup with your favourite infrastructure management software.

### (Optional) Additional packages

You can add any amount of additional packages to be installed on the target system.
These will simply be passed to a final `emerge` call before the script is done,
where autounmasking will also be done automatically. It is recommended to keep
this to a minimum, because of the quite "interactive" nature of gentoo package management ;)

### Troubleshooting

In theory, after the initial sanity check, the script should be able to finish unattendedly.
But given the unpredictability of future gentoo versions, you might still run into an issue.

The script checks every command for success, so if anything fails during installation,
you will be given a proper message of what went wrong. Inside the chroot,
most commands will be executed in a checked loop, and allow you to interactively
fix problems with a shell, to retry, or to skip the command.

## References

* [Sakaki's EFI Install Guide](https://wiki.gentoo.org/wiki/Sakaki%27s_EFI_Install_Guide)
* [Gentoo AMD64 Handbook](https://wiki.gentoo.org/wiki/Handbook:AMD64)
More readme related updates 2020-04-21 14:26:45 +00:00			`## About gentoo-install`
Installation script until stage3 extraction and chroot complete 2019-12-31 14:28:42 -01:00
Clarified README and added screenshot 2021-05-31 19:06:46 +00:00			`This is an installer for gentoo with a simple configuration TUI inspired by menuconfig.`
Updated readme, added zfs tools to new system if required 2021-05-30 19:01:41 +00:00			The configurator is only used to generate a `gentoo.conf` file, which can also be
Clarified README and added screenshot 2021-05-31 19:06:46 +00:00			`edited by hand, or reused later if desired. An example configuration is provided with the repository.`

			`The installer supports the most common disk layouts, different file systems like ext4, ZFS and btrfs as well`
			`as additional layers such as LUKS or mdraid. It also supports both EFI (recommended) and BIOS boot,`
			`and can be used with systemd or OpenRC as the init system.`

			`![](contrib/screenshot_configure.png)`
Updated readme; Conditionalized sshd installation 2020-01-06 19:34:44 -01:00
More readme related updates 2020-04-21 14:26:45 +00:00			`## Quick start`

Read encryption key when starting installation if not given otherwise; Clarify readme 2021-05-31 15:11:39 +00:00			`First, boot into a live environment of your choice. I recommend using an [Arch Linux](https://www.archlinux.org/download/) live iso,`
			`as the installer will then be able to automatically download required programs or setup zfs support on the fly. After that,`
			`proceed with the following steps:`

			`1. Either clone this repo or download and extract a copy`
			1. Run `./configure` and save your desired configuration
			1. Begin installation using `./install`
A lot more options finished. Disk partitioning missing. 2021-04-22 18:35:48 +00:00
Updated readme, added zfs tools to new system if required 2021-05-30 19:01:41 +00:00			Every option is explained in detail in `gentoo.conf.example` and in the help menu popups in the configurator.
A lot more options finished. Disk partitioning missing. 2021-04-22 18:35:48 +00:00			`When installing, you will be asked to review the partitioning before anything critical is done.`
More readme related updates 2020-04-21 14:26:45 +00:00
Updated readme; Conditionalized sshd installation 2020-01-06 19:34:44 -01:00			`## Overview`

Updated readme, added zfs tools to new system if required 2021-05-30 19:01:41 +00:00			The system will use `sys-kernel/gentoo-kernel-bin`, which should be suitable
			`to boot most systems out of the box. It is strongly recommend to replace this kernel`
Read encryption key when starting installation if not given otherwise; Clarify readme 2021-05-31 15:11:39 +00:00			`with a custom built one, when the system is functional.`
Updated README 2020-11-25 12:44:34 -01:00
Added configure screenshot, removed old usage section 2021-05-31 18:45:42 +00:00			`The installer should be able to run without any user supervision after partitioning, but depending`
			`on the current state of the gentoo repository you might need to intervene in case a package fails`
			`to emerge. The critical commands will ask you what to do in case of a failure.`

Clarified README and added screenshot 2021-05-31 19:06:46 +00:00			`Here is an outline of the steps that are carried out:`

Auto number list isnt RST 2020-11-25 15:43:32 -01:00			`1. Partition disks (supports gpt, raid, luks)`
			`1. Download and cryptographically verify the newest stage3 tarball`
			`1. Extract the stage3 tarball`
			`1. Sync portage tree`
Read encryption key when starting installation if not given otherwise; Clarify readme 2021-05-31 15:11:39 +00:00			1. Configure portage (create zz-autounmask files, configure `make.conf`)
			`1. Select the fastest gentoo mirrors if desired`
			`1. Configure the base system (timezone, keymap, locales, ...)`
Updated readme, added zfs tools to new system if required 2021-05-30 19:01:41 +00:00			`1. Install git and other required tools (e.g. zfs if you have used zfs)`
Read encryption key when starting installation if not given otherwise; Clarify readme 2021-05-31 15:11:39 +00:00			1. Install `sys-kernel/gentoo-kernel-bin` (until you can compile your own)
Updated readme, added zfs tools to new system if required 2021-05-30 19:01:41 +00:00			`1. Generate an initramfs with dracut`
			`1. Create efibootmgr entry or install syslinux depending on whether your system uses EFI or BIOS`
Read encryption key when starting installation if not given otherwise; Clarify readme 2021-05-31 15:11:39 +00:00			`1. Generate fstab`
			`1. (Optional components from below)`
Updated readme, added zfs tools to new system if required 2021-05-30 19:01:41 +00:00			`1. Asks if a root password should be set`
Updated readme; Conditionalized sshd installation 2020-01-06 19:34:44 -01:00
			`Also, optionally the following will be done:`

			`* Install sshd with secure config`
Updated README 2020-11-25 12:44:34 -01:00			`* Install dhcpcd (only for OpenRC)`
Updated readme; Conditionalized sshd installation 2020-01-06 19:34:44 -01:00			`* Install additional packages provided in config`

Updated readme, added zfs tools to new system if required 2021-05-30 19:01:41 +00:00			`Anything else is probably out of scope for this script, but you can obviously do`
			`anything later on when the system is booted. Here are some things that you probably`
			`want to consider doing after the base system installation is finished:`
Updated readme; Conditionalized sshd installation 2020-01-06 19:34:44 -01:00
Updated readme, added zfs tools to new system if required 2021-05-30 19:01:41 +00:00			* Read the news with `eselect news read`.
			* Compile a custom kernel and remove `gentoo-kernel-bin`
			* Adjust `/etc/portage/make.conf`
			- Set `CFLAGS` to `-O2 -pipe -march=native` for native builds
			- Set `CPU_FLAGS_X86` using the `cpuid2cpuflags` tool
			- Set `FEATURES="buildpkg"` if you want to build binary packages
			* Use a safe umask like `umask 0077`

Read encryption key when starting installation if not given otherwise; Clarify readme 2021-05-31 15:11:39 +00:00			`If you are looking for a way to detect and manage your kernel configuration, have a look at [autokernel](https://github.com/oddlama/autokernel).`

More readme related updates 2020-04-21 14:26:45 +00:00			`### (Optional) sshd`
Updated readme; Conditionalized sshd installation 2020-01-06 19:34:44 -01:00
			`The script can provide a fully configured ssh daemon with reasonably good security settings.`
Update readme wording 2021-04-19 18:33:47 +00:00			`It will by default only allow ed25519 keys, restrict key exchange`
			`algorithms to a reasonable subset, disable any password based authentication,`
			`and only allow root to login.`
Updated readme; Conditionalized sshd installation 2020-01-06 19:34:44 -01:00
Update readme wording 2021-04-19 18:33:47 +00:00			You can provide keys that will be written to root's `.ssh/authorized_keys` file. This will allow
Updated readme, added zfs tools to new system if required 2021-05-30 19:01:41 +00:00			`you to directly continue your setup with your favourite infrastructure management software.`
Updated readme; Conditionalized sshd installation 2020-01-06 19:34:44 -01:00
More readme related updates 2020-04-21 14:26:45 +00:00			`### (Optional) Additional packages`
Updated readme; Conditionalized sshd installation 2020-01-06 19:34:44 -01:00
Update readme wording 2021-04-19 18:33:47 +00:00			`You can add any amount of additional packages to be installed on the target system.`
Updated readme, added zfs tools to new system if required 2021-05-30 19:01:41 +00:00			These will simply be passed to a final `emerge` call before the script is done,
			`where autounmasking will also be done automatically. It is recommended to keep`
			`this to a minimum, because of the quite "interactive" nature of gentoo package management ;)`
Updated readme; Conditionalized sshd installation 2020-01-06 19:34:44 -01:00
More readme related updates 2020-04-21 14:26:45 +00:00			`### Troubleshooting`
Add Troubleshooting section 2020-01-06 19:43:11 -01:00
Update readme wording 2021-04-19 18:33:47 +00:00			`In theory, after the initial sanity check, the script should be able to finish unattendedly.`
			`But given the unpredictability of future gentoo versions, you might still run into an issue.`

Add Troubleshooting section 2020-01-06 19:43:11 -01:00			`The script checks every command for success, so if anything fails during installation,`
			`you will be given a proper message of what went wrong. Inside the chroot,`
Update readme wording 2021-04-19 18:33:47 +00:00			`most commands will be executed in a checked loop, and allow you to interactively`
			`fix problems with a shell, to retry, or to skip the command.`
Add Troubleshooting section 2020-01-06 19:43:11 -01:00
More readme related updates 2020-04-21 14:26:45 +00:00			`## References`
Added timezone and locale settings 2020-01-03 21:48:49 -01:00
			`* [Sakaki's EFI Install Guide](https://wiki.gentoo.org/wiki/Sakaki%27s_EFI_Install_Guide)`
			`* [Gentoo AMD64 Handbook](https://wiki.gentoo.org/wiki/Handbook:AMD64)`