2020-04-21 14:26:45 +00:00
## About gentoo-install
2019-12-31 14:28:42 -01:00
2020-04-21 14:15:49 +00:00
This script performs a reasonably minimal installation of gentoo. An EFI system is highly
2020-11-25 12:44:34 -01:00
recommended, but legacy BIOS boot is also supported. The script supports both systemd (default)
and OpenRC as the init system. The main performed steps are:
2020-01-06 19:34:44 -01:00
2020-11-25 15:43:32 -01:00
1. Partitioning
2021-04-19 18:33:47 +00:00
1. Download & cryptographically verify stage3 tarball
2020-11-25 15:43:32 -01:00
1. Extract stage3
1. Initialize portage
1. Install kernel
1. Install additional software
2020-11-25 12:44:34 -01:00
The system will use `sys-kernel/gentoo-kernel-bin` , which should be suitable
2021-04-19 18:33:47 +00:00
to boot most systems out of the box. It is strongly recommend to replace this kernel
2020-01-06 19:34:44 -01:00
with a custom built one, when the system is functional. If you are looking for a way
2020-04-21 14:15:49 +00:00
to detect and manage your kernel configuration, have a look at [autokernel ](https://github.com/oddlama/autokernel ).
2020-01-06 19:34:44 -01:00
2020-04-21 14:26:45 +00:00
## Quick start
Edit `scripts/config.sh` and execute `./install` in any live system.
2020-11-25 12:44:34 -01:00
You can review the partitioning that will be applied before anything critical is done.
Afterwards, this will apply the partitioning scheme and properly
2021-04-19 18:33:47 +00:00
install the selected stage3 gentoo system. By default, the new system will use
`sys-kernel/gentoo-kernel-bin` as the kernel, and an initramfs generated by gentoo's genkernel to provide
a bootable environment. The script can optionally install `sshd` to
2020-11-25 12:44:34 -01:00
allow for a convenient setup of the new system afterwards.
2020-04-21 14:26:45 +00:00
2020-01-06 19:34:44 -01:00
## Overview
2020-11-25 12:44:34 -01:00
Here is a more complete overview of what this script does:
2020-11-25 15:43:32 -01:00
1. Partition disks (supports gpt, raid, luks)
1. Download and cryptographically verify the newest stage3 tarball
1. Extract the stage3 tarball
1. Sync portage tree
1. Configure portage (create zz-autounmask files, configure MAKEOPTS, EMERGE_DEFAULT_OPTS)
1. Select the fastest gentoo mirrors
1. Configure the base system
1. Install git (so you can add your portage overlays later)
1. Install `sys-kernel/gentoo-kernel-bin` (until you replace it)
1. Create efibootmgr entry or install syslinux depending on whether your system uses EFI
1. Generate a basic fstab
1. Ask for a root password
2020-01-06 19:34:44 -01:00
Also, optionally the following will be done:
* Install sshd with secure config
2020-11-25 12:44:34 -01:00
* Install dhcpcd (only for OpenRC)
2020-01-06 19:34:44 -01:00
* Install additional packages provided in config
Anything else is probably out of scope for this script,
but you can obviously do anything later on when the system is booted.
2020-11-25 12:44:34 -01:00
I highly recommend building a custom kernel. Have a look at the [Recommendations ](#Recommendations ) section.
2020-01-06 19:34:44 -01:00
2020-04-21 14:26:45 +00:00
## Install
2020-01-06 19:38:28 -01:00
Installing gentoo with this script is simple.
1. Boot into the live system of your choice. As the script requires some utilities,
I recommend using a live system where you can quickly install new software.
Any [Arch Linux ](https://www.archlinux.org/download/ ) live iso works fine.
2. Clone this repository
2020-01-06 19:43:11 -01:00
3. Edit `scripts/config.sh` , and particularily pay attention to
2020-11-25 12:44:34 -01:00
the device which will be partitioned. The script will ask for confirmation
before partitioning, but better be safe there.
2020-01-06 19:43:11 -01:00
4. Execute `./install` . The script will tell you if your live
2020-01-06 19:38:28 -01:00
system is missing any required software.
2020-11-25 12:44:34 -01:00
The script should be able to run without any user supervision after partitioning, but depending
on the current state of the gentoo repository you might need to intervene in case a package fails
to emerge. The critical commands will ask you what to do in case of a failure.
2020-04-21 14:26:45 +00:00
### Config
2020-01-06 19:34:44 -01:00
The config file `scripts/config.sh` allows you to adjust some parameters of the installation.
The most important ones will probably be the device to partition, and the stage3 tarball name
2020-01-06 19:38:28 -01:00
to install. By default you will get the hardened nomultilib profile without systemd.
2020-01-06 19:34:44 -01:00
2020-04-21 14:26:45 +00:00
### (Optional) sshd
2020-01-06 19:34:44 -01:00
The script can provide a fully configured ssh daemon with reasonably good security settings.
2021-04-19 18:33:47 +00:00
It will by default only allow ed25519 keys, restrict key exchange
algorithms to a reasonable subset, disable any password based authentication,
and only allow root to login.
2020-01-06 19:34:44 -01:00
2021-04-19 18:33:47 +00:00
You can provide keys that will be written to root's `.ssh/authorized_keys` file. This will allow
you to directly continue your setup with infrastructure management software such as ansible or [simple_automation ](https://github.com/oddlama/simple_automation ).
2020-01-06 19:34:44 -01:00
2020-04-21 14:26:45 +00:00
### (Optional) Additional packages
2020-01-06 19:34:44 -01:00
2021-04-19 18:33:47 +00:00
You can add any amount of additional packages to be installed on the target system.
These will simply be passed to a final `emerge` call before the script is done, and autounmasking will also be done automatically.
It is recommended to keep this to a minimum, because of the heavily "interactive" nature of gentoo package management ;)
2020-01-06 19:34:44 -01:00
2020-04-21 14:26:45 +00:00
### Troubleshooting
2020-01-06 19:43:11 -01:00
2021-04-19 18:33:47 +00:00
In theory, after the initial sanity check, the script should be able to finish unattendedly.
But given the unpredictability of future gentoo versions, you might still run into an issue.
2020-01-06 19:43:11 -01:00
The script checks every command for success, so if anything fails during installation,
you will be given a proper message of what went wrong. Inside the chroot,
2021-04-19 18:33:47 +00:00
most commands will be executed in a checked loop, and allow you to interactively
fix problems with a shell, to retry, or to skip the command.
2020-01-06 19:43:11 -01:00
2020-04-21 14:26:45 +00:00
## Recommendations
2020-01-06 19:34:44 -01:00
There are some things that you probably want to do after installing the base system,
or should consider:
2020-01-06 19:38:28 -01:00
* Read the news with `eselect news read` .
2020-11-25 12:44:34 -01:00
* Use a custom kernel (config and hardening, see [autokernel ](https://github.com/oddlama/autokernel )), and remove `gentoo-kernel-bin`
2020-01-06 19:34:44 -01:00
* Adjust `/etc/portage/make.conf`
- Set `CFLAGS` to `-O2 -pipe -march=native` for native builds
- Set `CPU_FLAGS_X86` using the `cpuid2cpuflags` tool
- Set `FEATURES="buildpkg"` if you want to build binary packages
* Use a safe umask like `umask 0077`
2020-01-03 21:48:49 -01:00
2020-04-21 14:26:45 +00:00
## References
2020-01-03 21:48:49 -01:00
* [Sakaki's EFI Install Guide ](https://wiki.gentoo.org/wiki/Sakaki%27s_EFI_Install_Guide )
* [Gentoo AMD64 Handbook ](https://wiki.gentoo.org/wiki/Handbook:AMD64 )