diff --git a/README.md b/README.md index 62fe13b..7dc6976 100644 --- a/README.md +++ b/README.md @@ -1,33 +1,29 @@ ## About gentoo-install -This script performs a reasonably minimal installation of gentoo. An EFI system is highly -recommended, but legacy BIOS boot is also supported. The script supports both systemd (default) -and OpenRC as the init system. The main performed steps are: - -1. Partitioning -1. Download & cryptographically verify stage3 tarball -1. Extract stage3 -1. Initialize portage -1. Install kernel -1. Install additional software - -The system will use `sys-kernel/gentoo-kernel-bin`, which should be suitable -to boot most systems out of the box. It is strongly recommend to replace this kernel -with a custom built one, when the system is functional. If you are looking for a way -to detect and manage your kernel configuration, have a look at [autokernel](https://github.com/oddlama/autokernel). +A installer for gentoo with a simple menuconfig inspired configuration TUI. +The configurator is only used to generate a `gentoo.conf` file, which can also be +edited by hand if desired. An example configuration is provided with the repository. ## Quick start 1. Download a copy or clone this repo 1. Run `./configure` and save your configuration -1. Install using `./install` +1. When using encryption, export your desired key with `export GENTOO_INSTALL_ENCRYPTION_KEY="mypassword"` +1. Run installation using `./install` -Every option is explained in detail in `gentoo.conf.example` and in the help popups in the configurator. +Every option is explained in detail in `gentoo.conf.example` and in the help menu popups in the configurator. When installing, you will be asked to review the partitioning before anything critical is done. ## Overview -Here is a more complete overview of what this script does: +This script performs a reasonably minimal installation of gentoo. An EFI system is highly +recommended, but legacy BIOS boot is also supported. The script supports both systemd (default) +and OpenRC as the init system. + +The system will use `sys-kernel/gentoo-kernel-bin`, which should be suitable +to boot most systems out of the box. It is strongly recommend to replace this kernel +with a custom built one, when the system is functional. If you are looking for a way +to detect and manage your kernel configuration, have a look at [autokernel](https://github.com/oddlama/autokernel). 1. Partition disks (supports gpt, raid, luks) 1. Download and cryptographically verify the newest stage3 tarball @@ -36,11 +32,12 @@ Here is a more complete overview of what this script does: 1. Configure portage (create zz-autounmask files, configure MAKEOPTS, EMERGE_DEFAULT_OPTS) 1. Select the fastest gentoo mirrors 1. Configure the base system -1. Install git (so you can add your portage overlays later) +1. Install git and other required tools (e.g. zfs if you have used zfs) 1. Install `sys-kernel/gentoo-kernel-bin` (until you replace it) -1. Create efibootmgr entry or install syslinux depending on whether your system uses EFI +1. Generate an initramfs with dracut +1. Create efibootmgr entry or install syslinux depending on whether your system uses EFI or BIOS 1. Generate a basic fstab -1. Ask for a root password +1. Asks if a root password should be set Also, optionally the following will be done: @@ -48,11 +45,19 @@ Also, optionally the following will be done: * Install dhcpcd (only for OpenRC) * Install additional packages provided in config -Anything else is probably out of scope for this script, -but you can obviously do anything later on when the system is booted. -I highly recommend building a custom kernel. Have a look at the [Recommendations](#Recommendations) section. +Anything else is probably out of scope for this script, but you can obviously do +anything later on when the system is booted. Here are some things that you probably +want to consider doing after the base system installation is finished: -## Install +* Read the news with `eselect news read`. +* Compile a custom kernel and remove `gentoo-kernel-bin` +* Adjust `/etc/portage/make.conf` + - Set `CFLAGS` to `-O2 -pipe -march=native` for native builds + - Set `CPU_FLAGS_X86` using the `cpuid2cpuflags` tool + - Set `FEATURES="buildpkg"` if you want to build binary packages +* Use a safe umask like `umask 0077` + +## Usage Installing gentoo with this script is simple. @@ -62,21 +67,13 @@ Installing gentoo with this script is simple. 2. Clone this repository 3. Run `./configure` or create your own `gentoo.conf` following the example file. Particularily pay attention to the device which will be partitioned. - The script will ask for confirmation - before doing any partitioning - but better be safe there. -4. Execute `./install`. The script will tell you if your live - system is missing any required software. + The script will ask for confirmation before doing any partitioning - but better be safe here. +4. Execute `./install`. The script should be able to run without any user supervision after partitioning, but depending on the current state of the gentoo repository you might need to intervene in case a package fails to emerge. The critical commands will ask you what to do in case of a failure. -### Config - -The config file `gentoo.conf` allows you to adjust some parameters of the installation. -The most important ones will probably be the device to partition, and the stage3 tarball name -to install. By default you will get the hardened nomultilib profile without systemd. - ### (Optional) sshd The script can provide a fully configured ssh daemon with reasonably good security settings. @@ -85,13 +82,14 @@ algorithms to a reasonable subset, disable any password based authentication, and only allow root to login. You can provide keys that will be written to root's `.ssh/authorized_keys` file. This will allow -you to directly continue your setup with infrastructure management software such as ansible or [simple_automation](https://github.com/oddlama/simple_automation). +you to directly continue your setup with your favourite infrastructure management software. ### (Optional) Additional packages You can add any amount of additional packages to be installed on the target system. -These will simply be passed to a final `emerge` call before the script is done, and autounmasking will also be done automatically. -It is recommended to keep this to a minimum, because of the quite "interactive" nature of gentoo package management ;) +These will simply be passed to a final `emerge` call before the script is done, +where autounmasking will also be done automatically. It is recommended to keep +this to a minimum, because of the quite "interactive" nature of gentoo package management ;) ### Troubleshooting @@ -103,23 +101,6 @@ you will be given a proper message of what went wrong. Inside the chroot, most commands will be executed in a checked loop, and allow you to interactively fix problems with a shell, to retry, or to skip the command. -## Recommendations - -There are some things that you probably want to do after installing the base system, -or should consider: - -* Read the news with `eselect news read`. -* Use a custom kernel (config and hardening, see [autokernel](https://github.com/oddlama/autokernel)), and remove `gentoo-kernel-bin` -* Adjust `/etc/portage/make.conf` - - Set `CFLAGS` to `-O2 -pipe -march=native` for native builds - - Set `CPU_FLAGS_X86` using the `cpuid2cpuflags` tool - - Set `FEATURES="buildpkg"` if you want to build binary packages -* Use a safe umask like `umask 0077` - -## Acknowledgements - -This installer bundles a statically linked copy of newt - ## References * [Sakaki's EFI Install Guide](https://wiki.gentoo.org/wiki/Sakaki%27s_EFI_Install_Guide) diff --git a/configure b/configure index dd4c489..2942c87 100755 --- a/configure +++ b/configure @@ -832,7 +832,7 @@ function PARTITIONING_ROOT_FS_menu() { function PARTITIONING_USE_LUKS_tag() { echo " ├ Use LUKS"; } function PARTITIONING_USE_LUKS_label() { on_off_label "$PARTITIONING_USE_LUKS" " ├ "; } function PARTITIONING_USE_LUKS_show() { [[ $PARTITIONING_SCHEME != "custom" ]] && one_of "$PARTITIONING_SCHEME" "classic_single_disk" "btrfs_centric"; } -function PARTITIONING_USE_LUKS_help() { echo "Determines if LUKS will be used to encrypt your root partition. Export the desired encryption key via export GENTOO_INSTALL_ENCRYPTION_KEY="..." before installing."; } +function PARTITIONING_USE_LUKS_help() { echo "Determines if LUKS will be used to encrypt your root partition. Export the desired encryption key via export GENTOO_INSTALL_ENCRYPTION_KEY='...' before installing."; } function PARTITIONING_USE_LUKS_menu() { on_off_toggle "PARTITIONING_USE_LUKS" UNSAVED_CHANGES=true @@ -841,7 +841,7 @@ function PARTITIONING_USE_LUKS_menu() { function PARTITIONING_ZFS_ENCRYPTION_tag() { echo " ├ ZFS Encryption"; } function PARTITIONING_ZFS_ENCRYPTION_label() { on_off_label "$PARTITIONING_ZFS_ENCRYPTION" " ├ "; } function PARTITIONING_ZFS_ENCRYPTION_show() { [[ $PARTITIONING_SCHEME != "custom" ]] && one_of "$PARTITIONING_SCHEME" "zfs_centric" && one_of "$PARTITIONING_ZFS_POOL_TYPE" "standard"; } -function PARTITIONING_ZFS_ENCRYPTION_help() { echo "Determines if ZFS encryption will be used to encrypt your root partition. Export the desired encryption key via export GENTOO_INSTALL_ENCRYPTION_KEY="..." before installing."; } +function PARTITIONING_ZFS_ENCRYPTION_help() { echo "Determines if ZFS encryption will be used to encrypt your root partition. Export the desired encryption key via export GENTOO_INSTALL_ENCRYPTION_KEY='...' before installing."; } function PARTITIONING_ZFS_ENCRYPTION_menu() { on_off_toggle "PARTITIONING_ZFS_ENCRYPTION" UNSAVED_CHANGES=true diff --git a/scripts/main.sh b/scripts/main.sh index 50f8891..d8dba2a 100644 --- a/scripts/main.sh +++ b/scripts/main.sh @@ -304,6 +304,25 @@ function main_install_gentoo_in_chroot() { try emerge --verbose sys-fs/btrfs-progs fi + # Install zfs kernel module and tools if we used zfs + if [[ $USED_ZFS == "true" ]]; then + einfo "Installing zfs" + try emerge --verbose sys-fs/zfs sys-fs/zfs-kmod + + einfo "Enabling zfs services" + if [[ $SYSTEMD == "true" ]]; then + systemctl enable zfs.target || die "Could not enable zfs.target service" + systemctl enable zfs-import-cache || die "Could not enable zfs-import-cache service" + systemctl enable zfs-mount || die "Could not enable zfs-mount service" + systemctl enable zfs-import.target || die "Could not enable zfs-import.target service" + else + rc-update add zfs-import boot || die "Could not add zfs-import to boot services" + rc-update add zfs-mount boot || die "Could not add zfs-mount to boot services" + rc-update add zfs-share default || die "Could not add zfs-share to default services" + rc-update add zfs-zed default || die "Could not add zfs-zed to default services" + fi + fi + # Install kernel and initramfs install_kernel