5.0 KiB
About gentoo-install
A installer for gentoo with a simple menuconfig inspired configuration TUI.
The configurator is only used to generate a gentoo.conf
file, which can also be
edited by hand if desired. An example configuration is provided with the repository.
Quick start
- Download a copy or clone this repo
- Run
./configure
and save your configuration - When using encryption, export your desired key with
export GENTOO_INSTALL_ENCRYPTION_KEY="mypassword"
- Run installation using
./install
Every option is explained in detail in gentoo.conf.example
and in the help menu popups in the configurator.
When installing, you will be asked to review the partitioning before anything critical is done.
Overview
This script performs a reasonably minimal installation of gentoo. An EFI system is highly recommended, but legacy BIOS boot is also supported. The script supports both systemd (default) and OpenRC as the init system.
The system will use sys-kernel/gentoo-kernel-bin
, which should be suitable
to boot most systems out of the box. It is strongly recommend to replace this kernel
with a custom built one, when the system is functional. If you are looking for a way
to detect and manage your kernel configuration, have a look at autokernel.
- Partition disks (supports gpt, raid, luks)
- Download and cryptographically verify the newest stage3 tarball
- Extract the stage3 tarball
- Sync portage tree
- Configure portage (create zz-autounmask files, configure MAKEOPTS, EMERGE_DEFAULT_OPTS)
- Select the fastest gentoo mirrors
- Configure the base system
- Install git and other required tools (e.g. zfs if you have used zfs)
- Install
sys-kernel/gentoo-kernel-bin
(until you replace it) - Generate an initramfs with dracut
- Create efibootmgr entry or install syslinux depending on whether your system uses EFI or BIOS
- Generate a basic fstab
- Asks if a root password should be set
Also, optionally the following will be done:
- Install sshd with secure config
- Install dhcpcd (only for OpenRC)
- Install additional packages provided in config
Anything else is probably out of scope for this script, but you can obviously do anything later on when the system is booted. Here are some things that you probably want to consider doing after the base system installation is finished:
- Read the news with
eselect news read
. - Compile a custom kernel and remove
gentoo-kernel-bin
- Adjust
/etc/portage/make.conf
- Set
CFLAGS
to-O2 -pipe -march=native
for native builds - Set
CPU_FLAGS_X86
using thecpuid2cpuflags
tool - Set
FEATURES="buildpkg"
if you want to build binary packages
- Set
- Use a safe umask like
umask 0077
Usage
Installing gentoo with this script is simple.
- Boot into the live system of your choice. As the script requires some utilities, I recommend using a live system where you can quickly install new software. Any Arch Linux live iso works fine.
- Clone this repository
- Run
./configure
or create your owngentoo.conf
following the example file. Particularily pay attention to the device which will be partitioned. The script will ask for confirmation before doing any partitioning - but better be safe here. - Execute
./install
.
The script should be able to run without any user supervision after partitioning, but depending on the current state of the gentoo repository you might need to intervene in case a package fails to emerge. The critical commands will ask you what to do in case of a failure.
(Optional) sshd
The script can provide a fully configured ssh daemon with reasonably good security settings. It will by default only allow ed25519 keys, restrict key exchange algorithms to a reasonable subset, disable any password based authentication, and only allow root to login.
You can provide keys that will be written to root's .ssh/authorized_keys
file. This will allow
you to directly continue your setup with your favourite infrastructure management software.
(Optional) Additional packages
You can add any amount of additional packages to be installed on the target system.
These will simply be passed to a final emerge
call before the script is done,
where autounmasking will also be done automatically. It is recommended to keep
this to a minimum, because of the quite "interactive" nature of gentoo package management ;)
Troubleshooting
In theory, after the initial sanity check, the script should be able to finish unattendedly. But given the unpredictability of future gentoo versions, you might still run into an issue.
The script checks every command for success, so if anything fails during installation, you will be given a proper message of what went wrong. Inside the chroot, most commands will be executed in a checked loop, and allow you to interactively fix problems with a shell, to retry, or to skip the command.