Create a boot partition preferably 1GB or at least 512MB. (Because it does not delete the old kernel files from /boot when new kernel is installed. We’ll have to clean up the old kernel version files more often if we have a smaller partition). We’ll have to have a separate boot partition because encrypted boot partition cannot be read by GRUB. Librebooted machines have the ability to use encrypted boot partitions though.
sudo -s modprobe dm-crypt modprobe dm-mod cryptsetup luksFormat -v -s 512 -h sha512 /dev/sdx3 cryptsetup open /dev/sdx3 void_root
- assuming /dev/sdx3 is your root partition
mkfs.ext4 -L root /dev/mapper/void_root
Run sudo void-installer and then follow every step as usual, except the Partitioning step. Show the “/dev/mapper/void_root” as / when asked for Filesystem setup. Show the /boot or other filesystems as usual. When installer asks to reboot, select No. We have more things to do.
mount /dev/mapper/void_root /mnt mkdir /mnt/boot mount /dev/sdx1 /mnt/boot
*assuming /dev/sdx1 is your boot drive
mount --rbind /dev /mnt/dev mount --rbind /proc /mnt/proc mount --rbind /sys /mnt/sys
chroot /mnt /bin/bash
Run nano /etc/default/grub then find the GRUB_CMDLINE_LINUX line and add this to the value:
to set it with UUID, run sudo blkid or sudo cryptsetup luksDump /dev/sdx3 then use the UUID of the /dev/mapper/luks_root like this:
GRUB_CMDLINE_LINUX="rd.luks.uuid=529ab394-4abc-4a1u-9cd9-1864a1b7j6k9"
Add this also:GRUB_ENABLE_CRYPTODISK=y
Look for rd.auto=1 in either GRUB_CMDLINE_LINUX or GRUB_CMDLINE_LINUX_DEFAULT and probably remove it, because it asks for passwords for all the LUKS encrypted drive passwords even if you are not accessing all of them to boot. This is described as a shortcut on the original wiki, but is an annoying thing.
Now run this to update grub config:
xbps-reconfigure -f linux4.19
*to see installed linux kernels xbps-query --regex -Rs '^linux[0-9.]+-[0-9._]+'
Run cat /boot/grub/grub.cfg and scroll with Shift+Page Up or Shift+Page Down to scroll, and check whether the above parameters rd.auto and cryptdevice are added to the file properly.
Then exit and umount -R /mnt, then reboot and boot into your new installation. Enjoy!
Reblog00 