gentoo.conf.example

# vim: set ft=sh ts=4 sw=4 sts=-1 noet:
# This file will be interpreted by /bin/bash.

################################################
# Disk configuration

# Below you will see examples of how to use the provided default partitioning schemes.
# Generally these should be sufficient for most system setups.
#
# You can also create your own scheme using the functions provided in scripts/config.sh,
# if you need something tailored to your specific system. Generally supported is
# any combination of RAID0/1, luks, zfs, btrfs and the usual filesystems (ext4, fat)
# Have a look at the implementation of the default schemes, but be aware that you
# most likely don't want to implement your own scheme.
#
# Be sure to only define one layout!

# This function will be called when a custom zfs pool type has been chosen.
# You do not need to change this, unless you have chosen a custom zfs pool type.
# $1: a string describing all device paths (for error messages)
# $@: device paths
function format_zfs_custom() {
	# See format_zfs_standard() function in scripts/functions.sh for an example!
	die "You need to implement format_zfs_custom() in your .conf file!"
}

function disk_configuration() {
	create_classic_single_disk_layout swap=8GiB type=efi luks=true root_fs=ext4 /dev/sdX

	# 1. create_classic_single_disk_layout
	#
	# This layout creates the most common partitioning scheme on a single disk, i.e.
	# one boot, one swap and one root partition. Swap can be disabled and the root
	# partition can be luks encrypted. This is probably the layout you are most familiar with.
	#
	# Parameters:
	#   swap=<size>           Create a swap partition with given size, or no swap
	#                         at all if set to false.
	#   type=[efi|bios]       Selects the boot type. Defaults to efi if not given.
	#   luks=[true|false]     Encrypt root partition. Defaults to false if not given.
	#   root_fs=[ext4|btrfs]  Root filesystem. Defaults to ext4 if not given.
	#create_classic_single_disk_layout swap=8GiB type=efi luks=true root_fs=ext4 /dev/sdX

	# 2. create_btrfs_centric_layout
	#
	# A modern disk layout designed around ZFS. This layout is the same as the
	# single_disk_layout, but uses ZFS as the root filesystem and optionally allows
	# you to put additional disks into the zfs pool (with striping or mirroring).
	# Only the first disk will have boot and swap partitions, the other disks will
	# directly be added to the zfs pool. It is also possible to use ZFS's native
	# encryption feature to encrypt the pool.
	#
	# Parameters:
	#   swap=<size>                Create a swap partition with given size, or no swap
	#                              at all if set to false.
	#   type=[efi|bios]            Selects the boot type. Defaults to efi if not given.
	#   encrypt=[true|false]       Encrypt the zfs datasets. Defaults to false if not given.
	#   compress=[false|<compression>] Compress the zfs datasets. For valid values visit man zfsprops. Defaults to false if not given.
	#   pool_type=[standard|custom]  Select zfs pool type. Custom pools allow you to do the pool creation yourself. Defaults to standard.
	#create_zfs_centric_layout type=efi swap=8GiB encrypt=true compress=zstd pool_type=standard

	# 3. create_raid0_luks_layout
	#
	# This layout creates the single disk layout on multiple disks and combines
	# the swap and root partitions in separate raid0 arrays. Useful if you e.g. have
	# several nvme drives and want increased speed. Only one boot partition will actually
	# be used though.
	#
	# Parameters:
	#   swap=<size>           Create a swap partition with given size for each disk,
	#                         or no swap at all if set to false.
	#   type=[efi|bios]       Selects the boot type. Defaults to efi if not given.
	#   luks=[true|false]     Encrypt root partition. Defaults to true if not given.
	#   root_fs=[ext4|btrfs]  Root filesystem. Defaults to ext4 if not given.
	# Careful: You will get N times the swap amount, so be sure to divide beforehand.
	#create_raid0_luks_layout swap=4GiB type=efi root_fs=ext4 /dev/sd{X,Y}

	# 4. create_raid1_luks_layout
	#
	# This layout creates the single disk layout on multiple disks and combines
	# the swap and root partitions in separate raid1 arrays. Useful if you e.g. have
	# several nvme drives and want data redundancy. Only one boot partition will actually
	# be used though.
	#
	# Parameters:
	#   swap=<size>           Create a swap partition with given size for each disk,
	#                         or no swap at all if set to false.
	#   type=[efi|bios]       Selects the boot type. Defaults to efi if not given.
	#   luks=[true|false]     Encrypt root partition. Defaults to true if not given.
	#   root_fs=[ext4|btrfs]  Root filesystem. Defaults to ext4 if not given.
	# Careful: You will get N times the swap amount, so be sure to divide beforehand.
	#create_raid1_luks_layout swap=4GiB type=efi root_fs=ext4 /dev/sd{X,Y}

	# 5. create_btrfs_centric_layout
	#
	# This layout is the same as the single_disk_layout, but uses btrfs as the root
	# filesystem and allows you to put additional disks into the btrfs device pool.
	# Only the first disk will have boot and swap partitions, the other disks will
	# directly be used in the btrfs device pool. If encryption is enabled, all disks
	# must be encrypted separately, as btrfs doesn't support encryption itself.
	# Also works with a single device.
	#
	# Parameters:
	#   swap=<size>                Create a swap partition with given size, or no swap
	#                              at all if set to false.
	#   type=[efi|bios]            Selects the boot type. Defaults to efi if not given.
	#   luks=[true|false]          Encrypt root partition and btrfs devices. Defaults
	#                              to false if not given.
	#   raid_type=[raid0|raid1]    Select raid type. Defaults to raid0.
	#create_btrfs_centric_layout swap=8GiB luks=false raid_type=raid0 /dev/sd{X,Y}
	#create_btrfs_centric_layout swap=8GiB luks=true /dev/sdX
}


################################################
# LUKS/ZFS encryption configuration

# If you have selected a disk layout that uses encryption with LUKS or ZFS,
# you need to define an encryption key. If you have not used an encrypted
# layout, you can skip this section.
#
# ######## Example: Password
#
# If you want a standard password, simply export it to the variable $GENTOO_INSTALL_ENCRYPTION_KEY,
# or echo it in the function below.
#   1. export GENTOO_INSTALL_ENCRYPTION_KEY="my strong passphrase"
#   2. OR: Adjust the function below to return the key: echo "my strong passphrase"
#
# ATTENTION: DO NOT INCLUDE A NEWLINE IN YOUR PASSWORD! Use a longer passphrase instead.
# It will save you a lot of trouble, because most software doesn't support reading passwords
# with newlines from stdin.
#
# By default, the selected KEYMAP will also be applied in the initramfs.
# If you want to be safe, use a long passphrase with standard alphanumeric characters,
# so that you can type it without your selected keymap on the default english layout.
#
# ######## Example: Keyfile
#
# If you want to generate a strong password and use it as a keyfile,
# you will have to do the necessary adjustments to the initramfs yourself.
# Begin setup with a temporary passphrase and replace it later with a keyfile.
#
# Generate a strong keyfile from /dev/urandom. I would suggest piping
# it into base64 afterwards, to avoid problems with special characters in different
# initramfs implementations and to allow manual typing for rescue purposes.
#
# Be aware that the initramfs generated by this script will always ask for a user
# supplied passphrase. If you want to use the keyfile on a USB stick or want an
# even more advanced setup, you will have to make these modifications yourself.
# This basically means adjusting the initramfs cmdline, which you can do here with
# the following statement:
#   DISK_DRACUT_CMDLINE+=("rd.luks.keyfile=whatever")
#
# You can also adjust the boot entry manually after the installation is complete,
# as you can always use the keyfile in a live system. This might be easier if you
# are currently not sure what options you need exactly.
#
# To generate a strong keyfile, follow this procedure:
#
#   1. Generating a strong keyfile with (resulting file must be < 8MiB)
#      `head -c1024 /dev/urandom | base64 -w0 > /path/to/keyfile`
#   2. Now remember the path and also copy the keyfile somewhere safe so you can
#      unlock your machine later.
#   3. Enter path to keyfile in the function below
#
# ######## Example: GPG encrypted keyfile
#
# Same procedure as for the keyfile, but encrypt it after generation with gpg:
#   `cat /path/to/keyfile | gpg --symmetric --cipher-algo AES256 --s2k-digest-algo SHA512 --output /my/permanent/storage/luks-key.gpg`
# Unfortunately, getting GPG to work properly in the initramfs
# isn't as easy, so it's currently not part of this script, but might be later.
# Feel free to experiment though.

# If you don't want to write your password to your disk, simply export it
# in your terminal before running ./install, like so:
#     `export GENTOO_INSTALL_ENCRYPTION_KEY="my strong passphrase"`
# You can also just set the variable here, but this is not recommended because
# depending on your current environment, this file might be stored on an actual disk,
# and so your password would be written to that disk at least once.

################################################
# System configuration

# Enter the desired system hostname here,
# be aware that when creating mdadm raid arrays, this value will be
# recorded in metadata block. If you change it later, you should
# also update the metadata.
HOSTNAME="gentoo"

# The timezone for the new system
TIMEZONE="Europe/London"
#TIMEZONE="Europe/Berlin"

# The default keymap for the system
KEYMAP="us"
#KEYMAP="de-latin1-nodeadkeys"

# Use the same keymap in the initramfs
KEYMAP_INITRAMFS="$KEYMAP"

# A list of additional locales to generate. You should only
# add locales here if you really need them and want to localize
# your system. Otherwise, leave this list empty, and use "C.UTF-8" as the locale.
# Be careful that the syntax for locales is a bit different from the name of the resulting
# locale. For a list of supported locales, see the file /usr/share/i18n/SUPPORTED.
LOCALES=""
# The locale to set for the system. Be careful, the locale names deviate from the LOCALES
# list entries (e.g. .UTF-8 vs .utf8). See `locale -a` for all available locales.
# Although `locale -a` lists the suffix in lower case without any hyphens, it is best to always use UTF-8 in preference to utf8.
LOCALE="C.UTF-8"
# For a German system you could use:
# LOCALES="
# de_DE.UTF-8 UTF-8
# de_DE ISO-8859-1
# de_DE@euro ISO-8859-15
# " # End of LOCALES
# LOCALE="de_DE.UTF-8"


################################################
# Network configuration

# The following network configuration only applies to systemd
# configurations and will otherwise be ignored. All OpenRC based
# configurations always just starts dhcpcd.

# Enable systemd-networkd to configure internet
SYSTEMD_NETWORKD=true
# The interfaces to match and configure (systemd [Match] -> Name)
SYSTEMD_NETWORKD_INTERFACE_NAME="en*"
# Whether to use DHCP (systemd [Network] -> DHCP)
SYSTEMD_NETWORKD_DHCP=true
# If DHCP is disabled, assign the given list of addresses including CIDR mask. (systemd [Network] -> Address)
SYSTEMD_NETWORKD_ADDRESSES=("192.168.1.100/32" "fd00::1/64")
# If DHCP is disabled, use the given gateway
SYSTEMD_NETWORKD_GATEWAY="192.168.1.1"
# Enable sshd in initramfs to allow unlocking encrypted devices / enter emergency shell if needed.
# Requires systemd. Visit https://github.com/gsauthof/dracut-sshd for more information.
SYSTEMD_INITRAMFS_SSHD=false


################################################
# Gentoo configuration

# Choose whether to download the portage tree via git or rsync.
# Git syncing is significantly faster, and generally preferred for new installations.
PORTAGE_SYNC_TYPE="git"
# If you have chosen git, you may select to download the full history of the repository.
# This can easily take up 1-2GB of disk space.
PORTAGE_GIT_FULL_HISTORY=false
# If you have chosen git, you may select the git repository mirror here.
PORTAGE_GIT_MIRROR="https://anongit.gentoo.org/git/repo/sync/gentoo.git"

# The selected gentoo mirror
GENTOO_MIRROR="https://mirror.eu.oneandone.net/linux/distributions/gentoo/gentoo"
#GENTOO_MIRROR="https://distfiles.gentoo.org"

# The architecture of the target system (only tested with amd64)
GENTOO_ARCH="amd64"

# The stage3 tarball variant to use. Determines whether systemd
# or OpenRC is used based on whether "systemd" is contained in this string.
STAGE3_VARIANT="systemd"
# The stage3 tarball to download and bootstrap
STAGE3_BASENAME="stage3-$GENTOO_ARCH-$STAGE3_VARIANT"
# Automatically set to true, if the stage3 tarball is based on systemd. In this case
# we need to use slightly different utilities to setup the base system.
SYSTEMD=$([[ $STAGE3_VARIANT == *systemd* ]] && echo "true" || echo "false")
# Automatically set to true, if the stage3 tarball is based on musl.
MUSL=$([[ $STAGE3_VARIANT == *musl* ]] && echo "true" || echo "false")

# If set to true, the installer will add ACCEPT_KEYWORDS="~$GENTOO_ARCH"
# to /etc/portage/make.conf to enable packages in testing.
USE_PORTAGE_TESTING=true

# If set to true, the best gentoo mirrors will be selected
# automatically by app-portage/mirrorselect
SELECT_MIRRORS=true

# If set to true, mirrorselect will download a large 100kb file
# from each mirror for more accurate test results. This can
# take significantly longer (~5-10min).
SELECT_MIRRORS_LARGE_FILE=false


################################################
# Additional (optional) configuration

# Array of additional packages to install
# e.g. ADDITIONAL_PACKAGES=("app-editors/neovim")
ADDITIONAL_PACKAGES=()

# Install and configure sshd (a reasonably secure config is provided, which
# only allows the use of ed25519 keys, and requires pubkey authentication)
ENABLE_SSHD=true

# Enable binary portage packages where available
ENABLE_BINPKG=false

# An ssh key to add to the authorized_keys file for the root user.
# This variable will become the content of the authorized_keys file,
# so you may specify one key per line (include the newlines in the variable).
ROOT_SSH_AUTHORIZED_KEYS=""


################################################
# Prove that you have read the config

# To prove that you have read and edited the config
# properly, set the following value to true.
I_HAVE_READ_AND_EDITED_THE_CONFIG_PROPERLY=false

################################################
# Hooks

# before_prepare_environment() {
#   einfo 'before prepare environment'
# }

# after_prepare_environment() {
#   einfo 'after prepare environment'
# }

# before_disk_configuration() {
#   einfo 'before disk configuration'
# }

# after_disk_configuration() {
#   einfo 'after disk configuration'
# }

# before_download_stage3() {
#   einfo "stage3 basename: $1"
#   einfo 'before download stage3'
# }

# after_download_stage3() {
#   einfo "stage3 downloaded file name: $1"
#   einfo 'after download stage3'
# }

# before_extract_stage3() {
#   einfo "stage3 downloaded file path: $1"
#   einfo "root mountpoint: $1"
#   einfo 'before extract stage3'
# }

# after_extract_stage3() {
#   einfo "stage3 downloaded file path: $1"
#   einfo "root mountpoint: $1"
#   einfo 'after extract stage3'
# }

# before_install() {
#   einfo 'before install'
# }

# after_install() {
#   einfo 'after install'
# }

# before_configure_base_system() {
#   einfo 'before configure base system'
# }

# after_configure_base_system() {
#   einfo 'after configure base system'
# }

# before_configure_portage() {
#   einfo 'before configure portage'
# }

# after_configure_portage() {
#   einfo 'after configure portage'
# }

# before_install_kernel() {
#   einfo 'before install kernel'
# }

# after_install_kernel() {
#   einfo 'after install kernel'
# }