Skip to content

Instantly share code, notes, and snippets.

@sandeepansg

sandeepansg/popdoge.md

Last active December 13, 2022 04:18
Show Gist options
  • Save sandeepansg/f1ba77297eba868c4919a78843650aae to your computer and use it in GitHub Desktop.
Save sandeepansg/f1ba77297eba868c4919a78843650aae to your computer and use it in GitHub Desktop.
Download ZIP
Dual Boot Windows with Pop!_OS from LUKS2 encrypted LVM2 using systemd-boot
Raw
popdoge.md

Dual Boot Windows with Pop!_OS from LUKS2 encrypted LVM2 using systemd-boot

A noob's journey into LUKS2 encrypted LVM2

TL;DR : The purpose of this guide is to come up with a Debian equivalent for “I use Arch, BTW

Prerequisite

This guide is written with these following assumptions in mind:

  1. The user is working on a UEFI system with GPT disk
  2. Windows is already installed and the ESP have sufficient space available (Recommended : 512 MiB) and free space is available on disk for Pop!_OS installation
  3. User already made a bootable media for Pop!_OS

To meet some these conditions, start here.

Note

This guide is tested with Windows 10, Windows 11, Pop!_OS 21.04, Pop!_OS 21.10 and Pop!_OS 22.04

Disclaimer

Author can not be held responsible if this guide causes awakening of Cthulhu

Preparation

  1. Boot into Windows
  2. Press Windows Key + X
  3. Select Disk Management
  4. Bring out Calculator and calculate the total capacity in MiB (1 GiB is 1024 MiB where 1 MiB = 1048576 bytes) you need for Pop!_OS
  5. Remind yourself that Windows considers MiB as MB
  6. Recall that LVM itself consumes 1MiB
  7. Add 1 to the previously calculated capacity value for Pop!_OS Partition
  8. Create a Partition of the same value in ( MB ) using New Simple Volume Wizard
  9. Create an additional 4096 MiB FAT32 partition as well

Installation

  1. Boot from Pop!_OS livedisk in UEFI mode.
  2. Wait till the desktop environment is loaded and pop's guided installer is popped up.
  3. Chuckle a bit for the pun and reflect upon the choices you made in life that led to you reading this line.
  4. Close the installer by right clicking on it's icon from dock.
  5. Press Windows Key + T to launch the terminal.
  6. Switch to root by typing sudo -i and hitting enter.
  7. Note the switch from :~$ to :~#
  8. Type in lsblk to list block devices

The output should look like the following

root@pop-os:~# lsblk
NAME          MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
sda             8:0    0 111.8G  0 disk
├─sda3          8:1    0    80G  0 part
└─sda4          8:2    0    20G  0 part
nvme0n1       259:3    0   1.8T  0 disk
├─nvme0n1p1   259:4    0   512M  0 part
├─nvme0n1p2   259:5    0    16M  0 part
├─nvme0n1p2   259:6    0     1G  0 part
├─nvme0n1p3   259:7    0   1.5T  0 part
├─nvme0n1p4   259:8    0     4G  0 part
└─nvme0n1p5   259:9    0   282G  0 part

Pop!_OS will be installed on a partition, in this case nvme0n1p5. nvme0n1p1 is identified as ESP where efi files for windows are present. This same partition is to be used for installing /boot/efi from Pop!_OS.

  1. Format nvme0n1p5 with LUKS2 and set passphrase

cryptsetup -c aes-cbc-essiv:sha256 -y -s 256 luksFormat /dev/nvme0n1p5

  1. Unlock the partion as a device and name it cryptdata

cryptsetup luksOpen /dev/nvme0n1p5 cryptdata

  1. Make cryptdata a physical volume

pvcreate /dev/mapper/cryptdata

  1. Create a new volume group on cryptdata and name it data

vgcreate data /dev/mapper/cryptdata

  1. Verify everything from a verbose multi-line output before proceeding any further

pvdisplay -m

  1. Create comprehensively named logical volumes on data
lvcreate --name root --size 256000MiB data
lvcreate --name swap --size 32768MiB data
  1. Verify partition structure

lsblk -f

  1. Close LUKS2 volumes
cryptsetup luksClose /dev/mapper/data-root
cryptsetup luksClose /dev/mapper/data-swap
cryptsetup luksClose /dev/mapper/cryptdata
  1. Launch the Pop!_OS installer from dock
  2. Proceed to partitioning page and select manual partitioning option
  3. At this stage, before the integrated gparted like manual partioning page, notice the banner propmt below the header that hints about the presence of LUKS2 volume that the installer have detected
  4. DO NOT unlock the volume from banner prompt and procced to partitioning page ignoring the propmt
  5. On partitioning page, notice the volumes that are color coded for your convenience. Not all of the volumes can be identified at a glance as the windows may be too small, given you have too many volumes. Notice the almost invisible horizontal scrollbar on top of color coded volume bar right below the header, and use it for navigation
  6. Identify relevant volumes accordingly. In this example nvme0n1p1 will be used as ESP and nvme0n1p4 will be used for recovery. nvme0n1p5 will hold the OS including SWAP
  7. Click on LUKS2 volume, in this case nvme0n1p5 and unlock it by entering passphrase
  8. Notice a new device with its own partiotion table to appear. It should have TWO volumes for this case
  9. Click on each volume on this new device and notice a pop-up menu with some options and switches to appear. Mark them accordingly, in this case the larger volume will be marked to be used and to be formatted in exp4 with mount point being / and the smaller one being swap. Notice a check mark to appear on both
  10. Select nvme0n1p1 and mark it to be used. DO NOT flip the format switch on the pop-up menu. Leave the format as FAT32. Select /boot/esp as mount point
  11. Select nvme0n1p4 and mark it to be used. Flip the format switch on the pop-up menu and set the format as FAT32. Select custom as mount point and manually enter /recovery as mount point. This will create a persistant copy of the bootable media for Pop!_OS
  12. Finish the installation but DO NOT boot into Pop!_OS
  13. Mount the ESP partition, in this case nvme0n1p1 to manipulate EFI

mount /dev/nvme0n1p1 /mnt

  1. Make Windows Boot Manager as an entry in systemd-boot menu and reboot
echo "timeout 5" >> /mnt/loader/entries/loader.conf
reboot

OR

  1. Create windows.conf in /mnt/loader/entries for bootmgfw.efi to be detected and loaded by systemd-boot
( echo "title Microsoft Windows" ; echo "efi /EFI/Microsoft/Boot/bootmgfw.efi" ) >> /mnt/loader/entries/windows.conf
  1. Make backup of the default loader.conf file

cp /mnt/loader/loader.conf /mnt/loader/loader_conf.bak

  1. Modify the loader.conf file
( echo "timeout 5" ; echo "console-mode max" ; echo "auto-entries no" ; echo "default windows" ) > /mnt/loader/loader.conf
  1. Reboot by typing reboot in terminal

To do the last few steps in the CORRECT way, follow this

@sandeepansg
Copy link
Author

Additional Tips

  • Re-install/repair bootloader

    Follow this official article

  • Modify UEFI entries

    Follow this external article

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment