terracenter/Howto.txt

## Howto.txt

## prerequirements (VPS - XL) - after entered the rescuesystem
bash
mkfs.ext4 /dev/sda1
mkfs.ext4 /dev/sda3
mount /dev/sda3 /mnt/gentoo
mkdir /mnt/gentoo/boot
cd /mnt/gentoo
#stage3: https://www.gentoo.org/downloads/#other-arches | current: http://distfiles.gentoo.org/releases/amd64/autobuilds/20170525/stage3-amd64-20170525.tar.bz2
wget <PASTED_STAGE_URL>
tar xvjpf stage3-*.tar.bz2 --xattrs --numeric-owner
rm stage3-*.tar.bz2*
cd etc/portage && rm make.conf
wget https://gist.githubusercontent.com/aspann/e05aaf64b417c31b76c5f1ea2b86ba82/raw/336a4ac9e057a9694c9ea3c6a9c5696841b88188/make.conf
cd .. && ln -s portage/make.conf .
cp -L /etc/resolv.conf /mnt/gentoo/etc/

## mounting
mount -t proc /proc /mnt/gentoo/proc
mount --rbind /sys /mnt/gentoo/sys
mount --make-rslave /mnt/gentoo/sys
mount --rbind /dev /mnt/gentoo/dev
mount --make-rslave /mnt/gentoo/dev

## enter environment
chroot /mnt/gentoo /bin/bash
. /etc/profile && export PS1="(chroot) $PS1"
mount /dev/sda1 /boot
emerge-webrsync && emerge --sync --quiet
eselect news read all
eselect profile list
# select 13.0/systemd profile
eselect profile set 10

## setting Locale / updating Portage and needed packages
mkdir -p /etc/portage/package.{unmask,keywords,use}/
echo "sys-kernel/gentoo-sources ~amd64" >> /etc/portage/package.keywords/gentoo-sources
echo "sys-kernel/genkernel ~amd64" >> /etc/portage/package.keywords/genkernel
echo "sys-kernel/genkernel" >> /etc/portage/package.unmask/genkernel
echo "sys-apps/busybox -static" >> /etc/portage/package.use/busybox
echo "Europe/Berlin" > /etc/timezone
echo -e "en_US ISO-8859-1\nen_US.UTF-8 UTF-8\nde_DE.UTF-8 UTF-8\nde_DE ISO-8859-1\nde_DE@euro ISO-8859-15" > /etc/locale.gen
locale-gen
eselect locale set de_DE.utf8
echo 'LC_COLLATE="C"' >> /etc/env.d/02locale
env-update && source /etc/profile && export PS1="(chroot) $PS1"
emerge -NDua @world
emerge dev-vcs/git app-misc/mc joe gentoo-sources genkernel grub pciutils cronie metalog mlocate iptables gentoolkit eix layman

## Building Kernel
cd /usr/src/linux
wget https://gist.githubusercontent.com/aspann/d9b65b8de76b23cf023164800dc435f7/raw/ac76be28ba7156c49fb61b11d7dc41e4040e5156/.config
genkernel --install --no-splash --no-clean --symlink --lvm --disklabel --menuconfig --makeopts=-j11 --kernname="<HOSTNAME>" all
sed -i "s/genkernel/<HOSTNAME>/g" /etc/grub.d/10_linux
## GRUB_CMDLINE_LINUX="init=/usr/lib/systemd/systemd rootfstype=ext4 net.ifnames=0" -> /etc/default/grub
grub-install /dev/sda
grub-mkconfig -o /boot/grub/grub.cfg

## enable SSH
passwd
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config && systemctl enable sshd

## Mounting (fstab)
blkid
    #/etc/fstab
    UUID=<UID - /dev/sda3>       /               ext4            rw,relatime,data=ordered        0 0
    UUID=<UID - /dev/sda1>       /boot           ext4            noauto,rw,relatime,data=ordered 0 0
    UUID=<UID - /dev/sda2>       none            swap            sw                              0 2

## Network config:
    #/etc/systemd/network/10-default.link:
    [Match]
    MACAddress=<InterfaceMAC>

    [Link]
    Name=eth0

    #/etc/systemd/network/10-default.network:
    [Match]
    Name=eth0

    [Network]
    Address=<assigend IPv6>/64
    Gateway=fe80::1

    DNS=2a02:c207::2:53
    DNS=2a02:c205::2:53

    Address=<assigned IPv4>/24
    Gateway=<assigned Gateway IPv4>

    DNS=213.136.95.11
    DNS=79.143.183.252

systemctl enable systemd-networkd cronie metalog

## Leaving environment and boot into gentoo (*fingerscrossed*)
exit
cd
umount -l /mnt/gentoo/dev{/shm,/pts,}
umount -R /mnt/gentoo
exitrescue
reboot

## Post install:
- change hostname (hostnamectl)
- enable ntp (timedatectl set-ntp true )
- change SSH Port and use Key-Only auth!
- install and configure fail2ban and iptables
- have a lot of FUN! :)

	## prerequirements (VPS - XL) - after entered the rescuesystem
	bash
	mkfs.ext4 /dev/sda1
	mkfs.ext4 /dev/sda3
	mount /dev/sda3 /mnt/gentoo
	mkdir /mnt/gentoo/boot
	cd /mnt/gentoo
	#stage3: https://www.gentoo.org/downloads/#other-arches \| current: http://distfiles.gentoo.org/releases/amd64/autobuilds/20170525/stage3-amd64-20170525.tar.bz2
	wget <PASTED_STAGE_URL>
	tar xvjpf stage3-*.tar.bz2 --xattrs --numeric-owner
	rm stage3-.tar.bz2
	cd etc/portage && rm make.conf
	wget https://gist.githubusercontent.com/aspann/e05aaf64b417c31b76c5f1ea2b86ba82/raw/336a4ac9e057a9694c9ea3c6a9c5696841b88188/make.conf
	cd .. && ln -s portage/make.conf .
	cp -L /etc/resolv.conf /mnt/gentoo/etc/

	## mounting
	mount -t proc /proc /mnt/gentoo/proc
	mount --rbind /sys /mnt/gentoo/sys
	mount --make-rslave /mnt/gentoo/sys
	mount --rbind /dev /mnt/gentoo/dev
	mount --make-rslave /mnt/gentoo/dev

	## enter environment
	chroot /mnt/gentoo /bin/bash
	. /etc/profile && export PS1="(chroot) $PS1"
	mount /dev/sda1 /boot
	emerge-webrsync && emerge --sync --quiet
	eselect news read all
	eselect profile list
	# select 13.0/systemd profile
	eselect profile set 10

	## setting Locale / updating Portage and needed packages
	mkdir -p /etc/portage/package.{unmask,keywords,use}/
	echo "sys-kernel/gentoo-sources ~amd64" >> /etc/portage/package.keywords/gentoo-sources
	echo "sys-kernel/genkernel ~amd64" >> /etc/portage/package.keywords/genkernel
	echo "sys-kernel/genkernel" >> /etc/portage/package.unmask/genkernel
	echo "sys-apps/busybox -static" >> /etc/portage/package.use/busybox
	echo "Europe/Berlin" > /etc/timezone
	echo -e "en_US ISO-8859-1\nen_US.UTF-8 UTF-8\nde_DE.UTF-8 UTF-8\nde_DE ISO-8859-1\nde_DE@euro ISO-8859-15" > /etc/locale.gen
	locale-gen
	eselect locale set de_DE.utf8
	echo 'LC_COLLATE="C"' >> /etc/env.d/02locale
	env-update && source /etc/profile && export PS1="(chroot) $PS1"
	emerge -NDua @world
	emerge dev-vcs/git app-misc/mc joe gentoo-sources genkernel grub pciutils cronie metalog mlocate iptables gentoolkit eix layman

	## Building Kernel
	cd /usr/src/linux
	wget https://gist.githubusercontent.com/aspann/d9b65b8de76b23cf023164800dc435f7/raw/ac76be28ba7156c49fb61b11d7dc41e4040e5156/.config
	genkernel --install --no-splash --no-clean --symlink --lvm --disklabel --menuconfig --makeopts=-j11 --kernname="<HOSTNAME>" all
	sed -i "s/genkernel/<HOSTNAME>/g" /etc/grub.d/10_linux
	## GRUB_CMDLINE_LINUX="init=/usr/lib/systemd/systemd rootfstype=ext4 net.ifnames=0" -> /etc/default/grub
	grub-install /dev/sda
	grub-mkconfig -o /boot/grub/grub.cfg

	## enable SSH
	passwd
	echo "PermitRootLogin yes" >> /etc/ssh/sshd_config && systemctl enable sshd

	## Mounting (fstab)
	blkid
	#/etc/fstab
	UUID=<UID - /dev/sda3> / ext4 rw,relatime,data=ordered 0 0
	UUID=<UID - /dev/sda1> /boot ext4 noauto,rw,relatime,data=ordered 0 0
	UUID=<UID - /dev/sda2> none swap sw 0 2

	## Network config:
	#/etc/systemd/network/10-default.link:
	[Match]
	MACAddress=<InterfaceMAC>

	[Link]
	Name=eth0

	#/etc/systemd/network/10-default.network:
	[Match]
	Name=eth0

	[Network]
	Address=<assigend IPv6>/64
	Gateway=fe80::1

	DNS=2a02:c207::2:53
	DNS=2a02:c205::2:53

	Address=<assigned IPv4>/24
	Gateway=<assigned Gateway IPv4>

	DNS=213.136.95.11
	DNS=79.143.183.252

	systemctl enable systemd-networkd cronie metalog

	## Leaving environment and boot into gentoo (fingerscrossed)
	exit
	cd
	umount -l /mnt/gentoo/dev{/shm,/pts,}
	umount -R /mnt/gentoo
	exitrescue
	reboot

	## Post install:
	- change hostname (hostnamectl)
	- enable ntp (timedatectl set-ntp true )
	- change SSH Port and use Key-Only auth!
	- install and configure fail2ban and iptables
	- have a lot of FUN! :)