I’m looking into a Fedora 34 set up with the entire /root /home and snapshot volumes to be inside a LUKS container. The installer is not much help on this. Does anyone have any tips? I have created a LUKS container, and have no problem with a vfat boot partition using systemd-boot. I guess i’m stuck at passing kernel parameters, fstab, dracut? Any help is appreciated !
I did something very similiar recently except I did btrfs on luks instead of lvm on luks. That being said, I think the process would be the same.
The blivet partitioning tool in the installer can pretty easily handle the luks partition, lvm and the efi partition. The challenge I had was that it wants an unencrypted /boot for grub.
I created a small partition for /boot formatted to ext4. Then I let the installer complete the installation as normal.
After install, I removed grub, installed systemd-boot and deleted /boot partition. I have done this quite a few times and I saved all the commands I used to do that if you want them.
I have frequently removed grub from my installs because of my setups. So I’m fairly comfortable with that.
I’ll give it a try ! Thanks for the tip, I’ve had a “iffy” relationship with blivet constantly crashing during the process. I’ll give it a go and post my results !
If that road doesn’t work out for some reason another random tip I would give you(you may already know this) is that you can put all your kernel options in /etc/kernel/cmdline. kernel-install will normally grab your running kernel options when building the systemd-boot entries for you. However, if you are in a chroot or changing your config that doesn’t really work. In this case you can edit /etc/kernel/cmdline and it will get picked up from there.
i’ll give this a try ! Thanks for taking the time out to create a vm for this !
The free space is for a snapshot partition… thats the next step.
P.S :
I guess my only concern left is that the drive will only have a visible LUKS and the boot partitons. and not that it’s a boot artition + a Volume Group encrypted with LUKS. I’ll post updates later.