Create three partitions with gdisk:
- 512 MB EFI System Partition (ESP) of type EF00
- 512 MB partition 8300 (Linux filesystem) for
/boot - rest for partition 8304 Linux x86-64 root (/) (https://systemd.io/DISCOVERABLE_PARTITIONS/)
Maybe use boot loader partition:
Command (? for help): t
Partition number (1-3): 2
Current type is 'Linux filesystem'
Hex code or GUID (L to show codes, Enter = 8300): bc13c2ff-59e6-4262-a352-b275fd6f7172
Changed type of partition to 'Freedesktop $BOOT'
Do not forget to run partprobe to notify the Linux kernel about the partition table change.
Or, with sgdisk:
sudo sgdisk --zap --new=1:0:+512M /dev/nvme0n1 -t 0:ef00 --new=2:0:+1G -t 0:8300 --new=3:0:0 -t 0:8304 -p
Format partitions:
$ sudo mkfs.fat -F32 -nESP /dev/nvme0n1p1
mkfs.fat 4.1 (2017-01-24)
$ sudo mkfs.ext4 -L boot /dev/nvme0n1p2
[…]
$ sudo cryptsetup luksFormat /dev/nvme0n1p3
$ sudo cryptsetup luksOpen /dev/nvme0n1p3 nvme0n1p3_crypt
Check file config, and update hostname and root password.
Install Debian sid/unstable with the command below:
DEBOOTSTRAP=mmdebstrap sudo grml-debootstrap -c config --efi /dev/nvme0n1p1 --chroot-scripts chroot-scripts --packages packages
Mount system and enter with chroot:
$ sudo mount /dev/mapper/nvme0n1p3_crypt /mnt
Move files from /mnt/boot to /dev/nvme0n1p2:
$ sudo mount /dev/nvme0n1p2 /mnt/tmp
$ sudo mv /mnt/boot /mnt/tmp
$ sudo umount /mnt/tmp
$ sudo mount /dev/nvme0n1p2 /mnt/boot
$ sudo mkdir /mnt/boot/efi
$ sudo mount /dev/nvme0n1p1 /mnt/boot/efi
$ sudo grml-chroot /mnt bash
Edit /etc/fstab to add the boot partition.
Edit /etc/crypttab to add the root partition:
nvme0n1p3_crypt UUID=<in lsblk -O> none luks
Update initrd and install GRUB:
$ sudo update-initramfs -c -k all
$ sudo grub-install
$ sudo update-grub