completed installation section

void-desktop-install.md

@@ -1,10 +1,10 @@
-# A Void Linux install (Unfinished)
+# A Void Linux desktop install (Unfinished)
 
 This install is based on the [EFI boot stub](https://mth.st/blog/void-efistub/) blog entry of [Matthias Totschnig](https://mth.st/), the [Void Handbook](https://docs.voidlinux.org/about/index.html) and the Void Linux man pages. This guide focuses on a Void Linux x86-64 glibc/musl install. In this install gummiboot is used as bootloader and the root partition will be encrypted.
 
 ## Provisioning
 
-First off you'll need to partition your drive, possibly with fdisk. It should have atleast two partitions with one `EFI System` Partition and one `Linux filesystem` partition.
+First off the drive should be partitioned, possibly with fdisk. It should have atleast two partitions with one `EFI System` Partition and one `Linux filesystem` partition.
 
 It should look something like this:
 
@@ -13,12 +13,14 @@ It should look something like this:
 | 1     |  1 to 2 GB | EFI System        |
 | 2     |  Rest of the drive | Linux filesystem  |
 
-Then to create the filesystem of the efi partition:
+Then to create the filesystem of the efi partition.
+
 ```
 # mkfs.fat -F 32 -n efi /dev/<disk1>
 ```
 
-And the encrypted filesystem of the root partition:
+And the encrypted filesystem of the root partition.
+
 ```
 # cryptsetup luksFormat /dev/<disk2> --type luks2 --label luks
 # cryptsetup open --type luks /dev/<disk2> root
@@ -26,3 +28,199 @@ And the encrypted filesystem of the root partition:
 ```
 
 ## Installation
+
+The encrypted partition and the efi partition have to be mounted to the main system.
+
+```
+# mount /dev/mapper/root /mnt
+# mkdir /mnt/boot
+# mount /dev/<disk1> /mnt/boot
+# for dir in dev proc sys run; do
+> mkdir /mnt/$dir
+> mount --rbind --make-rslave /$dir /mnt/$dir
+> done
+```
+
+The "base-system" needs to be installed to the mounted drive. For this installation there is also other packages which are needed like NetworkManager, gummiboot and cryptsetup.
+
+* For glibc:
+
+```
+# xbps-install -Sy -R https://repo-default.voidlinux.org/current -r /mnt base-system cryptsetup gummiboot vim apparmor NetworkManager git
+```
+
+* For musl:
+
+```
+# xbps-install -Sy -R https://repo-default.voidlinux.org/current/musl -r /mnt base-system cryptsetup gummiboot vim apparmor NetworkManager git
+```
+
+To get internet inside the chroot whilst installing the system, copy over the `resolve.conf`.
+
+```
+# cp /etc/resolve.conf /mnt/etc/resolve.conf
+```
+
+Entering the chroot and configuring the system.
+
+```
+# chroot /mnt
+# chown root:root /
+# chmod 755 /
+# passwd root
+# echo <hostname> > /etc/hostname
+```
+
+Adding the `uuid` of the root partition to `crypttab`, by first creating `/etc/crypttab`:
+
+```
+# touch /etc/crypttab
+```
+
+Then the `uuid` can be obtained by:
+
+```
+# lsblk -f |grep luks >> /etc/crypttab
+```
+
+Now edit `/etc/crypttab` and insert:
+
+```
+root /dev/disk/by-uuid/<uuid> none:
+```
+
+We can configure the `fstab` by editing `/etc/fstab` and inserting:
+
+```
+tmpfs /tmp tmpfs defaults,nosuid,nodev 0 0
+efivarfs /sys/firmware/efi/efivars efivarfs defaults 0 0
+/dev/disk/by-label/root / ext4 defaults,noatime 0 1
+/dev/disk/by-label/efi /boot vfat defaults 0 2
+```
+
+Create `/etc/dracut.conf.d/30.conf` to configure dracut.
+
+```
+hostonly="yes"
+use_fstab="yes"
+install_items+=" /etc/crypttab "
+add_drivers+=" vfat nls_cp437 nls_iso8859_1 "
+```
+
+Create a symbolic link from `/etc/fstab.sys` to `/etc/fstab` to indicate that dracut should mount all the file systems listed. 
+
+```
+# ln -s /etc/fstab /etc/fstab.sys
+```
+
+Then, to omit mounting them again in runit stage 1, disable the corresponding core service.
+
+```
+# mv /etc/runit/core-services/03-filesystems.sh{,.bak}
+```
+
+Edit `/etc/xbps.d/xbps.conf` to prevent the service from being added back by an update to runit-void.
+
+```
+noextract=/etc/runit/core-services/03-filesystems.sh
+```
+
+Now mount `efivarfs` to `/sys/firmware/efi/efivars`.
+
+```
+# mount -t efivarfs efivarfs /sys/firmware/efi/efivars
+```
+
+And install gummiboot.
+
+```
+# gummiboot install
+```
+
+Create `/boot/loader/void-options.conf` to configure gummiboot.
+
+```
+# touch /boot/loader/void-options.conf
+```
+
+The `uuid` is needed again and can be obtained by:
+
+```
+# lsblk -f |grep luks >> /boot/loader/void-options.conf
+```
+
+Now edit `/boot/loader/void-options.conf` and insert:
+
+```
+rw rd.luks.name=<uuid>=root root=/dev/mapper/root quiet splash apparmor=1 security=apparmor
+```
+
+To obtain a boot menu. A timeout may be added to `/boot/loader/loader.conf`.
+
+```
+timeout 4
+```
+
+Then to configure the locales:
+
+* For glibc: edit `/etc/default/libc-locales` and uncomment.
+
+```
+en_US.UTF-8 UTF-8
+```
+
+* For musl:
+
+```
+```
+
+Then reconfigure the locales.
+
+* For glibc:
+
+```
+# xbps-reconfigure -f glibc-locales
+```
+
+* For musl:
+
+```
+```
+
+To obtain better security, `apparmor` will be set to enforce. By editing `/etc/default/apparmor` and inserting:
+
+```
+APPARMOR=enforce
+```
+
+To set the internal network edit `/etc/hosts` and insert.
+
+```
+127.0.1.1 <hostname>
+```
+
+Finally reconfigure Linux.
+
+```
+# xbps-reconfigure -f linux{version}
+```
+
+Exit the chroot.
+
+```
+# exit
+```
+
+Do not forget to umount. (I always do).
+
+```
+# umount -r /mnt
+```
+
+And reboot.
+
+```
+# shutdown -r now
+```
+
+## Post install