Questions about the rootfs encryption guide

[4761]

Hey folks,
I want to try my hand at running Gentoo again!
After (successfully) following @pietinger's excellent Gentoo for paranoid dummies a while back, it felt a little TOO involved for me.
So I wanted to step it down a notch and run the bin-kernel for the time being while still having some sort of security with an encrypted rootfs (though I know @pietinger isn't the biggest fan of this!).

I have followed this guide to the best of my abilities, but have a few questions left.

1. I get that there's a need for an unencrypted /boot partition, however do I need to put anything on there myself, or will all the things grub and dracut put on there suffice?

2. Since I installed the distribution kernel, do I even need to create the initramfs myself?
according to the handbook I need to tell dracut and grub that some extra parameters are necessary, however don't I only need to tell grub that in my case?

3. Do you know of some guide that is a little more cohesive? Don't get me wrong, the information posted in said guide is extremely valuable, however it often mentions that I can follow the handbook from chapter X to Y, but doesn't explicitely mention what chapters can be left out or need a little extra to work properly.


I hope you guys can help me with this, I am currently doing everything in a VM again so no harms done when I ..eventually.. screw up!


Thanks so much in advance

[CooSee]

you can try out the following in a VM to get comfortable - it'll automate FDE (full disk encryption) install - it uses EFI boot ( no grub ) - but you can emerge grub afterwards if you want.

https://github.com/oddlama/gentoo-install

and here are some other detailed gentoo FDE install Howtos:

https://maxchristman.com/posts/gentoo/

https://gentoo.duxsco.de/

---