This also affects the 18.04.1 "alterantive installer (debian-installer), where I reproduced it today.
This error will not occur on the current default server installer (Subiquity) at this time since it does not support dmcrypt-luks at all. To my knowledge, the desktop installer (Ubiquity) does not support dmcrypt-luks FDE incl. /boot), so it will not occur there either.
To work around this issue, after d-i reports that grub-install failed, choose to 'continue', confirm that you will have to live without a boot loader. Then press escape or select 'go back', which brings up the installers' main menu. There, select to 'run a shell' (one of the latter options), then:
# Mount the EFI system partition (ESP) you defined during manual partitioning ( usually /dev/sda1 - double-check this using: blkid -t TYPE=vfat ) to /target/boot/efi:
mount /dev/sda1 /target/boot/efi
mount --bind /dev /target/dev
mount --bind /dev/pts /target/dev/pts
mount --bind /sys /target/sys
mount --bind /sys/firmware/efi/efivars /target/sys/firmware/efi/efivars
mount --bind /run /target/run # needed for resolver
chroot /target /bin/bash
echo GRUB_ENABLE_CRYPTODISK=y >> /etc/default/grub
apt update
apt purge grub-efi-amd64-signed # unfortunately, to this date, this lacks the grub "cryptodisk" command required to decrypt LUKS and we have to resort to the unsigned grub variant
apt --purge autoremove
apt install grub-efi-amd64
update-initramfs -k all
update-grub
grub-install /dev/sda # this may be different for you, choose the storage device which contains the ESP
exit
This also affects the 18.04.1 "alterantive installer (debian-installer), where I reproduced it today.
This error will not occur on the current default server installer (Subiquity) at this time since it does not support dmcrypt-luks at all. To my knowledge, the desktop installer (Ubiquity) does not support dmcrypt-luks FDE incl. /boot), so it will not occur there either.
To work around this issue, after d-i reports that grub-install failed, choose to 'continue', confirm that you will have to live without a boot loader. Then press escape or select 'go back', which brings up the installers' main menu. There, select to 'run a shell' (one of the latter options), then:
# Mount the EFI system partition (ESP) you defined during manual partitioning ( usually /dev/sda1 - double-check this using: blkid -t TYPE=vfat ) to /target/boot/efi:
mount /dev/sda1 /target/boot/efi
mount --bind /dev /target/dev efi/efivars /target/ sys/firmware/ efi/efivars
mount --bind /dev/pts /target/dev/pts
mount --bind /sys /target/sys
mount --bind /sys/firmware/
mount --bind /run /target/run # needed for resolver
chroot /target /bin/bash CRYPTODISK= y >> /etc/default/grub amd64-signed # unfortunately, to this date, this lacks the grub "cryptodisk" command required to decrypt LUKS and we have to resort to the unsigned grub variant
echo GRUB_ENABLE_
apt update
apt purge grub-efi-
apt --purge autoremove
apt install grub-efi-amd64
update-initramfs -k all
update-grub
grub-install /dev/sda # this may be different for you, choose the storage device which contains the ESP
exit
umount /target/run sys/firmware/ efi/efivars
umount /target/
umount /target/sys
umount /target/dev/pts
umount /target/dev
umount /target/boot/efi
exit
This brings you back into the installer, from where you can continue from the step after "install bootloader".