While the way through the first chapters of the installation manual were quite easy, I was facing the first problem at the end of chapter 5. I needed to find out what CFLAGS I'm going to set for the server. Well, there's a link to the gcc optimization documentation and it tells you to look into /proc/cpuinfo. I found the following there:
root@rescue ~ # cat /proc/cpuinfo
cpu family: 6
model name: QEMU Virtual CPU version 0.13.0
cpu MHz: 2806.926
cache size: 4096 KB
cpuid level: 4
flags: fpu de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pse36 clflush mmx fxsr sse sse2 syscall nx
lm up rep_good pni cx16 hypervisor lahf_lm
clflush size: 64
address sizes: 40 bits physical, 48 bits virtual
Yeah, it's a Genuine Intel processor named "QEMU Virtual CPU", how enlightening. So I went looking in the whole wide internet and after some research I stumbled upon the Gentoo Wiki. I almost forgot about it in the past as they had the hard disk crash and needed quite so time to recover. There I found an article about safe CFLAGS and the other one listing safe CFLAGS for Intel. They recommend using -march=native as the compiler then decides what features to enable. If you really wanna know what flags gcc is using you can execute gcc -Q --help=target -march=native and have a look at the output. I don't need this server as a distcc host so I used -march=native and went on. MAKEOPTS was the easier part. My vServer only offers on CPU so -j2 will be fine.
The next step is to setup the mirror to be used for syncing portage. Hetzner has a small but useful Wiki page about installing Gentoo where a host is listed that is a Gentoo mirror inside of the Hetzner network. That's nice because traffic inside the network doesn't have to be paid for and is for sure faster than any connection to an external server. Having this set up chrooting into the new system and doing the first portage sync was a breeze.
The last decision to make before the "real work" of kernel choice and configuration was the profile I want to use. The server will be connected to the internet all the time so it's possible someone wants to get access or at least some automated scan bot comes by once in a while. So I decided to use the hardened profile even if I haven't used it before. There are two of them:
I chose the multilib enabled one because I'm not sure if all the software I'm going to install fully supports a 64bit architecture. This way the server can also run 32bit applications and I'm on the safe side.
The USE flags are not a big deal, just set them as it fits your needs. I switched off the usual stuff you don't need on a server like audio and GUI packages. Finally I configured two locales, the en_US one and the de_DE, both with UTF-8 support. And after generating the locales I was ready to download and configure the kernel.