How to get grub to boot from a newly encrypted partition

I recently encrypted my root partition (sda7) with luksipc. It worked well, I can unlock the partition and mount it when running from a live USB, but the OS doesn't load anymore.

My system has 4 relevant partitions:

• /dev/sda1 - EFI
• /dev/sda5 - boot
• /dev/sda7 - root (now encrypted with LUKS)
• /dev/sda8 - swap

I only modified sda7, and I haven't modified my /etc/fstab, /etc/crypttab, and /etc/grub.d/ files because I didn't know what to put in them. This is what I need help with!

My /etc/fstab contains:

UUID=211bd0c8-… / ext4 errors=remount-ro 0 1

(221bd0c8-… being the UUID of the unlocked sda7)

My /etc/crypttab contains an entry for the swap partition (sda8) but nothing for the encrypted sda7 (UUID=8fa9b089-…)

My /boot/grub/grub.cfg has:

linux /vmlinuz-4.15.0-36-generic root=UUID=221bd0c8-… ro quiet splash $vt_handoff
initrd /initrd.img-4.15.0-36-generic

I'm not sure how this file is generated, but I used to use grub-cutomizer to edit my boot menu before :)

How can I get my laptop back? (without restoring a backup that is)

Thanks for your efforts. So your final setup doesn't have /boot partition encrypted, right? I was trying to set up a whole disk encryption with a single LUKS partition recently (which is mapped into /boot /root /home /var, all encrypted). Last time I did it several years ago I found it non-trivial and gave up (left /boot unencrypted). Now checking again.

@DmitrySomov you're right, my /boot isn't encrypted. I didn't even know that's possible with a simple grub setup!