diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 19 |
1 files changed, 11 insertions, 8 deletions
@@ -191,17 +191,19 @@ still being installed in a chroot. Thus, **v-i** does the following: -* delete any trace of LVM2 from all drives, wipe all SSDs, and - generally reset the system to as close to a blank state as possible - - there is no question "are you sure?" to give the user a chance to - repent: as soon as you run **v-i**, you've lost all your data +* delete any trace of LVM2 from all drives, erase all SSDs (securely, + if possble), and generally reset the system to as close to a blank + state as possible + - __there is no question "are you sure?" to give the user a chance to + repent: as soon as you run **v-i**, you've lost all your data__ * create a partition table ("label") on the target drive -* create EFI and boot partitions, needed to boot with UEFI and LUKS +* create cleartext EFI and boot partitions, needed to boot with UEFI + and LUKS * create a physical volume for LVM2, and a logical volume for the root file system - add any additional drives as physical volumes to the volume group - - optionally use LUKS for full disk encryption for each physical - volume + - optionally use LUKS2 for full disk encryption for each physical + volume (LUKS2 for `argon2id` support) * install the Debian base system - run `debootstrap`, install a boot loader, and create fstab and `crypttab` files @@ -212,7 +214,8 @@ Thus, **v-i** does the following: - install an SSH server - add a chosen SSH public key to the root user's authorized keys file -* run any additional playbooks + - other configuration +* run any additional playbooks provided by the user **v-i** uses the **vmdb2** caching feature, where the results of `debootstrap` and some other steps get stored in a compressed tar |