From 98e4740739202021d6b808e2988529bdbc5b647a Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Sat, 12 Aug 2023 11:40:42 +0300 Subject: docs(README.md): update description of installation process Sponsored-by: author --- README.md | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index c836cec..a069c8a 100644 --- a/README.md +++ b/README.md @@ -191,17 +191,19 @@ still being installed in a chroot. Thus, **v-i** does the following: -* delete any trace of LVM2 from all drives, wipe all SSDs, and - generally reset the system to as close to a blank state as possible - - there is no question "are you sure?" to give the user a chance to - repent: as soon as you run **v-i**, you've lost all your data +* delete any trace of LVM2 from all drives, erase all SSDs (securely, + if possble), and generally reset the system to as close to a blank + state as possible + - __there is no question "are you sure?" to give the user a chance to + repent: as soon as you run **v-i**, you've lost all your data__ * create a partition table ("label") on the target drive -* create EFI and boot partitions, needed to boot with UEFI and LUKS +* create cleartext EFI and boot partitions, needed to boot with UEFI + and LUKS * create a physical volume for LVM2, and a logical volume for the root file system - add any additional drives as physical volumes to the volume group - - optionally use LUKS for full disk encryption for each physical - volume + - optionally use LUKS2 for full disk encryption for each physical + volume (LUKS2 for `argon2id` support) * install the Debian base system - run `debootstrap`, install a boot loader, and create fstab and `crypttab` files @@ -212,7 +214,8 @@ Thus, **v-i** does the following: - install an SSH server - add a chosen SSH public key to the root user's authorized keys file -* run any additional playbooks + - other configuration +* run any additional playbooks provided by the user **v-i** uses the **vmdb2** caching feature, where the results of `debootstrap` and some other steps get stored in a compressed tar -- cgit v1.2.1