2025-12-02 23:40:15 -05:00
|
|
|
|
|
|
|
|
|
|
|
|
|
# manual install base
|
|
|
|
|
pacstrap: `pacstrap -K /mnt base base-devel linux-lts linux-firmware iwd vim e2fsprogs openssh git efibootmgr linux-lts-headers wpa_supplicant zsh`
|
|
|
|
|
command: `find /mnt -print0 | xargs -0 sha256sum | tee base-image.sha256sum`
|
|
|
|
|
- issues faced
|
|
|
|
|
- `/etc/kernel/cmdline:rd.luks.name=UUID=name` -- BOOT ERROR -- UUID is of superblock not LUKS container, should be correct in ansible
|
|
|
|
|
- `efibootmgr * --loader "PATH"` -- PATH INVALID ERROR -- PATH doesnt require mount name, oops, should be correct in ansible
|
2025-12-03 08:50:30 -05:00
|
|
|
history:
|
|
|
|
|
- me, a data horder? psshhh, nahhh
|
2025-12-02 23:40:15 -05:00
|
|
|
|
|
|
|
|
# manual install compare-to
|
|
|
|
|
|
2025-12-03 20:23:19 -05:00
|
|
|
- issues faced
|
|
|
|
|
- forgot to add user to sudoers, should be correct in ansible
|
|
|
|
|
- post gui (gnome + firefox)
|
|
|
|
|
- bitwarden
|
|
|
|
|
- gnome dark mode
|
2025-12-02 23:40:15 -05:00
|
|
|
|
|
|
|
|
# ansible install compare-three
|
|
|
|
|
|
|
|
|
|
## secrets
|
|
|
|
|
- bitwarden
|
|
|
|
|
- [x] complex password
|
|
|
|
|
- [ ] fingerprint / biometric phone login (==GOOGLE== make enough money for GrapheneOS)
|
|
|
|
|
- [ ] email (==GOOGLE EDUCATION -- UNCC email== this will be pain, make enough money for ProtonMail)
|
|
|
|
|
- gpg git repo
|
|
|
|
|
- encrypted using GPG key, commited into private git repo
|
|
|
|
|
- ansible_vault
|
|
|
|
|
- double check that default password file I created wasnt accidentally commited anywhere
|
|
|
|
|
- use gitBFG
|
|
|
|
|
|
|
|
|
|
## secureboot
|
|
|
|
|
- OEM Micro$oft leaked (lol) keys
|
|
|
|
|
- hashes:
|
|
|
|
|
- personal key
|
|
|
|
|
- fingerprint:
|
|
|
|
|
|
|
|
|
|
## luks / dm-crypt
|
|
|
|
|
- password
|
|
|
|
|
- backup encryption keyfile
|
|
|
|
|
|
|
|
|
|
## GPG key package signing
|
