Created
July 24, 2025 18:16
-
-
Save chashtag/4a1fb101210cfd61f0ce213cd498fe2b to your computer and use it in GitHub Desktop.
Revisions
-
chashtag created this gist
Jul 24, 2025 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,33 @@ url --url="https://mirror.fcix.net/fedora/linux/releases/42/Everything/x86_64/os/" repo --name=fedora-updates --baseurl="https://mirror.fcix.net/fedora/linux/releases/42/Everything/x86_64/os/" --install clearpart --all zerombr part /boot/efi --fstype=efi --label=BOOT --size=2048 --ondisk=/dev/vda part /boot --fstype=xfs --size=1024 --ondisk=/dev/vda part pv.01 --asprimary --size=1 --grow --encrypted --passphrase=changeme --ondisk=/dev/vda volgroup vg pv.01 logvol / --vgname=vg --name=fedora-root --size=1 --grow --fstype=xfs firewall --enabled --ssh network --onboot=yes --bootproto=dhcp --hostname=fedora keyboard us lang en_US services --enable=sshd --disabled=mlocate-updatedb,mlocate-updatedb.timer,geoclue,avahi-daemon timezone America/New_York --utc rootpw password text %packages %end %post dd if=/dev/urandom of=/boot/efi/firstbootkey bs=1024 count=4 # create a keyfile and store it somewhere not encrypted echo changeme | cryptsetup -v luksAddKey /dev/vda3 /boot/efi/firstbootkey # add said keyfile to a keyslot sed 's/none.*/\/firstbootkey:\/dev\/vda1 discard,luks,keyfile-timeout=10s/g' /etc/crypttab -i # edit crypttab to use that key dracut -fv # regen initrd %end reboot