V8.00.000.2025.06.17

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-10-15 07:08:52 +01:00
parent 0bb6cb6a64
commit f0bbc6094d
6 changed files with 69 additions and 55 deletions
--- a/.preseed/partitioning.yaml
+++ b/.preseed/partitioning.yaml
@@ -34,9 +34,12 @@ recipe:
        time: 256              # The number of milliseconds to spend with PBKDF passphrase processing.
      luks_backup: true        # Specify if LUKS Header backups should be created. If so, provide an external backup URL:
                               # luks_backup_url: "https://cloud.e2ee.li/" or leave empty for local backup.
-                               # Also provide the cloud access token and access passwords via ./.preseed/password_luks_backup.txt
-                               # Yet Nextcloud only is supported.
+                               # Also provide the cloud access token and access passwords via
+                               # ./.preseed/password_luks_backup.txt. Yet Nextcloud only is supported.
      luks_backup_url: "https://cloud.e2ee.li/"
+      luks_backup_pgp: "ciss"  # Specify the trigger for use of the LUKS Header backup encryption key.
+                               # Allowed values are: 'ciss', and 'physnet'. MUST be provided.
+                               # Otherwise, the backup is NOT created.
      name: "ciss.2025.gpt.btrfs.ephemeral.non-raid.256GiB.rescue"
      nuke: true               # Activates Nuke-Mechanism in '/etc/crypttab' keyscript and via dropbear SSH forced command.
      nuke_rounds: 16384       # SHA512 KDF Rounds for Nuke Passphrase. If omitted, the default value is '8,388,608'.