void-bootstrapp

3 Commits 1 Branch 0 Tags

Author	SHA1	Message	Date
Stefan Strobl	0d29a9ae62	feat(disk): add phase 1 narrative for disk preparation modules Add literate programming phase 1 documentation for: - partitioning.sh: UEFI layout with ESP and encrypted root - encryption.sh: LUKS encryption strategy and key handling - filesystems.sh: filesystem choices and swap configuration - mounts.sh: mount tree preparation for installer handoff Decision: Swap file instead of swap partition for automatic encryption and flexibility. Swap partition would require either a second LUKS container (two passphrases at boot), unencrypted swap (security risk), or LVM (out of scope). Decision: /boot inside encrypted root for simplicity. GRUB unlocks LUKS once, kernel and initramfs are protected. ESP remains unencrypted per UEFI requirements. Decision: Default to btrfs with explicit ext4 opt-in. Btrfs provides snapshots and flexibility. Swap file on btrfs requires No-COW subvolume to avoid corruption. Trade-off: LUKS2 vs LUKS1. LUKS2 provides better security features and tooling, but GRUB <2.06 may have incomplete support. Users informed of potential boot issues with clear recovery path rather than silent downgrade.	2025-12-24 09:51:25 +01:00
Stefan Strobl	d6be456c39	feat(core): add phase 1 narrative for core orchestration modules Add literate programming phase 1 documentation for: - main.sh: wrapper orchestration and user journey - config.sh: configuration management and defaults - sanity.sh: preflight safety checks Decision: UEFI-only support to reduce complexity. BIOS would require separate /boot partition and additional testing burden disproportionate to modern hardware usage. Decision: LUKS2 as default encryption for improved security tooling, with clear guidance for LUKS1 fallback if GRUB boot fails. Auto-detection rejected due to version fragmentation. Decision: Interactive configuration as default. Presets are out of scope for phase 1 to keep the flow understandable. The user journey documents the complete end-to-end flow from live medium boot to first encrypted boot, establishing clear handoff points between wrapper and installer.	2025-12-24 09:50:14 +01:00
Stefan Strobl	dbf40c30d8	docs: add literate programming guidelines and project notes Add comprehensive documentation for literate programming approach: - Phase 1 guidelines focusing on why/what without implementation - General literate programming principles for code documentation - Project notes explaining wrapper script concept and strategy Decision: Follow literate programming to make the wrapper maintainable and educational. Comments tell the story, code implements it. This foundation enables better collaboration and knowledge transfer. The notes.md establishes the core concept: a reproducible wrapper around the Void installer that automates error-prone LUKS encryption setup while keeping user control over system configuration choices.	2025-12-24 09:50:00 +01:00

Author

SHA1

Message

Date

Stefan Strobl

0d29a9ae62

feat(disk): add phase 1 narrative for disk preparation modules

Add literate programming phase 1 documentation for:
- partitioning.sh: UEFI layout with ESP and encrypted root
- encryption.sh: LUKS encryption strategy and key handling
- filesystems.sh: filesystem choices and swap configuration
- mounts.sh: mount tree preparation for installer handoff

Decision: Swap file instead of swap partition for automatic
encryption and flexibility. Swap partition would require either
a second LUKS container (two passphrases at boot), unencrypted
swap (security risk), or LVM (out of scope).

Decision: /boot inside encrypted root for simplicity. GRUB
unlocks LUKS once, kernel and initramfs are protected. ESP
remains unencrypted per UEFI requirements.

Decision: Default to btrfs with explicit ext4 opt-in. Btrfs
provides snapshots and flexibility. Swap file on btrfs requires
No-COW subvolume to avoid corruption.

Trade-off: LUKS2 vs LUKS1. LUKS2 provides better security
features and tooling, but GRUB <2.06 may have incomplete
support. Users informed of potential boot issues with clear
recovery path rather than silent downgrade.

2025-12-24 09:51:25 +01:00

Stefan Strobl

d6be456c39

feat(core): add phase 1 narrative for core orchestration modules

Add literate programming phase 1 documentation for:
- main.sh: wrapper orchestration and user journey
- config.sh: configuration management and defaults
- sanity.sh: preflight safety checks

Decision: UEFI-only support to reduce complexity. BIOS would
require separate /boot partition and additional testing burden
disproportionate to modern hardware usage.

Decision: LUKS2 as default encryption for improved security
tooling, with clear guidance for LUKS1 fallback if GRUB boot
fails. Auto-detection rejected due to version fragmentation.

Decision: Interactive configuration as default. Presets are
out of scope for phase 1 to keep the flow understandable.

The user journey documents the complete end-to-end flow from
live medium boot to first encrypted boot, establishing clear
handoff points between wrapper and installer.

2025-12-24 09:50:14 +01:00

Stefan Strobl

dbf40c30d8

docs: add literate programming guidelines and project notes

Add comprehensive documentation for literate programming approach:
- Phase 1 guidelines focusing on why/what without implementation
- General literate programming principles for code documentation
- Project notes explaining wrapper script concept and strategy

Decision: Follow literate programming to make the wrapper
maintainable and educational. Comments tell the story, code
implements it. This foundation enables better collaboration
and knowledge transfer.

The notes.md establishes the core concept: a reproducible
wrapper around the Void installer that automates error-prone
LUKS encryption setup while keeping user control over system
configuration choices.

2025-12-24 09:50:00 +01:00