43 lines
1.3 KiB
Plaintext
43 lines
1.3 KiB
Plaintext
# Build Configuration
|
|
image:
|
|
name: nullpoint
|
|
version: 39
|
|
arch: x86_64
|
|
hetzner_arch: x86
|
|
|
|
# System Configuration
|
|
system:
|
|
# LUKS Configuration
|
|
luks:
|
|
tang_servers:
|
|
- url: https://tang1.example.com
|
|
thumbprint: your-tang1-thumbprint
|
|
- url: https://tang2.example.com
|
|
thumbprint: your-tang2-thumbprint
|
|
|
|
# TPM Configuration
|
|
tpm:
|
|
pcr_bank: sha256 # PCR bank to use (sha1 or sha256)
|
|
pcr_ids: [0,4,7,8,9] # PCRs to measure
|
|
# PCR descriptions:
|
|
# 0: Core System Firmware executable code (BIOS/UEFI) (RECOMMENDED)
|
|
# 1: Core System Firmware data (BIOS/UEFI settings)
|
|
# 2: Extended or pluggable executable code
|
|
# 3: Extended or pluggable firmware data
|
|
# 4: Boot Manager Code (bootloader) (RECOMMENDED)
|
|
# 5: Boot Manager Configuration and Data
|
|
# 6: Platform-specific code
|
|
# 7: Platform-specific configuration (RECOMMENDED)
|
|
# 8: UEFI driver and application code (RECOMMENDED)
|
|
# 9: UEFI driver and application configuration (RECOMMENDED)
|
|
# 10: UEFI Handoff Tables
|
|
# 11: UEFI Boot Services Code
|
|
# 12: UEFI Boot Services Data
|
|
# 13: UEFI Runtime Services Code
|
|
# 14: UEFI Runtime Services Data
|
|
# 15: UEFI Secure Boot State
|
|
|
|
# System Settings
|
|
timezone: UTC
|
|
keyboard: us
|
|
language: en_US.UTF-8 |