I dislike the new Ubuntu installer, subiquity
.
Apparently I wanted to do something that was not supported by this new installer (yes, I know there’s an encrypted LVM variant but I didn’t want LVM). And even when I installed the minimal possible package selection, I found myself writing a cleanup script just to remove unwanted packages afterwards.
There may be another guide coming soon on how to convert an existing Ubuntu Server installation into a fully encrypted one, which unlocks automatically on boot through network-bound disk encryption. However, this is a guide on installing a custom Ubuntu server with an encrypted root on a UEFI system using debootstrap
– the “hard” way.