diff --git a/TODO b/TODO
new file mode 100644
index 0000000..bcc1c1e
--- /dev/null
+++ b/TODO
@@ -0,0 +1,23 @@
+Encrypted root partitions
+
+RAID partitions
+
+Move installer ssh to port other than 22
+
+Use local debian mirror
+
+sshd_config
+
+vim config
+
+Private LAN between data centers
+
+am6 is on slower serial console ?
+
+
+Set up partitioning
+set up second ethernet interface
+
+
+SSH keys per project, auto-generate
+
diff --git a/device-x3.large-notes b/device-x3.large-notes
new file mode 100644
index 0000000..103b860
--- /dev/null
+++ b/device-x3.large-notes
@@ -0,0 +1,196 @@
+# Crypto with LVM
+d-i partman-auto/disk string /dev/sda
+d-i partman-auto/method string crypto
+# When disk encryption is enabled, skip wiping the partitions beforehand.
+d-i partman-auto-crypto/erase_disks boolean true 
+# max swap size
+d-i partman-auto/cap-ram string 4096
+#   File to load for expert recipe
+# d-i partman-auto/expert_recipe_file string <string>
+
+
+### Description: Encryption passphrase:
+#   You need to choose a passphrase to encrypt ${DEVICE}.
+#   .
+#   The overall strength of the encryption depends strongly on this
+#   passphrase, so you should take care to choose a passphrase that is
+#   not easy to guess. It should not be a word or sentence found in
+#   dictionaries, or a phrase that could be easily associated with you.
+#   .
+#   A good passphrase will contain a mixture of letters, numbers and
+#   punctuation. Passphrases are recommended to have a length of 20 or
+#   more characters.
+# d-i partman-crypto/passphrase password <password>
+
+### Description: Re-enter passphrase to verify:
+#   Please enter the same passphrase again to verify that you have typed it
+#   correctly.
+# d-i partman-crypto/passphrase-again password <password>
+
+### Description: Devices to encrypt:
+#   Please select the devices to be encrypted.
+#   .
+#   You can select one or more devices.
+# d-i partman-crypto/create/partitions multiselect <choice(s)>
+# Possible choices: ${PARTITIONS}
+
+
+#### partman-md_90_all.udeb
+
+
+
+# d-i partman-auto/select_disk select <choice>
+d-i partman-auto/select_disk select /dev/sda
+
+d-i partman/default_filesystem string ext4
+
+
+
+
+
+
+
+
+# ls -l /dev/sd* /dev/nvme*
+crw------- 1 root root 246,  0 Feb  9 18:27 /dev/nvme0
+brw------- 1 root root 259,  0 Feb  9 21:19 /dev/nvme0n1
+crw------- 1 root root 246,  1 Feb  9 18:27 /dev/nvme1
+brw------- 1 root root 259,  1 Feb  9 21:19 /dev/nvme1n1
+brw------- 1 root root   8,  0 Feb  9 21:23 /dev/sda
+brw------- 1 root root   8,  1 Feb  9 21:23 /dev/sda1
+brw------- 1 root root   8,  5 Feb  9 21:23 /dev/sda5
+brw------- 1 root root   8, 16 Feb  9 21:19 /dev/sdb
+
+
+# Non-LUKS, non-RAID version
+
+# fdisk -l /dev/sda
+Disk /dev/sda: 223.6 GiB, 240057409536 bytes, 468862128 sectors
+
+/dev/sda1	/boot	  1G
+/dev/sda2	SWAP	  4G
+/dev/sda3	/	 50G
+/dev/sda4	/home	169G
+
+Disk /dev/sda: 223.6 GiB, 240057409536 bytes, 468862128 sectors
+Units: sectors of 1 * 512 = 512 bytes
+Sector size (logical/physical): 512 bytes / 4096 bytes
+I/O size (minimum/optimal): 4096 bytes / 4096 bytes
+Disklabel type: dos
+Disk identifier: 0x71de2bac
+
+Device     Boot     Start       End   Sectors   Size Id Type
+/dev/sda1  *         2048   2099199   2097152     1G 83 Linux
+/dev/sda2         2099200  10487807   8388608     4G 82 Linux swap / Solaris
+/dev/sda3        10487808 115345407 104857600    50G 83 Linux
+/dev/sda4       115345408 468862127 353516720 168.6G 83 Linux
+
+# fdisk -l /dev/sdb
+Disk /dev/sda: 223.6 GiB, 240057409536 bytes, 468862128 sectors
+
+/dev/sdb1	FREE	224G
+
+# fdisk -l /dev/nvme0n1 
+Disk /dev/nvme0n1: 3.5 TiB, 3840755982336 bytes, 7501476528 sectors
+
+GPT
+/dev/nvme0n1p1	FREE	3.5T
+
+# fdisk -l /dev/nvme1n1 
+Disk /dev/nvme1n1: 3.5 TiB, 3840755982336 bytes, 7501476528 sectors
+
+GPT
+/dev/nvme1n1p1	FREE	3.5T
+
+
+#############################
+# Simple partition:
+d-i partman-auto/select_disk select /dev/sda
+
+partman-auto/text/atomic_scheme ::
+
+500 10000 1000000 ext4
+	$primary{ }
+	$bootable{ }
+	method{ format }
+	format{ }
+	use_filesystem{ }
+	filesystem{ ext4 }
+	mountpoint{ / } .
+
+64 512 300% linux-swap
+	method{ swap }
+	format{ } .
+
+
+
+####################
+# Ubuntu LVM + encryption
+#Partitioning
+d-i partman-auto/disk string /dev/sda
+d-i partman-lvm/device_remove_lvm boolean true
+d-i partman-md/device_remove_md boolean true
+d-i partman-lvm/confirm boolean true
+d-i partman-auto-lvm/guided_size string max
+d-i partman-auto/method string crypto
+d-i partman-auto/choose_recipe select boot-crypto
+d-i partman-auto-lvm/new_vg_name string crypt
+d-i partman-auto/expert_recipe string boot-crypto :: \
+        250 35 250 ext4 $primary{ } $bootable{ } \
+        method{ format } format{ } \
+        use_filesystem{ } filesystem{ ext4 } \
+        mountpoint{ /boot } \
+        .\
+        3072 75 3072 ext4 $lvmok{ } lv_name{ root } \
+        in_vg { crypt } method{ format } format{ } \
+        use_filesystem{ } filesystem{ ext4 } mountpoint{ / } \
+        .\
+        100% 75 100% linux-swap $lvmok{ } lv_name{ swap } \
+        in_vg { crypt } method{ swap } format{ } \
+        .\
+        2048 50 3072 ext4 $lvmok{ } lv_name{ usr } \
+        in_vg { crypt } method{ format } format{ } \
+        use_filesystem{ } filesystem{ ext4 } mountpoint{ /usr } \
+        .\
+        512 50 1024 ext4 $lvmok{ } lv_name{ tmp } \
+        in_vg { crypt } method{ format } format{ } \
+        use_filesystem{ } filesystem{ ext4 } mountpoint{ /tmp } \
+        .\
+        256 25 1000000 ext4 $lvmok{ } lv_name{ home } \
+        in_vg { crypt } method{ format } format{ } \
+        use_filesystem{ } filesystem{ ext4 } mountpoint{ /home } \
+        .\
+d-i partman-partitioning/confirm_write_new_label boolean true
+d-i partman/choose_partition select finish
+d-i partman/confirm boolean true
+d-i partman/confirm_nooverwrite boolean true
+
+
+#########################################################################
+Feb  9 22:28:49 netcfg[1038]: INFO: ethtool-lite: ens3f0: carrier up
+Feb  9 22:28:49 netcfg[1038]: INFO: Found link on ens3f0
+Feb  9 22:28:49 netcfg[1038]: INFO: found link on interface ens3f0, making it the default.
+Feb  9 22:28:49 netcfg[1038]: INFO: Could not find valid BOOTIF= entry in /proc/cmdline
+Feb  9 22:28:49 netcfg[1038]: INFO: Taking down interface ens3f0
+Feb  9 22:28:49 netcfg[1038]: INFO: Taking down interface ens3f1
+Feb  9 22:28:49 netcfg[1038]: INFO: Taking down interface lo
+Feb  9 22:28:49 netcfg[1038]: INFO: Activating interface ens3f0
+
+...
+
+Feb  9 22:29:44 md-devices: mdadm: No arrays found in config file or automatically
+Feb  9 22:29:45 kernel: [   60.363875] device-mapper: uevent: version 1.0.3
+Feb  9 22:29:45 kernel: [   60.363948] device-mapper: ioctl: 4.39.0-ioctl (2018-04-03) initialised: dm-devel@redhat.com
+Feb  9 22:29:45 partman:   No matching physical volumes found
+Feb  9 22:29:45 partman:   Reading all physical volumes.  This may take a while...
+
+##################################################################################
+### GPT
+d-i partman-basicfilesystems/choose_label string gpt
+d-i partman-basicfilesystems/default_label string gpt
+d-i partman-partitioning/choose_label string gpt
+d-i partman-partitioning/default_label string gpt
+d-i partman/choose_label string gpt
+d-i partman/default_label string gpt
+
+