Enable dropbear on boot to decrypt full disk encryption
https://hamy.io/post/0009/how-to-install-luks-encrypted-ubuntu-18.04.x-server-and-enable-remote-unlocking/
install dropbear-initramfs
copy authorized_keys to /etc/dropbear/initramfs, prepend
no-port-forwarding,no-agent-forwarding,no-x11-forwarding,command="/bin/cryptroot-unlock" ssh-rsa ...
- if DHCP no config neccesary
in /etc/dropbear/initramfs/dropbear.conf
DROPBEAR_OPTIONS="-p 4789 -s -j -k -I 60"