The marketing pages summarize and link into these documents. The FAQ is the quick reference. This is the depth.
Using LamBoot
The menu, keyboard shortcuts, selecting and booting entries, and day-to-day use.
Install reference
Every lamboot-install flag, all scenarios, exit codes, install phases, and ESP detection.
Configuration reference
Every policy.toml key: default_entry, allowlist and denylist, crash_threshold, and the rest.
Secure Boot deployment
The four Secure Boot configurations in depth, with walkthroughs.
MOK enrollment
MokManager, screen by screen.
Key generation
Generating your own PK, KEK, and db signing keys.
Troubleshooting
Every common problem and fix, recovery procedures, and the boot-report reference.
Reading the trust log
Using lamboot-inspect to read the trust-evidence log and boot reports.
Diagnostic modules
The pre-boot diagnostic modules.
Architecture (deep dive)
The eight layers and the ten-phase boot flow, in full.
Threat model
The full threat model behind the Security page.
Proxmox operations
Host-side monitoring, OVMF_VARS, and the fw_cfg fleet flow. Layer 2.
Roadmap
The three-tier roadmap in full.