Handle multiple stored passphrases
I found during testing that /crypt-ramfs/passphrase
persists on the root filesystem between test cases. This could relatively easily result in a lost passphrase. If multiple LUKS partitions aren't supported, then this should be made clear in the README because of this behaviour. However, it may be low effort to support it as a parameter (and maybe deliberately not provide a default).
Is there a reason to have this file on the root filesystem rather than the EFI mount?