diff --git a/tsa/howto/new-machine.mdwn b/tsa/howto/new-machine.mdwn
index 1131aec7369c2faa4be3f23e84657b056c850105..7ef4a9fb188206974493a4aff3ef94e2474843ae 100644
--- a/tsa/howto/new-machine.mdwn
+++ b/tsa/howto/new-machine.mdwn
@@ -39,38 +39,47 @@ The following sites are not documented yet:
 Post-install configuration
 --------------------------
 
-The post-install configuration takes care of bootstrapping Puppet,
-basically, and everything else follows from there.
+The post-install configuration mostly takes care of bootstrapping
+Puppet and everything else follows from there. There are, however,
+still some unrelated manual steps but those should eventually all be
+automated (see [ticket #31239](https://trac.torproject.org/projects/tor/ticket/31239) for details of that work).
 
 ### Pre-requisites
 
-It assumes the following steps have already been taken by the above
-installer:
+The procedure below assumes the following steps have already been
+taken by the installer:
 
- 1. a hostname has been set, picked from the [[doc/naming-scheme]]
+ 0. partitions have been correctly setup, including some (>=1GB) swap
+    space (or at least a swap file) and a `tmpfs` in `/tmp`
 
- 2. a public IP address has been set and the host is available over
+ 1. a minimal Debian install has been booted
+
+ 2. a hostname has been set, picked from the [[doc/naming-scheme]]
+
+ 3. a public IP address has been set and the host is available over
     SSH on that IP address
 
- 3. the machine has a short hostname (e.g. `test`) which resolves to a
+ 4. the machine has a short hostname (e.g. `test`) which resolves to a
     fully qualified domain name (e.g. `test.torproject.org`) in the
     `torproject.org` domain (i.e. `/etc/hosts` is correctly configured)
 
- 4. DNS works on the machine (i.e. `/etc/resolv.conf` is correctly
+ 5. DNS works on the machine (i.e. `/etc/resolv.conf` is correctly
     configured)
 
- 5. the `tsa-misc` git repository is available on the machine
-
 ### Main procedure
 
 All commands to be run as root unless otherwise noted.
 
- 2. allocate and document the machine in the [Nextcloud
+ 1. allocate and document the machine in the [Nextcloud
     spreadsheet](https://nc.torproject.net/apps/onlyoffice/5395), and the [services page](https://trac.torproject.org/projects/tor/wiki/org/operations/services), if it's a new service
 
+ 2. clone the `tsa-misc` git repository on the machine:
+ 
+        git clone https://git.torproject.org/admin/tsa-misc.git
+
  3. set new root password, and document it
 
-  5. add to ldap on `alberti` using:
+ 5. add to ldap on `alberti` using:
 
         ldapvi -ZZ --encoding=ASCII --ldap-conf -h db.torproject.org -D "uid=$USER,ou=users,dc=torproject,dc=org"