Rpi compute module NOOB question about LUKS

Hi there

I’ve just started looking though the guidance having bought a zymkey4 recently. But I’m a bit confused/can’t find an answer on a couple of points-

My use-case is as follows: I have a compute module and zymkey4 on a carrier board which I hope to sell as a product. What I would like to do is encrypt the drive and save the key to the zymkey and also save a copy to a local database. The reason for the last bit is so that if the product gets returned to me for repair of some kind and I loose the keys by activating the perimeter protection, I can still decrypt the drive.

Also, I would like to know what would be the most efficient way to do this. As in if I have 1000 units do I need to encrypt every one individually, or could I just encrypt 1 and then copy the img file to the next one.

What I was hoping could be done is - use LUKS to encrypt one drive / copy the key / install all the software etc… / use the img.file to make as many copies as I like / individually install zymkey / bind / use zymkey to provide the LUKS key

Anyway, apologies in advance if this is a NOOB question, but any help whatsoever would be greatly appreciated.

Kind regards

Paul