Page MenuHomeDevCentral
Differential D2772

Create an encryption key for autounseal
ClosedPublic
Actions

Authored by DorianWinty on Feb 3 2023, 16:00.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Mar 14, 01:09
Unknown Object (File)
Sat, Mar 14, 01:07
Unknown Object (File)
Sat, Mar 14, 00:42
Unknown Object (File)
Fri, Mar 13, 18:26
Unknown Object (File)
Fri, Mar 13, 12:38
Unknown Object (File)
Tue, Mar 10, 16:41
Unknown Object (File)
Tue, Mar 10, 16:39
Unknown Object (File)
Tue, Mar 10, 16:32
View All Files
Subscribers
None

Details

Reviewers
dereckson
Maniphest Tasks
T1755: Deploy Notifications Center test environnement
Commits
rOPS3283f1bf56b6: Create an encryption key for autounseal
Summary

This encryption key will permit to configure the autounseal of a dev vault.

Ref T1755

Diff Detail

Repository
rOPS Nasqueron Operations
Lint
Lint Passed
Unit
No Test Coverage
Branch
flood-phabricator
Build Status
Buildable 6305
Build 6589: arc lint + arc unit

Event Timeline

DorianWinty requested review of this revision.Feb 3 2023, 16:00
DorianWinty created this revision.
Harbormaster completed remote builds in B4397: Diff 7045.Feb 3 2023, 16:00
DorianWinty edited the summary of this revision. (Show Details)Feb 3 2023, 16:01
DorianWinty added a task: T1755: Deploy Notifications Center test environnement.
dereckson added a comment.Feb 11 2026, 21:34

This change is on the top of D2639 and D2771.

dereckson edited the summary of this revision. (Show Details)Feb 11 2026, 21:43
dereckson updated this revision to Diff 10229.Feb 11 2026, 22:42

Rebased against D2639 and D2771.

Harbormaster completed remote builds in B6305: Diff 10229.Feb 11 2026, 22:42
dereckson updated this revision to Diff 10230.Feb 11 2026, 22:42

Rebased against D2639 and D2771 (the right one).

Harbormaster completed remote builds in B6306: Diff 10230.Feb 11 2026, 22:42
dereckson added a comment.Feb 11 2026, 22:43

Once rebased, this change creates the autounseal transit key in our Complector Vault.

I ran it, so we're up-to-date:

WindRiver
$ vault write -f transit/keys/autounseal        

Key                       Value
---                       -----
allow_plaintext_backup    false
auto_rotate_period        0s
deletion_allowed          false
derived                   false
exportable                false
imported_key              false
keys                      map[1:1770845902]
latest_version            1
min_available_version     0
min_decryption_version    1
min_encryption_version    0
name                      autounseal
supports_decryption       true
supports_derivation       true
supports_encryption       true
supports_signing          false
type                      aes256-gcm96
dereckson accepted this revision.Feb 11 2026, 22:43
This revision is now accepted and ready to land.Feb 11 2026, 22:43
Closed by commit rOPS3283f1bf56b6: Create an encryption key for autounseal (authored by DorianWinty). · Explain WhyFeb 12 2026, 06:31
This revision was automatically updated to reflect the committed changes.
DorianWinty added a commit: rOPS3283f1bf56b6: Create an encryption key for autounseal.

Revision Contents
Changeset List

PathSize
roles/
paas-docker/
nginx/
files/
vhosts/
7 lines
webserver-core/
nginx/
files/
includes/
2250 lines
utils/
nginx/
54 lines

Diff 10229

View Options

roles/paas-docker/nginx/files/vhosts/phabricator.conf

Loading...
View Options

roles/webserver-core/nginx/files/includes/geo_flood_datacenter

Loading...
View Options

utils/nginx/ranges2geo.py

Loading...
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator