mirror of
https://github.com/siderolabs/talos.git
synced 2025-10-26 05:51:17 +01:00
ce63abb219
Talos now supports new type of encryption keys which rely on Sealing/Unsealing randomly generated bytes with a KMS server:
```
systemDiskEncryption:
ephemeral:
keys:
- kms:
endpoint: https://1.2.3.4:443
slot: 0
```
gRPC API definitions and a simple reference implementation of the KMS server can be found in this
[repository](https://github.com/siderolabs/kms-client/blob/main/cmd/kms-server/main.go).
Signed-off-by: Artem Chernyshev <artem.chernyshev@talos-systems.com>
11 lines
340 B
Go
11 lines
340 B
Go
// This Source Code Form is subject to the terms of the Mozilla Public
|
|
// License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
package encryption
|
|
|
|
// NodeParams contains node information relevant for the encryption handler.
|
|
type NodeParams struct {
|
|
UUID string
|
|
}
|