summaryrefslogtreecommitdiff
path: root/op-mode-definitions
diff options
context:
space:
mode:
authorsarthurdev <965089+sarthurdev@users.noreply.github.com>2022-12-01 16:59:57 +0100
committersarthurdev <965089+sarthurdev@users.noreply.github.com>2024-03-07 16:32:40 +0100
commit4249473dbaf5a96a492e24b02787aa9f229fff7a (patch)
tree5cdbc4464d6fbfab157a67cff6ea90878da7bd09 /op-mode-definitions
parentde0669a15365f97ccf89b02c8223434e618a8ac4 (diff)
downloadvyos-1x-4249473dbaf5a96a492e24b02787aa9f229fff7a.tar.gz
vyos-1x-4249473dbaf5a96a492e24b02787aa9f229fff7a.zip
config: T4919: Add support for encrypted config file with TPM
Diffstat (limited to 'op-mode-definitions')
-rw-r--r--op-mode-definitions/crypt.xml.in28
1 files changed, 28 insertions, 0 deletions
diff --git a/op-mode-definitions/crypt.xml.in b/op-mode-definitions/crypt.xml.in
new file mode 100644
index 000000000..105592a1a
--- /dev/null
+++ b/op-mode-definitions/crypt.xml.in
@@ -0,0 +1,28 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+ <node name="encryption">
+ <properties>
+ <help>Manage config encryption</help>
+ </properties>
+ <children>
+ <node name="disable">
+ <properties>
+ <help>Disable config encryption using TPM or recovery key</help>
+ </properties>
+ <command>sudo ${vyos_libexec_dir}/vyos-config-encrypt.py --disable</command>
+ </node>
+ <node name="enable">
+ <properties>
+ <help>Enable config encryption using TPM</help>
+ </properties>
+ <command>sudo ${vyos_libexec_dir}/vyos-config-encrypt.py --enable</command>
+ </node>
+ <node name="load">
+ <properties>
+ <help>Load encrypted config volume using TPM or recovery key</help>
+ </properties>
+ <command>sudo ${vyos_libexec_dir}/vyos-config-encrypt.py --load</command>
+ </node>
+ </children>
+ </node>
+</interfaceDefinition>