Implement Phase 1: core framework, operational tooling, and runbook
Core packages: crypto (Argon2id/AES-256-GCM), config (TOML/viper), db (SQLite/migrations), barrier (encrypted storage), seal (state machine with rate-limited unseal), auth (MCIAS integration with token cache), policy (priority-based ACL engine), engine (interface + registry). Server: HTTPS with TLS 1.2+, REST API, auth/admin middleware, htmx web UI (init, unseal, login, dashboard pages). CLI: cobra/viper subcommands (server, init, status, snapshot) with env var override support (METACRYPT_ prefix). Operational tooling: Dockerfile (multi-stage, non-root), docker-compose, hardened systemd units (service + daily backup timer), install script, backup script with retention pruning, production config examples. Runbook covering installation, configuration, daily operations, backup/restore, monitoring, troubleshooting, and security procedures. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
13
web/templates/unseal.html
Normal file
13
web/templates/unseal.html
Normal file
@@ -0,0 +1,13 @@
|
||||
{{define "title"}} - Unseal{{end}}
|
||||
{{define "content"}}
|
||||
<h2>Unseal Metacrypt</h2>
|
||||
<p>The service is sealed. Enter the seal password to unseal.</p>
|
||||
{{if .Error}}<div class="error">{{.Error}}</div>{{end}}
|
||||
<form method="POST" action="/unseal">
|
||||
<div class="form-group">
|
||||
<label for="password">Seal Password</label>
|
||||
<input type="password" id="password" name="password" required autofocus>
|
||||
</div>
|
||||
<button type="submit">Unseal</button>
|
||||
</form>
|
||||
{{end}}
|
||||
Reference in New Issue
Block a user