codedmonkey
diff --git a/‎.github/workflows/tests.yaml‎
Lines changed: 6 additions & 0 deletions b/‎.github/workflows/tests.yaml‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎Dockerfile‎
Lines changed: 1 addition & 0 deletions b/‎Dockerfile‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎composer.json‎
Lines changed: 1 addition & 0 deletions b/‎composer.json‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎composer.lock‎
Lines changed: 3 additions & 2 deletions b/‎composer.lock‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎config/packages/doctrine.yaml‎
Lines changed: 3 additions & 0 deletions b/‎config/packages/doctrine.yaml‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎config/packages/doctrine_migrations.yaml‎
Lines changed: 2 additions & 0 deletions b/‎config/packages/doctrine_migrations.yaml‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎config/services.yaml‎
Lines changed: 1 addition & 0 deletions b/‎config/services.yaml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎docker/config.yaml‎
Lines changed: 7 additions & 0 deletions b/‎docker/config.yaml‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎docker/env.php‎
Lines changed: 4 additions & 0 deletions b/‎docker/env.php‎
Lines changed: 4 additions & 0 deletions
@@ -71,6 +71,9 @@ jobs:
       - name: Build assets
         run: npm run build
 
+      - name: Generate encryption keys
+        run: bin/console encryption:generate-keys
+
       - name: Create database schema
         run: bin/console --env=test doctrine:schema:create
 
@@ -124,6 +127,9 @@ jobs:
         id: install
         run: composer install --ansi --no-interaction --no-progress
 
+      - name: Generate encryption keys
+        run: bin/console encryption:generate-keys
+
       - name: Validate mapping
         run: bin/console doctrine:schema:validate --skip-sync --no-interaction -vvv
 
 
@@ -1,6 +1,7 @@
 /.env
 /compose.override.yaml
 /config/dirigent.yaml
+/config/encryption/
 /config/packages/dirigent.yaml
 /storage/
 
 
@@ -61,6 +61,7 @@ RUN set -e; \
         php83-phar \
         php83-session \
         php83-simplexml \
+        php83-sodium \
         php83-tokenizer \
         php83-xml \
         postgresql \
 
@@ -11,6 +11,7 @@
         "ext-ctype": "*",
         "ext-curl": "*",
         "ext-iconv": "*",
+        "ext-sodium": "*",
         "cebe/markdown": "^1.2",
         "composer/composer": "^2.7",
         "doctrine/doctrine-bundle": "^2.11",
 
@@ -8,6 +8,9 @@ doctrine:
 
         profiling_collect_backtrace: '%kernel.debug%'
         use_savepoints: true
+
+        types:
+            encrypted_text: CodedMonkey\Dirigent\Doctrine\Type\EncryptedTextType
     orm:
         auto_generate_proxy_classes: true
         enable_lazy_ghost_objects: true
 
@@ -4,3 +4,5 @@ doctrine_migrations:
         # as migrations classes should NOT be autoloaded
         'DoctrineMigrations': '%kernel.project_dir%/migrations'
     enable_profiler: false
+    services:
+        'Doctrine\Migrations\Version\MigrationFactory': CodedMonkey\Dirigent\Doctrine\MigrationFactory
@@ -31,4 +31,5 @@ services:
         public: true
         arguments:
             -
+                'encryption:generate-keys': '@CodedMonkey\Dirigent\Command\EncryptionGenerateKeysCommand'
                 'packages:update': '@CodedMonkey\Dirigent\Command\PackagesUpdateCommand'
@@ -1,2 +1,9 @@
 framework:
   secret: '%env(file:KERNEL_SECRET_FILE)%'
+
+dirigent:
+  encryption:
+    private_key: '%env(DECRYPTION_KEY)%'
+    private_key_path: '%env(DECRYPTION_KEY_FILE)%'
+    public_key: '%env(ENCRYPTION_KEY)%'
+    public_key_path: '%env(ENCRYPTION_KEY_FILE)%'
@@ -3,7 +3,11 @@
 return [
     'APP_ENV' => 'prod',
     'DATABASE_URL' => 'postgresql://dirigent@127.0.0.1:5432/dirigent?serverVersion=16&charset=utf8',
+    'DECRYPTION_KEY' => '',
+    'DECRYPTION_KEY_FILE' => '/srv/config/secrets/decryption_key',
     'DIRIGENT_IMAGE' => '1',
+    'ENCRYPTION_KEY' => '',
+    'ENCRYPTION_KEY_FILE' => '/srv/config/secrets/encryption_key',
     'GITHUB_TOKEN' => '',
     'KERNEL_SECRET_FILE' => '/srv/config/secrets/kernel_secret',
     'MAILER_DSN' => 'null://null',
Original file line number	Diff line number	Diff line change
`@@ -31,4 +31,5 @@ services:`
`31`	`31`	`public: true`
`32`	`32`	`arguments:`
`33`	`33`	`-`
	`34`	`+ 'encryption:generate-keys': '@CodedMonkey\Dirigent\Command\EncryptionGenerateKeysCommand'`
`34`	`35`	`'packages:update': '@CodedMonkey\Dirigent\Command\PackagesUpdateCommand'`