sy-vault-init
Initialize the vault in the current directory. If --gpg-key-id is unset, we will use the only key that you have a secret
key for, assuming it is yours.If you have multiple keys, the --gpg-key-id must be specified to make the input
unambiguous.
USAGE:
sy vault --config-file <path> init [FLAGS] [OPTIONS]
FLAGS:
-p, --first-partition Setting this flag indicates that you want to add partitions later.It enforces a
configuration which makes your vault suitable, namely it assures that you set an explicit
secrets directory.
-h, --help Prints help information
--no-auto-import If set, missing keys will not automatically be imported to your keychain. This may make
attempts to encrypt resources fail.
OPTIONS:
-i, --gpg-key-id <userid>... The key-id of the public key identifying a recipient in your gpg keychain.
-k, --gpg-keys-dir <directory> The directory to hold the public keys of all recipients.Please note that these
keys are exported with signatures. [default: .gpg-keys]
-n, --name <name> The name of the vault. It can be used to identify the vault more easily, and its
primary purpose is convenience.
-r, --recipients-file <path> The path to the file to hold the fingerprints of all recipients. If set to just
the file name, like 'recipients', it will be interpreted as relative to the
--secrets-dir. If a path is given, like './recipients', it is used as is.
[default: .gpg-id]
-s, --secrets-dir <path> The directory which stores the vaults secrets. [default: .]
--trust-model <model> The model by which keys to encrypt for are verified to truly belong to the person.
If unset, it defaults to 'always'.'always': whenever a key has been added to the
vault, it is trusted without your intervention. 'web-of-trust': the standard GPG
web of trust with default rules. In the most simple case, you will need to sign a
key prior to be able to encrypt for it. [default: always] [possible values: web-
of-trust, always]