add disk encryption check

2026-04-22 10:16:38 +00:00 · 2026-01-17 19:56:50 +01:00
parent 245481f33b
commit 279e96e6b1
23 changed files with 1637 additions and 760 deletions
--- a/shared/management/http/api/openapi.yml
+++ b/shared/management/http/api/openapi.yml
@@ -1232,6 +1232,8 @@ components:
          $ref: '#/components/schemas/PeerNetworkRangeCheck'
        process_check:
          $ref: '#/components/schemas/ProcessCheck'
+        disk_encryption_check:
+          $ref: '#/components/schemas/DiskEncryptionCheck'
    NBVersionCheck:
      description: Posture check for the version of NetBird
      type: object
@@ -1346,6 +1348,22 @@ components:
          description: Path to the process executable file in a Windows operating system
          type: string
          example: "C:\ProgramData\NetBird\netbird.exe"
+    DiskEncryptionCheck:
+      description: Posture check for disk encryption status
+      type: object
+      properties:
+        linux_path:
+          description: Mount path to check on Linux (e.g., "/", "/home")
+          type: string
+          example: "/"
+        darwin_path:
+          description: Mount path to check on macOS (e.g., "/")
+          type: string
+          example: "/"
+        windows_path:
+          description: Drive letter to check on Windows (e.g., "C:", "D:")
+          type: string
+          example: "C:"
    Location:
      description: Describe geographical location information
      type: object
--- a/shared/management/http/api/types.gen.go
+++ b/shared/management/http/api/types.gen.go
@@ -370,6 +370,9 @@ type AvailablePorts struct {

 // Checks List of objects that perform the actual checks
 type Checks struct {
+	// DiskEncryptionCheck Posture check for disk encryption status
+	DiskEncryptionCheck *DiskEncryptionCheck `json:"disk_encryption_check,omitempty"`
+
 	// GeoLocationCheck Posture check for geo location
 	GeoLocationCheck *GeoLocationCheck `json:"geo_location_check,omitempty"`

@@ -476,6 +479,18 @@ type DNSSettings struct {
 	DisabledManagementGroups []string `json:"disabled_management_groups"`
 }

+// DiskEncryptionCheck Posture check for disk encryption status
+type DiskEncryptionCheck struct {
+	// DarwinPath Mount path to check on macOS (e.g., "/")
+	DarwinPath *string `json:"darwin_path,omitempty"`
+
+	// LinuxPath Mount path to check on Linux (e.g., "/", "/home")
+	LinuxPath *string `json:"linux_path,omitempty"`
+
+	// WindowsPath Drive letter to check on Windows (e.g., "C:", "D:")
+	WindowsPath *string `json:"windows_path,omitempty"`
+}
+
 // Event defines model for Event.
 type Event struct {
 	// Activity The activity that occurred during the event