From d7f4a94362f1176a1724d49818c517f3eb942c18 Mon Sep 17 00:00:00 2001
From: Alan Bridgeman <a.bridgeman@hotmail.com>
Date: Sun, 28 Dec 2025 16:23:04 -0600
Subject: [PATCH] Added loading unseal keys on restart

---
 setup-scripts/prod-setup.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/setup-scripts/prod-setup.py b/setup-scripts/prod-setup.py
index db5b201..63e93a1 100644
--- a/setup-scripts/prod-setup.py
+++ b/setup-scripts/prod-setup.py
@@ -192,6 +192,16 @@ def main():
     else:
         print('Vault is already initialized. Skipping initialization and setup...')
 
+        if os.path.exists('/vault/creds/unseal-keys'):
+            unseal_keys = []
+
+            with open('/vault/creds/unseal-keys', 'r') as f:
+                unseal_keys = f.read().splitlines()
+
+            initializer.unseal_keys = unseal_keys
+        else:
+            raise RuntimeError('Unseal keys file is missing. Cannot unseal the vault.')
+
         # Check if the vault is already unsealed (we assume it's already setup properly if it is)
         if initializer.is_vault_sealed():
             initializer.unseal_vault()