-
Notifications
You must be signed in to change notification settings - Fork 0
/
.sops.yaml
50 lines (46 loc) · 1.57 KB
/
.sops.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# nix-shell -p ssh-to-age --run 'ssh-keyscan 192.168.2.7 | ssh-to-age'
keys:
- &admin_binarin age1ec9gz6f685mn8pdrz48qm4vq7qzpzcz48vgkcty9aa665evra9lq2uz3s2
- &server_valak age1q6dc2xlcqul6pj3nr5rkpzncatcfdw5xhpw8v0cvp3r2u27xypzsjq885x
- &user_valak_binarin age1u8jf4ytu3rf7wgcdkgaud37vnfw0xv6gswrmhtll5v7ce5enle0smydayv
- &server_media age1hke3wvqndu8wnsxdsefjsu5e7r9szkprtjeu8ey48fhyutxpcsvsglmv2q
- &server_monitor age1y74a28z6tpym2c0wpqnhwaegqlns8z3t286wxjhms86vxdttnvws2lev3r
- &server_forgejo age17jnj7kvw0wn0nfk02wll05yhe8xnu86u489tfks6hgnd4gfs4f2qy9chtv
- &server_mail age14n05u2z9u9h7chvn2rmmwr9flc25790rapxtvx97lqt78uk3ce3sy3xc6s
creation_rules:
- path_regex: secrets/valak/user-binarin.yaml
key_groups:
- age:
- *admin_binarin
- *server_valak
- *user_valak_binarin
- path_regex: secrets/valak/secrets.yaml
key_groups:
- age:
- *admin_binarin
- *server_valak
- path_regex: secrets/media/secrets.yaml
key_groups:
- age:
- *admin_binarin
- *server_media
- path_regex: secrets/monitor/secrets.yaml
key_groups:
- age:
- *admin_binarin
- *server_monitor
- path_regex: secrets/forgejo/secrets.yaml
key_groups:
- age:
- *admin_binarin
- *server_forgejo
- path_regex: secrets/mail/(secrets.yaml|dovecot-passwd)
key_groups:
- age:
- *admin_binarin
- *server_mail
- path_regex: secrets/webservers.yaml
key_groups:
- age:
- *admin_binarin
- *server_media