2023-07-05 15:55:04 +02:00
|
|
|
# This example uses YAML anchors which allows reuse of multiple keys
|
|
|
|
|
# without having to repeat yourself.
|
|
|
|
|
# Also see https://github.com/Mic92/dotfiles/blob/master/nixos/.sops.yaml
|
|
|
|
|
# for a more complex example.
|
|
|
|
|
|
|
|
|
|
keys:
|
|
|
|
|
- &steveej 6F7069FE6B96E894E60EC45C6EEFA706CB17E89B
|
|
|
|
|
- &steveej-t14 age17jxphuql70wjkd84azn62ltx9ky69hyvkac23lm8f2j92lznf9hseqq0vl
|
|
|
|
|
- &elias-e525 100206d53cf92f62efd9d6b2672bf3644233c763
|
|
|
|
|
|
2023-07-06 22:42:24 +02:00
|
|
|
- &sj-vps-htz0 age18dmqd7r7fanrfmdxsvwgv9psvhs3hw5ydpvw0na0dv3dlrg4rs3q2wpvgv
|
|
|
|
|
- &srv0-dmz0 age13cyvxrd28j68f97q2dwsn62q5dy8tdxtq86ql2dxv2ncwfrf63dsmkj7n3
|
|
|
|
|
|
2023-07-05 15:55:04 +02:00
|
|
|
creation_rules:
|
|
|
|
|
- path_regex: ^(.+/|)secrets/[^/]+$
|
|
|
|
|
key_groups:
|
|
|
|
|
- pgp:
|
|
|
|
|
- *steveej
|
|
|
|
|
age:
|
|
|
|
|
- *steveej-t14
|
|
|
|
|
- *sj-vps-htz0
|
2023-07-06 22:42:24 +02:00
|
|
|
- *srv0-dmz0
|
2023-07-05 15:55:04 +02:00
|
|
|
- path_regex: ^secrets/steveej-t14/.+$
|
|
|
|
|
key_groups:
|
|
|
|
|
- pgp:
|
|
|
|
|
- *steveej
|
|
|
|
|
age:
|
|
|
|
|
- *steveej-t14
|
|
|
|
|
- path_regex: ^secrets/servers/.+$
|
|
|
|
|
key_groups:
|
|
|
|
|
- pgp:
|
|
|
|
|
- *steveej
|
|
|
|
|
age:
|
|
|
|
|
- *sj-vps-htz0
|
|
|
|
|
- path_regex: ^nix/os/containers/.+_secrets.+$
|
|
|
|
|
key_groups:
|
|
|
|
|
- pgp:
|
|
|
|
|
- *steveej
|
|
|
|
|
age:
|
|
|
|
|
- *sj-vps-htz0
|
