-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path.sops.yaml
36 lines (36 loc) · 1.17 KB
/
.sops.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
keys:
all: &all
# Start: my keys
# USB A v5 yubikeys
- &nano age1vqnguqjqxpjckft5gjlt2m4lzdhh8ymzwycha9cahqnj6ygjc4ms855jds
- &portable age1a0a4av92pa3ld4mwqpg2g72csxhxau4hw96860d5zvlzldq0aemsdn9lwd
- &backup age105nux02frp73gs98f9j5dec3dae6608xsr58atzhxresc7p72e7sakds6z
# plain Age key (not FIDO backed). Will eventually go away.
- &plain age1vpv9a94wj6p0tkngymfsysnzam20fkrjd3zs3trzfatzpqz42ayqpp2amc
# End: my keys
#
# Start: hosts
- &qemu age1hhx4lwwr9jc26x4l9yrmpzx84zsczrf8rxjhud5xh79qs4qfeuls3scd06
- &bistannix age1efmhh99fn52a9w0yszfdxupz93lr77ewag2cd6n5l5jfhgp6z3hs8ck48g
- &lethargyfamily age1h9v3qw4jh09xs0ykjed4um36gqh0nlpxjmencz0872qf776m6passrxtm6
- &jonsnow age17en6ahre38nwh9gjrpky9smqn8vjj4lvhx5a23x3xehr3qcr793s3lhq69
deploy: &deploy
- *nano
- *portable
- *backup
- *plain
creation_rules:
- path_regex: secrets/global\.yaml$
key_groups:
- age: *all
- path_regex: secrets/deploy\.yaml$
key_groups:
- age: *deploy
- path_regex: secrets/jonsnow\.yaml$
key_groups:
- age:
- *nano
- *portable
- *backup
- *plain
- *jonsnow