janezicmatej/matej.nix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore: wire up sops for cube

Browse Source
This commit is contained in:
Matej Janezic
2026-03-30 01:01:41 +02:00
parent c423050077
commit 84524d59d8
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.sops.yaml
View File

@@ -5,6 +5,7 @@ keys:
- &tower age1frwe9fpt9vh969aqnggvq8pfypp6hl98guwfmgttucp7gr55r42sqy2t65 - &tower age1frwe9fpt9vh969aqnggvq8pfypp6hl98guwfmgttucp7gr55r42sqy2t65
- &fw16 age19qj2aaryx869cvcqp77gs9x5hcv4dqjxunkmyre78upsxda6ss7s5vquz4 - &fw16 age19qj2aaryx869cvcqp77gs9x5hcv4dqjxunkmyre78upsxda6ss7s5vquz4
- &floo age1hksdq2lc89thnpth49sw44f0pmkp950plrhhnttj4petvnfy04tsydz6fl - &floo age1hksdq2lc89thnpth49sw44f0pmkp950plrhhnttj4petvnfy04tsydz6fl
- &cube age1gqzdgnfl9d04pzg4dtwny3s4277jzpwqdck8wm7jenl30z00wslqrvy393
creation_rules: creation_rules:
# per-host secrets # per-host secrets
@@ -23,8 +24,13 @@ creation_rules:
- pgp: [*matej] - pgp: [*matej]
age: [*floo] age: [*floo]
- path_regex: ^secrets/cube\.yaml$
key_groups:
- pgp: [*matej]
age: [*cube]
# shared secrets (all hosts) # shared secrets (all hosts)
- path_regex: ^secrets/common\.yaml$ - path_regex: ^secrets/common\.yaml$
key_groups: key_groups:
- pgp: [*matej] - pgp: [*matej]
age: [*tower, *fw16, *floo] age: [*tower, *fw16, *floo, *cube]