sercanto/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add zowoq's key to sops policies

Browse source
This commit is contained in:
Jörg Thalheim 2022-10-25 09:52:43 +02:00
parent 1731e5ac6f
commit bd44b8e130
1 changed files with 9 additions and 0 deletions

9
.sops.yaml
View file

@ -6,6 +6,7 @@ keys:
- &build02 age1kh6yvgxz9ys74as7aufdy8je7gmqjtguhnjuxvj79qdjswk2r3xqxf2n6d
- &build03 age1qg7tfjwzp6dxwkw9vej6knkhdvqre3fu7ryzsdk5ggvtdx854ycqevlwnq
- &build04 age1vr4suv4lhtt8f59s25eukdfk67j7av72gvj7sk7ux6thusct3utqmn3pmf
- &zowoq age1m7xhem3qll35d539f364pm6txexvnp6k0tk34d8jxu4ry3pptv7smm0k5n
# scan new hosts like this:
# $ nix-shell -p ssh-to-age --run 'ssh-keyscan buildXX.nix-community.org | ssh-to-age'
creation_rules:
@ -14,6 +15,7 @@ creation_rules:
- age:
- *mic92
- *ryantm
- *zowoq
pgp:
- *zimbatm
- path_regex: terraform/secrets.yaml$
@ -21,6 +23,7 @@ creation_rules:
- age:
- *mic92
- *ryantm
- *zowoq
pgp:
- *zimbatm
- path_regex: build01/[^/]+\.yaml$
@ -29,6 +32,7 @@ creation_rules:
- *mic92
- *ryantm
- *build01
- *zowoq
pgp:
- *zimbatm
- path_regex: build02/[^/]+\.yaml$
@ -37,6 +41,7 @@ creation_rules:
- *mic92
- *ryantm
- *build02
- *zowoq
pgp:
- *zimbatm
- path_regex: build03/[^/]+\.yaml$
@ -45,6 +50,7 @@ creation_rules:
- *mic92
- *ryantm
- *build03
- *zowoq
pgp:
- *zimbatm
- path_regex: build04/[^/]+\.yaml$
@ -53,6 +59,7 @@ creation_rules:
- *mic92
- *ryantm
- *build04
- *zowoq
pgp:
- *zimbatm
- path_regex: roles/hercules-ci/.+\.yaml$
@ -63,6 +70,7 @@ creation_rules:
- *build02
- *build03
- *build04
- *zowoq
pgp:
- *zimbatm
- path_regex: roles/.+\.yaml$
@ -74,5 +82,6 @@ creation_rules:
- *build02
- *build03
- *build04
- *zowoq
pgp:
- *zimbatm