sercanto/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/.sops.yaml
zimbatm 43c95d099c
sops: replace my GPG key with AGE 
GPG is failing again. Time to get rid of it.

This age key is derived from my SSH key that you can double-check from
https://github.com/zimbatm.keys
2023-01-21 10:51:00 +01:00

81 lines
2 KiB
YAML
Raw Blame History

keys:
- &build01 age17jtyn2y4fpey6q7ers9gtnh4580xj89zdjuew9nqhxywmsaw94fs5udupc
- &build02 age1kh6yvgxz9ys74as7aufdy8je7gmqjtguhnjuxvj79qdjswk2r3xqxf2n6d
- &build03 age1qg7tfjwzp6dxwkw9vej6knkhdvqre3fu7ryzsdk5ggvtdx854ycqevlwnq
- &build04 age1r2t5vf67jay42ju8r6d47q6zssxvv9jjh8k42qequnnsfjjk632qm2tfrm
- &github_actions age1hdmmmv423xajuv4pjumnj35j34e4rhta3wgatjafy3dxf38yycysqzl4mn
- &mic92 age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz
- &ryantm age1d87z3zqlv6ullnzyng8l722xzxwqr677csacf3zf3l28dau7avfs6pc7ay
- &zimbatm age1jrh8yyq3swjru09s75s4mspu0mphh7h6z54z946raa9wx3pcdegq0x8t4h
- &zowoq age1m7xhem3qll35d539f364pm6txexvnp6k0tk34d8jxu4ry3pptv7smm0k5n
# scan new hosts like this:
# $ nix-shell -p ssh-to-age --run 'ssh-keyscan buildXX.nix-community.org | ssh-to-age'
creation_rules:
- path_regex: ^secrets.yaml$
key_groups:
- age:
- *mic92
- *ryantm
- *zimbatm
- *zowoq
- path_regex: terraform/secrets.yaml$
key_groups:
- age:
- *github_actions
- *mic92
- *ryantm
- *zimbatm
- *zowoq
- path_regex: build01/[^/]+\.yaml$
key_groups:
- age:
- *build01
- *mic92
- *ryantm
- *zimbatm
- *zowoq
- path_regex: build02/[^/]+\.yaml$
key_groups:
- age:
- *build02
- *mic92
- *ryantm
- *zimbatm
- *zowoq
- path_regex: build03/[^/]+\.yaml$
key_groups:
- age:
- *build03
- *mic92
- *ryantm
- *zimbatm
- *zowoq
- path_regex: build04/[^/]+\.yaml$
key_groups:
- age:
- *build04
- *mic92
- *ryantm
- *zimbatm
- *zowoq
- path_regex: roles/hercules-ci/.+\.yaml$
key_groups:
- age:
- *build02
- *build03
- *build04
- *mic92
- *ryantm
- *zimbatm
- *zowoq
- path_regex: roles/.+\.yaml$
key_groups:
- age:
- *build01
- *build02
- *build03
- *build04
- *mic92
- *ryantm
- *zimbatm
- *zowoq
Reference in a new issue View git blame Copy permalink