sercanto/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/.sops.yaml
Jörg Thalheim 6b8924f2a1 hercules: add cachix deploy agent secrets
2021-12-24 07:42:09 +01:00

63 lines
1.5 KiB
YAML
Raw Blame History

keys:
- &zimbatm 260353B993F8CE16752EF48C71BAF6D40C1D63D7
- &mic92 age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz
- &ryantm age1d87z3zqlv6ullnzyng8l722xzxwqr677csacf3zf3l28dau7avfs6pc7ay
- &build01 age17jtyn2y4fpey6q7ers9gtnh4580xj89zdjuew9nqhxywmsaw94fs5udupc
- &build02 age1kh6yvgxz9ys74as7aufdy8je7gmqjtguhnjuxvj79qdjswk2r3xqxf2n6d
- &build03 age1qg7tfjwzp6dxwkw9vej6knkhdvqre3fu7ryzsdk5ggvtdx854ycqevlwnq
- &build04 age1vr4suv4lhtt8f59s25eukdfk67j7av72gvj7sk7ux6thusct3utqmn3pmf
# scan new hosts like this:
# $ nix-shell -p ssh-to-age --run 'ssh-keyscan buildXX.nix-community.org | ssh-to-age'
creation_rules:
- path_regex: build01/[^/]+\.yaml$
key_groups:
- age:
- *mic92
- *ryantm
- *build01
pgp:
- *zimbatm
- path_regex: build02/[^/]+\.yaml$
key_groups:
- age:
- *mic92
- *ryantm
- *build02
pgp:
- *zimbatm
- path_regex: build03/[^/]+\.yaml$
key_groups:
- age:
- *mic92
- *ryantm
- *build03
pgp:
- *zimbatm
- path_regex: build04/[^/]+\.yaml$
key_groups:
- age:
- *mic92
- *ryantm
- *build04
pgp:
- *zimbatm
- path_regex: roles/hercules-ci/.+\.yaml$
key_groups:
- age:
- *mic92
- *ryantm
- *build03
- *build04
pgp:
- *zimbatm
- path_regex: roles/.+\.yaml$
key_groups:
- age:
- *mic92
- *ryantm
- *build01
- *build02
- *build03
- *build04
pgp:
- *zimbatm
Reference in a new issue View git blame Copy permalink