forgejo-ci-runners/.sops.yaml

27 lines
943 B
YAML
Raw Normal View History

2024-05-14 12:03:36 -05:00
---
# config files for sops & used for encrypting keys that sops-nix decrypts.
# each machine key is derieved from its generated `ssh_hosts_ed` file
# via ssh-to-age
# sops encrypts the secrets ready to decrypt with the private key of any of the below machines
# OR my 'main' key thats kept outside this repo securely.
# key-per-machine is a little more secure and a little more work than
# copying one key to each machine
keys:
- users:
- &jahanson age18kj3xhlvgjeg2awwku3r8d95w360uysu0w5ejghnp4kh8qmtge5qwa2vjp
- hosts:
- &durincore age1d9p83j52m2xg0vh9k7q0uwlxwhs3y6tlv68yg9s2h9mdw2fmmsqshddz5m
2024-05-14 13:19:06 -05:00
- &runner01 age1eyqz3lgytv7zwxvttgpa48typ4xqngm93czyr2fy77rxegeu8p8q7c5n95
2024-05-26 12:19:32 -05:00
- &fj-shadowfax-01 age1hfagykae4pl56w8k6kypze47r705u2kmgeer3e9a8dru6lhuzyasdd2ss9
2024-05-14 12:03:36 -05:00
creation_rules:
- path_regex: .*\.sops\.yaml$
key_groups:
- age:
- *jahanson
2024-05-14 12:47:52 -05:00
- *durincore
2024-05-26 12:19:32 -05:00
- *runner01
- *fj-shadowfax-01