nix-config-tn/.sops.yaml

---
# config files for sops & used for encrypting keys that sops-nix decrypts.
# each machine key is derieved from its generated `ssh_hosts_ed` file
# via ssh-to-age
# sops encrypts the secrets ready to decrypt with the private key of any of the below machines
# OR my 'main' key thats kept outside this repo securely.

# key-per-machine is a little more secure and a little more work than
# copying one key to each machine

keys:
  - &nixosvm age1d3qtnwd73k0npgwhqwpwysdpqa2zyyjyyzs463f5rak9swmw45gsxdyjyn
  - &nixosvm2 age16mwx76r29pa9lnmagujw9adxrpujxmxu38hjfastf6pgw6v66gjs5ugewz
  - &dns01 age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
  - &citadel age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
  - &rickenbacker age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc

creation_rules:
  - path_regex: .*\.sops\.yaml$
    key_groups:
      - age:
          - *nixosvm
          - *nixosvm2
          - *dns01
          - *citadel
          - *rickenbacker
feat: add temp vm for nixos dev 2024-03-14 06:04:40 -05:00			`---`
Feat: add probot settings ci & doc comments (#28) * fix: move to json5 * feat: probot repo settings sync --------- Co-authored-by: Truxnell <9149206+truxnell@users.noreply.github.com> 2024-03-27 01:39:44 -05:00			`# config files for sops & used for encrypting keys that sops-nix decrypts.`
			# each machine key is derieved from its generated `ssh_hosts_ed` file
			`# via ssh-to-age`
			`# sops encrypts the secrets ready to decrypt with the private key of any of the below machines`
			`# OR my 'main' key thats kept outside this repo securely.`

			`# key-per-machine is a little more secure and a little more work than`
			`# copying one key to each machine`

feat: add temp vm for nixos dev 2024-03-14 06:04:40 -05:00			`keys:`
			`- &nixosvm age1d3qtnwd73k0npgwhqwpwysdpqa2zyyjyyzs463f5rak9swmw45gsxdyjyn`
fix: setting up sops 2024-03-16 07:46:36 -05:00			`- &nixosvm2 age16mwx76r29pa9lnmagujw9adxrpujxmxu38hjfastf6pgw6v66gjs5ugewz`
fix: dns01 firewall (#35) * feat: add overlays * Auto lint/format * feat: fix dns01 firewall ports --------- Co-authored-by: Truxnell <9149206+truxnell@users.noreply.github.com> Co-authored-by: truxnell <truxnell@users.noreply.github.com> 2024-03-29 17:50:30 -05:00			`- &dns01 age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c`
feat: add host 2024-03-23 04:51:52 -05:00			`- &citadel age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk`
			`- &rickenbacker age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc`
feat: add temp vm for nixos dev 2024-03-14 06:04:40 -05:00
			`creation_rules:`
			`- path_regex: .*\.sops\.yaml$`
			`key_groups:`
			`- age:`
			`- *nixosvm`
fix: setting up sops 2024-03-16 07:46:36 -05:00			`- *nixosvm2`
chore: add dns01 key 2024-03-20 17:14:27 -05:00			`- *dns01`
feat: add host 2024-03-23 04:51:52 -05:00			`- *citadel`
fix: installing desktop 2024-03-21 06:56:48 -05:00			`- *rickenbacker`