This repository has been archived on 2024-07-08. You can view files and clone it, but cannot push or open issues or pull requests.
nix-config-tn/.sops.yaml
2024-05-10 22:03:57 -05:00

27 lines
No EOL
925 B
YAML

---
# config files for sops & used for encrypting keys that sops-nix decrypts.
# each machine key is derieved from its generated `ssh_hosts_ed` file
# via ssh-to-age
# sops encrypts the secrets ready to decrypt with the private key of any of the below machines
# OR my 'main' key thats kept outside this repo securely.
# key-per-machine is a little more secure and a little more work than
# copying one key to each machine
keys:
- users:
- &jahanson age18kj3xhlvgjeg2awwku3r8d95w360uysu0w5ejghnp4kh8qmtge5qwa2vjp
- hosts:
- &telperion age1z3vjvkead2h934n3w4m5m7tg4tj5qlzagsq6ly84h3tcu7x4ldsqd3s5fg
- &varda age1a8z3p24v32l9yxm5z2l8h7rpc3nhacyfv4jvetk2lenrvsdstd3sdu2kaf
- &durincore age1d9p83j52m2xg0vh9k7q0uwlxwhs3y6tlv68yg9s2h9mdw2fmmsqshddz5m
creation_rules:
- path_regex: .*\.sops\.yaml$
key_groups:
- age:
- *jahanson
- *telperion
- *varda
- *durincore