1554768917
* feat: add * hack * feat: add secrets pre-commit * wip * wip * hacking at gatus * hacking at gatus * wip * wip * hack * hack * hack * hack * feat: gatus doing gatus stuff * hack * guh * hacking * hack * hack * hack * feat: add helios * hack * chore: new hosts reencrypt * Auto lint/format --------- Co-authored-by: Truxnell <9149206+truxnell@users.noreply.github.com> Co-authored-by: truxnell <truxnell@users.noreply.github.com>
28 lines
1.1 KiB
YAML
28 lines
1.1 KiB
YAML
---
|
|
# config files for sops & used for encrypting keys that sops-nix decrypts.
|
|
# each machine key is derieved from its generated `ssh_hosts_ed` file
|
|
# via ssh-to-age
|
|
# sops encrypts the secrets ready to decrypt with the private key of any of the below machines
|
|
# OR my 'main' key thats kept outside this repo securely.
|
|
|
|
# key-per-machine is a little more secure and a little more work than
|
|
# copying one key to each machine
|
|
|
|
keys:
|
|
- &dns01 age1lj5vmr02qkudvv2xedfj5tq8x93gllgpr6tzylwdlt7lud4tfv5qfqsd5u
|
|
- &dns02 age17edew3aahg3t5nte5g0a505sn96vnj8g8gqse8q06ccrrn2n3uysyshu2c
|
|
- &citadel age1u4tht685sqg6dkmjyer96r93pl425u6353md6fphpd84jh3jwcusvm7mgk
|
|
- &rickenbacker age1cp6vegrmqfkuj8nmt2u3z0sur7n0f7e9x9zmdv4zygp8j2pnucpsdkgagc
|
|
- &shodan age1j2r8mypw44uvqhfs53424h6fu2rkr5m7asl7rl3zn3xzva9m3dcqpa97gw
|
|
- &helios age1se7am4c5dh35aulf5zt38ymf600hz8gah4eudr9ml4fmr8h2eqxszuel73
|
|
|
|
creation_rules:
|
|
- path_regex: .*\.sops\.yaml$
|
|
key_groups:
|
|
- age:
|
|
- *dns01
|
|
- *dns02
|
|
- *citadel
|
|
- *rickenbacker
|
|
- *shodan
|
|
- *helios
|