-
Notifications
You must be signed in to change notification settings - Fork 0
/
.sops.yaml
35 lines (35 loc) · 1.05 KB
/
.sops.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
keys:
- &admin_workstation age1y832x8gp8lt7tzl7m03cfvmuaqlf58fdgvyc3gprpkdv9cve5yxqk4mkw9
- &host_workstation age19gccnk5vrlnpxh6jcf8ryr4kutq6cm73m5rudmnve0pdu0zj4uzsvylzxj
- &host_babel age12mql9lrqmp6yvrr9gh0kuuwnxn2hkvcku7x620vgtj6r568zfq7skkpajf
- &host_media age13d0wge5xgtd8yvfak9lrhy5ee0yus7uecwhh0cpyqs59yv2ypveqt6evuh
- &host_laptop age1zd6sgnfz9cv0urtpl6u7p5a4adurgr5tezgp4mnfvjuk2r4vpsdqmfk8mq
- &host_itg age1j3dd2epq9tq2dhvwsde9xalq7axrsu225gn20chax88qq8um8v7q8jqmwp
creation_rules:
# Overridden key permissions for specific files
- path_regex: secrets/wifi.yaml$
key_groups:
- age:
- *admin_workstation
- *host_laptop
- *host_itg
- path_regex: secrets/services.yaml$
key_groups:
- age:
- *admin_workstation
- *host_babel
- *host_media
- path_regex: secrets/wireguard.yaml$
key_groups:
- age:
- *admin_workstation
- *host_media
# Generic all-host secrets
- path_regex: secrets/[^/]+\.yaml$
key_groups:
- age:
- *admin_workstation
- *host_workstation
- *host_babel
- *host_media
- *host_laptop