-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.sops.yaml
38 lines (38 loc) · 1.16 KB
/
.sops.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
keys:
- &admin_workstation age1y832x8gp8lt7tzl7m03cfvmuaqlf58fdgvyc3gprpkdv9cve5yxqk4mkw9
- &host_workstation age19gccnk5vrlnpxh6jcf8ryr4kutq6cm73m5rudmnve0pdu0zj4uzsvylzxj
- &host_babel age12mql9lrqmp6yvrr9gh0kuuwnxn2hkvcku7x620vgtj6r568zfq7skkpajf
- &host_media age13d0wge5xgtd8yvfak9lrhy5ee0yus7uecwhh0cpyqs59yv2ypveqt6evuh
- &host_laptop age1zd6sgnfz9cv0urtpl6u7p5a4adurgr5tezgp4mnfvjuk2r4vpsdqmfk8mq
- &host_itg age1j3dd2epq9tq2dhvwsde9xalq7axrsu225gn20chax88qq8um8v7q8jqmwp
- &host_psi age1ealkneafzee6fn8u59tjxw0jcen0c6ztmmzcmpl047wzmv6sc5lqx339da
creation_rules:
# Overridden key permissions for specific files
- path_regex: secrets/wifi.yaml$
key_groups:
- age:
- *admin_workstation
- *host_laptop
- *host_itg
- *host_psi
- path_regex: secrets/services.yaml$
key_groups:
- age:
- *admin_workstation
- *host_babel
- *host_media
- path_regex: secrets/wireguard.yaml$
key_groups:
- age:
- *admin_workstation
- *host_media
# Generic all-host secrets
- path_regex: secrets/[^/]+\.yaml$
key_groups:
- age:
- *admin_workstation
- *host_workstation
- *host_babel
- *host_media
- *host_laptop
- *host_psi