SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 14:01:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Rotate sops data keys

Browse source
This commit is contained in:
SebastianStork 2025-03-09 23:56:03 +01:00
parent 05f47526fa
commit 1bc59da1df
7 changed files with 104 additions and 105 deletions
Download patch file Download diff file Expand all files Collapse all files

33
.sops.yaml
View file

@ -1,41 +1,40 @@
keys:
- &admin age1mpq8m4p7dnxh5ze3fh7etd2k6sp85zdnmp9te3e9chcw4pw07pcq960zh5
# Hosts
- &north age18x6herevmcuhcmeh47ll6p9ck9zk4ga6gfxwlc8yl49rwjxm7qusylwfgc
- &fern age1sywwrwse76x8yskrsfpwk38fu2cmyx5s9qkf2pgc68cta0vj9psql7dp6e
- &north age18x6herevmcuhcmeh47ll6p9ck9zk4ga6gfxwlc8yl49rwjxm7qusylwfgc
- &stratus age1pryafed9elaea6zk5gnf6drjt4nznc02385y973lwt9t2s7j7vmsfnggkp
# Users
- &seb-north age1p32cyzakxtcx346ej82ftln4r2aw2pcuazq3583s85nzsan4ygqsj32hjf
- &seb-admin age1mpq8m4p7dnxh5ze3fh7etd2k6sp85zdnmp9te3e9chcw4pw07pcq960zh5
- &seb-fern age190mf9wx4ct7qvne3ly9j3cj9740z5wnfhsl6vsc5wtfyc5pueuas9hnjtr
- &seb-north age1p32cyzakxtcx346ej82ftln4r2aw2pcuazq3583s85nzsan4ygqsj32hjf
creation_rules:
# Hosts
- path_regex: hosts/north/secrets.yaml$
key_groups:
- age:
- *admin
- *north
- path_regex: hosts/fern/secrets.yaml$
key_groups:
- age:
- *admin
- *seb-admin
- *fern
- path_regex: hosts/north/secrets.yaml$
key_groups:
- age:
- *seb-admin
- *north
- path_regex: hosts/stratus/secrets.yaml$
key_groups:
- age:
- *admin
- *seb-admin
- *stratus
# Users
- path_regex: users/seb/@north/secrets.yaml$
key_groups:
- age:
- *admin
- *seb-north
- path_regex: users/seb/@fern/secrets.yaml$
key_groups:
- age:
- *admin
- *seb-admin
- *seb-fern
- path_regex: users/seb/@north/secrets.yaml$
key_groups:
- age:
- *seb-admin
- *seb-north