SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 14:01:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Move secrets decryption from containers to server

Browse source
This commit is contained in:
SebastianStork 2024-09-22 19:10:52 +02:00
parent a4abd033cc
commit a7e1ced2a2
13 changed files with 58 additions and 196 deletions
Download patch file Download diff file Expand all files Collapse all files

22
.sops.yaml
View file

@ -6,11 +6,6 @@ keys:
- &inspiron age1jl9s4vp78wuwymjxaje6fg4ax0gg5aq8pn8khfmtn5rvap0d83tqfr05dv
- &stratus age1pryafed9elaea6zk5gnf6drjt4nznc02385y973lwt9t2s7j7vmsfnggkp
# Containers
- &forgejo age12k607dpdjt5dyq0w3hpgyfdyfrrfuutxgra0tgt8qja30er7cupsfps60n
- &nextcloud age1jutruntzdaqs26mpe68pafje23m9n4klm04fva05fcdyvyqnaamsvqf3jr
- &paperless age1y82j460w5fh0fpquatqar0zqet0vzzfzjnegrp686na3gejapdtsc37vuh
# Users
- &seb-north age1p32cyzakxtcx346ej82ftln4r2aw2pcuazq3583s85nzsan4ygqsj32hjf
- &seb-inspiron age1s9h9hh8f0vudwn4awr90mj0ka2xh9gppwus0jmvmaz3j3uckz94s36gzkz
@ -33,23 +28,6 @@ creation_rules:
- *admin
- *stratus
# Containers
- path_regex: hosts/stratus/containers/nspawn/forgejo/secrets.yaml$
key_groups:
- age:
- *admin
- *forgejo
- path_regex: hosts/stratus/containers/nspawn/nextcloud/secrets.yaml$
key_groups:
- age:
- *admin
- *nextcloud
- path_regex: hosts/stratus/containers/nspawn/paperless/secrets.yaml$
key_groups:
- age:
- *admin
- *paperless
# Users
- path_regex: users/seb/@north/secrets.yaml$
key_groups: