Secret management via sops-nix.

2024-09-21 10:24:16 +01:00
parent 9619607919
commit a79e666a85
9 changed files with 142 additions and 4 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -0,0 +1,20 @@
+keys:
+  - &admin_ppetru age1kgkmean5tc0uwl4y8hpknfa2d7g5hka30gzrdnje9n6z2r733upqds0s4l
+  - &server_zippy age1gtyw202hd07hddac9886as2cs8pm07e4exlnrgfm72lync75ng9qc5fjac
+  - &server_chilly age16yqffw4yl5jqvsr7tyd883vn98zw0attuv9g5snc329juff6dy3qw2w5wp
+  - &server_alo_cloud_1 age1w5w4wfvtul3sge9mt205zvrkjaeh3qs9gsxhmq7df2g4dztnvv6qylup8z
+  - &server_c1 age1e7ejamlagumpgjw56h82e9rsz2aplgzmll4np073a9lyvxw2gauqswpqwl
+  - &server_c2 age1gekmz8kc8r2lc2x6d4u63s2lnpmres4hu9wulxh29ch74ud7wfksq56xam
+  - &server_c3 age1zjgqu3zks5kvlw6hvy6ytyygq7n25lu0uj2435zlf30smpxuy4hshpmfer
+creation_rules:
+  - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
+    key_groups:
+      - age:
+        - *admin_ppetru
+        - *server_zippy
+        - *server_chilly
+        - *server_alo_cloud_1
+        - *server_c1
+        - *server_c2
+        - *server_c3
+