-
Notifications
You must be signed in to change notification settings - Fork 0
/
.sops.yaml
74 lines (74 loc) · 3.64 KB
/
.sops.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
keys:
- &users:
- &sinkerine E51ECE14AD2CBB96D4FC42E25C8651C428B9DF03
- &hosts:
- &kazuki age1sc2gp8d40y7d9engfqhydg5v6mcg0aj40x3yccndzh7ruxvj63cqcpax76
- &asako age1kez9h9hmz4amrq5phv8cwv3d04l775ctzaqgrd7q9u70hp6s0ehsjp5wk8
- &sachi age147zmk06prg2864yym9tcg5z9vl9ldykv5zkwuuefuy85q994qp3sjh3lfd
- &yumiko age1g8qxqwmajcpcz46ugnan9hyt5x5wcz9rd09jd5mq6jgvhx443qfq08jcq0
- &amane age1snfpluv03zwz8t6cxt0a26gpjxum2cad75gqw5k5fjg6y7cgx4zqcjq8fm
creation_rules:
- path_regex: hosts/modules/services/autofs/cifs-secrets.txt
# kazuki, asako
age: "age1sc2gp8d40y7d9engfqhydg5v6mcg0aj40x3yccndzh7ruxvj63cqcpax76,age1kez9h9hmz4amrq5phv8cwv3d04l775ctzaqgrd7q9u70hp6s0ehsjp5wk8"
pgp: *sinkerine
- path_regex: hosts/modules/services/nix-serve/.*\.pem$
pgp: *sinkerine
# kazuki, sachi
age: "age1sc2gp8d40y7d9engfqhydg5v6mcg0aj40x3yccndzh7ruxvj63cqcpax76,age147zmk06prg2864yym9tcg5z9vl9ldykv5zkwuuefuy85q994qp3sjh3lfd"
- path_regex: hosts/modules/services/gateway/.*\.env.txt$
pgp: *sinkerine
# All hosts
age: "age1sc2gp8d40y7d9engfqhydg5v6mcg0aj40x3yccndzh7ruxvj63cqcpax76,age1kez9h9hmz4amrq5phv8cwv3d04l775ctzaqgrd7q9u70hp6s0ehsjp5wk8,age147zmk06prg2864yym9tcg5z9vl9ldykv5zkwuuefuy85q994qp3sjh3lfd,age1g8qxqwmajcpcz46ugnan9hyt5x5wcz9rd09jd5mq6jgvhx443qfq08jcq0,age1snfpluv03zwz8t6cxt0a26gpjxum2cad75gqw5k5fjg6y7cgx4zqcjq8fm"
- path_regex: hosts/modules/services/shadowsocks/secrets\.yaml$
pgp: *sinkerine
# kazuki, asako, amane
age: "age1sc2gp8d40y7d9engfqhydg5v6mcg0aj40x3yccndzh7ruxvj63cqcpax76,age1kez9h9hmz4amrq5phv8cwv3d04l775ctzaqgrd7q9u70hp6s0ehsjp5wk8,age1snfpluv03zwz8t6cxt0a26gpjxum2cad75gqw5k5fjg6y7cgx4zqcjq8fm"
- path_regex: hosts/modules/services/ups/(upsd\.users|upsmon\.conf|secrets\.yaml)
pgp: *sinkerine
# kazuki, asako, sachi
age: "age1sc2gp8d40y7d9engfqhydg5v6mcg0aj40x3yccndzh7ruxvj63cqcpax76,age1kez9h9hmz4amrq5phv8cwv3d04l775ctzaqgrd7q9u70hp6s0ehsjp5wk8,age147zmk06prg2864yym9tcg5z9vl9ldykv5zkwuuefuy85q994qp3sjh3lfd"
- path_regex: hosts/common/secrets\.yaml$
pgp: *sinkerine
# All hosts
age: "age1sc2gp8d40y7d9engfqhydg5v6mcg0aj40x3yccndzh7ruxvj63cqcpax76,age1kez9h9hmz4amrq5phv8cwv3d04l775ctzaqgrd7q9u70hp6s0ehsjp5wk8,age147zmk06prg2864yym9tcg5z9vl9ldykv5zkwuuefuy85q994qp3sjh3lfd,age1g8qxqwmajcpcz46ugnan9hyt5x5wcz9rd09jd5mq6jgvhx443qfq08jcq0,age1snfpluv03zwz8t6cxt0a26gpjxum2cad75gqw5k5fjg6y7cgx4zqcjq8fm"
- path_regex: hosts/kazuki/secrets\.yaml$
pgp: *sinkerine
age: *kazuki
- path_regex: hosts/asako/secrets\.yaml$
pgp: *sinkerine
age: *asako
- path_regex: hosts/sachi/secrets\.yaml$
pgp: *sinkerine
age: *sachi
- path_regex: hosts/sachi/samba/smbpasswd$
pgp: *sinkerine
age: *sachi
- path_regex: hosts/yumiko/secrets\.yaml$
pgp: *sinkerine
age: *yumiko
- path_regex: hosts/amane/secrets\.yaml$
pgp: *sinkerine
age: *amane
- path_regex: hosts/asako/zrepl/.*\.(crt|key)$
pgp: *sinkerine
age: *asako
- path_regex: hosts/kazuki/zrepl/.*\.(crt|key)$
pgp: *sinkerine
age: *kazuki
- path_regex: hosts/sachi/zrepl/.*\.(crt|key)$
pgp: *sinkerine
age: *sachi
- path_regex: hosts/yumiko/zrepl/.*\.(crt|key)$
pgp: *sinkerine
age: *yumiko
- path_regex: hosts/amane/zrepl/.*\.(crt|key)$
pgp: *sinkerine
age: *amane
- path_regex: hosts/modules/services/aria2/.*\.env.txt$
pgp: *sinkerine
# kazuki, asako, sachi
age: "age1sc2gp8d40y7d9engfqhydg5v6mcg0aj40x3yccndzh7ruxvj63cqcpax76,age1kez9h9hmz4amrq5phv8cwv3d04l775ctzaqgrd7q9u70hp6s0ehsjp5wk8,age147zmk06prg2864yym9tcg5z9vl9ldykv5zkwuuefuy85q994qp3sjh3lfd"
- path_regex: hosts/sachi/ftp/.*\.(pem|key)$
pgp: *sinkerine
age: *sachi