mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-05-12 05:56:04 +02:00
83498bf16f
In the context of the bugmigration the navbar of this service has to be redeployed for which I request access to this service. related to: https://gitlab.archlinux.org/archlinux/infrastructure/-/merge_requests/776 Signed-off-by: Christian Heusel <christian@heusel.eu>
54 lines
1.9 KiB
YAML
54 lines
1.9 KiB
YAML
# deploy tag 'sudo' when this changes
|
|
sudo_users:
|
|
- root
|
|
- foutrelis
|
|
- freswa
|
|
- grazzolini
|
|
- heftig
|
|
- jelle
|
|
- svenstaro
|
|
- anthraxx
|
|
- klausenbusk
|
|
- artafinde
|
|
|
|
# deploy tag 'root_ssh' when this changes
|
|
root_ssh_keys:
|
|
- key: foutrelis.pub
|
|
- key: freswa.pub
|
|
- key: grazzolini.pub
|
|
- key: heftig.pub
|
|
- key: jelle.pub
|
|
- key: svenstaro.pub
|
|
- key: anthraxx.pub
|
|
- key: klausenbusk.pub
|
|
- key: artafinde.pub
|
|
- key: gromit.pub
|
|
hosts:
|
|
- bugs.archlinux.org
|
|
- wiki.archlinux.org
|
|
- man.archlinux.org
|
|
|
|
# - run 'playbooks/tasks/reencrypt-vault-{super,default}-key.yml' when this
|
|
# changes; before doing so, make sure to 'gpg --lsign-key' all listed keys
|
|
# - before committing the re-encrypted password file, test if both vaults are
|
|
# working using `ansible-vault view misc/vaults/vault_{hetzner,hcloud}.yml`
|
|
# NOTE: adding a key to this list gives access to both default and super vaults
|
|
vault_super_pgpkeys: &vault_super_pgpkeys
|
|
- 86CFFCA918CF3AF47147588051E8B148A9999C34 # foutrelis
|
|
- 05C7775A9E8B977407FE08E69D4C5AA15426DA0A # freswa
|
|
- ECCAC84C1BA08A6CC8E63FBBF22FB1D78A77AEAB # grazzolini
|
|
- A2FF3A36AAA56654109064AB19802F8B0D70FC30 # heftig
|
|
- E499C79F53C96A54E572FEE1C06086337C50773E # jelle
|
|
- 8FC15A064950A99DD1BD14DD39E4B877E62EB915 # svenstaro
|
|
- E240B57E2C4630BA768E2F26FC1B547C8D8172C8 # anthraxx
|
|
- DB650286BD9EAE39890D3FE6FE3DC1668CB24956 # klausenbusk
|
|
- B4B759625D4633430B74877059E43E106B247368 # artafinde
|
|
|
|
# - run 'playbooks/tasks/reencrypt-vault-default-key.yml' when this changes
|
|
# - before running it, make sure to 'gpg --lsign-key' all keys listed below
|
|
# - before committing the re-encrypted password file, test that the vault
|
|
# is working by running `ansible-vault view misc/vaults/vault_hcloud.yml`
|
|
vault_default_pgpkeys:
|
|
- *vault_super_pgpkeys
|
|
- F00B96D15228013FFC9C9D0393B11DAA4C197E3D # gromit
|