infra/nix/.sops.yaml
surtur 10243fe4eb
nix: add t14 system configuration
meaning reencrypt shared secrets to the new key...
also, make use of nixos-hardware's module for t14
2023-12-04 20:19:11 +01:00

40 lines
1.1 KiB
YAML

---
keys:
- &it age1nt7a9nsgwsf7c9x8yx3qu8w24svz02hpfuwtmk8dazw6j6lh33hsgv8erk
- &loki age136558pknq6glx2xftavt7mm3p4jcpu54kej2kxryeu78m5r59e0qvawl5l
- &nixpi age17qvnfr98kxn0yuw6zjsmrl5nqlganzakn77pchnf5cr3an4gdp5s8dn26v
- &t14 age1qnyrhen4ynpa6t0ljgjnhz5zpf0ennzt4ezskeq78nsnpvlyh5ws6ergnx
- &monoceros age1yzlnedt49kd429jssj73v3yz5z7deyg82dq0gq86lp6dft4edg7qrcjs5v
- &backup age15959gprm59azjflvpj97yt0lj6dj4d2yv0nd6u9jp32lzwp3de7qzhf85y
- &surtur age1drh8uq93mhzhj3rz9s2gcnht04wc5hukzutlu4l5qc55hxaznd5s9xs2f6
creation_rules:
- path_regex: hosts/loki/*.*
key_groups:
- age:
- *backup
- *loki
- path_regex: hosts/nixpi/*.*
key_groups:
- age:
- *backup
- *nixpi
- path_regex: hosts/t14/*.*
key_groups:
- age:
- *backup
- *t14
- path_regex: hosts/monoceros/*.*
key_groups:
- age:
- *backup
- *monoceros
- path_regex: secrets/*.*
key_groups:
- age:
- *backup
- *surtur
- *loki
- *nixpi
- *monoceros
...