pvv-nixos-config/.sops.yaml

keys:
  # Users
  - &user_danio age17tagmpwqjk3mdy45rfesrfey6h863x8wfq38wh33tkrlrywxducs0k6tpq
  - &user_felixalb age1mrnldl334l2nszuta6ywvewng0fswv2dz9l5g4qcwe3nj4yxf92qjskdx6
  - &user_oysteikt F7D37890228A907440E1FD4846B9228E814A2AAC

  # Hosts
  - &host_jokum age1gp8ye4g2mmw3may5xg0zsy7mm04glfz3788mmdx9cvcsdxs9hg0s0cc9kt
  - &host_ildkule age1hn45n46ypyrvypv0mwfnpt9ddrlmw34dwlpf33n8v67jexr3lucq6ahc9x
  - &host_bekkalokk age13t2nnr6yukmtda6wn2uggfcj0dmwce8347y8w6xzt4yje6wlgscqnahuqm
  - &host_bicep age1sl43gc9cw939z5tgha2lpwf0xxxgcnlw7w4xem4sqgmt2pt264vq0dmwx2

creation_rules:
  # Global secrets
  - path_regex: secrets/[^/]+\.yaml$
    key_groups:
    - age:
      - *host_jokum
      - *user_danio
      - *user_felixalb
      pgp:
      - *user_oysteikt

  # Host specific secrets
  
  - path_regex: secrets/bekkalokk/[^/]+\.yaml$
    key_groups:
    - age:
      - *host_bekkalokk
      - *user_danio
      - *user_felixalb
      pgp:
      - *user_oysteikt

  - path_regex: secrets/jokum/[^/]+\.yaml$
    key_groups:
    - age:
      - *host_jokum
      - *user_danio
      - *user_felixalb
      pgp:
      - *user_oysteikt

  - path_regex: secrets/ildkule/[^/]+\.yaml$
    key_groups:
    - age:
      - *host_ildkule
      - *user_danio
      - *user_felixalb
      pgp:
      - *user_oysteikt
Add sops for secret management 2022-12-07 10:09:17 +01:00			`keys:`
Add host `bekkalokk` `bekkalokk` is a new machine, meant to host web services and eventually miscellaneous services. 2023-01-29 01:51:35 +01:00			`# Users`
Add sops for secret management 2022-12-07 10:09:17 +01:00			`- &user_danio age17tagmpwqjk3mdy45rfesrfey6h863x8wfq38wh33tkrlrywxducs0k6tpq`
Add host ildkule 2022-12-17 21:51:43 +01:00			`- &user_felixalb age1mrnldl334l2nszuta6ywvewng0fswv2dz9l5g4qcwe3nj4yxf92qjskdx6`
Add oysteikt to secrets 2022-12-17 22:53:26 +01:00			`- &user_oysteikt F7D37890228A907440E1FD4846B9228E814A2AAC`
Add host `bekkalokk` `bekkalokk` is a new machine, meant to host web services and eventually miscellaneous services. 2023-01-29 01:51:35 +01:00
			`# Hosts`
update jokum sops secrets 2023-03-26 13:14:55 +02:00			`- &host_jokum age1gp8ye4g2mmw3may5xg0zsy7mm04glfz3788mmdx9cvcsdxs9hg0s0cc9kt`
Add ildkule host keys 2022-12-17 22:49:23 +01:00			`- &host_ildkule age1hn45n46ypyrvypv0mwfnpt9ddrlmw34dwlpf33n8v67jexr3lucq6ahc9x`
Add host `bekkalokk` `bekkalokk` is a new machine, meant to host web services and eventually miscellaneous services. 2023-01-29 01:51:35 +01:00			`- &host_bekkalokk age13t2nnr6yukmtda6wn2uggfcj0dmwce8347y8w6xzt4yje6wlgscqnahuqm`
update jokum sops secrets 2023-03-26 13:14:55 +02:00			`- &host_bicep age1sl43gc9cw939z5tgha2lpwf0xxxgcnlw7w4xem4sqgmt2pt264vq0dmwx2`
Add host `bekkalokk` `bekkalokk` is a new machine, meant to host web services and eventually miscellaneous services. 2023-01-29 01:51:35 +01:00
Add sops for secret management 2022-12-07 10:09:17 +01:00			`creation_rules:`
			`# Global secrets`
			`- path_regex: secrets/[^/]+\.yaml$`
			`key_groups:`
			`- age:`
			`- *host_jokum`
sops: reencrypt jokum secrets with felixalb keys 2023-01-21 22:37:56 +01:00			`- *user_danio`
			`- *user_felixalb`
Add oysteikt to secrets 2022-12-17 22:53:26 +01:00			`pgp:`
			`- *user_oysteikt`
Add host `bekkalokk` `bekkalokk` is a new machine, meant to host web services and eventually miscellaneous services. 2023-01-29 01:51:35 +01:00
Add sops for secret management 2022-12-07 10:09:17 +01:00			`# Host specific secrets`
Add host `bekkalokk` `bekkalokk` is a new machine, meant to host web services and eventually miscellaneous services. 2023-01-29 01:51:35 +01:00
			`- path_regex: secrets/bekkalokk/[^/]+\.yaml$`
			`key_groups:`
			`- age:`
			`- *host_bekkalokk`
			`- *user_danio`
			`- *user_felixalb`
			`pgp:`
			`- *user_oysteikt`

Add sops for secret management 2022-12-07 10:09:17 +01:00			`- path_regex: secrets/jokum/[^/]+\.yaml$`
			`key_groups:`
			`- age:`
			`- *host_jokum`
sops: reencrypt jokum secrets with felixalb keys 2023-01-21 22:37:56 +01:00			`- *user_danio`
			`- *user_felixalb`
Add oysteikt to secrets 2022-12-17 22:53:26 +01:00			`pgp:`
			`- *user_oysteikt`
Add host ildkule 2022-12-17 21:51:43 +01:00
			`- path_regex: secrets/ildkule/[^/]+\.yaml$`
			`key_groups:`
			`- age:`
Add ildkule host keys 2022-12-17 22:49:23 +01:00			`- *host_ildkule`
sops: reencrypt jokum secrets with felixalb keys 2023-01-21 22:37:56 +01:00			`- *user_danio`
			`- *user_felixalb`
Add oysteikt to secrets 2022-12-17 22:53:26 +01:00			`pgp:`
Merge remote-tracking branch 'origin/main' into prometheus-stack 2023-01-14 22:49:21 +01:00			`- *user_oysteikt`