]> git.immae.eu Git - perso/Immae/Config/Nix.git/blobdiff - nixops/.sops.yaml
projects / perso / Immae / Config / Nix.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Refactor secrets handling
[perso/Immae/Config/Nix.git] / nixops / .sops.yaml
diff --git a/nixops/.sops.yaml b/nixops/.sops.yaml
new file mode 100644 (file)
index 0000000..04826a2
--- /dev/null
+++ b/nixops/.sops.yaml
@@ -0,0 +1,19 @@
+keys:
+  - &Immae F82806FDA1BF5B9A1B3014E7C9FCED6CA6B79454
+  # obtained with: ssh-keyscan eldiron | nix-shell -p ssh-to-age --run ssh-to-age
+  - &eldiron age1dxr5lhvtnjssfaqpnf6qx80h8gfwkxg3tdf35m6n9wljmk7wadfs3kmahj
+  - &monitoring-1 age1dn4lzhgxusqrpjjnzm7w8ml39ptf326htuzmpqdqs2gg3wq7cqzqxuvx8k
+  - &backup-2 age1kk3nr27qu42j28mcfdag5lhq0zu2pky7gfanvne8l4z2ctevjpgskmw0sr
+  - &dilion age1x49n6qa0arkdpq8530s7umgm0gqkq90exv4jep97q30rfnzknpaqate06a
+  - &quatresaisons age1yz8u6xvh2fltvyp96ep8crce3qx4tuceyhun6pwddfe0uvcrkarscxl7e7
+creation_rules:
+  - path_regex: vars.yml
+    key_groups:
+      - pgp:
+        - *Immae
+        age:
+        - *eldiron
+        - *monitoring-1
+        - *backup-2
+        - *dilion
+        - *quatresaisons
My infrastructure configuration