Add sops for secret management

2025-12-13 05:37:14 +01:00 · 2022-12-07 10:09:17 +01:00
parent f418516013
commit 3ed65c6cfa
2 changed files with 26 additions and 0 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -0,0 +1,17 @@
+keys:
+  - &user_danio age17tagmpwqjk3mdy45rfesrfey6h863x8wfq38wh33tkrlrywxducs0k6tpq
+  - &host_jokum age1n4vc3dhv8puqz6ntwrkkpdfj0q002hexqee48wzahll8cmce2ezssrq608
+creation_rules:
+  # Global secrets
+  - path_regex: secrets/[^/]+\.yaml$
+    key_groups:
+    - age:
+      - *user_danio
+      - *host_jokum
+  # Host specific secrets
+  ## Jokum
+  - path_regex: secrets/jokum/[^/]+\.yaml$
+    key_groups:
+    - age:
+      - *user_danio
+      - *host_jokum