Add oysteikt to secrets

This commit is contained in:
Daniel Olsen 2022-12-17 22:53:26 +01:00
parent 4de4f9b8f6
commit 57ff1fa17a
4 changed files with 82 additions and 11 deletions

View File

@ -1,6 +1,7 @@
keys:
- &user_danio age17tagmpwqjk3mdy45rfesrfey6h863x8wfq38wh33tkrlrywxducs0k6tpq
- &user_felixalb age1mrnldl334l2nszuta6ywvewng0fswv2dz9l5g4qcwe3nj4yxf92qjskdx6
- &user_oysteikt F7D37890228A907440E1FD4846B9228E814A2AAC
- &host_jokum age1n4vc3dhv8puqz6ntwrkkpdfj0q002hexqee48wzahll8cmce2ezssrq608
creation_rules:
# Global secrets
@ -9,16 +10,24 @@ creation_rules:
- age:
- *user_danio
- *host_jokum
pgp:
- *user_oysteikt
# Host specific secrets
## Jokum
- path_regex: secrets/jokum/[^/]+\.yaml$
shamir_threshold: 1
key_groups:
- age:
- *user_danio
- *host_jokum
pgp:
- *user_oysteikt
- path_regex: secrets/ildkule/[^/]+\.yaml$
shamir_threshold: 1
key_groups:
- age:
- *user_felixalb
- *user_danio
pgp:
- *user_oysteikt

41
keys/oysteikt.pub Normal file
View File

@ -0,0 +1,41 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEYuaF5BYJKwYBBAHaRw8BAQdAyCMRV/dIW4dIbUqMNP6nWiyAnB/a4iAtTaEn
idcbAdy0JGg3eDRhYmszZyA8aDd4NGFiazNnQHByb3Rvbm1haWwuY29tPoiQBBMW
CgA4FiEE99N4kCKKkHRA4f1IRrkijoFKKqwFAmL7j2ICGwEFCwkIBwMFFQoJCAsF
FgIDAQACHgECF4AACgkQRrkijoFKKqxIlQD9F0EedrFpHAVuaVas9ZWRZb4xv3zM
+CPpeegRw646eC8A/0l4JRHplPClB4MQfsc3N/0TDbCT4PaEhls9eJQ2KbUKtBRo
N3g0IDxoN3g0QG5hbmkud3RmPoiTBBMWCgA7AhsBBQsJCAcDBRUKCQgLBRYCAwEA
Ah4BAheAFiEE99N4kCKKkHRA4f1IRrkijoFKKqwFAmL7l8ACGQEACgkQRrkijoFK
KqxI4wD9EIGpb3Gt5s5e8waH7XaLSlquOrW1RID3sSuzWI4DvikBAMncfBbtkpzH
EYU2Ufm8VxzgJDnyeB+lcdeSJXWaIwYLtCZoN3g0IChhbHRlcm5hdGl2ZSkgPGg3
eDQuYWx0QG5hbmkud3RmPoiQBBMWCgA4FiEE99N4kCKKkHRA4f1IRrkijoFKKqwF
AmL7j0oCGwEFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQRrkijoFKKqytywD+
IdHIxbjRcDEJYOqFX1r4wrymTvnjz/kp0zUSrymwMUoBAP8huPK/YpujNF6/cwwB
3A5WwpWjjV+F/uq2ejqFOocNuDMEYuaGRxYJKwYBBAHaRw8BAQdAsmc0GTQIszpk
jDYwgSt6zI81P2+k9WvBg6IEISnyuVWI9QQYFgoAJhYhBPfTeJAiipB0QOH9SEa5
Io6BSiqsBQJi5oZHAhsCBQkDwmcAAIEJEEa5Io6BSiqsdiAEGRYKAB0WIQTzzahs
xVqfENegaYGfL32CUPNRRgUCYuaGRwAKCRCfL32CUPNRRhWYAQCzfkYeJt9t02jO
c3SXwk1e1dGj9ydEXSprSr8/2PWu7gD+KD/FJWzPbnMhtudoGfCIzNFaazcz/QqT
ZeBs6Q+AkQ7ueQD/ZqQMkaCrd8o2L02h89U6bFxy86nyTurGAUVx92F8jUwBAKa7
Zp/0vR5bR4o57C7NTxB5kbmteF0AXS9R7sxSA/AEuQINBGLmhnoBEADa1yBK0NKx
VIto3hSh21hooYpWcEXWqMPXHO34rcAhktVFOOHIl2bFGScQAZXtjAcqUmMyC+PM
s1DZoocFk+9PJt17hAa/s6CRrw8vK+1fVqhj0XOLtevGV9iC6IRvhPxzTsOaeOss
gMGIU8xDmMKT2nGHGNUkqOXGld63E3NKsK3lnl+BCdpJ0f3GEB7aSQ+pk6k1uzOD
XX/mhAUJmL1MkVZ6jJA3vhsre0Kfa9p+C5mP4hLJ6jF+oESvA4HC+LuCSGm66gID
MC39jnLo6hwYEEjfPXD7CUAN4S2eISSFd+ZclN2vYcrKYgsCZS0hBFOgDhKKCHBu
MwP12AIM8y8L64/eOWFpR7s2StAPjjYbZeZECHLWZt1zGVvkS7Xp6lsAg6/T8Eys
KG7vTl2Qq9W0BmzNgk2ODTZkhv0gqqXppdr8eRiq+h0qMfJptG0GycOvqb9PoEO2
dfNCjjII8VfaSGfSEYo8UwsqYTtfgdoNnFCXKd1r7QmvrdbNsFDRmkv+wWJoipwU
aVquyb2KN652jSlpwMECW6fSEsT/5C3mJLgAmi6l6yosw6HdIY6jgpCGtxnHW2zR
eIS6ezZdtxYBCkEHK70yASyaIHrLLDknw+DuKvXAWOAecob8GNBHOjXZe3LzBt2r
VgOCRa+W7milNgjUCsz+R3rM8XfR+wNEGwARAQABiH4EGBYKACYWIQT303iQIoqQ
dEDh/UhGuSKOgUoqrAUCYuaGegIbDAUJA8JnAAAKCRBGuSKOgUoqrDE0AQDBxRsm
W9L60mxGCp1CpNWBXD2T6D605PlNiNCcM+cOCgD/c2OitSSG50M0YRbyh1LPYL6Y
QePL0dQkYsjm6XVmrAK4MwRi5obFFgkrBgEEAdpHDwEBB0BYP2r4I9LGW8ai+fLW
RKXGonni9TljqFVN5mV/yuxlPoh+BBgWCgAmFiEE99N4kCKKkHRA4f1IRrkijoFK
KqwFAmLmhsUCGyAFCQPCZwAACgkQRrkijoFKKqzeYwD/emjtDBD0EiCnS2mvfopa
T6foJSfXbiCe83UdFNebTjQBANFqnkXPCYb9dFIyM/0N1JXH7yj81VuslSqPi4NR
SNkE
=oTMO
-----END PGP PUBLIC KEY BLOCK-----

View File

@ -16,23 +16,43 @@ sops:
- recipient: age17tagmpwqjk3mdy45rfesrfey6h863x8wfq38wh33tkrlrywxducs0k6tpq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzOU56dFpuZ0QySnZFK0k1
MTl1blEzclZBa1dZV1NGYUVBa3hyRmR4WlYwCnRHdXd1TzZQdjAwTGJ5aHYxVS9H
M3Rzd082QVliMzBCdGZ3alZVYlY5cUEKLS0tIER6WWNhWUZuZmI5QXlkazdZTllI
OUN3Z21WQ010ZjlMamVwK0VsYkM4TjgKR+cv3y7rSJ7UwaE3fl42jBV43lG4OU0n
atbZeUj+i2SmaFIE+MoyckbygtFZOvs93xwuMDJjkD7a+EGfCz2ggw==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3K29HWS9ZRWxpbzQ3d1V2
OEZwYjA5eEE1Z0YrM1o0YnlGbGt3QmQ2YkdBCkpnZHN1TE45dWxqY3lndjBYcWVQ
cFdoUi9WaVNibndWdTcwTDRiOTBtWXMKLS0tIGNIYkdIZWo4cUlrM094Qi9KTnJa
ZXI1bnZlbmZZQ2dvLys4YllYRG9jNlkKn2UbGP+TOUU5+Q3OQuZTQvr8S5oDX/aN
a7iaQn2z/Y5M3tGvFBOiaWZjqtoCHgtZL56LKAaF60yLeUIPnKylbg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1n4vc3dhv8puqz6ntwrkkpdfj0q002hexqee48wzahll8cmce2ezssrq608
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5cGpSa0NZeGQ4K0w3elhJ
WG5VNkxsT3FERXRZUkt3VEJtRlhSRThSemo4CnlFcjN4UUgrUTN5MHdoZEhyaTdL
OFM4MXFrbnp0MmJCOXRPcFljZVcwdkUKLS0tIFoxelA4Z3lycUY5SzdqTVZ3aW1r
cGFFU3RzU200b0x3M2dkbFJWU0ZVSzAKSg7ZlRvgJshAJxXiXgT+b4nhFe4MjVRY
n7+Ld+SdXJvGtZsH4IObkVYgj16d3SFBs87yWA+NExUoEuQb97fa7Q==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBISzh3QmlzempEMDNsaTQy
bGxFZlNLdURhY0NzcjhjdlgzZlFxV0R6cURnCnhqRUlpcFNPUWd0YmF6TjYvK0t4
UDVlcFFTbDByTkRZTW9ITC9yVVlzYUkKLS0tIGtkWHF4enhrK004RG00NUt5ZlND
TFBiblFGNkdHZkk1L2RXdkpHSGQ1U2cK/mBTDDHOWSGZRflIsxOyDWShQH2EILJr
jCrLGbIaGgphIgLCHVmMV8QLRPK+8f9t8KZg7sczRViuDwZsAx5vPA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2022-12-09T05:16:09Z"
mac: ENC[AES256_GCM,data:MSKUQkCDCEOcl9Eh2VH9ccZ3Ux0eIyJFyjFVaJZ5WQA4fIB1J6Y/EoK/q7iaLFIH8YkeVPIvXVu9eCXjIyQkSugJwQXk+gSFtssjegUBTcZkRJJ0Lo48IWO4yVFXnDYzyFjcgH4TBmL0uco3BkWHfLHR46fQUJIco9yYlVKtsFU=,iv:d3uWCTVV8o1Nx6WJCF/YQHOeGjTzJk6xaDxMTWeUINU=,tag:KOi1naN2Uhe0NcMl6oW/6A==,type:str]
pgp: []
pgp:
- created_at: "2022-12-17T23:05:08Z"
enc: |
-----BEGIN PGP MESSAGE-----
hQIMA0av/duuklWYARAAvQ3TCvGiu75Swvd9hyY8rw2TeXiKPbHESzXFSZdR3+wk
XkaRTPuxMot5IUmUhC4EWxzUrKKyPsfw685FpojHDUeOWzaAcnbTT3NVg+VoSIAl
pDnt7BUZ/23Hd0tYt+VJuX8S4Iqny6xnhzWTaFNrLFhPGvIN3XbDqEsWRLQk9s46
rMht6DJkz8itsFTJrwmg52oXP0mIlZkaGFvWBNZlLf/0PiEET4sjZ3cn4rRGRNhf
Zk7u7ZgrBFRib0OO/edN6zFh9+/zbculXucqlnvccm6BQluHj2Z66++cyyzEL2xY
eU+8sBNWWKHPusPhKNWZsUGQ30fM7Ctdri5PWOzglJ0Ah+lAFgmbqdcSHjAuF9f7
9YVA5G4b7B1vT0dCv3MZ3419Gqa9Vimi1xUw+9SbZjACpMraovUKshTsKN/9rBzY
YkojmBdaneMoFGvo+aj5vMxG8CJbPV3Oiq1+G0E/fj53W1Qi8boeqcLxw5IbJIbq
27hQYm2L1gNBg84cEJfzjtxqPkP4IMb5DOZYo8hNVbXCP4AYjgyecw4tkSnbRkB9
GaRYSx2b1HMOxrDnzRUx8cX26a/eNlLhictPUy10Dvcs/xfWzGytL/3AtiAeaIY9
4G6rWuUv6XqYMM20bMc+HnKaFpYq2Y98DuLCqddrek8UaMX2b1p1Kw1ebC1i56fS
XgFIdcQDWiMi8rsWjAoFE7CDe/FvyCNSE88pvwhH2/BQjowUeMLqqqCHbrEj8sgo
icW/6tsXZ5ShJ5bi56Hal5FsAdR6sXTTdm8nYSFdmIfSHUz+auZ41WkLJYXpuFU=
=EVJD
-----END PGP MESSAGE-----
fp: F7D37890228A907440E1FD4846B9228E814A2AAC
unencrypted_suffix: _unencrypted
version: 3.7.3

View File

@ -2,5 +2,6 @@
pkgs.mkShell {
nativeBuildInputs = with pkgs; [
sops
gnupg
];
}