-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.sops.yaml
More file actions
31 lines (27 loc) · 968 Bytes
/
.sops.yaml
File metadata and controls
31 lines (27 loc) · 968 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# Make a user key
# mkdir -p ~/.config/sops/age
# age-keygen -o ~/.config/sops/age/keys.txt
# chmod 600 ~/.config/sops/age/keys.txt
# Display the user public key:
# age-keygen -y ~/.config/sops/age/keys.txt
# Make a host public key:
# nix-shell -p ssh-to-age
# ssh-to-age -i /etc/ssh/ssh_host_ed25519_key.pub
# Add secrets
# sops secrets/secrets.yaml
# Rekey secrets.yaml after editing recipients in .sops.yaml:
# sops updatekeys secrets/secrets.yaml
keys:
- &users:
- &alex age1ff98yfdlxax5ymnlu9rdzermuyvg8jwq98z6h86tpj8ajlxw7upsq4k8a0
- &host:
- &grug age1uzfwpjz2d29gfd93xm0qenke89s7ynl5sy635wgrchcm96et9pfq99a9ja # Your public key from Step 2
- &frostmourne age1kjqhsyucjhuw6gazjrjqcuavay6pfgpr8fasltft99vzfdkjdsdsvfx4xv
- &palantir age1ajyn9l0v2fv5kyhdzvkr4dxw6rm602w06sk3qnxz5d7aj67ygy0qv4drf9
creation_rules:
- path_regex: secrets\.ya?ml$
key_groups:
- age:
- *frostmourne
- *palantir
- *alex