nixos-config/.sops.yaml at main · suasuasuasuasua/nixos-config · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# https://github.com/Mic92/sops-nix
# .sops.yaml defines the keys
#
# https://github.com/Mic92/ssh-to-age
# Generate a private age key from a private ssh key
# - nix run nixpkgs#ssh-to-age -- -private-key -i $HOME/.ssh/id_ed25519 > ~/.config/sops/age/keys.txt
# Generate a public age key from a public ssh key
# - nix run nixpkgs#ssh-to-age -- -i $HOME/.ssh/id_ed25519.pub -o pub-key.txt
keys:
  - &lab age1z873m77wql5652lewr95323ejpvl85fchwq22xg8yd6x4kperejqg9wlph
  - &pi age1ed2wgryukz5xq6t8w6nhjvldwgvw5lj2aq37n7q23et2ycqwtueqaaw4fj
creation_rules:
  - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *lab
          - *pi
  - path_regex: configurations/nixos/lab/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *lab