This commit is contained in:
parent
72552a4e72
commit
dc3cfe0b8f
|
@ -7,6 +7,7 @@ keys:
|
||||||
# Provide the generated key to a pre-existing admin and wait for him to re-encrypt all secrets in this repo with it. After pulling the re-encrypted secrets you can read them with `sops some-file`.
|
# Provide the generated key to a pre-existing admin and wait for him to re-encrypt all secrets in this repo with it. After pulling the re-encrypted secrets you can read them with `sops some-file`.
|
||||||
- &joerg age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz
|
- &joerg age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz
|
||||||
- &lassulus age1eq0e6uhjj2tja8v338tkdz8ema2aw5anpuyaq2uru7rt4lq7msyqqut6m2
|
- &lassulus age1eq0e6uhjj2tja8v338tkdz8ema2aw5anpuyaq2uru7rt4lq7msyqqut6m2
|
||||||
|
- &dave age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl
|
||||||
# Downloaded like this: nix-shell -p ssh-to-age --run 'ssh-keyscan clan.lol | ssh-to-age'
|
# Downloaded like this: nix-shell -p ssh-to-age --run 'ssh-keyscan clan.lol | ssh-to-age'
|
||||||
- &web01 age17xuvz0fqtynzdmf8rfh4g3e46tx8w3mc6zgytrmuj5v9dhnldgxs7ue7ct
|
- &web01 age17xuvz0fqtynzdmf8rfh4g3e46tx8w3mc6zgytrmuj5v9dhnldgxs7ue7ct
|
||||||
creation_rules:
|
creation_rules:
|
||||||
|
@ -15,9 +16,11 @@ creation_rules:
|
||||||
- age:
|
- age:
|
||||||
- *joerg
|
- *joerg
|
||||||
- *lassulus
|
- *lassulus
|
||||||
|
- *dave
|
||||||
- path_regex: targets/web01/secrets.yaml$
|
- path_regex: targets/web01/secrets.yaml$
|
||||||
key_groups:
|
key_groups:
|
||||||
- age:
|
- age:
|
||||||
- *joerg
|
- *joerg
|
||||||
- *lassulus
|
- *lassulus
|
||||||
|
- *dave
|
||||||
- *web01
|
- *web01
|
||||||
|
|
Loading…
Reference in New Issue
Block a user