use sops-nix for secrets

author: Freya Murphy <freya@freyacat.org> 2025-01-24 13:06:22 -0500
committer: Freya Murphy <freya@freyacat.org> 2025-01-24 13:06:22 -0500
commit: d999d4d0e68b9d7cfa0f477cdbac8fe82850ae78 (patch)
tree: af2100aabc890c90c52b26640b07e6d342551794 /.sops.yaml
parent: refactor home packages, more labels (diff)
download: dotfiles-nix-d999d4d0e68b9d7cfa0f477cdbac8fe82850ae78.tar.gz
dotfiles-nix-d999d4d0e68b9d7cfa0f477cdbac8fe82850ae78.tar.bz2
dotfiles-nix-d999d4d0e68b9d7cfa0f477cdbac8fe82850ae78.zip
1 files changed, 16 insertions, 0 deletions
diff --git a/.sops.yaml b/.sops.yaml
new file mode 100644
index 0000000..64573f3
--- /dev/null
+++ b/.sops.yaml
@@ -0,0 +1,16 @@
+keys:
+  # Users
+  - &users:
+    - &freya D9AF0A4209B7C2DE11A884BFACBC553660D9993D
+  # Hosts
+  - &hosts:
+    - &shinji 2A8A27879715447AEEC59D0C18DCCBE353963394
+creation_rules:
+  - path_regex: ^secrets.yaml$
+    key_groups:
+      - pgp:
+        - *freya
+  - path_regex: hosts/shinji/secrets.yaml$
+    key_groups:
+      - pgp:
+        - *shinji
author	Freya Murphy <freya@freyacat.org>	2025-01-24 13:06:22 -0500
committer	Freya Murphy <freya@freyacat.org>	2025-01-24 13:06:22 -0500
commit	d999d4d0e68b9d7cfa0f477cdbac8fe82850ae78 (patch)
tree	af2100aabc890c90c52b26640b07e6d342551794 /.sops.yaml
parent	refactor home packages, more labels (diff)
download	dotfiles-nix-d999d4d0e68b9d7cfa0f477cdbac8fe82850ae78.tar.gz dotfiles-nix-d999d4d0e68b9d7cfa0f477cdbac8fe82850ae78.tar.bz2 dotfiles-nix-d999d4d0e68b9d7cfa0f477cdbac8fe82850ae78.zip