forked from c3d2/nix-config
115 lines
3.6 KiB
YAML
115 lines
3.6 KiB
YAML
keys:
|
|
# The PGP keys in keys/
|
|
- &admins
|
|
- A5EE826D645DBE35F9B0993358512AE87A69900F # astro
|
|
#- 270DAEB0EC5A129CE1F38E2FCB5009A2DB4C5190 # blastmaster
|
|
- D4E89C6A0A58EE803EF708EFA9B23715F7AA3F1A # deployer
|
|
#- 844267BA729E32B3329B9DBF59E238FC65F349F2 # eri
|
|
- A4B0F5A80C2E2448A97BEC25BB829C4DECA6CCB9 # winzlieb
|
|
#- 9580391316684474BFBD41EC3E8C55248C19AF2A # xyrill
|
|
- 4F9F44A64CC2E438979329E1F122F05437696FCE # poelzi
|
|
#- B2918084D9BA194C66AE78769E5D7AAA5B6B2D79 # schmittlauch?
|
|
- 4B12EFA69166CA8C23FC47E49CD3A46248B660CA # vv01f
|
|
- 9EA68B7F21204979645182E4287B083353C3241C # j03
|
|
- 53B26AEDC08246715E15504B236B6291555E8401 # sandro
|
|
- 91EBE87016391323642A6803B966009D57E69CC6 # revol-xut
|
|
|
|
- &polygon-snowflake age12aukzah0pt2rck52hwn08kezyxueqz2f49ld7hpyuzmu847vavdqkunn5c # polygon
|
|
|
|
# Generate AGE keys from SSH keys with:
|
|
# nix shell nixpkgs#ssh-to-age
|
|
# ssh-to-age < /etc/ssh/ssh_host_ed25519_key.pub
|
|
- &auth age1y7lxpxskqclwqluft2ct2c3u8weehus6t8evwk7cdnpakxzgcquspn827x
|
|
- &blogs age1lccjvj9z8de4hfrdeumm9eu7awef4d9jygv3w7zdash3fhv6e53quy53wz
|
|
- &broker age1dj0d0339f4law7qvuzcv2fs6sf8why63s3l8tja0f8vsj7wefcds9drvte
|
|
- &dn42 age1726t33dl7pv3xrxxlafj2sexh7c0jm8pza84yu6l3wpz3fw5dauqxlass3
|
|
- &freifunk age172fqj4agvdnh379n2ysarxy2pq9lupu5d7d0g2v5fw33fkqkte3spae2hu
|
|
- &glotzbert age1zqpep2vgfqeyvtj2jpxczfgrpjffwda429rnuztfp0vpqsrqdq8s8f4yua
|
|
- &hedgedoc age1jt5pj0c0fvmzg7quaucq4n2rzcx9ajzstp8ruwc8ewjpay5vqfqsdjaal8
|
|
- &hydra age1px8sjpcmnz27ayczzu883n0p5ad34vnzj6rl9y2eyye546v0m3dqfqx459
|
|
- &mailtngbert age1lgjvtszpds9flpwsstxdht00c7zlk3mz7nlc5qftyt8rhfdm330qqmhl72
|
|
- &mediawiki age1xjvep7hsnfefgxvuwall8nq0486qu8yknhzwhf0cskw5xlpm8qws9txc56
|
|
- &oparl age14aq8fscrwkgmu5yv86vj7p7kmxclzs6dp7fpvdhvrnmce83ztphqc4mr9q
|
|
- &radiobert age1lga6hjmxa95fmtdn3frlmy64ej3hyswxrcuz25qvw0kfsxkqeugs8gjw8q
|
|
- &storage-ng age1qjvds58pedjdk9rj0yqfvad4xhpteapr9chvfucwcgwrsr8n7axqyhg2vu
|
|
|
|
creation_rules:
|
|
- path_regex: hosts/auth/[^/]+\.yaml$
|
|
key_groups:
|
|
- pgp: *admins
|
|
age:
|
|
- *auth
|
|
- *polygon-snowflake
|
|
- path_regex: hosts/blogs/[^/]+\.yaml$
|
|
key_groups:
|
|
- pgp: *admins
|
|
age:
|
|
- *blogs
|
|
- *polygon-snowflake
|
|
- path_regex: hosts/broker/secrets\.yaml$
|
|
key_groups:
|
|
- pgp: *admins
|
|
age:
|
|
- *broker
|
|
- *polygon-snowflake
|
|
- path_regex: hosts/dn42/[^/]+\.yaml$
|
|
key_groups:
|
|
- pgp: *admins
|
|
age:
|
|
- *dn42
|
|
- *polygon-snowflake
|
|
- path_regex: hosts/freifunk/[^/]+\.yaml$
|
|
key_groups:
|
|
- pgp: *admins
|
|
age:
|
|
- *freifunk
|
|
- *polygon-snowflake
|
|
- path_regex: hosts/glotzbert/[^/]+\.yaml$
|
|
key_groups:
|
|
- pgp: *admins
|
|
age:
|
|
- *glotzbert
|
|
- *polygon-snowflake
|
|
- path_regex: hosts/hedgedoc/[^/]+\.yaml$
|
|
key_groups:
|
|
- pgp: *admins
|
|
age:
|
|
- *hedgedoc
|
|
- *polygon-snowflake
|
|
- path_regex: hosts/hydra/[^/]+\.yaml$
|
|
key_groups:
|
|
- pgp: *admins
|
|
age:
|
|
- *hydra
|
|
- *polygon-snowflake
|
|
- path_regex: hosts/mailtngbert/[^/]+\.yaml$
|
|
key_groups:
|
|
- pgp: *admins
|
|
age:
|
|
- *mailtngbert
|
|
- *polygon-snowflake
|
|
- path_regex: hosts/mediawiki/[^/]+\.yaml$
|
|
key_groups:
|
|
- pgp: *admins
|
|
age:
|
|
- *mediawiki
|
|
- *polygon-snowflake
|
|
- path_regex: hosts/oparl/secrets\.yaml$
|
|
key_groups:
|
|
- pgp: *admins
|
|
age:
|
|
- *oparl
|
|
- *polygon-snowflake
|
|
- path_regex: hosts/radiobert/[^/]+\.yaml$
|
|
key_groups:
|
|
- pgp: *admins
|
|
age:
|
|
- *radiobert
|
|
- *polygon-snowflake
|
|
- path_regex: hosts/storage-ng/[^/]+\.yaml$
|
|
key_groups:
|
|
- pgp: *admins
|
|
age:
|
|
- *storage-ng
|
|
- *polygon-snowflake
|