manage secrets with sops

not sure if i like this yet, but it seems worth trying it out.
author: stuebinm 2023-04-11 18:37:20 +0200
committer: stuebinm 2023-04-11 18:41:13 +0200
commit: 48d3f66855fb57379351fb9a458a95cf28522916 (patch)
tree: 730f4f9186a5a7f52e64236417ec384968eb96fd /.sops.yaml
parent: 4e4eaf4838bbd45393d7a19ad182c8d4c076b043 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/.sops.yaml b/.sops.yaml
new file mode 100644
index 0000000..c3f890a
--- /dev/null
+++ b/.sops.yaml
@@ -0,0 +1,10 @@
+keys:
+  - &ilex age18wkr3kjalalzrq9l05q32gnlaqr7t6rqqzde307m83rs9fp4xcfsdtj9gt
+  # server's ssh pubkeys as age keys
+  - &flora age1d8hulw7weg6gwxv0cmz969w04d2jkphdx93tm9xs0mqr0ut0t4ls4g4vah
+creation_rules:
+  - path_regex: secrets/[^/]+\.yaml$
+    key_groups:
+    - age:
+      - *ilex
+      - *flora
author	stuebinm	2023-04-11 18:37:20 +0200
committer	stuebinm	2023-04-11 18:41:13 +0200
commit	48d3f66855fb57379351fb9a458a95cf28522916 (patch)
tree	730f4f9186a5a7f52e64236417ec384968eb96fd /.sops.yaml
parent	4e4eaf4838bbd45393d7a19ad182c8d4c076b043 (diff)