Gitiles
Code Review Sign In
git.clicks.codes / Chimera / NixFiles / 3c2e3e77363e55712b08da3b850881ea0568fe97 / . / .sops.nix
blob: e6240995882853f338888463d93ff2ae2091be3f [file] [log] [blame]
Samuel Shuert659b5642024-02-23 20:47:43 +0000[diff] [blame]1nixpkgs:
2let
Samuel Shuert2e42e672024-02-21 21:49:28 +0000[diff] [blame]3 keys = {
4 users = {
5 coded = "BC82DF237610AE9113EB075900E944BFBE99ADB5";
6 minion = "76E0B09A741C4089522111E5F27E3E5922772E7A";
PineaFan3ed74f02024-04-20 20:41:36 +0100[diff] [blame]7 pinea = "8F50789F12AC6E6206EA870CE5E1C2D43B0E4AB3";
Samuel Shuert2e42e672024-02-21 21:49:28 +0000[diff] [blame]8 };
9 hosts = {
PineaFan3ed74f02024-04-20 20:41:36 +0100[diff] [blame]10 # nix run github:Mic92/ssh-to-pgp -- -i /etc/ssh/ssh_host_rsa_key
Samuel Shuertd58fbaf2024-06-20 21:08:48 -0400[diff] [blame]11 shorthair = "B5237D6B63AB2E13FDA07170E5AED9775DD21543";
12 greylag = "047bf8897df877fe86133e98522c6d280d545c00";
PineaFan3ed74f02024-04-20 20:41:36 +0100[diff] [blame]13 saurosuchus = "12f47c96d9066c52897cdf9ddf581f86799fb07c";
Samuel Shuertd58fbaf2024-06-20 21:08:48 -0400[diff] [blame]14 ocicat = "58BF6324CE6D45E156490D0F4579865C9D4CE67E";
Skyler Grey9769e862024-10-03 10:25:05 +0000[diff] [blame]15 emden = "885f4e98f4af60985337992e13c8703177858a87";
Samuel Shuert2e42e672024-02-21 21:49:28 +0000[diff] [blame]16 };
Samuel Shuert659b5642024-02-23 20:47:43 +0000[diff] [blame]17 };
18in
19{
Samuel Shuert2e42e672024-02-21 21:49:28 +0000[diff] [blame]20 creation_rules = [
21 {
Samuel Shuert659b5642024-02-23 20:47:43 +0000[diff] [blame]22 path_regex = ".*\\.sops\\.chimera\\.(yaml|json|env|ini|[^.]*\\.bin)$";
Samuel Shuert2e42e672024-02-21 21:49:28 +0000[diff] [blame]23 pgp = nixpkgs.lib.concatStringsSep "," [
24 keys.users.coded
25 keys.users.minion
PineaFan3ed74f02024-04-20 20:41:36 +0100[diff] [blame]26 keys.users.pinea
27
Samuel Shuert2e42e672024-02-21 21:49:28 +0000[diff] [blame]28 keys.hosts.shorthair
29 keys.hosts.greylag
PineaFan3ed74f02024-04-20 20:41:36 +0100[diff] [blame]30 keys.hosts.saurosuchus
Samuel Shuertd58fbaf2024-06-20 21:08:48 -0400[diff] [blame]31 keys.hosts.ocicat
Skyler Grey9769e862024-10-03 10:25:05 +0000[diff] [blame]32 keys.hosts.emden
Samuel Shuert2e42e672024-02-21 21:49:28 +0000[diff] [blame]33 ];
34 }
35 {
Samuel Shuert659b5642024-02-23 20:47:43 +0000[diff] [blame]36 path_regex = ".*\\.sops\\.coded\\.(yaml|json|env|ini|[^.]*\\.bin)$";
Samuel Shuert2e42e672024-02-21 21:49:28 +0000[diff] [blame]37 pgp = nixpkgs.lib.concatStringsSep "," [
38 keys.users.coded
39 keys.hosts.shorthair
Samuel Shuertd58fbaf2024-06-20 21:08:48 -0400[diff] [blame]40 keys.hosts.ocicat
Samuel Shuert2e42e672024-02-21 21:49:28 +0000[diff] [blame]41 ];
42 }
43 {
Samuel Shuert659b5642024-02-23 20:47:43 +0000[diff] [blame]44 path_regex = ".*\\.sops\\.minion\\.(yaml|json|env|ini|[^.]*\\.bin)$";
Samuel Shuert2e42e672024-02-21 21:49:28 +0000[diff] [blame]45 pgp = nixpkgs.lib.concatStringsSep "," [
46 keys.users.minion
47 keys.hosts.greylag
Skyler Grey9769e862024-10-03 10:25:05 +0000[diff] [blame]48 keys.hosts.emden
Samuel Shuert2e42e672024-02-21 21:49:28 +0000[diff] [blame]49 ];
50 }
PineaFan3ed74f02024-04-20 20:41:36 +0100[diff] [blame]51 {
52 path_regex = ".*\\.sops\\.pinea\\.(yaml|json|env|ini|[^.]*\\.bin)$";
53 pgp = nixpkgs.lib.concatStringsSep "," [
54 keys.users.pinea
55 keys.hosts.saurosuchus
56 ];
57 }
Samuel Shuert2e42e672024-02-21 21:49:28 +0000[diff] [blame]58 ];
Samuel Shuert659b5642024-02-23 20:47:43 +0000[diff] [blame]59}