# SPDX-FileCopyrightText: 2021-2024 Simon Bruder # # SPDX-License-Identifier: CC0-1.0 keys: &all-keys # sops does not (yet) support ADSKs, # so all encryption subkeys have to be added manually - &simon 6CD375BD0741F67E5A289BC333A01CBE0554C763 # offline - &simon-alpha 0C8AF4B4320A511384DF6B5BB9BEFC7CC112A0C0 - &simon-beta 403215E0F99D2582C7055C512C77841620B8F380 - &nunotaba 8C5091AEA213FB0642BD46F943EE19743FAC1D5C - &hitagi 17FEEBB45E4245330507C960653378F10CA6E00A - &vueko 4EA330328CD0D3076E90960194DFA4953D8729DE - &fuuko 2372651C56E22972C2D9F3F569C8187C9C43754E - &mayushii 23EEDF49AAF1B41DCD1CD10F44A37FA8C15053B3 - &renge 06a917fc4a2a1b6b0f69a830285075cac85b7035 - &nunotaba 3176be14f468c6d43ab2206b4f273abccd49806b - &okarin e7370b48016c961ef8ad792fda66b19d845b3156 - &shinobu 28677f2e3584b39f528a779caf445ebb39c882b7 - &nazuna 0b8be5d87a10a0e68dda97212c4befad1f9e915c - &yuzuru a1ee5bc0249163a047440ef2649e770ec6ea16e4 - &koyomi 1f18a57e1d4e6716aed0e0cd71586b7a4c0c1a65 - &ci-runner 20e376b89b30327fb82f12e8e8b72d52c3aa39ee - &hiroshi 2b9be9660662c6c979ca1149c982bdfd82863d09 creation_rules: - path_regex: machines/nunotaba/secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *nunotaba - path_regex: machines/hitagi/secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *hitagi - path_regex: machines/vueko/secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *vueko - path_regex: machines/fuuko/secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *fuuko - path_regex: machines/mayushii/secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *mayushii - path_regex: machines/okarin/secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *okarin - path_regex: machines/renge/secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *renge - path_regex: machines/nunotaba/secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *nunotaba - path_regex: machines/shinobu/secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *shinobu - path_regex: machines/nazuna/secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *nazuna - path_regex: machines/yuzuru/secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *yuzuru - path_regex: machines/koyomi/secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *koyomi - path_regex: machines/ci-runner/secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *ci-runner - path_regex: machines/hiroshi/secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *hiroshi - path_regex: secrets\.yaml$ key_groups: - pgp: - *simon - *simon-alpha - *simon-beta - *nunotaba - *hitagi - *vueko - *fuuko - *mayushii - *renge - *koyomi - *hiroshi - path_regex: secrets/local-mail\.yaml$ key_groups: - pgp: *all-keys