Simon Bruder
16cf73afb9
Previously, it was hosted on Ionos’s VMware-based infrastructure. I already had a VPS on their new KVM-based infrastructure, as I was planning to migrate okarin to it eventually (as it is cheaper). However, the new infrastructure does not offer PTR records for IPv6 addresses. Therefore, I was waiting until they would implement that feature (as the support promised me they would to in the near future). However, they are now migrating the (at least my) guests from their VMware hypervisors onto the KVM ones, assigning new IPv6 addresses to them. This makes the old VPS essentially the same as the old one, but with less memory and more expensive. So I decided to migrate now.
112 lines
2.7 KiB
YAML
112 lines
2.7 KiB
YAML
# SPDX-FileCopyrightText: 2021-2024 Simon Bruder <simon@sbruder.de>
|
|
#
|
|
# SPDX-License-Identifier: CC0-1.0
|
|
|
|
keys:
|
|
# sops does not (yet) support ADSKs,
|
|
# so all encryption subkeys have to be added manually
|
|
- &simon 6CD375BD0741F67E5A289BC333A01CBE0554C763 # offline
|
|
- &simon-alpha 0C8AF4B4320A511384DF6B5BB9BEFC7CC112A0C0
|
|
- &simon-beta 403215E0F99D2582C7055C512C77841620B8F380
|
|
- &nunotaba 8C5091AEA213FB0642BD46F943EE19743FAC1D5C
|
|
- &hitagi 17FEEBB45E4245330507C960653378F10CA6E00A
|
|
- &vueko 4EA330328CD0D3076E90960194DFA4953D8729DE
|
|
- &fuuko 2372651C56E22972C2D9F3F569C8187C9C43754E
|
|
- &mayushii 23EEDF49AAF1B41DCD1CD10F44A37FA8C15053B3
|
|
- &renge 06a917fc4a2a1b6b0f69a830285075cac85b7035
|
|
- &nunotaba 3176be14f468c6d43ab2206b4f273abccd49806b
|
|
- &okarin e7370b48016c961ef8ad792fda66b19d845b3156
|
|
- &shinobu 28677f2e3584b39f528a779caf445ebb39c882b7
|
|
- &nazuna 0b8be5d87a10a0e68dda97212c4befad1f9e915c
|
|
- &yuzuru a1ee5bc0249163a047440ef2649e770ec6ea16e4
|
|
creation_rules:
|
|
- path_regex: machines/nunotaba/secrets\.yaml$
|
|
key_groups:
|
|
- pgp:
|
|
- *simon
|
|
- *simon-alpha
|
|
- *simon-beta
|
|
- *nunotaba
|
|
- path_regex: machines/hitagi/secrets\.yaml$
|
|
key_groups:
|
|
- pgp:
|
|
- *simon
|
|
- *simon-alpha
|
|
- *simon-beta
|
|
- *hitagi
|
|
- path_regex: machines/vueko/secrets\.yaml$
|
|
key_groups:
|
|
- pgp:
|
|
- *simon
|
|
- *simon-alpha
|
|
- *simon-beta
|
|
- *vueko
|
|
- path_regex: machines/fuuko/secrets\.yaml$
|
|
key_groups:
|
|
- pgp:
|
|
- *simon
|
|
- *simon-alpha
|
|
- *simon-beta
|
|
- *fuuko
|
|
- path_regex: machines/mayushii/secrets\.yaml$
|
|
key_groups:
|
|
- pgp:
|
|
- *simon
|
|
- *simon-alpha
|
|
- *simon-beta
|
|
- *mayushii
|
|
- path_regex: machines/okarin/secrets\.yaml$
|
|
key_groups:
|
|
- pgp:
|
|
- *simon
|
|
- *simon-alpha
|
|
- *simon-beta
|
|
- *okarin
|
|
- path_regex: machines/renge/secrets\.yaml$
|
|
key_groups:
|
|
- pgp:
|
|
- *simon
|
|
- *simon-alpha
|
|
- *simon-beta
|
|
- *renge
|
|
- path_regex: machines/nunotaba/secrets\.yaml$
|
|
key_groups:
|
|
- pgp:
|
|
- *simon
|
|
- *simon-alpha
|
|
- *simon-beta
|
|
- *nunotaba
|
|
- path_regex: machines/shinobu/secrets\.yaml$
|
|
key_groups:
|
|
- pgp:
|
|
- *simon
|
|
- *simon-alpha
|
|
- *simon-beta
|
|
- *shinobu
|
|
- path_regex: machines/nazuna/secrets\.yaml$
|
|
key_groups:
|
|
- pgp:
|
|
- *simon
|
|
- *simon-alpha
|
|
- *simon-beta
|
|
- *nazuna
|
|
- path_regex: machines/yuzuru/secrets\.yaml$
|
|
key_groups:
|
|
- pgp:
|
|
- *simon
|
|
- *simon-alpha
|
|
- *simon-beta
|
|
- *yuzuru
|
|
- path_regex: secrets\.yaml$
|
|
key_groups:
|
|
- pgp:
|
|
- *simon
|
|
- *simon-alpha
|
|
- *simon-beta
|
|
- *nunotaba
|
|
- *hitagi
|
|
- *vueko
|
|
- *fuuko
|
|
- *mayushii
|
|
- *renge
|