From a496d0451bb1ccb76fafc10f4e9bb50118b7f785 Mon Sep 17 00:00:00 2001 From: Andreas Schaafsma Date: Tue, 10 Dec 2024 05:16:09 +0100 Subject: [PATCH] add another sops master key --- .sops.yaml | 4 +++- secrets.yaml | 33 +++++++++++++++++++++------------ 2 files changed, 24 insertions(+), 13 deletions(-) diff --git a/.sops.yaml b/.sops.yaml index cb413e8..6aa8dd2 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -3,9 +3,11 @@ keys: - &andreas age19j24x89dfh4f7v58c8k64yupqas4f7qkkyper7yj9dd7vqwvvq0qkyvhxk # generated using cli - hosts: - &th0nkpad-nixos age1ma8x6wugvc40mkst33mejq0m6r44jk6zwjjun3znyer5nztgn9vs0nwjx4 # derived from ssh host key + - &drivebystation-nix age1s5qwsuc3e4m3c4w5hl6tyja70w273gr60j9j9dcpc6mz69lemg3qpwud3h #derived from ssh host key creation_rules: - path_regex: secrets.yaml$ key_groups: - age: - *andreas - - *th0nkpad-nixos \ No newline at end of file + - *th0nkpad-nixos + - *drivebystation-nix \ No newline at end of file diff --git a/secrets.yaml b/secrets.yaml index d92cc56..e361cf3 100644 --- a/secrets.yaml +++ b/secrets.yaml @@ -20,23 +20,32 @@ sops: - recipient: age19j24x89dfh4f7v58c8k64yupqas4f7qkkyper7yj9dd7vqwvvq0qkyvhxk enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBdGZlV3R4eW5FYS9HZGYr - N3VSR0tIbzUrL0RsUEw2NkZtUWcxVG55bEIwCjQ5U0Ztd1luUEQ2SEg4RHA2RWRK - K3dhN2liMDYyZElhbkZEUC9namhrc2MKLS0tIEhYTEYwQWduNkdKbGJQcTBRUWVG - aDMwR1I5NG13dUhwRXg1TXI4dG9nWXMKti+hv0+7/Rz0W22bToYs1/DFzoMllHpB - 7uuVpUFDuC2D40ize0UX4rJ8Yo63lhJrRpsxIhzkP/vq+wMAFrKKLg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4U204eXIyaDJFMXIweXp1 + NEhoYU5qa3B5Q1VpODNsSEpuT0txRWpuVDM0CmptVHNFQkpWTkJ2M3B4dWpWN0s4 + ZjRuc3BhckVLSzFuOGJ3WTB0YnRRRDgKLS0tIHlaSUxITUlGU3VaRWZFbENUTVY2 + SWVwUGVxcGJscG5PalphZFVIS1ZjY2MKi4VvrNW1AH+fJaI/rzOltPylSiY1z3nS + ebrYdpyM5KKQ46uezvU4J3Qau/Inv8CkZ72vHlQ6EK2kmmZZLszwJg== -----END AGE ENCRYPTED FILE----- - recipient: age1ma8x6wugvc40mkst33mejq0m6r44jk6zwjjun3znyer5nztgn9vs0nwjx4 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnK0dSTTVJWmt3aS91UmFm - Ui9zT3VpMlBybWJXOVdKdU5mTkprdU5WRm00CktHd2g4M1VldHhTQyszRTVTOUtt - Mld4a3lYSHF2SytIc0RjQ1RoODQvaE0KLS0tIGN3SlpMeTEvNktNSm5oT0dXRVFr - UmZrTXhyM2hYWW1kY05xa01PM1MzUDAK67AkP1XE445RXbVxcksRXL7MYHFjLPLV - ITL404AabakBeOX9yixwymzkD1BbUYEdW6N28ntqdH5cZZfVteYdMA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyVHVwMEZjVk8xMTNIekF1 + ZFlZbFhvOTJSbVN4ZmorSmFCbkxBUUxOOERJCjBjMkdxQ0V4OXEwdGF2Sno4VTh2 + MURQMUhQV083M3lpREFRM2Qza3JLN0kKLS0tIEFoeUVsL3poajljMDEwTCtWcXRD + Y3NHNmVDZFZuNjlUUDdMa3N3ZVNTWkUKeO4sT0ZyTAyrMKj27fbFhQZ+bDMru6Bk + j4Im41l9ClpIVQt8iz61mwKrm+QmBA9r1aL34u3lGQyKBOk4vq/m9A== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-11-07T10:47:23Z" - mac: ENC[AES256_GCM,data:zqkbmx7XIHQnOVkozPLiBzsNhACbGwvWiFcFlEHhlyEeQ7rvltLlUlgivb7aawwG1RuxCwshHwLfuKRQ/iGJcXjFO4UM5VER6CAA/88UrpgXW8VBw8iuchr+Y58lu0s+98fj7VffcuWjhJ1AYvBxFaTZA6DjxFjv3l1Gyxtw6kM=,iv:XG9Qb61INy1OJZjI3cDbY9fswLqf8+QvcUMrmtKGtuQ=,tag:+JacTF/+qU+j/cm8Wn1c8g==,type:str] + - recipient: age1s5qwsuc3e4m3c4w5hl6tyja70w273gr60j9j9dcpc6mz69lemg3qpwud3h + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUT3dKNk4rSVZUck5LZ2t1 + eUhPSXBURUFGbnU4NUtjMVVpeGI5eVI1SVc4CkdTY25jTy91VFhLS1F3V3ZzM1A4 + OGMxWmtWd1lVU3dZcG8xWlRwYkorSU0KLS0tIE12WlFyUWZ0dHYvTEd0N0tPWUt1 + bldpMnp5cnpXN2J5MEc5cC9DZktEekUKC6sei7v252fZyW8sd1xuZDjwoJFCKGot + t9f+jUDOx5wGlH53Fd2jCRArKZkQ850sFj79Lh2Rx6wbDj1Ks5XcVA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-12-10T04:12:19Z" + mac: ENC[AES256_GCM,data:AcuCxKGm9xLgn/gnk0XDVtLM5PWQvgGd+qXusuvwCUV4ln1//Lpwpp3TL0mEMdwEcFOdCasW4A10rGpCoBqKsckroiUSEB0G2p0vrD3b3Vmo804JYcKmSZ85InZCXUWenfOTEzx/A1ruqSBSkRYro+NdyZ/+JXQVXnTLCPesgwE=,iv:UPRNsfeUKnml9OFkkqrI0fI4f/RWN2ovTsaItwT8Y0c=,tag:75NEPjeAXUwlCPGbLPhPFg==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.1