keys: # users: - &albert 4A89D6B44B7E423B647C7AE848FBC3335A26DED6 # hosts: - &nixos-framework aaec681e4fb9dcdd15d0d367a86615d17653d819 - &steamdeck d01f806e6f0909dc470a676b6fe398ca0043ab53 - &framework-server dfd3a496aba156fa521e82ada77d68dc727cf52b - &osaka-linode-01 5f548d87ab2b8a4d48d80da3f2ff8352998da7fa - &milan-linode-01 264f9137377eda3b95c82c86cebd6d17984b8d4e - &frankfurt-linode-01 6b30711a5c58990a0befdf2b088f57010efc341c - &piaware-rpi4 4216b645667670a6130bb95a72a56f8269cd0818 - &backups-rpi4 8b37122bb46dc98c208002d65e94778ecd94bd4e - &bakersfield-rpi4 c93d5c2da5efe4ba4103c8f571faa392f202eed4 - &warsaw-ovh-01 a21a35bfed7640922ee5cda24ae2cb3e18540f00 - &quitman-rpi4 - &nixos-desktop - &nuc-server creation_rules: # Shared: - path_regex: secrets\/yubikey\.yaml$ key_groups: - pgp: - *albert - *nixos-framework - path_regex: secrets\/secrets\.yaml$ key_groups: - pgp: - *albert - *osaka-linode-01 - *milan-linode-01 - *frankfurt-linode-01 - *nixos-framework - *framework-server - *piaware-rpi4 - *backups-rpi4 - *bakersfield-rpi4 - *steamdeck - *warsaw-ovh-01 - path_regex: secrets\/wireguard\.yaml$ key_groups: - pgp: - *albert - *osaka-linode-01 - *frankfurt-linode-01 - *framework-server - *backups-rpi4 - *warsaw-ovh-01 # Users - path_regex: secrets\/users\/albert\.yaml$ key_groups: - pgp: - *albert - *osaka-linode-01 - *milan-linode-01 - *frankfurt-linode-01 - *nixos-framework - *framework-server - *piaware-rpi4 - *backups-rpi4 - *bakersfield-rpi4 - *steamdeck - *warsaw-ovh-01 # Containers - path_regex: secrets\/containers\/rdesktop\.yaml$ key_groups: - pgp: - *albert - *framework-server # Linode - path_regex: secrets\/hosts\/frankfurt-linode-01\.yaml$ key_groups: - pgp: - *albert - *frankfurt-linode-01 - path_regex: secrets\/hosts\/milan-linode-01\.yaml$ key_groups: - pgp: - *albert - *milan-linode-01 - path_regex: secrets\/hosts\/osaka-linode-01\.yaml$ key_groups: - pgp: - *albert - *osaka-linode-01 # Hosts - path_regex: secrets\/hosts\/warsaw-ovh-01\.yaml$ key_groups: - pgp: - *albert - *warsaw-ovh-01 - path_regex: secrets\/hosts\/nixos-framework\.yaml$ key_groups: - pgp: - *albert - *nixos-framework - path_regex: secrets\/hosts\/framework-server\.yaml$ key_groups: - pgp: - *albert - *framework-server - path_regex: secrets\/hosts\/piaware-rpi4\.yaml$ key_groups: - pgp: - *albert - *piaware-rpi4 - path_regex: secrets\/hosts\/backups-rpi4\.yaml$ key_groups: - pgp: - *albert - *backups-rpi4 - path_regex: secrets\/hosts\/steamdeck\.yaml$ key_groups: - pgp: - *albert - *steamdeck - path_regex: secrets\/hosts\/bakersfield-rpi4\.yaml$ key_groups: - pgp: - *albert - *bakersfield-rpi4 - path_regex: secrets\/hosts\/quitman-rpi4\.yaml$ key_groups: - pgp: - *albert - path_regex: secrets\/hosts\/nixos-desktop\.yaml$ key_groups: - pgp: - *albert - path_regex: secrets\/hosts\/nuc-server\.yaml$ key_groups: - pgp: - *albert