diff --git a/machines/.sops.yaml b/machines/.sops.yaml new file mode 100644 index 0000000..d30ec1f --- /dev/null +++ b/machines/.sops.yaml @@ -0,0 +1,15 @@ +# This example uses YAML anchors which allows reuse of multiple keys +# without having to repeat yourself. +# Also see https://github.com/Mic92/dotfiles/blob/master/nixos/.sops.yaml +# for a more complex example. +keys: + - &admin_kalipso c4639370c41133a738f643a591ddbc4c3387f1fb + - &admin_kalipso_dsktp aef8d6c7e4761fc297cda833df13aebb1011b5d4 + - &machine_moderatio 3b7027ab1933c4c5e0eb935f8f9b3c058aa6d4c2 +creation_rules: + - path_regex: moderatio/secrets/secrets.yaml$ + key_groups: + - pgp: + - *admin_kalipso + - *admin_kalipso_dsktp + - *machine_moderatio diff --git a/machines/secrets/keys/hosts/moderatio.asc b/machines/secrets/keys/hosts/moderatio.asc new file mode 100644 index 0000000..4ff8405 --- /dev/null +++ b/machines/secrets/keys/hosts/moderatio.asc @@ -0,0 +1,28 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +xsFNBAAAAAABEACm+W5sGSC25OtlwQdOBCSfX2DnPuk5abjxY5HMIv3MnySouXpW +L3VoE6Irur9lZwfKrXaUweJPJHVo/Sfknh9GSBCW6yFFcGZ5nNx/QNdbfjOSaUw2 +0BkW1CYRVcLIKSHpepbTDHBxgKaCYsmupptFQ0Nzx19PPMV/WBqrkSlEpDJyq9y6 +cTaGulRKWBVDytMFmibhGlqpfEI8bzrxaeGTqiRTZJqL3zDDi2afDt1kJeCXKd32 +XOywDZgB5CinY3qsR45ftC6mZ5fV+ex3M/Uc4YJiVgwg6GlSdiYW9Mqf4koqpLCq +Xq3ztEo9FjFen7KmAcLstFmzY3fAXGIJzb0CfvVrM32wsdC6NRDINdMBmrOeKXT7 +g45n0LOdCFr4AOKyABqMudbKrgF9txHt549oaQ0wHCy1nStji1OpbhdpCKDFKPnl +ojG1Nur9DPRFmQ01I3KIjvCrf8J+CgI5YVwOr+m5Zw3i/b0qd+9R/8oAmzhhuyt7 +kckSVTCjNzsDgjjOa8FVQJremTdkQuWOlx0HxC3aQdSoPxOfpeUhybfttNpvUuta +5EbsiS/PJfzMOtZDG++naKO/xGJDiaYDhW1ZeGI2fOFUm4RYHqCFES32XF4ygpGq +wz2bZNKKSf4lxoD1+SBqOyd1eN3u8GmX8OgUB3TpgEuQb/XL31zDKCZ7pwARAQAB +zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0PsLBYgQT +AQgAFgUCAAAAAAkQj5s8BYqm1MICGw8CGQEAACMDEAAFko8JYC1zGt5rFKokXGbs +K331UHReN02QpdL8fhMt0Rqoh1FKt8Sr8lzCLPNOnlgxSG5lXmA3dFfWAnFrNw5T +1u1oU0sB+CiekyWXJxTASur1g3DtLv6qA19Uw4i9bu57LK5E0ycoI3RnR+YbDri0 +psPNP01x7NBO42O71rnBypGbCPXnLOAaKq+ISCN+XCZBkmjKhcWJlg5DJfUGCEdr +DCKi/1j5mgs8H3sUrc5Y4gLz3BWuypAGWhQr/KDAcmCm/u0ZfzVyrxw50eMuzeF7 +GfePPI70nXjUlywuFUFg7EWlCT6sRtZf+o4jkXcwGpZLx2/rdZ9J2I4VmYakBVpA +2OQwi47YAFe1wz+nsF3fImuGQdHu0x0sFLbuJaSJCOVYhMcZhskRygqqI+wEvDF1 +i7SYzi5Xt7rJrSaqGhAzlg1Cc8wzMhoCE/IU5Hd55OtbvRwZ2JKH+UAl/L9Qizqy +AM7nSrUjA5p4H09PMuKGmCEcZDKpH2huAeqmtGQ626edE2WNduE2jCdAIcN263PX +1+TIe4IRLhtmTKqfJgbzrt0cSIAsuvI8s78ehsP2eNANdkQjzBAaEiOo75G/g+sd +tWl8gxOhrPKkb07KqcPEfXq4QYk7kV+pWuA2yMiTX5A+oy8gVFBxUp+zbjYeRuW8 +cpHyvbDvdnQ5LGNC/v0rdA== +=Rmch +-----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/machines/secrets/keys/users/kalipso.asc b/machines/secrets/keys/users/kalipso.asc new file mode 100644 index 0000000..5babeb3 --- /dev/null +++ b/machines/secrets/keys/users/kalipso.asc @@ -0,0 +1,22 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +xsDNBAAAAAABDAC7STfznb6pH6hGLQ32DPRKI2zSa5ah7xb77VCnq7ewpNSpMY3c +bAk+M3t/VrQue9b/TOndotVYiqCV1UGAxSHmv/rWD3ltxyACw6YHdijCsvTAzbvV +AAW+KKqDPu3iuQoEyq2cHyt3VdW1XDuSogYGCQ0UzaJ55W8r8dq2lE/7mX0gnHsU +SmiubklvyjUZhvWTQDOMs9rgsYpBjtcSpSf2nXg4cIakrxtA/nwrINBIPWB32ptm +V5F/5U2Czt4PFYW3kYbY0DswhqbDcwtoZinYG2q71pVUCBBuEjj/dGieazriLrre +oGeAn8jaNL+HfI4oS5SuwhT6Zk9Oa+X0ZvXuuvUGQTkITlxURCYSbVlD9K2SdVys +t6Nvkv/xXiJWpQdkfi3CtwLvVXZ3eqj05vVC/tEvD3ke2fXpfcyD2BBItYzzAckK +8o7WiOK1I8akYbJ0cHP0fd5NQkHbX7m27n0Cxnn4AvyedDMwWkV1VKAcB3ShlgPc +83PD15cUlJBGnM8AEQEAAc0pcm9vdCAoSW1wb3J0ZWQgZnJvbSBTU0gpIDxyb290 +QGxvY2FsaG9zdD7CwOIEEwEIABYFAgAAAAAJEJHdvEwzh/H7AhsPAhkBAAAtGAwA +K+hOl1owBf+oKitXPM6fvh4lPOSDeckz0nrsho6iLFSDAms1/OhKm8HG+lRTYQxn +dF/ZdsnaOrYt6V6vCIKvVJe3fZaVhTOj+STltqk/ZPfkLxmN9jnmDCdpH1FGO76F +VoXBsJJnjqLa1l9YxYGpgxiCD5Bws0+8gcFUJiyo4J8qPMyGPb3osDQz7bnfko7d +Yfhdi19i8YyghsuWqgDTHfAoz99LSwyz0dryEn5Hej7U2jnBScjPrFsRtSYx/VgO +ppUwztGGgJ9rGNutNhDCEbHMPkY2RiUfaNIq8qOFR7cWaY5TkGfaZj/6BKWIeUMo +NLcb40qEcB83dRZuquYjxpdUumf+wyW6Lurp4DMH04i1FzzIP+hNOTRLu4ptSdBy +pZOUllSAQr1BlFYIyXPjS2saMmp+LeuGYCDhxa2v5pIqOEJhiM/uBJQ4eG0jDPYq +82B7vVX85lXKF3OCm20xVdJLY+mITjZs7ep+BsFkIa59raz4GVZsEBkWZWuDnK+/ +=Xhkd +-----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/machines/secrets/keys/users/kalipso_dsktp.asc b/machines/secrets/keys/users/kalipso_dsktp.asc new file mode 100644 index 0000000..ce6c2e4 --- /dev/null +++ b/machines/secrets/keys/users/kalipso_dsktp.asc @@ -0,0 +1,28 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +xsFNBAAAAAABEACxgcjNOYbza3+RfANFDXy7HXNRFlkpDOAcGyB7MKshiVlbPByW +RSjfZa0BeRNjpeCd8QkIodKUzqYOCOrc8ad3kiNbdLRcDz57A5xSLD3ynakoWJo0 +AmJjT3Ta1JJj8inNwwykR0ig5//SrtsZb9HkWJDAF017MokM2r8AWPE1QzcQdh93 +kojXcgTHrJHzEqgKbEGDEk37f1RvZG4umEFeqdK2FvS5isPa7P9X7hyyoDC8bvEy +7xfaDrToJAoXon6r79taxH8UWIvy//xsU0NBLYK2eE4RQe2AjF6Ri+CybI6y1SsH +Ovyh4nNKWlfUOEL6UnIulRn/LXFOKCJi7xuoTeJXS0+w1DNEuiGosVNXPSKbUm/e +DBVnb8Iyep9wmygSZayN82xL5lRlG3Mn45ttecqfm2SJkmduBA5qXcTdDPe/lXTZ +aVO9tbiIcJfUgd3ttEu2+6YjLn74D965PlovzvR6EhbVUZ8IkOAt4VmuTkXIdm8S +CS7jzhsiKeUXoZ4rfa375zi79SIPuIkoMasj6d16wcYOeFIUIMFFccfQ9jQjr9NT +SXC2dd7sfbI9I9mF7eRQSsUdSwpP8WH1b+M1MxTbdhEUdPwpOLviTTIuk8E8K8DQ +DZIcOOh38mCDpyoh02nwfRxlyoYVsKAHIQH02dHTvYEa3/pMsRwGc9W1OwARAQAB +zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0PsLBYgQT +AQgAFgUCAAAAAAkQ3xOuuxARtdQCGw8CGQEAAGa3EABnK+PSxItzbUsGU5VygVvx +UdWC6no9mZrswJrTTYgAiLIrAt/nj1GMUSSlSf1gWDfYxLGdz7PbZNhOvakVZSH3 +aYK2rvH4BXo3gKelWAqq4OKxX7eVBlQWKficny17LNVPRzVxQ7uOkb5KETx09dQc +xwQOzmxWjBOrdF4o1NtbKlr16W/dbV1BovQ8P7/LTxZr//Fete9AwAbSaltPrxxo +s6V/7sl9ERYxbsrTgGBsmDgAM/TGzkiVkHkvx1wpPlJbc3j4JM7sPjZbJ3fHhqQM +bgWwNs7wJddlIy/Mm1cPK4G3+tR+ZQswJgw+oL1gAz26XLEBXoxBYF+EhsXn6gcs +xkM8rMZ5jIXPBJv29aX/XFSGHCtz2jmRzDDK9ePVqJBBPW4NtrqJ9f7iKYT4isy4 +4tM20tIrOqo6OknaUeh2baCFr2xCZlKEvUTBceWbVTHG3ig2tKdt6cQgeA3jKUzZ +YG4RYPly9tmVK0LN9mDq9SDlELlAcZU7wrplYzE1aRDbzoyzwgVE/Q4E+NlH500i +3thqmLCweLRsJxKmX9dHTpMLKx1XZEwNCsp4UhZmsaZt8PPaBdAKKBwX/ajIWJFJ +i7KpGJdWlgJW0y8HPimuQB1XYMBQJGw/nwMoHJtKidpG+1hg5i5bmQE63bG7fM26 +PjMoMYuWUR9CYr3YRZMIRg== +=MpV9 +-----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file