.sops.yaml

---
# To get a new key from remote SSH machine, invoke:
# nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'

keys:
  - users:
      - &ajgon age13s2dafyr9sfltp8heujttxug4v4m3qhj7sxzqrj6x6x3cu5n29uqfvj62l
  - hosts:
      - &deedee age15j2q7j9nx0eklslk93zstedzkhhm3r6kqfd7pgcesne6c9yeldzqdvm0v8
      - &meemee age1jvlrjcy0fh4tspzv5z4cxulmhrd5c5htkd8juuxpmn3vnk3xtsdqeggxhg
      - &monkey age1lfx84pz5u2hcdmtkpc7hw0kw080065c3fhvatghqzpp9fla3my2s5kd45x


creation_rules:
  - path_regex: local/.*\.sops\.yaml$
    key_groups:
      - age:
          - *ajgon
  - path_regex: deedee/.*\.sops\.yaml$
    key_groups:
      - age:
          - *ajgon
          - *deedee
  - path_regex: liadtop/.*\.sops\.yaml$
    key_groups:
      - age:
          - *ajgon
  - path_regex: meemee/.*\.sops\.yaml$
    key_groups:
      - age:
          - *ajgon
          - *meemee
  - path_regex: monkey/.*\.sops\.yaml$
    key_groups:
      - age:
          - *ajgon
          - *monkey
  - path_regex: piecyk/.*\.sops\.yaml$
    key_groups:
      - age:
          - *ajgon