soopy.moe
1let
2 # maintainers
3 age.soopyc_pxl7ag = "age1l3qxt6630dzesdclfm3eqgw3uuhwj09dh6typwlwr6clcv0qhfrqgtj2fk";
4 # age.soopyc_yub302 = "age1yubikey1qgmfcf0vddslyza7djdekjjk3t3u29d474c5xscmcdye8x3spvhlxxj23xz";
5 age.soopyc_mbp14 = "age1zkafenrdkkmatjh034yykpzjzzs5fx6kft23jlmsung3dwyufcksds59l2";
6
7 # hosts
8 age.koumakan = "age18h7hya5terghrwawgpny28swlat2nqkdrfd4clk0svujqlz9xfusd3zeqt";
9 age.satori = "age132qsqclmp5d6x968x5y8amdn90v64rldy3assprr8g8wjdpecvmqwryah8";
10 age.renko = "age1p6n5yh9fy09xspwf29klfsa4zdrhp04q22gvxkz2vvm88vt9tunsdn020s";
11 age.bocchi = "age1kdctxllje2rw3kwpzell0rt6t7mruc3h3j5zfjelnpmahchjlaqs9v9vm9";
12 age.kita = "age1qzma7prftj6d4atqcmatdl9le0tuuqzegm6f8e9gkwrp3pja0aaqs49g7n";
13 age.ryo = "age1tdatk0rrr6uf89g5vpq96wjcjcetkrs6yadkxv47v76q8qhtva2sn7tun2";
14 age.nijika = "age1rzxugsgkpnf0ns0w70swdc3sndjpktx23eucah4w47zcppz56sls2c5e6m";
15
16 everything = [
17 {
18 age = builtins.attrValues age;
19 }
20 ];
21
22 mkHost =
23 name: identities:
24 assert builtins.typeOf identities == "list";
25 {
26 path_regex = "creds/sops/${name}/.*";
27 key_groups = [
28 {
29 age = [
30 # admin
31 age.soopyc_pxl7ag
32 age.soopyc_mbp14
33 ]
34 ++ identities;
35 }
36 ];
37 };
38in
39{
40 # remember to run `just utils update-sops-config` and `sops updatekeys` after editing.
41 creation_rules = [
42 {
43 path_regex = "creds/sops/global/.*";
44 key_groups = everything;
45 }
46
47 (mkHost "koumakan" [ age.koumakan ])
48 (mkHost "satori" [ age.satori ])
49 (mkHost "renko" [ age.renko ])
50
51 (mkHost "bocchi" [ age.bocchi ])
52 (mkHost "kita" [ age.kita ])
53 (mkHost "ryo" [ age.ryo ])
54 (mkHost "nijika" [ age.nijika ])
55 ];
56}