nixos/.sops.yaml

keys: &all
  - &op_noe age1lq5q5g5qjsdcc3key0n6qytkc9z3qx3d3e96ap9zre2aqgvc9ujq82l9hd
  - &op_noe_2 age1p0f62dwatt558sf5s4equdqwtg5m7lsnaytrf3xjnvmx3e0lqu4svtugyp
  - &op_noe_3 age13c5wv623jxjja5mjz7fajg9qqwvypzgsfqrs4tmk7rpgyzu7aufs4ul9f9
  - &m_work-mac age14vsmekuppm4xhp4rthhv9jjgzfv45v39a0q8dsgg6yusw0pjkvaqnr9kq8
  - &m_cider age1kjsga2kf95lu7p5stqr5d9p87jquyypnx97cycj6jvhsm9zkn93quexx4r
  - &m_aerial age1jc6ghxfgxe3gx53xa55azxan447cfxaqfqeh5y5yzqapj7mw7ajql8kv02
  - &m_drone age1faccfe85637hme39xyzgmvjn6ku9c4aapfmpfc35hswj5emhnedssrg2cq
  - &m_keylime age1wc3czlazkfxphsq6exxxkdpma4lrv7n3v3fvel9l5u96dlljn4fslh666p
  - &m_ps2live age18net4rsvyx84d9jjh64rgqsru3njwc438qt3993kn865dx9weaqq0rzkrh
  - &m_ingress-proxy age1mc6eyvnqt4ztmqdzt08zaher2ts37ypgzuh049v3cgv9j0rje96q5rm56k
  - &m_monitoring age1h7yp3psl5zyze8sl6lld6ksv6fcmul9z8mjwc4k78mwnys58c3ls9mgfdx
  - &m_porcelain-doll-repair age1qy9tvzlgek7fq4nl52e05ad6pyvglrtaxwjet9gr0fzq85z7cv9s6uxzkt
  - &m_sapphic-engineer age1kh4c0dmn809xzcf7ntpjm26h2xh4ljaq09r9n5s0tsjjpr55ff3qqmkuca

creation_rules:
  - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age: *all
  - path_regex: secrets/work-mac/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *op_noe
          - *op_noe_2
          - *op_noe_3
          - *m_work-mac
  - path_regex: secrets/cider/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *op_noe
          - *op_noe_2
          - *op_noe_3
          - *m_cider
  - path_regex: secrets/aerial/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *op_noe
          - *op_noe_2
          - *op_noe_3
          - *m_aerial
  - path_regex: secrets/drone/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *op_noe
          - *op_noe_2
          - *op_noe_3
          - *m_drone
  - path_regex: secrets/keylime/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *op_noe
          - *op_noe_2
          - *op_noe_3
          - *m_keylime
  - path_regex: secrets/ps2live/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *op_noe
          - *op_noe_2
          - *op_noe_3
          - *m_ps2live
  - path_regex: secrets/ingress-proxy/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *op_noe
          - *op_noe_2
          - *op_noe_3
          - *m_ingress-proxy
  - path_regex: secrets/monitoring/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *op_noe
          - *op_noe_2
          - *op_noe_3
          - *m_monitoring
  - path_regex: secrets/porcelain-doll-repair/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *op_noe
          - *op_noe_2
          - *op_noe_3
          - *m_porcelain-doll-repair
  - path_regex: secrets/sapphic-engineer/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *op_noe
          - *op_noe_2
          - *op_noe_3
          - *m_sapphic-engineer