From 1f394a08dd21463a787a87d04b7333c511c5fe23 Mon Sep 17 00:00:00 2001 From: June Date: Mon, 13 Oct 2025 20:51:31 +0200 Subject: [PATCH] refactor .sops.yaml to make it less verbose Make it less verbose by introducing an anchor for the admin_gpg_keys. --- .sops.yaml | 212 ++++++++--------------------------------------------- 1 file changed, 31 insertions(+), 181 deletions(-) diff --git a/.sops.yaml b/.sops.yaml index 7a79c76..8f42083 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -1,229 +1,79 @@ keys: - - &admin_gpg_djerun EF643F59E008414882232C78FFA8331EEB7D6B70 - - &admin_gpg_stb F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - &admin_gpg_jtbx 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - &admin_gpg_yuri 87AB00D45D37C9E9167B5A5A333448678B60E505 - - &admin_gpg_june 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - &admin_gpg_haegar F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - &admin_gpg_dario 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - &admin_gpg_echtnurich 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - &admin_gpg_max 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA - - &admin_gpg_c6ristian B71138A6A8964A3C3B8899857B4F70C356765BAB - - &admin_gpg_lilly D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - &admin_gpg_langoor 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - - &host_netbox_ansible_pull_age_key age1ss82zwqkj438re78355p886r89csqrrfmkfp8lrrf8v23nza492qza4ey3 + admins: + gpg: &admin_gpg_keys + - &admin_gpg_djerun EF643F59E008414882232C78FFA8331EEB7D6B70 + - &admin_gpg_stb F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC + - &admin_gpg_jtbx 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 + - &admin_gpg_yuri 87AB00D45D37C9E9167B5A5A333448678B60E505 + - &admin_gpg_june 057870A2C72CD82566A3EC983695F4FCBCAE4912 + - &admin_gpg_haegar F38C9D4228FC6F674E322D9C3326D914EB9B8F55 + - &admin_gpg_dario 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD + - &admin_gpg_echtnurich 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A + - &admin_gpg_max 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA + - &admin_gpg_c6ristian B71138A6A8964A3C3B8899857B4F70C356765BAB + - &admin_gpg_lilly D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD + - &admin_gpg_langoor 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 + hosts: + age: + - &host_netbox_ansible_pull_age_key age1ss82zwqkj438re78355p886r89csqrrfmkfp8lrrf8v23nza492qza4ey3 creation_rules: - path_regex: inventories/chaosknoten/host_vars/cloud.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor + *admin_gpg_keys - path_regex: inventories/chaosknoten/host_vars/keycloak.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor + *admin_gpg_keys - path_regex: inventories/chaosknoten/host_vars/grafana.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor + *admin_gpg_keys - path_regex: inventories/chaosknoten/host_vars/pad.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor + *admin_gpg_keys - path_regex: inventories/chaosknoten/host_vars/ccchoir.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor + *admin_gpg_keys - path_regex: inventories/chaosknoten/host_vars/pretalx.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor + *admin_gpg_keys - path_regex: inventories/chaosknoten/host_vars/netbox.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor + *admin_gpg_keys age: - *host_netbox_ansible_pull_age_key - path_regex: inventories/chaosknoten/host_vars/tickets.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor + *admin_gpg_keys - path_regex: inventories/chaosknoten/host_vars/onlyoffice.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor + *admin_gpg_keys - path_regex: inventories/chaosknoten/host_vars/zammad.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor + *admin_gpg_keys - path_regex: inventories/chaosknoten/host_vars/ntfy.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor + *admin_gpg_keys - path_regex: inventories/z9/host_vars/dooris.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor + *admin_gpg_keys - path_regex: inventories/z9/host_vars/yate.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor + *admin_gpg_keys - key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor + *admin_gpg_keys stores: yaml: indent: 2