CCCHH/ansible-infra
CCCHH/ansible-infra
4
2
Fork 1
Code Issues 4 Pull requests Wiki Activity Actions

refactor .sops.yaml to make it less verbose
Some checks failed
/ Ansible Lint (push) Failing after 50s
Details

Browse source 
Make it less verbose by introducing an anchor for the admin_gpg_keys.
This commit is contained in:
June 2025-10-13 20:51:31 +02:00
commit 1f394a08dd
Signed by: june
SSH key fingerprint: SHA256:o9EAq4Y9N9K0pBQeBTqhSDrND5E7oB+60ZNx0U1yPe0
1 changed files with 31 additions and 181 deletions
Download patch file Download diff file Expand all files Collapse all files

186
.sops.yaml
View file

@ -1,4 +1,6 @@
keys: keys:
admins:
gpg: &admin_gpg_keys
- &admin_gpg_djerun EF643F59E008414882232C78FFA8331EEB7D6B70 - &admin_gpg_djerun EF643F59E008414882232C78FFA8331EEB7D6B70
- &admin_gpg_stb F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - &admin_gpg_stb F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- &admin_gpg_jtbx 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - &admin_gpg_jtbx 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
@ -11,219 +13,67 @@ keys:
- &admin_gpg_c6ristian B71138A6A8964A3C3B8899857B4F70C356765BAB - &admin_gpg_c6ristian B71138A6A8964A3C3B8899857B4F70C356765BAB
- &admin_gpg_lilly D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - &admin_gpg_lilly D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- &admin_gpg_langoor 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - &admin_gpg_langoor 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
hosts:
age:
- &host_netbox_ansible_pull_age_key age1ss82zwqkj438re78355p886r89csqrrfmkfp8lrrf8v23nza492qza4ey3 - &host_netbox_ansible_pull_age_key age1ss82zwqkj438re78355p886r89csqrrfmkfp8lrrf8v23nza492qza4ey3
creation_rules: creation_rules:
- path_regex: inventories/chaosknoten/host_vars/cloud.* - path_regex: inventories/chaosknoten/host_vars/cloud.*
key_groups: key_groups:
- pgp: - pgp:
- *admin_gpg_djerun *admin_gpg_keys
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/keycloak.* - path_regex: inventories/chaosknoten/host_vars/keycloak.*
key_groups: key_groups:
- pgp: - pgp:
- *admin_gpg_djerun *admin_gpg_keys
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/grafana.* - path_regex: inventories/chaosknoten/host_vars/grafana.*
key_groups: key_groups:
- pgp: - pgp:
- *admin_gpg_djerun *admin_gpg_keys
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/pad.* - path_regex: inventories/chaosknoten/host_vars/pad.*
key_groups: key_groups:
- pgp: - pgp:
- *admin_gpg_djerun *admin_gpg_keys
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/ccchoir.* - path_regex: inventories/chaosknoten/host_vars/ccchoir.*
key_groups: key_groups:
- pgp: - pgp:
- *admin_gpg_djerun *admin_gpg_keys
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/pretalx.* - path_regex: inventories/chaosknoten/host_vars/pretalx.*
key_groups: key_groups:
- pgp: - pgp:
- *admin_gpg_djerun *admin_gpg_keys
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/netbox.* - path_regex: inventories/chaosknoten/host_vars/netbox.*
key_groups: key_groups:
- pgp: - pgp:
- *admin_gpg_djerun *admin_gpg_keys
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
age: age:
- *host_netbox_ansible_pull_age_key - *host_netbox_ansible_pull_age_key
- path_regex: inventories/chaosknoten/host_vars/tickets.* - path_regex: inventories/chaosknoten/host_vars/tickets.*
key_groups: key_groups:
- pgp: - pgp:
- *admin_gpg_djerun *admin_gpg_keys
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/onlyoffice.* - path_regex: inventories/chaosknoten/host_vars/onlyoffice.*
key_groups: key_groups:
- pgp: - pgp:
- *admin_gpg_djerun *admin_gpg_keys
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/zammad.* - path_regex: inventories/chaosknoten/host_vars/zammad.*
key_groups: key_groups:
- pgp: - pgp:
- *admin_gpg_djerun *admin_gpg_keys
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/ntfy.* - path_regex: inventories/chaosknoten/host_vars/ntfy.*
key_groups: key_groups:
- pgp: - pgp:
- *admin_gpg_djerun *admin_gpg_keys
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/z9/host_vars/dooris.* - path_regex: inventories/z9/host_vars/dooris.*
key_groups: key_groups:
- pgp: - pgp:
- *admin_gpg_djerun *admin_gpg_keys
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/z9/host_vars/yate.* - path_regex: inventories/z9/host_vars/yate.*
key_groups: key_groups:
- pgp: - pgp:
- *admin_gpg_djerun *admin_gpg_keys
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- key_groups: - key_groups:
- pgp: - pgp:
- *admin_gpg_djerun *admin_gpg_keys
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
stores: stores:
yaml: yaml:
indent: 2 indent: 2