diff --git a/.sops.yaml b/.sops.yaml index fcb0b45..c659d62 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -43,170 +43,170 @@ keys: creation_rules: ## group vars - - path_regex: "inventories/chaosknoten/group_vars/.+\\.sops\\..+" + - path_regex: inventories/chaosknoten/group_vars/all.* key_groups: - pgp: *admin_gpg_keys age: *host_chaosknoten_age_keys - - path_regex: "inventories/external/group_vars/.+\\.sops\\..+" + - path_regex: inventories/external/group_vars/all.* key_groups: - pgp: *admin_gpg_keys age: *host_external_age_keys - - path_regex: "inventories/z9/group_vars/.+\\.sops\\..+" + - path_regex: inventories/z9/group_vars/all.* key_groups: - pgp: *admin_gpg_keys ## host vars # chaosknoten hosts - - path_regex: "inventories/chaosknoten/host_vars/acmedns\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/acmedns.* key_groups: - pgp: *admin_gpg_keys age: - *host_acmedns_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/cloud\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/cloud.* key_groups: - pgp: *admin_gpg_keys age: - *host_cloud_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/keycloak\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/keycloak.* key_groups: - pgp: *admin_gpg_keys age: - *host_keycloak_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/grafana\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/grafana.* key_groups: - pgp: *admin_gpg_keys age: - *host_grafana_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/pad\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/pad.* key_groups: - pgp: *admin_gpg_keys age: - *host_pad_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/ccchoir\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/ccchoir.* key_groups: - pgp: *admin_gpg_keys age: - *host_ccchoir_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/pretalx\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/pretalx.* key_groups: - pgp: *admin_gpg_keys age: - *host_pretalx_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/netbox\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/netbox.* key_groups: - pgp: *admin_gpg_keys age: - *host_netbox_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/tickets\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/tickets.* key_groups: - pgp: *admin_gpg_keys age: - *host_tickets_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/onlyoffice\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/onlyoffice.* key_groups: - pgp: *admin_gpg_keys age: - *host_onlyoffice_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/zammad\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/zammad.* key_groups: - pgp: *admin_gpg_keys age: - *host_zammad_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/ntfy\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/ntfy.* key_groups: - pgp: *admin_gpg_keys age: - *host_ntfy_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/eh22-wiki\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/eh22-wiki.* key_groups: - pgp: *admin_gpg_keys age: - *host_eh22_wiki_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/sunders\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/sunders.* key_groups: - pgp: *admin_gpg_keys age: - *host_sunders_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/wiki\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/wiki.* key_groups: - pgp: *admin_gpg_keys age: - *host_wiki_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/renovate\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/renovate.* key_groups: - pgp: *admin_gpg_keys age: - *host_renovate_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/lists\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/lists.* key_groups: - pgp: *admin_gpg_keys age: - *host_lists_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/mumble\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/mumble.* key_groups: - pgp: *admin_gpg_keys age: - *host_mumble_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/public-reverse-proxy\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/public-reverse-proxy.* key_groups: - pgp: *admin_gpg_keys age: - *host_public_reverse_proxy_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/spaceapiccc\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/spaceapiccc.* key_groups: - pgp: *admin_gpg_keys age: - *host_spaceapiccc_ansible_pull_age_key - - path_regex: "inventories/chaosknoten/host_vars/mjolnir\\.sops\\..+" + - path_regex: inventories/chaosknoten/host_vars/mjolnir.* key_groups: - pgp: *admin_gpg_keys age: - *host_mjolnir_ansible_pull_age_key # external hosts - - path_regex: "inventories/external/host_vars/status\\.sops\\..+" + - path_regex: inventories/external/host_vars/status.* key_groups: - pgp: *admin_gpg_keys age: - *host_status_ansible_pull_age_key # z9 hosts - - path_regex: "inventories/z9/host_vars/dooris\\.sops\\..+" + - path_regex: inventories/z9/host_vars/dooris.* key_groups: - pgp: *admin_gpg_keys - - path_regex: "inventories/z9/host_vars/yate\\.sops\\..+" + - path_regex: inventories/z9/host_vars/yate.* key_groups: - pgp: *admin_gpg_keys # general - - path_regex: ".+\\.sops\\..+" - key_groups: - - pgp: *admin_gpg_keys + - key_groups: + - pgp: + *admin_gpg_keys stores: yaml: