From 392a62d4ce64303eff6ff03fd06257db9cf60f8a Mon Sep 17 00:00:00 2001
From: Fuwn <contact@fuwn.me>
Date: Sun, 22 Sep 2024 03:00:21 -0700
Subject: sops: seperate secrets per module

---
 .sops.yaml | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

(limited to '.sops.yaml')

diff --git a/.sops.yaml b/.sops.yaml
index c7e66cd..6ab6f0d 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -1,9 +1,20 @@
 keys:
-  - &kansai age1epapum5m42qz9rf6nthadtlv74uxux5xqfwkcs3ly875ft5r236ql7lh5h
-  - &himeji age14dpp7649l9j8yt4kmnk90pnxplq3eur9xq2t3ujsrqk5luyj8fzq45dghu
+  - &users:
+    - &ebisu age1slfnfst9x5s4557qtpmypwul337plw8cv9vena4ufwcets5gg55s2z95vy
+  - &hosts:
+    - &kansai age1epapum5m42qz9rf6nthadtlv74uxux5xqfwkcs3ly875ft5r236ql7lh5h
+    - &himeji age14dpp7649l9j8yt4kmnk90pnxplq3eur9xq2t3ujsrqk5luyj8fzq45dghu
+
 creation_rules:
-  - path_regex: secrets/[^/]+\.ya?ml$
+  - path_regex: secrets/ebisu.ya?ml$
+    key_groups:
+      - age:
+          - *ebisu
+  - path_regex: secrets/kansai.ya?ml$
     key_groups:
       - age:
           - *kansai
+  - path_regex: secrets/himeji.ya?ml$
+    key_groups:
+      - age:
           - *himeji
-- 
cgit v1.2.3