nixcfg/.sops.yaml

keys:
  - &server_hetzner age1qur4kh3gay9ryk3jh2snvjp6x9eq94zdrmgkrfcv4fzsu7l6lumq4tr3uy
  - &server_sgx age149fqcw5jze00vd7jauylrp4j5xyv7amlu57jjfuzghkqtzlnxajs704uz3
  - &server_t15 age1f2yu0cc826ej7hs4g865y29zy9uqfy0yp32f2m80typpk2pxqp7sfcffj4
  - &server_x1 age1z87u2na6vts0sqg6sc73p9ym6e5g9a0gf3hp9e7ha47e83zy4efqcjhk0y
  - &harald age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l
creation_rules:
  - path_regex: .secrets/hetzner/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *server_hetzner
          - *harald
  - path_regex: .secrets/sgx/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *server_sgx
          - *harald
  - path_regex: .secrets/t15/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *server_t15
          - *harald
  - path_regex: .secrets/x1/[^/]+\.(yaml|json|env|ini)$
    key_groups:
      - age:
          - *server_x1
          - *harald